March 28, 2023

Subscribe
Linkedin-in Twitter Facebook-f Youtube Instagram
#image_title

8th Annual Singapore OpenGov Leadership Forum 2023, 10 - 11 MAY 2023 - CLICK HERE FOR DETAILS

We are creating some awesome events for you. Kindly bear with us.

Malaysian Government set to regulate digital trading

Photo Credit: focusmalaysia.my
Share via

All Malaysian digital asset offerings will now need government authorization and will have to meet anti-money laundering and cyber-security guidelines. The Securities Commission is beginning to implement new regulations on Initial Coin Offerings (ICOs) and the trading of digital assets, this is because up to now this sector has been unregulated.

Malaysia’s Finance Minister YB Tuan Lim Guan Eng announced that cryptocurrencies and initial coin offerings have come under regulation on from Tuesday 14 January.

He said that the “Capital Markets and Services Digital Currency and Digital Token Order, 2019” would establish criteria for coin issuers and exchange operators and bring about disclosure of standards and best practices in pricing, trading and client asset protection.

Any future digital asset offerings will require Securities Commission authorization, will have to meet anti-money laundering and counter-terrorism financing rules and will have to demonstrate cyber-security and business continuity measures.

Mr Lim said that “The Ministry of Finance (MOF) views digital assets, as well as its underlying blockchain technologies, as having the potential to bring about innovation in both old and new industries.  In particular, we believe digital assets have a role to play as an alternative fundraising avenue for entrepreneurs and new businesses, and an alternate asset class for investors.”

As per the Capital Markets and Services (Prescription of Securities) (Digital Currency and Digital Token) Order 2019, crypto currency service providers and exchanges are required to obtain authorization from the country’s Securities Commission, which will work with the central bank to ensure compliance. The Securities Commission Malaysia (SC) said it will issue guidelines to regulate offering and trading of digital assets.

The regulations are expected to be launched before the end of the first quarter in 2019. Any infringements of the new laws can lead to a  fine of up to 10 million Malaysia ringgit and 10 years in prison.

The Securities Commission said that in order to implement the regulatory framework on digital assets, it will coordinate with the Bank Negara Malaysia, the country’s central bank, to ensure compliance with laws and regulations.

Since the announcement of the Capital Markets and Services Digital Currency and Digital Token Order, 2019”, the Securities Commission has been in contact with existing digital asset platform operators and arrangements have been put in place to enable these platforms to continue operating for a transitional period until 1 March 2019, as long as they fulfil conditions laid out by the SC.

During this period, these platform operators are not allowed to accept new investors and will only be allowed to facilitate the withdrawal or transfer of client assets with the written instruction of the investor.

Existing platform operators who failed to or did not attend the engagement with the SC on 17 January 2019 are advised to contact the SC immediately and not later than 25 January 2019, failing which they shall be deemed to be operating a market in breach of the securities laws.

Once the relevant guidelines have been issued, existing platform operators will be required to apply to the SC for authorisation if they intend to operate beyond the transitional period.

With regard to initial coin offerings (ICOs), the Securities Commission Malaysia has stated that ‘no person shall conduct an ICO without the prior authorisation of the SC. In this regard, the guidelines for ICOs will be issued by the end of Q1 2019. In the meantime, ongoing ICOs should cease all activities and return all monies or digital assets collected from investors.’

 

 

Spotlighting Southeast Asia’s Electronics Supply Chain

Share via

The Malaysia Ministry of International Trade & Industry (MITI), Malaysian Investment Development Authority (MIDA) and InvestPenang are eager to promote electronics manufacturing in the country. They are partnering to organise a global event for electronics manufacturing and supply chain.

The concentration of much of the world’s semiconductor manufacturing capabilities in Southeast Asia has attracted more global players to the region, as global electronics supply chains are being reshaped by geopolitical forces. According to Linda Tan, the President of the global industry association representing the electronics manufacturing and design supply chain, the timing is ideal for the region to strengthen its position as a vital hub for electronics manufacturing and deepen its integration with global value chains.

The Chief Executive Officer of the Malaysian Investment Development Authority stated that Malaysia has immense potential to expand its robust semiconductor ecosystem and benefit from global demand as the region’s semiconductor hub.

The manufacturing sector, which continues to contribute significantly to the country’s economy, has attracted a steady inflow of high-quality investments, making Malaysia a top investment destination in the region. In 2022, the sector registered a total of RM 84.3 billion (US$ 19.1 billion), accounting for 31.9% of total approved investments in various economic sectors.

The electrical and electronics (E&E) industry emerged as the top-performing industry within the manufacturing sector, receiving a total of approved investments of RM 29.3 billion (US$ 6.6 billion). This achievement highlights Malaysia’s commitment to maintaining its strong position as a vital player in the global semiconductor industry.

The theme of the event is “Boosting Agility and Resiliency for the Electronics Supply Chain” and will address the challenges posed by the current economic downturn and ongoing disruptions, and explore ways to build a more robust supply chain.

Global leaders in the industry will gather to examine strategies for the electronics industry to strengthen its supply chain and enhance its agility and resiliency. Industry leaders explore ways to capitalise on Southeast Asia’s strengths, boost global supply chain resilience, and position the industry for future growth and innovation. There will be vital discussions on crucial areas of semiconductor industry growth such as sustainability, smart manufacturing, smart mobility, smart MedTech, and workforce development.

The Chief Minister of Penang stated that the upcoming event aligns with Penang’s longstanding efforts to enhance its competitiveness in the global arena. Penang has established a significant presence in the semiconductor industry and is recognised for its expertise across the value chain.

InvestPenang, the state’s investment promotion agency, is committed to supporting the growth of emerging subsectors and expanding the semiconductor industry’s scope in Penang. Through these efforts, the state aims to strengthen its semiconductor ecosystem and offer a diverse portfolio of capabilities.

According to market research, the global semiconductor market had a size of US$ 527.88 billion in 2021 and is expected to grow from US$ 573.44 billion in 2022 to USD 1,380.79 billion in 2029, with a CAGR of 12.2% during the forecast period.

The global semiconductor market saw a growth of 6.8% in 2020 compared to the previous year. Despite the unprecedented and significant impact of the global COVID-19 pandemic, the semiconductor industry experienced positive demand worldwide, surpassing pre-pandemic levels.

The growth of the semiconductor market can be attributed to the increasing consumption of consumer electronics devices worldwide. Furthermore, the emergence of artificial intelligence (AI), the Internet of Things (IoT), and machine learning (ML) technologies are providing new opportunities for market development as these technologies aid memory chips in processing large amounts of data in less time. Additionally, the rising demand for faster and more advanced memory chips in industrial applications is expected to drive market growth during the forecast period.

New Computer Science School Launched in Malaysia

Image Credits: Sunway University, Press Release
Share via

A computer science school, 42 Malaysia (42MY), will be established in Malaysia. The school, a result of a partnership between the sovereign wealth fund of Malaysia and the largest education-focused social enterprise in Malaysia will use peer-to-peer learning to train 10,000 competent tech professionals over the next decade.

The 42 programme, which boasts the Born2Code slogan, was introduced in France and opened its inaugural campus in Paris in 2013. It is now part of a global network of 47 campuses across 26 countries that provide tuition-free education to individuals 18 years and older, without regard to educational or socioeconomic status. On July 23, 2020, the social enterprise launched the Malaysian branch of 42, known as 42 KL, in Sunway City, Kuala Lumpur.

The educational framework of the programme emphasises peer-to-peer and project-based learning methods that simulate a professional work environment. Participants at 42MY have the opportunity to learn coding by working on genuine industry projects in collaboration with the program’s partner companies.

Additional programmes are expected to be implemented to enhance the skills of the domestic workforce by leveraging underutilised sources of talent through Technical & Vocational Education and Training (TVET) institutions. These initiatives are designed to equip individuals with sought-after skills, thereby increasing their chances of securing high-quality employment opportunities.

The Managing Director of the sovereign wealth fund of Malaysia believes that the presence of skilled professionals is a vital component in the ongoing growth of any industry. As such, he anticipates that 42MY will play a significant role in supporting Malaysia’s start-up and tech ecosystem by developing and nurturing local talent, which will aid the country’s digital economy and strengthen its IR 4.0 capability.

The collaboration demonstrates the potential benefits of partnerships and cooperation, and the wealth fund is excited about collaborating with like-minded partners who share the same objective of enhancing Malaysia’s digital and skilled talent supply.

The wealth fund has plans to implement additional initiatives aimed at upskilling and reskilling Malaysia’s domestic workforce. The strategy involves mobilising underutilised sources of talent by repurposing Technical & Vocational Education and Training (TVET) institutions. The primary objective is to equip individuals with high-demand skills to facilitate their access to top-quality employment opportunities.

An impact assessment framework called the SEMARAK Initiative is being developed. It converges global methodologies but is adapted for the Malaysian context.

MDEC is working to push forward digitalisation in Malaysia. They have developed a series of programmes aimed at preparing individuals for the digital future ahead. For example, eRezeki was established to help low-income groups and other citizens by providing them with opportunities to earn additional income by completing digital assignments using online sharing economy platforms. Participants are matched with digital work that aligns with their skills.

In addition, the Tech Talent @Institute of Higher Learning (IHL) initiative was also set up. This initiative involves the participation of Premier Digital Tech Institutions (PDTIs), the top tertiary institutions in Malaysia that focus on digital technology.

These institutions have a proven track record of producing high-quality graduates for high-value digital tech-based employment through research, education policies, industry connections, and career development services.

In addition, MDEC has other related initiatives to nurture the talent pipeline. These include:

  1. Digital Tech Faculty Expert Program (DTeX): this programme aims to create a pool of digital tech subject matter experts among faculty members of Premier Digital Tech Institutions (PDTIs) and partner universities. The programme is structured to strengthen the quality of teaching and learning in digital tech education. It also creates a platform for technology partners to collaborate with PDTIs and partner universities to actively participate in nurturing and developing industry-ready teaching talent from the tertiary education level.
  2. Internship & Employment: Partnering with industry players in the ecosystem allows university students to access internship and employment opportunities. Furthermore, upskilling programs are offered to prepare job-ready graduates for the industry.
  3. Micro-Credentials: Micro-credentials are short and affordable online courses that provide digital certification upon completion, aimed at improving specific skills or competencies. They can be developed by universities, industries, or professional certification bodies and can be stacked for full credentials via transfer of credit. They are also known as digital badges, nano degrees, web badges, mini degrees, or open badges.

EXCLUSIVE! Beyond Smarter Data Management and Protection for Banking, Financial Services and Insurance Institutions

Share via

Over the coming years, Singapore is poised to witness significant transformations in digital financial services, particularly in three key domains: the emergence of Web 3 and decentralised finance, the widespread integration of artificial intelligence (AI) and the implementation of machine learning (ML) technology.

Prioritising strong governance and compliance should be at the top of the Banking, Financial Services, and Insurance (BFSI) sector’s list of objectives. Adherence to regulations, following rules and taking responsibility can greatly enhance services, ensure safety, and enhance the client experience.

Employing a centralised data protection solution enables consumers to track and verify if and how their data is being protected data across various workloads. When clients have the ability to do so, they can be confident that their data is being adequately safeguarded. Moreover, this can ensure that recovery time objectives and IT audit compliances are met.

Combatting threats such as malware and ransomware, along with ensuring overall cybersecurity, requires a strategic approach across multiple levels. This includes actively monitoring for potential issues and regularly backing up data. Storing immutable copies of data in a secure location can prevent malware from encrypting them.

In addition, data intended for recovery should undergo scanning and cleaning by the organisation’s anti-virus solution to ensure that any potentially harmful data, also known as “dirty” data, is not inadvertently reintroduced into production systems.

Ensuring seamless operations while mitigating the risks of ransomware and other cyber-attacks can be challenging. However, modern data protection solutions have demonstrated their ability to reduce costs, enhance automation, enhance human capabilities and identify innovative ways to reuse data to generate new value.

The OpenGov Breakfast Insight on 22 March 2023 held at the Voco Orchard Singapore aimed to share insights and practical solutions to empower organisations to maximise data capability through cost-effective, secure and automated data-driven processes that adhere with current data regulations and comply with the standards of Singapore’s Banking, Financial Services and Insurance industry.

Opening Remarks

Mohit Sagar∶ Singaporean financial institutions need full data security and risk mitigation strategies

Kicking off the session, Mohit Sagar, CEO & Editor-in-Chief, explains that financial data management is a set of processes and policies, usually helped by specialised software. This approach enables an organisation to merge its financial data, adhere to accounting regulations and legal requirements, and generate comprehensive financial reports.

The regulatory body responsible for overseeing Singapore’s financial institutions and establishing guidelines for data management and protection is the Monetary Authority of Singapore (MAS). According to its regulations, financial institutions are required to implement robust policies and procedures for managing data, including appropriate classification, handling and protection.

“Financial institutions must ensure that adequate security measures are in place to mitigate the risks of data breaches and cyber threats. This could include implementing strong encryption protocols, regularly testing systems for vulnerabilities, maintaining up-to-date software and hardware and training on cybersecurity best practices,” Mohit emphasises.

The Personal Data Protection Commission (PDPC) serves as the data protection authority in Singapore, responsible for enforcing compliance with the Personal Data Protection Act (PDPA). The Act sets a baseline level of data protection that must be followed by all sectors operating in Singapore.

Additionally, the PDPA also mandates that organisations obtain individuals’ consent before collecting, using, or sharing their personal information. The PDPC is empowered to investigate any breaches of the PDPA and impose penalties for non-compliance.

Data recovery refers to the process of getting lost, deleted, corrupted or inaccessible data back from storage media like hard disk drives, solid-state drives, USB drives, or other types of data storage devices. Several companies in Singapore offer data recovery services that specialise in getting data back from different types of storage media used by financial institutions.

“It’s important to remember that data recovery services can be expensive, and it’s always best to have a full data backup and disaster recovery plan in place to minimise the risk of losing data,” is Mohit’s caveat.  “Establishing a robust backup and recovery system can help avoid the need for expensive data recovery services and ensure business continuity in the event of a data loss incident.”

The protection of sensitive financial data from unauthorised access, theft and cyberattacks is a top priority for Singapore’s financial institutions. To achieve this, they employ a range of security measures, including encryption, access controls, firewalls, regular updates and patches, employee training and awareness programs, penetration testing, and incident response planning.

These safeguards work together to create a comprehensive data security framework that helps to prevent data breaches and protect the integrity and confidentiality of financial data.

“Under the PDPA, financial institutions must obtain the consent of individuals before collecting, using, or disclosing their personal information,” Mohit reiterates. “But while this is the norm, there are exceptions to this rule.”

Concessions are allowed under certain circumstances, such as legal obligations or the prevention of criminal activity. As an example, financial institutions may disclose personal information to law enforcement agencies to comply with legal requirements or to prevent potential criminal activity.

Mohit understands that risk mitigation is a crucial component of risk management in Singapore’s financial sector, and financial institutions employ a range of strategies and tools to identify, evaluate and reduce the risks they face.

Diversification, risk transfer, risk avoidance, risk monitoring and reporting, contingency planning, and strong governance and compliance frameworks are examples of risk mitigation strategies utilised by financial institutions in Singapore.

Financial institutions consider the development of a data exit strategy and recovery plan as an essential part of their risk management. The process involves identifying crucial data, anticipating exit scenarios, creating a recovery plan, establishing data backup procedures, testing the recovery plan, and maintaining the plan by updating, reviewing, and monitoring it regularly.

“By adhering to these steps, financial institutions can establish a robust data exit strategy and recovery plan that ensures the protection and recovery of vital data in the event of a data breach or system failure,” Mohit ends.

Welcome Address

Raymond Goh∶ The BFSI industry must keep up with tech advancements and innovation

According to Raymond Goh, Veeam’s Vice President of Sales Engineering for APJ, the banking, financial services and insurance (BFSI) industry has experienced significant changes over time and has had to contend with various challenges such as regulatory compliance, cybersecurity threats, and the need to innovate to stay competitive.

The pandemic has accelerated the industry’s digital transformation, resulting in a greater demand for digital banking services. However, it has also introduced new challenges, such as physical branch disruptions and an increased risk of cyberattacks.

“Despite the challenges, the industry can provide value to its customers by leveraging new technologies and innovative strategies.” Raymond is convinced “To effectively manage risks, BFSI institutions must continue to invest in digital infrastructure, cybersecurity measures, and advanced analytics.”

The FSI journey from 1866 to the present has been remarkable; from brick-and-mortar establishments to the current digitised systems, payment apps, digital wallets, contactless payments, crowdfunding platforms, and many others.

Financial systems can be affected by various disruptions, including funding and liquidity issues, asset price declines, contagion effects and heightened credit risk. The impact of a crisis on the financial sector is largely determined by the sector’s ability to mitigate four risks: market risks, liquidity risks, credit risks, and earnings risks.

“The rise of FinTech and non-bank startups are altering the competitive landscape in financial services, forcing traditional institutions to reconsider their business practices,” Raymond reiterates. “Old school processes and legacy systems are no longer relevant in the digital world, and indeed, can be a hindrance.”

Financial institutions must foster an innovative culture that promotes innovation and utilises technology to streamline existing processes and procedures for optimal efficiency. This cultural shift towards a technology-centric mindset mirrors the broader industry acceptance of digital transformation.

Raymond recognises that today’s consumers are more knowledgeable, sophisticated and informed than ever, and they demand a high degree of customisation, personalisation and convenience from their banking services.

It is predicted that future generations, starting with Generation Z, will have an even greater preference for omnichannel banking and be more technologically savvy than Millennials.

Organisations using obsolete business management software or siloed systems will be unable to compete in this increasingly digital-first environment. Without a solid, futuristic technological foundation, businesses will miss out on crucial business evolution.

“In other words, digital transformation is no longer merely a good idea, but a necessity for survival,” Raymond states.

Financial service organisations that use cutting-edge business technology, particularly cloud applications, have a significant advantage in the digital transformation race as they can innovate more quickly. The agility and scalability of cloud technology are its strengths. Without the constraints of system hardware, cloud technology allows systems to evolve in tandem with the business.

Raymond agrees that banking is being reshaped as regulations tighten and consumers adopt new technologies and demand 24/7 access to their most sensitive data, regardless of device.

As a result of a string of high-profile breaches in recent years, security is one of the leading challenges facing the banking industry and a major concern for bank and credit union customers. Financial institutions must invest in the most advanced technologically driven security measures, such as Authentication, End-to-End Encryption (E2EE) and Address Verification Services (AVS), to protect customers.

Financial services are increasingly confronted with issues related to auditing as the frequency of data breaches and privacy concerns continue to increase. This has led to more stringent regulatory and compliance requirements.

Compliance with financial data protection standards is subject to strict regulations and audits entail some of the most rigorous requirements in modern business, often involving the need to manage highly complex IT infrastructures.

Adhering to and conducting annual disaster recovery (DR) testing regularly can be both expensive and resource-intensive.

From a financial standpoint, any amount of downtime is unacceptable, and banks may face significant penalties for revealing confidential information. The centralisation of remote or branch offices (ROBO) can exhaust an organisation’s resources and bandwidth.

Businesses around the world were heavily impacted by the pandemic, causing considerable disruption and presenting numerous challenges. These challenges demand innovation, the necessity for enhanced employee engagement, rapid market changes and quality improvement.

In this scenario, FinTech and its underpinning technology will be major disruptors. Blockchain will shake things up; digital will become mainstream; customer intelligence will be the most significant predictor of revenue growth and profitability; the public cloud will become the dominant infrastructure model; and regulators will also turn to technology.

The common theme among these is resilience, trust and data agility.

Over the last two years, the Financial Services Industry has placed significant importance on specific issues. Some key initiatives are modernising the IT operating model to adapt to the new normal, simplifying legacy systems to decrease costs, enhancing the technological capabilities to better understand customer requirements, preparing the architecture to facilitate connections with any device or location and prioritising cybersecurity measures.

FSI organisations face distinct challenges due to their strong customer relationships, financial accountability and regulatory oversight. These challenges include effectively managing regulatory and capital costs, improving operations and customer experiences to meet modern standards, safeguarding against cyber threats and ransomware attacks and ensuring data and privacy security.

According to Raymond, Veeam plays a major role in addressing all these areas and can offer unique solutions to the various opportunities and challenges that FSI organisations may encounter. Veeam’s solutions encompass streamlining and automating operations, facilitating cloud migration and modern application development, ensuring data immutability, and effectively managing privacy, risk, and compliance.

“By embracing digital transformation, utilising big data analytics, forming strategic partnerships, having strong compliance and cybersecurity frameworks and investing in talent development programmes, FSI organisations can take advantage of opportunities and address challenges,” Raymond believes.

End-user Insight

Luis C Cruz∶ Applying learnings will drive a companys development and expansion

Luis C Cruz, Executive Director, Head of Automation, Infrastructure for DBS Big Data, AI and Analytics, DBS Bank Ltd is convinced that by aligning IT initiatives with the company’s overall business objectives, a comprehensive IT strategy can help businesses deliver long-term shareholder value.

“This strategy entails identifying the company’s current and future technology requirements, evaluating potential technology solutions, and developing a plan for implementing those solutions,” Luis explains.

By doing so, the company can ensure that its IT investments support business growth and profitability while reducing costs and boosting efficiency. In addition, a comprehensive IT strategy can help the business gain a competitive advantage by leveraging emerging technologies and optimising the IT infrastructure.

A comprehensive IT strategy can generate long-term shareholder value by enabling organisations to make informed decisions about technology investments and leverage technology to achieve business goals.

A robust IT strategy:

  • Aligns with organisation goals and governance​
  • Adapts to the marketplace and changes how our employees work​
  • Is focused and consistent​
  • Honestly identify challenges​
  • Would be authentic, clear and understood ​
  • Is memorable with a compelling tagline and value proposition​
  • Has to be actionable towards a goal​
  • Shows where to play and how to win​

Providing foundational infrastructure capabilities that support business objectives and delivering applications and solutions to aid employees in achieving their desired business outcomes are examples of company strategies that are enabled by IT.

“The concept of SMAC or Social, Mobile, Analytics and Cloud stack, is an example of a technology strategy that is widely used throughout the industry and by IT leaders,” Luis reveals. “It all comes down to the customer experience.”

Determining the optimal approach, timing and speed (the how, when and pace) of SMAC implementation is crucial as it forms the basis for leveraging big data in corporations. As IT leaders, Luis anticipates the need to stay up-to-date on SMAC trends and implications relevant to their roles. A perfect example of a company that effectively leverages SMAC-stack infrastructure is an online streaming service provider website.

To generate sustainable shareholder value, businesses must cultivate strategic and functional IT competencies, enhance tools that improve the IT function and promote a customer-centric culture. These efforts will fortify the organisation’s internal processes and enable the development of an efficient decision support system, as well as the delivery of transformational applications.

In addition to benefiting the company, these efforts will also benefit customers by enabling enterprises to provide consistent, high-quality IT services and innovative IT solutions to business units. This will allow organisations to optimise IT efficiency and enhance its impact on enterprise outcomes, ultimately driving long-term investor value.

“IT strategy is influenced by several internal and external factors,” ends Luis. “And understanding these is critical for developing a successful IT strategy that aligns with the organisation’s overall goals and objectives.”

Closing Remarks

Raymond acknowledges the significance of data backup as a critical aspect of maintaining data resilience and availability but emphasises that it is only one aspect of a comprehensive strategy.

Data backup is a single component of ensuring data availability and resilience in hybrid cloud environments. In addition to backup solutions, it’s essential to consider other factors that can affect data resiliency and availability, such as infrastructure and data proximity, Raymond opines.

“Data proximity, the physical location of data in relation to its applications, is a crucial factor to consider when designing hybrid cloud environments. These factors must be taken into account to ensure that hybrid cloud environments are designed optimally to meet the needs of applications and data requirements.”

By adopting solutions such as edge computing or hybrid cloud architectures, organisations can ensure data proximity. These solutions enable data to be stored and processed closer to where it is required, which can improve application performance and ensure data resiliency and availability.

This involves ensuring that there are adequate computing, storage, and networking resources available to support the workload, as well as having a highly available and resilient infrastructure to mitigate the risk of outages.

“Veeam provides data resiliency through secure backup and fast, dependable recovery solutions for the hybrid cloud of the organisation,” Raymond explains. “Our solutions are intended to safeguard critical data and applications, prevent data loss and enable rapid and dependable recovery in the event of a disaster or outage.”

Veeam offers solutions designed to help organisations achieve their business continuity and disaster recovery goals by ensuring data resiliency and availability in their hybrid cloud environments.

Mohit concurs that with the increasing volume of data being produced and stored every day, data protection has become increasingly crucial. Businesses are adopting techniques that allow for data restoration in the event of loss or corruption.

“As organisations continue to produce and store more data, it is becoming increasingly difficult to ensure the security and protection of that data,” Mohit observes.

In this VUCA landscape, technology can provide significant benefits to organisations in protecting their data. Implementing technological solutions helps businesses to secure their data from loss, theft and unauthorised access. It also ensures quick data restoration in emergency or outage situations.

“In essence, the purpose of technology partnerships is to assist businesses in implementing and improving their technical systems,” Mohit believes. “There is no doubt: collaboration in technology promotes growth, eases processes and reduces timelines.”

Two heads are better than one when it comes to implementing established technology systems. But while a technology partnership can effectively deliver technical expertise, it is important not to underestimate the value business acumen offers in return.

“Ultimately, collaborating and pooling resources can prove to be a highly effective approach in propelling both parties towards progress and innovative solutions,” Mohit concludes.

EKSKLUSIF! Benteng Cerdas untuk Keamanan dan Manajemen Data untuk Lembaga Perbankan, Jasa Keuangan dan Asuransi

Share via

Singapura memiliki peran kuat dalam perkembangan finansial di Asia. Otoritas Keuangan Singapura (Monetary Authority of Singapore/ MAS) memperkirakan sektor ini akan tumbuh 4%-5% pertahun pada 2021-2025 dan rata-rata membuka 3-4 ribu lapangan pekerjaan baru tiap tahun. Untuk itu, Kemenkeu Singapura mengeluarkan Peta Transformasi Industri Finansial (Industry Transformation Map/ ITM) 2025 pada September 2022, agar industri finansial Singapura menjadi yang terdepan.

Namun, di balik angka pertumbuhan yang menarik itu, ancaman keamanan siber di Singapura pun kian meningkat. Berdasarkan laporan Badan Keamanan Siber Singapura (Cyber Security Agency of Singapore/CSA) pada Agustus 2022, ransomware, phising, command and control server, dan kejahatan siber meningkat di Kota Singa ini.

Keamanan siber menjadi hal yang tak bisa ditawar bagi perusahaan perbankan, finansial, dan asuransi. Sebab, aset data yang mereka kelola dan kepercayaan pelanggan merupakan urat nadi perusahaan agar bisa terus hidup dan bertumbuh. Sekali terjadi, insiden keamanan siber akan menodai reputasi perusahaan dan menjauhkan mereka dari sumber utama penggerak bisnis: kepercayaan pelanggan.

Serangan ransomware diperkirakan akan makin meningkat di tahun mendatang. Data Veeam menunjukkan 50% perusahaan menjadi lumpuh akibat serangan ransomware, sebanyak 76% perusahaan setidaknya terkena sekali serangan ransomware, dan 38% perusahaan tidak bisa mengembalikan data yang terkena serangan ransomware.

Untuk itu, membangun benteng yang cerdas untuk memerangi ancaman seperti malware, ransomware, dan kejahatan siber lain menjadi sangat krusial bagi berbagai bisnis. Sebuah solusi keamanan data terpusat bisa menjadi jawaban untuk memastikan keamanan siber terpantau secara keseluruhan.

Perusahaan bisa mencegah potensi serangan siber seperti ransomware dengan melakukan pencadangan data secara teratur. Untuk menambah lapisan keamanan, salinan ini bisa dilengkapi dengan replikasi dan foto. Proses klasifikasi data yang harus disimpan sesuai dengan prioritasnya juga diperlukan sebagai langkah mitigasi ancaman siber. Langkah mitigasi selanjutnya adalah memindahkan salinan data ke lokasi penyimpanan yang lebih aman untuk mencegah dokumen itu terenkripsi oleh malware. Dengan demikian, data tetap tersedia meski sistem kehilangan pasokan listrik, serangan siber, atau insiden lain.

Solusi keamanan siber terpusat diperlukan untuk memberi kemudahan bagi pengawas untuk melacak dan memverifikasi apa dan bagaimana perlindungan data di berbagai lini. Solusi yang bisa dapat memberikan peringatan jika terjadi indikasi penyusupan ransomware atau serangan lain ke sistem juga amat dibutuhkan. Pengawasan terpusat pun menambah keyakinan bahwa data telah terlindung secara maksimal, meringankan pekerjaan dengan bantuan automasi, kecerdasan buatan, kemampuan mengolah ulang data untuk mendapat insight baru, dan mengurangi biaya operasional.

OpenGov Breakfast Insight akan berbagi wawasan dan solusi praktis mengenai automasi dan arsitektur aplikasi. Acara yang diselenggarakan pada 22 Maret 2023 di Voco Orchard Singapura akan meningkatkan kemampuan proteksi data Industri Perbankan, Jasa Keuangan dan Asuransi (BFSI) Singapura.

Pembuka

Mohit Sagar∶ Pentingnya rencana pemulihan data untuk selamatkan bisnis dan reputasi perusahaan

Entitas bisnis privat perlu memiliki strategi pemulihan terhadap serangan siber, kegagalan sistem, atau bencana alam.  Perusahaan perlu menyiapkan beberapa hal terkait rencana pemulihan, mulai dari identifikasi data yang perlu dilindungi, prosedur pencadangan data, rencana memulihkan data penting, serta pengujian, pembaruan dan audit atas rencana pemulihan data.

Pencadangan dan pemulihan data perlu dilakukan karena kelalaian menjaga data pelanggan bisa berimbas pada mahalnya biaya pemulihan, denda, dan mencoreng reputasi perusahaan ketika terjadi bencana.

Karena itu, sangat disarankan bagi perusahaan untuk memiliki cadangan data yang komprehensif dan rencana pemulihan bencana untuk meminimalkan risiko kehilangan data.

“Rencana pemulihan harus menjadi salah satu pertimbangan utama, sebab ini yang akan menjadi penyelamat ketika terjadi serangan,” jelas Mohit Sagar, CEO dan Pemimpin Redaksi, OpenGov Asia.

Selain itu, mereka pun mesti taat pada aturan yang ditetapkan pemerintah untuk menjaga berbagai kemungkinan kegagalan sistem layanan finansial. Dari sisi pemerintah, mereka menetapkan regulasi bagi lembaga keuangan, perbankan dan asuransi.

Aturan Pedoman MAS mensyaratkan lembaga keuangan untuk memiliki kebijakan dan prosedur manajemen data yang kuat.

Lembaga keuangan diharuskan melakukan klasifikasi, penanganan, dan perlindungan dan keamanan data yang tepat. Selain itu, Personal Data Protection Commission (PDPC) mensyaratkan organisasi untuk patuh dengan aturan data pribadi (Personal Data Protection Act/ PDPA).

Sambutan

Raymond Goh∶ Bisnis finansial mesti tetap lincah menghadapi gempuran digitalisasi tuntutan pelanggan dan menaati aturan pemerintah

Perubahan masif layanan digital dalam lima hingga sepuluh tahun terakhir telah mengubah proses bisnis dan ekspektasi pada industri finansial. Perusahaan diharapkan bisa memiliki strategi untuk menangani berbagai tantangan digitalisasi, mulai dari privasi, keamanan data, hingga serangan siber harus ditangani.

Raymond Goh, VP Sales Engineering, Veeam APJ menyebutkan empat tantangan utama industri finansial; risiko pasar, likuiditas, kredit, dan pendapatan. Untuk menghadapi tantangan pasar, perusahaan finansial perlu terus melakukan inovasi. Salah satunya adalah lewat automasi untuk efisiensi proses dan tetap memenangkan pasar. Berinvestasi pada automasi membuat perusahaan bisa mengubah pekerjaan, proses, dan prosedur manual.

“Di era digital, tidak ada ruang untuk proses dan sistem manual. Oleh karena itu, penting bagi lembaga keuangan untuk mempromosikan budaya inovasi, di mana teknologi dimanfaatkan untuk efisiensi proses dan prosedur,” tandas Goh.

Perusahaan finansial mesti makin gesit untuk menghadapi tantangan persaingan dari industri fintech yang menjadi pesaing kredit layanan perbankan tradisional. Apalagi konsumen saat ini makin cerdas dan mengharapkan layanan perbankan yang lebih praktis dan terpersonalisasi.

“Selain itu, pasca COVID-19, sejumlah perubahan pada sistem bisnis juga terjadi,” lanjut Goh.

Bertambahnya kecepatan perubahan bisnis menjadi salah satu bagian dari tantangan itu. Bisnis berubah untuk mengikuti ekspektasi pasar yang makin banyak tuntutan. Perusahaan pun diminta untuk terus melakukan inovasi sebagai jurus adaptasi terhadap pasar. Automasi bisa membantu mempercepat proses dengan menggantikan proses yang diolah manusia untuk mempercepat proses dan menghindari human error.

Seiring dengan digitalisasi yang terus menjadi arus utama, inovasi seperti fintech dan blockchain tidak dapat terhindari sebagai persaingan yang harus dihadapi. Untuk memenangkan persaingan, perusahaan finansial dan perbankan mesti memanfaatkan analisis data untuk mengenali pelanggan lebih dalam. Sebab, bisnis yang mampu menebak dengan tepat keinginan pelanggan akan menghasilkan solusi yang meningkatkan pendapatan, mendongkrak pertumbuhan, dan menimbun keuntungan.

Sementara untuk menjaga risiko pendapatan, keamanan siber dan modernisasi jaringan menjadi tantangan berikutnya. Perusahaan finansial merupakan sasaran empuk bagi para penjahat siber. Tidak heran jika tingkat serangan siber makin meningkat dari tahun ke tahun dan industri pun perlu makin waspada dan mempertebal tembok keamanan mereka.

Komputerisasi di perbankan sudah dimulai cukup lama, sehingga tak heran jika sejumlah pemain perbankan terkemuka masih menggunakan aplikasi dan sistem lawas. Namun, sistem kuno ini tidak bisa akan mampu mengimbangi kecepatan dunia digital, sehingga, modernisasi sistem-sistem ini mutlak diperlukan untuk mengimbangi permintaan konsumen dan memajukan bisnis.

Untuk itu, Goh menyampaikan bahwa saat ini organisasi jasa keuangan banyak yang mengalihkan sebagian sistem mereka ke cloud untuk mempercepat proses bisnis. Tentu, keandalan teknologi cloud adalah kelincahan dan fleksibilitas dalam memperbesar atau memperkecil kapasitas sistem yang dibutuhkan (skalabilitas).

Berdasarkan riset yang dilakukan Veeam, sebanyak 50% beban kerja akan dilakukan di komputasi awan (cloud) pada 2023. Sementara 65% perusahaan akan menggunakan layanan komputasi awan untuk strategi perlindungan data mereka.

“Tuntutan lain bagi industri perbankan adalah mesti tersedianya sistem tanpa jeda selama 24 jam, 7 hari seminggu. Tidak ada toleransi untuk downtime dan kebocoran data rahasia bisa menyebabkan sanksi denda yang bisa menghancurkan bisnis perbankan.”

Saat ini, perusahaan tak lagi punya cukup waktu untuk pemulihan data. Jika dulu downtime bisa dilakukan dalam hitungan dua hingga tiga hari, saat ini toleransi terhadap downtime kian menipis. Kegagalan sistem selama 30 menit atau dalam hitungan jam saja akan sangat berpengaruh pada kepuasan pelanggan.

Bank perlu mempersiapkan sistem mitigasi dan cadangan sebaik mungkin untuk data-data paling sensitif mereka. Selain itu, kemampuan sistem untuk mampu memulihkan seluruh data tepat waktu juga menjadi tantangan. Goh menyebut 9 dari 10 pelanggan tidak bisa lolos dari ketentuan ini.

Insight Pengguna

Luis C Cruz∶ Integrasi data untuk meningkatkan pengalaman pelanggan dan transformasi proses bisnis

Perusahaan perlu memastikan investasi TI yang dilakukan bisa mendukung bisnis mendulang pendapatan dan profitabilitas bisnis, mengurangi biaya, dan meningkatkan efisiensi. Selain itu, strategi TI dengan memanfaatkan teknologi baru juga membantu bisnis memiliki keunggulan kompetitif.

Untuk itu, Luis C Cruz, Direktur Eksekutif, Kepala Automasi, Infrastrutktur untuk Big Data, AI, dan Analisa DBS, percaya bahwa kemampuan untuk terus belajar menjadi fondasi untuk strategi TI yang komprehensif dan kompetitif.

Pencadangan data saat ini tidak semata digunakan untuk menyiapkan backup semata, tapi sekaligus sebagai bagian dari perlindungan data. Ia menyampaikan konsep “SMAC” (Social, Mobile, Analitic, dan Cloud) sebagai basis penggunaan big data di perusahaan besar.

“Konsep “SMAC” digunakan secara luas di seluruh industri dan oleh para CIO/pimpinan TI untuk melakukan transformasi proses bisnis dan meningkatkan pengalaman pelanggan,” jelas Luis.

SMAC merupakan model baru bagi tim TI perusahaan agar organisasi lebih terkoneksi, kolaboratif, dan produktif. SMAC bisa memengaruhi seluruh “ekosistem” perbankan mulai dari pelanggan, karyawan, dan mitra.​

“Harapan saya adalah kita, sebagai pemimpin TI, tetap mengikuti tren dan implikasi dalam SMAC karena sangat berkaitan dengan peran kita. Situs penyedia layanan streaming online mungkin adalah contoh terbaik dari perusahaan yang memanfaatkan infrastruktur tumpukan SMAC dengan sebaik-baiknya.”

Luis mengutip bahwa untuk mendorong nilai pemegang saham jangka panjang, bisnis harus mengembangkan kompetensi TI yang strategis dan fungsional, meningkatkan alat TI yang meningkatkan fungsi TI, dan menumbuhkan budaya yang berpusat pada peningkatan kepuasan pelanggan. Proses ini akan memperkuat proses internal organisasi, yang dapat mengarah pada pengembangan sistem pendukung keputusan yang efisien dan penyampaian aplikasi transformasional.

Hal ini juga akan menguntungkan pelanggan, karena perusahaan akan dapat memberikan layanan TI yang konsisten dan berkualitas serta solusi TI yang inovatif untuk unit bisnis. Dengan ini, organisasi akan mengoptimalkan efisiensi TI dan meningkatkan dampak TI pada hasil perusahaan, sehingga mendorong nilai pemegang saham jangka panjang.

Penutup

Raymond Goh: Menjawab tantangan digitalisasi dengan automasi, cloud, pengelolaan data, dan kekekalan data untuk memperkuat ketahanan siber

Organisasi FSI memiliki kombinasi tantangan unik karena bisnis ini berkaitan erat dengan kepercayaan pelanggan, beban tanggung jawab yang besar lantaran mengurus keuangan, hingga peraturan yang ketat. Ancaman serangan siber dan ransomware juga terus menghantui. Untuk itu, perusahaan perlu melakukan investasi untuk mengamankan sistem, menjaga operasional, sekaligus berinovasi agar layanan bisa terus menyesuaikan dengan ekspektasi pelanggan yang makin digital.

Menurut Goh, seluruh tuntutan itu bisa diringankan dengan solusi Veeam. Solusi automasi bisa digunakan untuk merampingkan dan mengotomatisasi operasional. Sehingga, sumber daya manusia bisa dialihkan untuk berkonsentrasi pada inovasi dan hal lain yang berkontribusi langsung pada pertumbuhan perusahaan ketimbang hanya memelihara sistem lama.

“Dengan beralih ke perlindungan data modern, Anda menghilangkan beban besar dari manajemen lama sekaligus memberikan perlindungan dan pengawasan yang lebih besar terhadap data sensitif Anda,” terang Goh.

Selain itu, automasi juga menghemat anggaran perusahaan. Pemulihan data otomatis, pelanggan Veeam berhasil mengurangi biaya pencadangan dan pemulihan 55% lebih efisien dan mengurangi biaya pencadangan dan perlindungan data hingga 50%.

Veeam membantu perusahaan untuk melakukan migrasi ke cloud dan pengembang aplikasi modern. Perpindahan ini membutuhkan keahlian untuk mengubah data yang terjebak disistem lama ke komputasi awan (cloud) yang fleksibel. Dengan data yang lebih fleksibel, pelanggan bisa mengolah ulang data mereka dan membuahkan insight yang berguna bagi perusahaan. Pelanggan Veeam yang menggunakan kembali data mereka untuk mendorong pengembangan dan pengujian aplikasi modern berhasil meningkatkan produktivitas hingga 11%.

Perlindungan data dari serangan malware dan ransomware menjadi keharusan. Untuk itu, Veeam menawarkan solusi kekekalan data (data immutability). Konsep ini memberi garansi dan mengatasi celah antara jaringan produksi dan pencadangan data. Jadi, meski terjadi serangan, data cadangan tertap 100% terlindungi. Sebanyak 95% pelanggan Veeam yang menggunakan cadangan permanen tidak  terpengaruh atau hanya sedikit terdampak dari ransomware.

Dengan banyaknya aturan yang mengikat institusi finansial, Veeam bisa membantu mengelola privasi, risiko, dan kepatuhan data. Sistem perlindungan data modern memastikan penyimpanan dan perlindungan data bisa mengikuti aturan-aturan yang bisa berubah sewaktu-waktu. Pelanggan yang menggunakan Veeam untuk regulasi dan privasi secara aktif berhasil mengurangi 45% kegagalan audit dan kepatuhan.

Mohit menambahkan bahwa organisasi dapat memperoleh manfaat besar dari penggunaan solusi teknologi untuk melindungi data mereka. Dengan menerapkan solusi ini, bisnis dapat memastikan bahwa data mereka aman dari kehilangan, pencurian, dan akses tidak sah serta dapat dipulihkan dengan cepat jika terjadi keadaan darurat atau gangguan.

“Intinya, tujuan kemitraan teknologi adalah untuk membantu bisnis dalam menerapkan dan meningkatkan sistem teknis mereka,” tegas Mohit.

Dia percaya bahwa kolaborasi teknologi bisa mendorong ekspansi bisnis perusahaan. Menurutnya, dua kepala lebih baik daripada satu ketika menerapkan sistem teknologi. Hal ini serupa dengan kemitraan teknologi yang dapat memberikan asistensi dan pengetahuan teknis apa pun secara efisien.

New Smart Factory to Launch in Batu Kawan, Malaysia

Share via

A provider of Electronic Manufacturing Services (EMS) has announced plans to construct a Smart ‘Lights-Out’ Factory 4.0 in Batu Kawan, Penang, with an estimated cost of RM180 million. This development is expected to bring about significant changes in the Northern Peninsular region.

The factory will be involved in the production of Optical Modules, which are new 5G Advanced High Speed Optical Signal Transmitter and Receiver components for 5G wireless networks. The factory will use photonics and semiconductor technologies acquired through technology transfer from its US-based customer.

Construction of the Batu Kawan plant began in January 2023 and is expected to facilitate the first-ever technology transfer in Southeast Asia. This development is expected to enhance the skillset and competitiveness of the local workforce, and the plant is anticipated to hire around 1,000 highly skilled individuals once completed in the first half of 2024.

As part of their expansion plan announcement, the provider welcomed a delegation from the Malaysian Investment Development Authority (MIDA) to their location in Sg. Petani. The delegation was led by the Deputy Chief Executive Officer (Investment Development) and included the Senior State Executive Council Member (Kedah) and a Member of Parliament from Kubang Pasu, Kedah.

The EMS provider which currently employs approximately 3,000 staff, (representing about 1% of the Sg. Petani population), has expressed its intention to collaborate with local universities and colleges in actively training fresh graduates to become industry-savvy. Their “hire local first” policy prioritises employing Malaysians from the surrounding area, thus reducing their dependency on foreign labour.

The Deputy Chief Executive Officer (Investment Development) of MIDA extended congratulations to the EMS provider, stating that they are pleased to see the company actively collaborating with local universities and colleges to train fresh graduates and improve their industry knowledge.

The company’s “hire local first” policy was also applauded for providing job opportunities to Malaysians in the surrounding area and reducing dependency on foreign labour, which in turn enhances the livelihoods of locals. These expansion plans are in line with the National Investment Aspirations (NIA) of attracting high-value investments to promote sustainable and comprehensive economic growth.

She added that Malaysia welcomes the firm’s expansion project, which utilises cutting-edge 5G technology, aligning with the government’s mandate for MIDA to drive the rapid digital transformation of the manufacturing sector. This development is expected to lead to improvements in productivity, job creation, and the enhancement of the skill set of Malaysians.

The new plant will implement the Lights-Out methodology, creating a fully networked environment that digitises material flow for autonomous manufacturing. A remote team of highly specialised experts will be responsible for data management, production planning, and quality control.

In addition to the Batu Kawan plant, the EMS provider is expanding its presence by constructing Smart Warehouses and an International Procurement Centre, which will feature Kedah’s first Vendor Management Inventory (VMI) system. These facilities, with a total cost of RM40 million, will cater to the provider’s own growing requirements and those of the surrounding industrial clusters in Sg Petani, Kedah, and Batu Kawan, Penang. The completion of these facilities is expected to be in 2024.

According to the firm’s Chief Executive Officer (CEO), the development of smart facilities is timely, given the Group’s expansion journey. The company has progressed from providing Printed Circuit Board Assembly (PCBA) and full-product box-build assembly to producing upstream 5G routers and soon 5G optical modules.

The provider aims to collaborate more closely with government authorities and agencies such as MIDA to increase the economic value of the state. Their current plant in Sg. Petani has already benefited from grants that encourage exports and innovation, and they hope to receive continued support for their future expansion plans.

In addition to grants, they appreciate open sessions for dialogue and feedback on current policies, so that government agencies can stay informed about the latest developments and challenges faced by industry players and formulate mutually-beneficial solutions.

Malaysia Enhancing High-tech Trade Relations with South Korea

Share via

From 14 to 17 March 2023, the Ministry of International Trade and Industry (MITI) conducted a Trade and Investment Mission in Seoul, Republic of Korea (South Korea) with the goal of enhancing economic ties between Malaysia and South Korea. The mission was headed by the Minister of MITI.

MITI’s Trade and Investment Mission is part of its ongoing initiative to showcase Malaysia as the preferred investment destination for Korean enterprises, while also promoting Malaysian goods and services in the Korean market. The mission specifically targeted high-technology and high-value sectors such as smart manufacturing, artificial intelligence (AI), digitalisation, and renewable energy.

In addition to the Minister of MITI, the official delegation will consist of senior officials from the Malaysian Investment Development Authority (MIDA), the Malaysia External Trade Development Corporation (MATRADE), as well as representatives from state Investment Promotion Agencies, regional development corridors, and Malaysian companies.

As part of the mission, the MITI Minister held a bilateral meeting with the Republic of Korea’s Minister for Trade, from the Ministry of Trade, Industry and Energy (MOTIE), to engage in discussions about bilateral matters, regional economic cooperation, and strategies to enhance collaboration in addressing emerging global issues that align with both nations’ interests.

During the mission, MITI hosted a seminar on business opportunities in Malaysia. The ROK audience was updated on Malaysia’s trade and investment climate, as well as the facilitation provided by the Government of Malaysia to Korean companies interested in investing in Malaysia.

Korean companies also shared their experiences of doing business in Malaysia, and targeted business meetings were held with prominent Korean companies that expressed interest in expanding their business in Malaysia. Furthermore, business matching sessions were organized between potential Korean investors and importers with relevant state Investment Promotion Agencies, regional development corridors, as well as Malaysian businesses and exporters.

In 2022, the Republic of Korea ranked as Malaysia’s eighth-largest trading partner, with a total trade value of RM114.55 billion (US$26.01 billion), marking a 29.7% increase compared to RM88.31 billion (US$21.01 billion) in 2021. Malaysia’s primary exports to South Korea in 2022 consisted of electrical and electronic (E&E) products, liquefied natural gas (LNG), petroleum products, and manufactured metal, iron, and steel products. Meanwhile, Malaysia’s main imports from the Republic of Korea in 2022 included petroleum products, E&E products, chemical and chemical products, machinery, equipment and parts, as well as iron and steel products.

Regarding investment, the Republic of Korea has been one of Malaysia’s primary sources of Foreign Direct Investment (FDI) for the manufacturing sector. By June 2022, Malaysia had received a total of 374 implemented projects worth RM32.9 billion (US$ 9.2 billion), creating 46,260 employment opportunities.

The Malaysian government launched the Industry4WRD: National Policy on Industry 4.0 on 31 October 2018 in response to the Fourth Industrial Revolution (4IR). The policy aims to facilitate the digital transformation of Malaysia’s manufacturing and related services sectors.

The implementation of Industry4WRD is aimed at creating a conducive ecosystem to support the manufacturing and related services sectors in Malaysia through incentives, infrastructure, human capital development, and technology facilities.

The National Policy on Industry 4.0 has three objectives:

  • Attract stakeholders to Industry 4.0 technologies and processes to enhance Malaysia’s appeal as a preferred manufacturing location
  • Create a suitable ecosystem for Industry 4.0 adoption, and
  • Transform Malaysia’s industry capabilities in a comprehensive manner

EXCLUSIVE! Combat Complex Threat Landscapes with Simplicity for Financial Institutions 

Share via

Employing a risk-based approach to cybersecurity is the optimal method for safeguarding an organisation against cyber threats due to the constantly evolving nature of these threats. IT Governance can provide valuable assistance in developing a comprehensive cyber risk management strategy, enabling firms to manage their security concerns in a structured manner.

With this, a cyber risk assessment is the first step in the process of managing the risk associated with cyber security. This assessment gives an overview of the dangers that could compromise the organisation’s cyber security along with an understanding of the severity of those threats.

Subsequently, the cyber risk management programme evaluates how to prioritise and mitigate these identified threats based on the organisation’s risk tolerance or appetite.

The MAS TRM Guidelines are a set of best practices and guiding principles developed by the Monetary Authority of Singapore to promote effective Technology Risk Management (TRM). These guidelines are meant to assist financial institutions in establishing robust governance and oversight frameworks to handle technological risk, enhance IT and cyber resilience and address other pressing concerns.

As per these guidelines, the corporate Chief Information Officers (CIOs) and Chief Risk Officers (CROs) should play a key role in various critical business operations, including technology deployment plans. However, due to the increasing importance of information and cyber resilience, these officers have been focusing more on security to ensure the protection of organisational data and systems from cyber threats.

In addition, recent reports suggest that in 2023 cybersecurity will be the primary area of investment for CIOs. This shows that organisations are prioritising reducing and managing risks to their operations in the face of increasingly sophisticated cyberattacks.

The OpenGov Breakfast Insight on 9 March 2023 provided the most recent information on risk management in today’s complicated and high-threat cyber environment for Singapore financial institutions.

Opening Address

Mohit Sagar The ability to prevent identify and respond to cyber attacks will determine the effectiveness of cyber security architecture

Kicking off the session, Mohit Sagar, CEO & Editor-in-Chief, acknowledges that financial institutions in Singapore are heavily regulated and have implemented a variety of cybersecurity measures to safeguard themselves and their clients from cyber threats.

Mohit highlights the key components of cybersecurity in Singapore’s financial institutions, which include the regulatory framework, cybersecurity measures, threat intelligence, and staff awareness.

“For the most part, Singapore’s financial institutions have implemented a range of measures to protect themselves and their customers from cyber-attacks, indicating their commitment to cybersecurity,” observes Mohit. “However, as cyber risks continue to evolve and bad actors become more sophisticated, financial institutions must remain vigilant and proactive in their approach to prevent potential cyber-attacks.”

The cornerstone of an organisation’s protection against cyber-attacks is its cyber security architecture, which safeguards all IT infrastructure components. This includes safeguarding the Internet of Things (IoT) and cloud environments through the implementation of a robust cyber security architecture.

The current cyber security architecture in the finance industry is intended to safeguard financial institutions from cyberattacks while ensuring the availability, integrity, and confidentiality of financial data.

“Firewall and Network Security, Secure Application Development, Endpoint Security, Multi-Factor Authentication, Incident Response, and Compliance are among some of the most critical components of the cybersecurity architecture in the banking industry,” Mohit asserts.

Generally, the present cyber security architecture in finance is a multilayered strategy that integrates numerous technologies and processes to safeguard financial organisations and their consumers against cyber threats.

Due to the sensitive nature of the financial data managed by financial institutions, data protection is of paramount importance in finance. Financial institutions deal with huge quantities of sensitive data on a daily basis, including the personal and financial information of their customers, such as account numbers, credit card information, social security numbers, and other identifying information.

The success of cyber security architecture in finance can be determined by organisations’ capacity to prevent, identify and respond to cyber threats. Financial institutions can implement measures to limit the likelihood and effect of cyber incidents, even though no cyber security architecture can offer complete protection against cyber-attacks.

According to Mohit, being prepared to mitigate cyber threats demands a proactive and ongoing effort to identify and mitigate cyber risks, implement effective cyber security controls, and engage with internal and external stakeholders to strengthen the organisation’s cyber security architecture.

In this context, Zero Trust will undoubtedly affect the future of finance by providing financial organisations with a more secure and robust cybersecurity architecture.

Mohit emphasised that in the future, success will depend on “navigating through the people you know”. This is because these connections can provide valuable resources and information, especially when working collectively.

“When a person or organisation has a large network of individuals they can trust and who trust them, you can utilise their knowledge, talents and experiences,” Mohit concludes.

Welcome Address

Nick Savvides A zero trust approach allows financial organisations to preserve sensitive financial data and provide ethical and lawful client care

Nick Savvides, Senior Director of Strategic Business, Asia Pacific, Forcepoint agrees people have had to alter their approach to almost all aspects of life due to the impact of the pandemic. This has resulted in significant changes to behaviour, the economy, technology and other areas.

“We’ve been forced to rethink our thinking and attitudes during the past few years. COVID-19 has triggered a massive paradigm shift in how we deploy tech in the way we, transact, learn and more.”

The pandemic has created major personal and professional challenges for people around the world. Ranging from health concerns to financial instability, its effects have been far-reaching and profound.

Due to the physical and emotional toll of the pandemic, many people have been devastated in multiple aspects – financially, health-wise and relationally. Companies have shut down, jobs have been lost and the global economy has suffered as a result. The unexpected loss of income and financial insecurity have caused untold numbers of people and families tremendous stress and anxiety.

The COVID culture has driven many individuals to adopt new methods of employment. Remote work has become the new normal for many, requiring individuals to adapt to new technologies and work-from-home arrangements.

Despite the difficulties, individuals have demonstrated resilience, flexibility and adaptability, finding new ways to connect with loved ones, work from home and support each other during these difficult times. It is a testament to the human spirit and the power of community to come together in the face of adversity.

“With the technology emerging, especially during COVID-19, security became paramount,” Nick observes. “The pandemic hastened the adoption of new technologies, particularly those that facilitate remote work and virtual interaction.”

Yet, this quick transition to digital solutions has also produced new security issues, as hackers have sought to exploit the increased usage of technology and its associated vulnerabilities.

The rapidly increasing remote workforce using online platforms for communication and collaboration has allowed cybercriminals to exploit vulnerabilities in these systems, gaining access to confidential information and financial data.

As a result, there has been an upsurge in the frequency of cyber attacks, including data breaches, identity theft, and other forms of online crime.

Furthermore, the requirement to secure remote access to corporate networks and systems has presented yet another security challenge. Businesses have been compelled to implement novel security methods and technologies to guarantee the safety of their networks and data as a growing number of employees work from home. Such measures have included the deployment of virtual private networks (VPNs), multifactor authentication, and other security protocols to prevent unauthorised access.

In addition, the need to secure remote access to enterprise networks and systems presents another security challenge. Companies have been compelled to deploy new security methods and technologies to ensure that their networks and data stay secure as more employees work from home. This has included the implementation of virtual private networks (VPNs), multifactor authentication and other security measures to prevent unauthorised access.

The pandemic has emphasised the need for stronger security controls and protocols as organisations rely on digital solutions. To safeguard their networks and data against cyber threats, businesses and individuals must remain vigilant and adopt appropriate measures. This may involve implementing new security technologies or simply being more mindful of potential risks.

The security problem posed by the pandemic highlights the significance of ensuring that technology is secure and robust against new and developing threats.

“Data is useful, and we should make the most of it. When we are finished, we must dispose of it, otherwise, we will become a targeted breach for those attackers,” Nick explains. “The concept of Zero Trust is particularly crucial for financial institutions, as they are confronted with numerous security risks and regulations.”

Implementing a Zero Trust policy enables financial institutions to ensure that confidential financial information remains inaccessible to unauthorised individuals and that customer service is governed by ethical and legal principles.

As technology continues to play a bigger role in society, it’s important to focus on making things simple and easy to use while simultaneously ensuring there are strong cybersecurity measures in place.

Nevertheless, security cannot be sacrificed in favour of simplicity. Cybersecurity threats are constantly evolving and becoming more sophisticated. Therefore, organisations must cybersecurity to their employees, stakeholders, and customers in clear, simple terms.

For technology to be used successfully, simplicity and cybersecurity must go hand in hand. Organisations can achieve simplicity without compromising security by prioritising user-centric design and implementing robust cybersecurity measures.

Organisations must define their commitment to cybersecurity and build trust with their stakeholders and consumers through clear and proactive communication.

End-User Insight

Lionel Bruchez People must know the risks of utilising digital devices and internet services and safeguard themselves and their data

As the world becomes increasingly digitalised, more enterprises are shifting online. This can offer several advantages, including wider reach and reduced operational costs. However, it also presents new opportunities for cybercriminals to exploit and generate profits.

Lionel Bruchez, Chief Information Security Officer, UBS Singapore believes that “low-effort, low-risk attacks are one of the most prevalent ways for cybercriminals to generate income”.

These attacks are designed to be swift and simple to execute, with little skill or technical expertise. They frequently include exploiting software flaws or employing simple social engineering techniques to deceive users into divulging important information.

Cybercrime is a more lucrative and safer alternative to traditional illegal operations for criminals. The growth of the internet and the proliferation of digital technology have provided criminals with new opportunities to earn money without the inherent dangers of physical crimes.

Individuals and companies must take cybersecurity seriously and invest in comprehensive security solutions to protect their digital assets to battle this growing danger. In addition, law enforcement organisations must continue to adapt their procedures and plans to effectively pursue and convict cybercriminals.

Lionel feels that “There are several forms of cyber criminals, including hacktivists, terrorists, organised crime groups and insiders, among others.”

Hackers are well-structured and organised, whereas threat actors are more capable, coordinated and clever Cybercriminals use company structures with clearly defined primary functions and duties to optimise profit and return on investment.

The ransomware groups contact first access brokers and create their adverts, which include parameters such as region, industries, revenue greater than $100 million and reward price. In addition, these groups have access to victim infrastructure, undertake data exfiltration and encryption (double extortion), and publish victim data on a “name and shame” website.

Lionel also discussed some of the anticipated cyber threat trends for 2023​ which include Geopolitical Conflicts, Cloud Security, Abuse of AI, Financial Motivated attacks, Internet of Things, Nth extortion attacks, Supply Chain Risk, C2 Framework, and Disinformation.

He believes that protecting an organisation’s assets should include the following:

  • Identifying (a strong understanding of who the stakeholders are);
  • Protecting (strong layer of defence);
  • Detecting (empowering cyber monitoring);
  • Responding (with strong capability to threats); and
  • Recovery (a resilience aspect that once the organisation is targeted, the business would recover).

Having a layered defence, also known as defence in depth, is essential. It is a comprehensive security strategy that involves deploying multiple layers of security controls to safeguard against various potential threats.

This holistic security posture is based on the idea that no single security measure can provide complete protection. Therefore, by deploying several layers of security, an organisation can establish a more comprehensive, resilient and all-encompassing security approach.

Closing Remarks

Nick reiterates that cybersecurity is a critical issue in today’s digital age, as more activities are conducted online. While technology plays a significant role in preventing cyber-attacks, many other factors are equally important in ensuring the safety and security of digital information.

He believes that cybersecurity should be taught to be more than just compliance. “While compliance with cybersecurity regulations and standards is important, it’s equally important to understand the underlying principles and best practices that help protect against cyber threats.”

For him, collaboration is also critical in cybersecurity. Organisations collaborate to share information about threats and vulnerabilities to develop effective strategies for preventing and responding to cyber-attacks. This requires cooperation not only between companies but also between governments and international organisations.

Mohit is convinced that resilience and partnership are two critical concepts that are essential for personal and professional growth, as well as for building a strong and supportive community. Resilience pertains to the ability to overcome challenges, adapt to change and bounce back from adversity, while partnership refers to the collaborative effort of individuals or groups working together towards a common goal.

Resilience and partnership are closely linked, as both require a willingness to work together, share resources, and support each other in times of need. When individuals or groups work together in a partnership, they can better withstand adversity and overcome obstacles, enhancing their resilience. At the same time, a resilient community fosters partnerships that promote support and cooperation among its members.

“By building resilient partnerships, individuals and groups can create a strong foundation for success, even in the face of adversity,” Mohit concludes.

Recommended Stories

Linkedin-in Twitter Facebook-f Youtube Instagram

© 2022 OpenGov Asia – CIO Network Pte Ltd.

MENU

Linkedin-in Twitter Facebook-f Youtube Instagram

PARTNER

#image_title

CTC

Globe Facebook Twitter Linkedin Youtube

CTC Global Singapore, a premier end-to-end IT solutions provider, is a fully owned subsidiary of ITOCHU Techno-Solutions Corporation (CTC) and ITOCHU Corporation.

Since 1972, CTC has established itself as one of the country’s top IT solutions providers. With 50 years of experience, headed by an experienced management team and staffed by over 200 qualified IT professionals, we support organizations with integrated IT solutions expertise in Autonomous IT, Cyber Security, Digital Transformation, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Well-known for our strengths in system integration and consultation, CTC Global proves to be the preferred IT outsourcing destination for organizations all over Singapore today.

PARTNER

#image_title

Planview

Globe Facebook Twitter Linkedin Youtube

Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit www.planview.com.

SUPPORTING ORGANISATION

#image_title

SIRIM

Globe Facebook Twitter Linkedin Youtube

SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.

PARTNER

#image_title

HashiCorp

Globe Facebook Twitter Linkedin Youtube

HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 

PARTNER

#image_title

IBM

Globe Facebook Twitter Linkedin Youtube

IBM is a leading global hybrid cloud and AI, and business services provider. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity and service.

Send this to a friend