We are creating some awesome events for you. Kindly bear with us.

Intelligence-driven modern SOC to be the future of cyber resilience

Participants of OpenGovLive! Virtual Breakfast Insight - Intelligence-driven Modern SOC: A Future-ready Outfit

Close to four months ago, everyone’s lives came to a standstill as the pandemic raced across the globe.

But one sector that had to do the heavy lifting during this crisis was the medical industry.

Unlike other industries that were not working or had slowed down during the pandemic, medical professionals, staff and related industries were working harder than ever to ensure the safety of mankind.

However, one big threat that they were also exposed to was the threat of a cyberattack. As the amount of stored data in the medical organisations rose exponentially, they became the prime targets of bad actors in the cyberspace.

With such high traffic and patient intakes, the hospitals lacked the effective processes and controls in place to detect, respond to, mitigate and recover from breaches and other security events.

This is where the Security Operations Centre (SOC) for cybersecurity engagements comes in.

Understanding the relevance of this topic in the current time, OpenGov Asia organised its latest Virtual Breakfast insight on 7 July 2020 to discuss how medical institutions can cope with the cyberthreats.

The event saw a full house with senior profiles from the IT departments of prominent hospitals and healthcare institutions in Singapore, Malaysia, Thailand and Philippines in attendance.

Mohit Sagar: SOC executives have it tougher now

Mohit Sagar, Group Managing director and Editor-in-Chief at OpenGov Asia set the ball rolling by giving a background of why there is an urgent need to secure the sector from the bad cyber actors.

He illustrated this point with a video at the beginning of the session.

Mohit emphasized that the job of security officers in organisation has become even tougher in these uncertain times.

Both the organisational and the personal data is exposed to a real threat of being misused in today’s environment and the only way to stay safe is to collaborate efforts in the cybersecurity space.

He advised the delegates to have the right people around who can work together in collaboration.

After the opening session, Siang Tiong Yeo, General Manager, SEA for Kaspersky shared their learning on keeping data secure in the healthcare environment.

Siang Tiong Yeo: healthcare has the greatest data trove today

Siang Tiong began by saying that in today’s era information is power. And a lot of us might not realise it but health care is the greatest data trove today.

The healthcare industry is completely focused on saving lives and that keeping their data secure is slightly lower in their priority.

Cybercriminals have taken full advantage of this. The recent trends of cyberattacks in the healthcare domain provide good evidence for this.

Siang Tiong shared that in the past few months the frequency of data breaches, Cyberespionage, identity theft, etc. have shot up.

He also observed that the recent cyber-attacks have evolved overtime and become more sophisticated.

Additionally, as hospitals and healthcare institutions are becoming increasingly interconnected, the surface area for attacks is also expanding exponentially.

Siang Tiong concluded by advising the delegates to be prepared in advance for the next cyber-attack. He explained that to be prepared means having the right people, processes and technology to safeguard the organisation from the bad actors.

Gangandeep: The SOC must mature and stay current

Siang Tiong’s presentation was followed by a presentation by Gagandeep Singh, Group Chief information Security officer at IHH Healthcare Berhad.

Gagandeep began by talking about his own viewpoint of a SOC and the various objectives it should serve. He emphasised 4 key aspects:

  • Traditional ways of keeping logs and rules is now outdated
  • Monitoring network traffic and analysing is imperative
  • Skilled resources are the most important asset
  • Following compliance is vital

He then summarised by saying that there is a need for SOC to mature and constantly update itself with current developments.

As the new channels of attack (Phishing and DNS etc) evolve, the SOC needs to be updated accordingly.

After Gagandeep’s insightful sharing the session moved into an interactive polling session.

On the question of primary cybersecurity concerns, there was a split audience between ransomware attacks (29%) and insider threats (29%).

One delegates, a senior executive from a Thailand, shared that he voted for ransomware as the primary cybersecurity concern as it helps hackers earn quick money. Thus, they are more actively planning these kinds of attacks.

On the next question on how you stay ahead of security updates, the majority were inclined towards threat intelligence report subscriptions (52%).

The Director for Global Research & Analysis Team – APAC, Kaspersky shared his thoughts from a security research perspective. He believes that of all the other options, intelligence reports are the only one that will help organisations stay ahead as it is knowledge shared though private channels.

The drawback with other (open) resources is that even the bad actors have access to it and they are constantly improving from that knowledge.

On the final question of proactively preventing cybersecurity attack, the participants we divided between threat intelligence (35%) and security assessment services (35%).

A senior delegate from Singapore shared that he voted for threat intelligence as it helps an organisation stay a step ahead of the bad attackers and be prepared.

The session concluded with closing remarks from Siang Tiong where he shared some of the tools from Kaspersky that help organisations protect themselves from cyber-attacks. He advised the delegates to stay ahead by meticulous monitoring and accurate detection.

PARTNER

Qlik’s vision is a data-literate world, where everyone can use data and analytics to improve decision-making and solve their most challenging problems. A private company, Qlik offers real-time data integration and analytics solutions, powered by Qlik Cloud, to close the gaps between data, insights and action. By transforming data into Active Intelligence, businesses can drive better decisions, improve revenue and profitability, and optimize customer relationships. Qlik serves more than 38,000 active customers in over 100 countries.

PARTNER

CTC Global Singapore, a premier end-to-end IT solutions provider, is a fully owned subsidiary of ITOCHU Techno-Solutions Corporation (CTC) and ITOCHU Corporation.

Since 1972, CTC has established itself as one of the country’s top IT solutions providers. With 50 years of experience, headed by an experienced management team and staffed by over 200 qualified IT professionals, we support organizations with integrated IT solutions expertise in Autonomous IT, Cyber Security, Digital Transformation, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Well-known for our strengths in system integration and consultation, CTC Global proves to be the preferred IT outsourcing destination for organizations all over Singapore today.

PARTNER

Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit www.planview.com.

SUPPORTING ORGANISATION

SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.

PARTNER

HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 

PARTNER

IBM is a leading global hybrid cloud and AI, and business services provider. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity and service.

Send this to a friend