Singapore Government Strengthens Cybersecurity with MoU with the U.S.

Singapore and the United States look to develop their cyber security cooperation after signing a new memorandum of understanding (MoU) aimed at strengthening information sharing and encouraging cyber security exchanges between the two countries. The Memorandum of Understanding was signed by the chief executive of Singapore’s Cyber Security Agency (CSA), which oversees keeping Singapore’s cyberspace secure and the director of the United States Cybersecurity and Infrastructure Security Agency (CISA), which leads the country’s national effort to protect and enhance the resilience of its physical and cyberinfrastructure.

Singapore and the United States share deep mutual interests in enhancing cyber security cooperation, particularly as cyber security has become a key enabler for both countries to leverage the benefits of digitalisation to grow our economies and improve the lives of our people.

The agreement came as US Vice-President visited Singapore as part of a tour to the broader Southeast Asia region. “Singapore and the United States share deep mutual interests in enhancing cyber security cooperation, particularly as cyber security has become a key enabler for both countries to leverage the benefits of digitalisation to grow our economies and improve the lives of our people,” said chief executive of Singapore’s Cyber Security Agency (CSA).

“This expanded MoU is a testament of our shared vision to work together towards a stable, secure, resilient and interoperable cyberspace. We look forward to continuing our work with the US to strengthen cybersecurity cooperation between our countries,” he added.

Along with increasing and strengthening information sharing, the agreement is expected to broaden cooperation through joint exercises, as well as expand the countries’ partnership into new areas of cooperation such as critical technologies and research and development. “Cyber threats don’t adhere to borders, which is why international collaboration is a key part of the administration’s approach to cyber security,” said the director of the United States Cybersecurity and Infrastructure Security Agency (CISA).

“The MoU allows us to strengthen our existing partnership with Singapore so that we can more effectively work together to collectively defend against the threats of today and secure against the risks of tomorrow,” she added. The agreement comes just weeks after the CSA flagged an increase in cyber threats, such as ransomware and online scams since the pandemic started in 2020.

According to new figures in CSA’s Singapore Cyber Landscape (SCL) 2020 report, released in July, the CSA’s SingCERT (Singapore Computer Emergency Response Team) handled more than 9,000 cases last year, compared to nearly 8,500 cases reported in 2019 and 4,977 cases in 2018. The latest threat tally marks the second consecutive year of increases in cyber threats handled by the agency.

“Although the number of phishing incidents remained stable and website defacements declined slightly, malicious cyber activities remain a concern amid a rapidly-evolving global cyber landscape and increased digitalisation brought about by the COVID-19 pandemic,” CSA said in a statement.

The agency asserted that throughout 2020, it observed global threat actors capitalising on the pandemic’s anxiety and fear, with ramifications felt by individuals and businesses. These threat actors specifically targeted e-commerce, data security, vaccine-related research and operations, and contact tracing operations. Some of the observed global threat actor trends were mirrored locally, according to CSA, with an increase in ransomware incidents and the emergence of COVID-19-related phishing activities in the region, the latter of which coincided unsurprisingly with the rise of work-from-home (WFH) arrangements.

Breaking down the types of threats observed, the latest report reveals that 89 ransomware cases were reported to CSA in 2020, a 154% increase from the 35 cases reported in 2019. These incidents primarily impacted small and medium-sized businesses (SMEs) in industries such as manufacturing, retail, and healthcare.

The CSA also stated that the rise in local ransomware cases was most likely influenced by the global ransomware surge, with three distinct characteristics observed as ransomware operators deployed increasingly sophisticated tactics: shifting from indiscriminate, opportunistic attacks to more targeted ‘Big Game Hunting’; the use of ‘leak and shame’ tactics; and an increase in ransomware-as-a-service (RaaS).

Looking ahead, the report identified several emerging cybersecurity trends to keep an eye on in the context of an increasingly complex and dynamic cyber threat landscape. According to the CSA, one of the major trends to keep an eye on is the continued evolution of ransomware attacks.

EXCLUSIVE! Governance of Effective Data Protection in the Information Age

Thailand has made significant progress in enhancing its governance systems for data protection in recent years. However, to guarantee that citizens are empowered to exercise their rights and simultaneously hold corporations accountable for their data practices, it is essential to increase public knowledge and education on data protection.

Process optimisation for data governance and management is a key component of Thailand’s digital transformation. In recent years, the nation has made enormous strides in the digital sphere, and the continued success of this transformation will rely on efficient data governance and management systems.

Effective data management is only one aspect of data governance. It also relies heavily on the development of terms and guidelines for data rights, obligations and principles. These are the basic tenets of sound governance that inspire confidence in the generation, collection, processing and use of data by corporations and governments.

To unlock the full potential of data, it is crucial to establish the necessary infrastructure, regulations and standards through collaboration between public sector organisations, non-governmental actors and other relevant stakeholders.

Institutions and stakeholders within the data governance ecosystem must possess the skills, resources and incentives to carry out their duties effectively and to maximise the value of their data.

Robust information and data governance is crucial to ensure that data is accurate, reliable, secure and accessible when needed. This is especially important in low- and middle-income countries where data literacy levels may be low, and the quality of data may be poor.

In any context, however, public trust is crucial in using any derived insights to spur civic change. Confidence can be gained by developing and implementing clear policies and regulations around data collection, storage, sharing and usage. Agencies must also respect privacy, provide transparency and ensure accountability around these processes.

The OpenGov Breakfast Insight on 16 March 2023 held at Amari Watergate Bangkok delivered current information on the right technologies, data governance policies, regulations and frameworks to drive the quality, accuracy and availability of insights for Thailand’s public sector organisations.

Opening Remarks

Kicking off the session, Mohit Sagar, CEO & Editor-in-Chief, OpenGov Asia acknowledges that with the proper data governance, an organisation can rest assured that its data is being managed effectively and used in accordance with all regulations and standards.

“The effective management of data ensures its consistency and reliability and prevents misuse. This is becoming increasingly crucial for businesses, as they are subject to new data privacy regulations and rely heavily on data analytics to enhance efficiency and make informed strategic decisions,” he believes.

Good data governance enables improved access to information and better decision-making by both government officials and the public. This is achieved through the transparent, responsible and secure management of data.

“If government agencies are going to work together effectively, they need data governance policies that will make sure their information is shared in a way that is secure, appropriate and legal,” Mohit asserts.

Data governance is the systematic process of managing the availability, usability, integrity and security of data in enterprise systems, based on internal data standards and usage policies in line with government regulations. The process ensures that data is reliable, consistent and not abused.

“As organisations content with new data privacy regulations and rely on data analytics to optimise operations and drive business decisions, robust data strategy with sound governance is crucial,” Mohit says. “Using a collaborative process, this assists in dismantling data silos and harmonising data from various systems.”

Effective oversight is vital to ensuring the proper use of data and preventing the potential misuse of sensitive information, like customer data. Effective data governance enhances business decision-making by supplying better information, resulting in competitive advantages, increased revenue, and increased profits.

Self-service data solutions reduce reliance on IT staff and promote quicker and more informed decision-making across the entire organisation by allowing non-technical users to freely access, modify and analyse data.

To implement data governance, organisations must establish rules, processes and standards for managing data. This includes defining roles and responsibilities, ensuring data quality and addressing privacy and security concerns.

Data governance and cybersecurity are closely related as cybersecurity plays a crucial role in protecting sensitive information from unauthorised access. It helps to maintain data privacy and confidentiality while reducing the risk of cyberattacks or data breaches that could potentially compromise the functioning of government systems and erode the trust of citizens. Therefore, cybersecurity is an essential component of data governance.

In the end, implementing data governance can have several benefits, including improving the speed, agility and precision of decision-making while maintaining privacy and security. Moreover, it can also assist organisations in maximising the value of their data assets.

Welcome Address

Pawasut Seewirot, Software Country Leader at IBM Thailand, delivered a welcome address to the attendees where she acknowledged their crucial role in promoting an understanding of data governance concepts, such as privacy and security.

The field of intelligent automation mainly comprises advanced technologies, including artificial intelligence, business process management, and robotic process automation. It leverages cutting-edge tools such as analytics, machine learning, deep learning, and natural language processing to accomplish its objectives.

“Combining these technologies has enabled intelligent automation to produce some of the most cutting-edge solutions utilised by contemporary business leaders,” Pawasut observes.

Digital transformation, however, can often come at a high cost. The proliferation of vendors can create a bottleneck for IT staff, with disparate vendors, tools, and processes required to obtain support for expanding data centres.

IBM Technology helps businesses and CIOs solve these issues. As organisations rapidly undergo digital transformation and change, utilising global technology lifecycle support and services for IBM Systems products will benefit the organisations.

“Our organisation provides global technology lifecycle support and services. As a world-class provider, we are committed to providing an outstanding client experience, as evidenced by our Net Promoter Scores,” Pawasut claims.

As organisations continue to rely more heavily on digital technology to gain a competitive edge, safety becomes a growing concern. A strong cybersecurity strategy includes multiple layers of defence to combat cybercrime, such as cyber-attacks that attempt to access, change, or destroy data, extort money from users or the organisation, or disrupt normal business operations.

Security system complexity can increase costs due to contrasting technologies and a lack of in-house expertise. However, organisations can effectively combat cyber threats and reduce the lifecycle and impact of breaches by implementing a comprehensive cybersecurity strategy that adheres to best practices and is automated using advanced analytics, artificial intelligence, and machine learning.

Pawasut stresses the importance of a data platform which is a set of technologies that function collectively to meet an organisation’s end-to-end data needs. It allows organisations to acquire, store, prepare, deliver and govern their data, as well as provide a security layer for users and applications.

“A data platform is essential for maximising the value of your data,” says Pawasut. “A modern data platform attempts to solve numerous problems. It is a collection of interoperable, scalable, and replaceable technologies that work together to meet the complete data requirements of an enterprise while ensuring its security.”

Technology Insight

While the world has been disrupted by various events, Kieran Hagan, Data, AI, and Automation Principle Technical Sales Manager (ASEANZK), IBM recognises that digital transformation remains a significant driving force for change.

“The pandemic has hastened the adoption of digital solutions to keep up with the ever-changing requirements of their customers,” Kieran observes.

As technology advances and consumers rely more heavily on digital channels, the trend toward digital transformation is expected to continue, creating a greater need for easily accessible and understandable data. As a result, there is a greater demand for consumable data – information that is easily accessible and understandable – from which people can make informed decisions.

To improve service delivery, Kieran emphasises the importance of engaging citizens and providing them with personalised, integrated experiences across government services. This is essential for any government seeking to improve citizens’ trust, satisfaction, and overall experience by making it easier for them to access and benefit from the services they require.

Sonoma County is an excellent example of a government that prioritised strengthening its safety net and reformed its approach to meeting the needs of its most vulnerable individuals and families.

Kieran emphasised the need to digitally modernise workflows and operations, maintain regulatory compliance and foster innovation while reducing costs. DataOps is emerging as the optimal strategy for managing data to enhance the agility and effectiveness of organisations.

DataOps, like its predecessor DevOps, emphasises software development collaboration, automation, and continuous delivery. It also aims to eliminate the silos between teams involved in data management, such as data engineers, data scientists, and business analysts.

According to Kieran, the advent of DataOps represents a significant shift in the way that organisations manage and leverage data and by adopting a more agile and collaborative approach to data management, organisations can make better use of their data, respond more quickly to changing business needs, and gain a competitive advantage in their respective markets.

The emphasis on data quality is a key feature of DataOps. DataOps is concerned with ensuring data accuracy, completeness, and consistency, all of which are critical for making sound business decisions. Data quality issues are identified using automated testing and validation technologies before they have an impact on company operations.

Kieran cited the efforts of the Government of Odisha (India), which worked to combat welfare fraud and ensure that the most vulnerable members of the population received the necessary assistance.

The government of Odisha (India) used IBM Analytics tools to combat welfare fraud, identifying approximately 500,000 false beneficiaries. The government was able to ensure that resources were delivered equitably and tax rupees were used more efficiently by leveraging available insights on citizens. This effort aided the government in providing appropriate assistance to those in need while also eradicating fraudulent activities that siphoned off valuable resources.

Securing and protecting people, the nation, and infrastructure while mitigating data collaboration risks across hybrid cloud environments is of the utmost importance in the current digital era. The proliferation of cloud computing and hybrid cloud environments, as well as the accompanying cyber security challenges, now necessitate that governments strike a balance between securing their data and infrastructure and ensuring that essential information is accessible to those who require it.

To mitigate risks associated with data collaboration in hybrid cloud environments, businesses should implement a comprehensive security strategy that combines technologies, processes, and policies. Hence, artificial intelligence (AI) is a valuable tool.

“Artificial intelligence is being incorporated into daily life, business, government, and other fields. IBM assists individuals and businesses in securely adopting AI,” Kieran shares. “Only by incorporating ethical standards into AI applications and processes can build a trustworthy system.”

A holistic approach with strong security measures, transparency, accountability, and secure technology design is highly recommended, according to Kieran. Thus, the effectiveness of the strategy is enhanced by a continuous drive for information and education.

Fireside Chat

Dr Supot Tiarawut, President & CEO, Digital Government Development Agency, Thailand, is of the opinion that organisations’ failure to implement effective data management and governance strategies hinders their ability to fully leverage their enterprise data.

Such strategies are necessary for laying a strong data foundation. Strong fundamental data can offer critical insights for a wide range of applications, including understanding public behaviour and making critical decisions.

Some countries have given particular attention to the strategic value of understanding and interpreting data as well as the unrealised economic potential of underutilised data.

“Establishing a data foundation has specific challenges, but if organisations fully understand these challenges, they will be able to overcome them and benefit from efficient master data management,” Dr Supot believes.

Data governance is the practice of understanding where the data is, how it is used, and whether it is adequately protected. Good data governance ensures the integrity and consistency of data.

Effective data governance creates a governed data foundation for insights, secures data privacy, and simplifies data management by establishing policies and regulatory compliance. Public sector staff must have the knowledge and skills to effectively and safely manage and use data.

“The lack of data literacy in government agencies emphasises the importance of effective data governance policies,” Dr Supot furthers.

In today’s dynamic and ever-changing enterprise environment, data governance is a must. Businesses today collect massive amounts of data from various sources, and data governance assists organisations in managing risk, maximising value and lowering costs.

Inconsistencies in various systems across an organisation may remain unresolved in the absence of effective data governance. Using data governance best practices allows organisations to maximise their data while avoiding operational or analytic issues caused by data disparity.

“We should have a good definition of what data governance is,” says Dr Supot. “It encourages all government agencies to utilise their data and use it efficiently as well as integrate their data to make good decisions.”

In Thailand, there is a growing understanding that instead of solely mandating government agencies to implement data policies strictly according to established guidelines, it may be more effective to first align these policies with the agencies’ goals or purposes, and then provide them with specific steps that can help them get started.

The government in Thailand is planning to ask each agency to identify the type of data they are utilising, and once they have this information, they will inquire about the data’s processing and how it will be protected. This approach will enable the government to better understand the data management practices of each agency and identify any potential issues that need to be addressed.

“As a result, we can ensure sufficient data security so that no information leaks occur,” Dr Supot is confident.

Standardising data definitions across an enterprise or agency is a common objective of data governance, but there may be other objectives and goals that depend on the specific focus of a data governance program.

To establish an effective data governance framework, it is important to develop principles that are appropriate for the specific environment in which the organisation operates. These principles should guide the overall approach to data governance and help ensure that data is managed in a way that is consistent, reliable, and aligned with the goals and objectives.

Collaboration between the government and the private sector is essential for effective data governance. Among the key principles of data governance are public integrity, transparency, accountability, auditability, and standardisation. By adhering to these principles, data is managed in a way that is consistent, trustworthy and compliant with relevant regulations and standards.

Closing Remarks

Pawasut stressed the growing need for skilled professionals in data management as businesses increasingly look to data for competitive advantage. She believes that by addressing the data management skills gap, organisations can help individuals advance in their careers and organisations realise the full potential of their data.

“We are taking all possible measures to address the shortage of skilled workers,” confirms Pawasut. “But closing the gap will require collaborative efforts among individuals, groups and communities.”

Changing an organisation’s innovation culture is a challenging and time-consuming endeavour that requires sustained efforts over time. Pawasut invited interested delegates to get in touch with them to arrange an innovation workshop.

These workshops are valuable because they help foster originality, teamwork, knowledge acquisition and participant involvement. They provide a platform to generate new ideas, solve complex problems and learn from the experiences, insights and perspectives of others.

Innovation workshops can also boost morale and commitment to the company’s success and can be a useful tool for organisations that want to foster innovation and maintain competitiveness in a dynamic market.

Mohit is convinced that the success of developments in data governance depends on the effectiveness of collaboration.

“Integral to ensuring that an organisation’s information management procedures and policies are effective, streamlined, and company-wide adopted is bringing together diverse stakeholders, each with their own distinct perspectives and skills.”

There is an opportunity for corporate IT departments to build trust around enterprise data stores, allowing employees to work with IT to improve data quality, governance and security. This transition may be challenging for some organisations as it may require changes in culture, processes and technology, but it is essential for organisations that want to maximise the value of their data assets.

“Ultimately, a digital partnership’s objective is to generate a competitive advantage. Businesses can leverage one another’s strengths to better serve customers and expand,” Mohit concludes.

EKSKLUSIF! Efektif Kelola dan Lindungi Data di Era Informasi

Di era digital, data telah muncul sebagai sumber daya strategis nasional yang vital dan memiliki peran yang semakin penting dalam pemerintahan. Namun, tantangan pengelolaan data terus bermunculan. Perbaikan pengelolaan dan manajemen data bisa meningkatkan kualitas data yang disediakan agar bisa digunakan untuk menakar risiko dalam pengambilan keputusan. Peningkatan kualitas data dilakukan untuk memastikan bahwa data yang tersedia akurat, andal, aman, dan dapat diakses saat dibutuhkan.

Saat ini, data menjadi senjata utama untuk memenangkan persaingan. Ketersediaan data yang berkualitas jadi kian penting. Organisasi perlu membuat dan menerapkan manajemen data yang terintegrasi. Untuk membuka potensi data seutuhnya, penting bagi organisasi untuk menetapkan infrastruktur, peraturan, dan standar yang diperlukan. Untuk memanfaatkan aset data tersebut, organisasi harus memprioritaskan pengoptimalan proses tata kelola dan manajemen data yang efektif.

Selain itu, sumber daya manusia yang mengelola data pun patut menjadi bahan perhitungan. Institusi dan pemangku kepentingan dalam ekosistem tata kelola data harus memiliki keterampilan, sumber daya, dan insentif yang tepat untuk menjalankan tugas mereka secara efektif dan memaksimalkan nilai data mereka.

Masalah keamanan menjadi persoalan lain yang mengganjal. Serangan siber dan pembobolan data menjadi ancaman signifikan bagi negara dan bisnis di seluruh dunia. Sebagai konsekuensi, baik sektor publik maupun swasta harus terus mencari berbagai cara efektif untuk mengatasi masalah keamanan yang semakin mendesak.

Data akan memberikan insight yang lebih baik jika terjadi integrasi data dari berbagai sumber. Tujuan utama integrasi data adalah untuk menghilangkan silo dan menyediakan akses untuk berbagi data dengan aman di dalam organisasi. Hal ini dicapai lewat kolaborasi untuk menyelaraskan data di berbagai sistem.

Perbaikan tata kelola dan sistem manajemen data ini bisa dilakukan Thailand melalui kolaborasi antara pemerintah, bisnis, dan pemangku kepentingan lain. OpenGov Breakfast Insight, pada 16 Maret 2023 di Amari Watergate Bangkok, menyampaikan informasi terkini tentang kebijakan, peraturan, dan kerangka kerja tata kelola data untuk mendorong peningkatan kualitas, akurasi, dan membuka wawasan pengelolaan data bagi pemerintahan Thailand.

Sambutan

Mohit Sagar OpenGov Asia — Mohit Sagar Mengelola dan berbagi data untuk mendapat manfaat berlipat dari sumber minyak baru

Meski data dianggap sebagai tambang minyak baru, namun tata kelola data yang buruk membuat mereka enggan berbagi data itu dengan pihak lain. Imbasnya, data hanya menjadi tumpukan di penyimpanan tanpa manfaat maksimal.

Untuk itu, Mohit Sagar, CEO dan Pimpinan Redaksi OpenGov Asia, menekankan organisasi perlu memiliki kebijakan tata kelola data yang efektif untuk keberhasilan kolaborasi antar departemen di pemerintahan. Tata kelola ini diperlukan untuk memastikan bahwa data dibagikan dengan aman, benar, dan sesuai dengan undang-undang dan peraturan yang berlaku.

“Sudah sejak lama data dianggap sumber minyak baru. Tapi, apakah kita berbagi data? Banyak organisasi tidak berani membagikannya. Mereka menyembunyikannya, atau menahannya. Karena menurut mereka, data itu sangat berharga sehingga data tersebut tidak boleh dibagikan. Sebagian berkilah (belum berbagi data) lantaran belum memiliki tata kelola data yang baik,” papar Mohit.

Namun, data hanya bisa bermanfaat jika diolah. Bahkan, data bisa memberikan perspektif dan insight menarik dan solutif jika dikolaborasikan dengan data dari organisasi-organisasi yang berbeda. Tidak seperti minyak bumi yang sekali pakai akan habis, data bisa memberikan manfaat berulang kali. Pengguna bisa mendapat manfaat dan insight yang berbeda, tergantung dari cara pengolahan data.

Lantas, mengapa tata kelola data menjadi penting? Manajemen data yang efektif dapat menjadi fondasi untuk mendukung pemerintahan yang terbuka. Sebab, dengan integrasi data, pemerintah bisa memastikan bahwa data yang mereka miliki ditangani secara transparan, bertanggung jawab, dan aman. Sehingga, data-data itu bisa membangun pengambilan keputusan yang lebih baik oleh para pejabat pemerintah dan publik.

Tata kelola data yang baik membantu pengelola untuk mengetahui siapa pemilik dan pengakses data yang sah. Tata kelola ini juga membuat para pegawai non teknis untuk mengakses, mengubah, dan menganalisis data untuk membantu pekerjaan mereka Sehingga, mereka tidak perlu bergantung pada karyawan TI untuk mengolah data itu. Hal ini memberikan dampak baik pada pengambilan keputusan yang lebih cepat dan lebih terinformasi di seluruh lini organisasi.

Namun, keamanan data juga patut mendapat sorotan. Keamanan siber adalah komponen penting dalam tata kelola data. Sebab, hal itu bisa melindungi informasi sensitif dari akses yang tidak sah, memastikan privasi dan kerahasiaan data, serta mengurangi risiko serangan siber atau pelanggaran data. Jika hal ini lalai diawasi, maka akan membahayakan integritas operasi pemerintah dan kepercayaan warga terhadap pemerintah.

“Anda tidak dapat bersembunyi di balik kata keamanan atau privasi sebagai tameng untuk tidak memanfaatkan data yang Anda miliki. Pakai data yang Anda miliki untuk memberi wawasan dan perbaikan layanan,” tandas Mohit

Pembuka

Transformasi dan perubahan digital diadopsi dengan cepat oleh berbagai organisasi. Oleh karena itu, IBM membantu adopsi ini dengan berbagai dukungan dan layanan teknologi. Pawasut Seewirot, Software Country Leader IBM Thailand, menyebut perusahaannya memiliki banyak solusi untuk membantu klien mengelola dan mendapat manfaat terbaik dari data mereka, mulai dari software, AI, hingga automasi.

Pawasut menyebut IBM bisa membantu meningkatkan pemahaman tentang konsep tata kelola data yang baik, termasuk masalah privasi dan keamanan. Mereka juga menyediakan solusi pengelolaan data dengan automatisasi dan kecerdasan buatan.

“Platform data sangat penting untuk memaksimalkan nilai data Anda. Kami siap berdiskusi untuk memecahkan masalah Anda menggunakan teknik Design Thinking atau teknik lain,” kata Pawasut.

Gabungan dari beberapa teknologi ini telah memungkinkan IBM melakukan berbagai automatisasi. Solusi ini bisa digunakan oleh para pemimpin bisnis sembari tetap menjaga keamanan dan privasi data pengguna.

Untuk mengamankan data, IBM memiliki strategi keamanan siber berlapis untuk membentengi sistem dari kejahatan dunia maya. Peretasan sistem bisa mengganggu operasional bisnis imbas dari akses yang tidak sah, perubahan atau penghancuran data, hingga pemerasan (ransomware).

Sistem keamanan yang kompleks membuat biaya membangun keamanan sistem kian membengkak akibat perbedaan teknologi dan kurangnya keahlian dari internal organisasi. Untuk menekan biaya, organisasi dapat menerapkan strategi keamanan siber komprehensif yang memanfaatkan automasi, analitik canggih, kecerdasan buatan, dan pembelajaran mesin.

Insight Teknologi

Setelah pandemi COVID-19 melanda, permintaan data kian melonjak imbas maraknya sistem kerja dari rumah (work from home/ WFH). Usai pandemi, tetap ada keinginan untuk bisa mengakses data kapan saja dan di mana. Sehingga peningkatan Information on Demand akan tetap selalu ada.

“Dan ini adalah peluang besar, tetapi juga memberi tantangan baru setelah pandemi. Saya akan memberikan beberapa contoh penerapan hal ini di berbagai negara,” jelas Kieran Hagan, Manajer Utama Penjualan Teknis Data, AI, dan Automasi IBM.

Pertama, terkait dengan integrasi data. Pemerintah Sonoma County di Amerika Serikat (AS) telah merasakan dampak bagaimana integrasi data membantu mereka mengurangi jumlah warga yang terlantar akibat kebakaran hebat di kawasan itu. Kebakaran itu melalap habis 36 ribu are lahan dan menghanguskan seribu rumah. Banyak dari warga yang terlantar dan ditempatkan di tenda-tenda darurat. Namun, setelah dua pekan, tenda-tenda tersebut harus dibongkar dan sebagian orang tak memiliki tempat tinggal.

Akan tetapi, sistem informasi yang dimiliki oleh pemerintah AS berdiri sendiri-sendiri (silo). Pemerintah Sonoma County lantas berdiskusi dengan IBM untuk menghubungkan semua data itu, sehingga bisa diakses oleh warga dengan mudah.

IBM lalu membantu pemerintah dengan merancang strategi untuk mengintegrasikan 16 badan pemerintah lokal ke dalam satu situs yang kemudian dinamai Akses Aksi Kepedulian untuk Kemandirian (Accessing Coordinated Care to Enable Self Sufficiency/ ACCESS). “Situs ini melayani 91 ribu klien dan mengurangi jumlah warga terlantar sebanyak sembilan persen,” terang Kieran.

Kedua, terkait dengan kematangan data. Kematangan data berkaitan erat dengan DataOps. Fungsi DataOps mirip dengan DevOps namun dikhususkan dalam konteks manajemen data. Data memiliki aliran dan prosesnya sendiri, sehingga fungsi DataOps adalah mengatur alur data yang disimpan dalam jumlah besar. Jadi, DataOps hadir untuk membuat aliran informasi agar lebih mudah dikonsumsi oleh analis dan data scientist untuk diekstrak menjadi insight.

Dalam kasus ini, IBM membantu Bank ING. Bank yang berdiri secara global itu memiliki informasi yang terpisah (silo) dengan 14 ribu cabang yang tersebar di berbagai negara. Pada 2014, mereka berdiskusi dengan IBM untuk membuat semantic information layer agar semua cabang mereka bisa mengakses satu sumber informasi yang sama.

Mereka lantas mengembangkan layanan itu menggunakan layanan open source yang digabungkan dengan teknologi IBM agar bisa membuka akses jaringan ke semua perusahaan mereka di berbagai belahan dunia lewat proyek Egeria.

“Platform ini menjadi penggerak teknologi yang bagus, walaupun industri perbankan pada dasarnya terikat dengan berbagai peraturan dan hukum yang ketat. Mereka tetap bisa menjaga keamanan, sembari mendapat kebebasan akses data.”

Hal serupa terjadi pada pemerintah provinsi Odisha, India. Proses manual membuat mereka kesulitan untuk membayarkan paket bantuan sosial. Mereka bermasalah dengan penipuan (fraud), data yang tidak lengkap, dan mesti menyelia 45 juta dokumen, mulai dari SIM, arsip pajak, pensiun, hingga asuransi. Dengan automasi data, mereka berhasil mengurangi 60% pekerjaan penyelidikan secara manual dan menemukan 500.000 kasus kesalahan pembayaran ke orang yang tidak tepat sasaran.

Program ini dinilai sangat berhasil, sebab membuat pekerjaan pemerintah menjadi lebih efisien dan membuat program kesejahteraan lebih tepat sasaran. Selain itu, biaya yang dihemat lewat automasi membuat kelebihan pendanaan dapat dialihkan ke program lain.

“Ini adalah contoh di mana akses informasi dapat memberikan hasil dan meningkatkan penghematan,” tegas Kieran. “Perubahan yang bisa menghasilkan layanan masyarakat yang lebih baik, tetapi juga menciptakan program-program baru.”

Ketika berbicara soal pengelolaan data dengan kecerdasan buatan (artificial intelligence/ AI), Kieran salut dengan upaya pemerintah Thailand. Negara itu tengah gencar melakukan pembaruan kebijakan dan mendorong peningkatan sumber daya manusia di bidang AI.

Banyak organisasi tengah menggandrungi AI. Sebagai contoh, pada 2018, pengembangan AI hanya mendapat porsi 15% dari anggaran organisasi pada umumnya. Namun, saat ini dana pengembangan AI naik hingga 52% anggaran.

“Tetapi sebagian besar organisasi tidak dapat menggunakan AI kecuali hasil rekomendasinya terpercaya. Anda harus bisa menjelaskan bagaimana AI bisa mendapat jawaban itu. Ini adalah sebuah tantangan,” tegasnya.

Dalam kasus ini, IBM membantu sebuah agensi pemerintah di Eropa yang ingin melihat analitik media sosial dengan memanfaatkan teknologi open source untuk mengetahui perkembangan isu yang terjadi di media sosial dan siap siaga jika terjadi situasi darurat.

Kerja sama keduanya menunjukkan bahwa pengawasan dan pengolahan data dari berbagai sumber di media sosial dengan AI tetap bisa dilakukan tanpa melanggar privasi warga. Platform yang mereka buat tetap bisa mematuhi aturan privasi data GDPR (General Data Protection Regulation) Eropa yang ketat.

Fireside chat: Membangun data menjadi insight

Menurut Dr Supot Tiarawut, Presiden & CEO Badan Pengembangan Pemerintah Digital, terminologi data sebagai sumber minyak baru sudah muncul dalam 10 tahun terakhir. Namun, dalam praktiknya, hal ini masih sebatas slogan di atas kertas karena masih banyak pemerintah yang belum bisa mengoptimalkan penggunaan data yang mereka punya. Sehingga banyak proses administrasi yang masih dilakukan secara manual menggunakan kertas, terutama pada pemerintahan daerah.

“Mereka bahkan hanya akan memindai kertas itu dan diunggah ke dalam sistem untuk membuatnya menjadi digital. Jadi, saya pikir itu masalah yang cukup besar, karena kami tidak mendapatkan data yang benar-benar digital,” tuturnya.

Untuk melakukan tata kelola data, Supot menyebut tidak ada satu solusi yang tepat untuk semua. Maksudnya, solusi yang cocok untuk satu organisasi tidak bisa langsung disalin dan tempel ke organisasi lain. Tata kelola mesti disesuaikan dengan kebutuhan organisasi tersebut.

“Anda mesti punya definisi yang jelas mengapa perlu tata kelola data seperti apa yang ingin dibangun,” jelasnya.

Ia pun sepaham soal pentingnya kolaborasi data antar organisasi pemerintahan. Menurutnya, memiliki sumber data yang lebih kaya bisa membantu membuat kebijakan yang lebih komprehensif dan membuat keputusan yang lebih baik. Pertukaran data bisa memfasilitasi penyediaan layanan yang lebih baik ke masyarakat.

Untuk mendorong integrasi data, Supot membeberkan langkah yang sudah dilakukan pemerintah Thailand. Supot mendorong badan pemerintah di Thailand untuk menentukan tujuan-tujuan mereka, bukan dengan memberikan buku petunjuk saja. Pertama, pihaknya membuat kelompok kerja data teknis. Namun, kebanyakan organisasi itu tidak tahu data apa saja yang mereka miliki. Sehingga, Supot meminta mereka untuk membuat katalog data yang dikombinasikan dengan Open Data.

Setelah tujuan manajemen data ditentukan, pihaknya lantas memberikan tuntunan untuk menerapkan teknologi yang dibutuhkan. Setelah setahun berjalan, ternyata mereka menemukan kalau data yang mereka dikumpulkan tidak begitu menarik. Sehingga, dalam setahun ke depan mereka akan mencoba untuk mengumpulkan data berdasarkan permintaan pengguna. Mereka akan melakukan diskusi dengan pemakai data, apa saja data yang dibutuhkan. Setelah data tersebut masuk dalam sistem dan proses tata kelola data, maka langkah selanjutnya adalah melakukan perlindungan data. Hal ini diperlukan agar tidak terjadi kebocoran data.

Penutup

Pada akhirnya, Pawasut mendorong peningkatan orang-orang yang memiliki keterampilan manajemen data agar organisasi bisa lebih kompetitif dengan data yang mereka punya. Namun, membina tenaga terampil membutuhkan waktu. Sehingga, jika perubahan manajemen data perlu dilakukan dalam waktu singkat, bantuan pihak ketiga seperti IBM bisa dimanfaatkan.

“Mengubah budaya organisasi adalah tugas yang sulit, memakan waktu, dan perlu usaha yang berkelanjutan. Jika Anda membutuhkan bantuan untuk melakukan workshop inovasi, kami siap membantu,” tuturnya.

Di sisi lain, Mohit menyatakan bahwa keberhasilan pengembangan tata kelola data bergantung pada efektivitas kolaborasi. Selain itu, diperlukan kepemimpinan yang kompeten agar inovasi organisasi bisa berjalan tepat dan agresif.

Menurutnya, sulit untuk mengubah kultur organisasi dengan teknologi jika pemimpin organisasi itu tidak memahami teknologi. Sehingga ia menghimbau untuk mempercepat inovasi dalam organisasi, di mana setiap individu dapat menjadi pembawa perubahan itu.

Sebagai penutup, Mohit kembali menekankan pentingnya kolaborasi. Sebab, tujuan kemitraan digital adalah agar bisnis dan organisasi bisa lebih kompetitif dan memanfaatkan kekuatan satu sama lain, agar bisa memberikan layanan yang lebih baik kepada pengguna dan masyarakat.

Cyber Resilience to Support Indonesia’s Digital Economy

Indonesia is emphasising the digital economy as one of its three ASEAN 2023 priorities. The government’s goals of speeding up the transition to a digital economy and strengthening the digital infrastructure are reflected in this effort.

The dynamics of the digital economy provide insight into the progress of digital transformation. By 2022, Indonesia’s digital economy is expected to be worth USD 77 billion, making it the largest in Southeast Asia. This amount represents 40% of the ASEAN economic market share on the internet. The value of Indonesia’s digital economy is forecast to exceed USD 130 billion by 2025, adding urgency to the need for a digital transformation.

Airlangga Hartarto, Minister of the Economy Coordinator, stressed the need for enhanced cybersecurity capabilities to foster expansion in the digital sector. By 2024, cybercrime related to data leaks might cost the global economy up to US$5 trillion. Hence, measures should be taken to ensure the privacy and security of digital data.

“I’d like to extend an invitation to everyone here, especially the attendees of the summit, to work together in support of cyber resilience and data security to hasten digital transformation and increase national economic resilience. Let’s work together to make the digital space,” Airlangga suggested when introducing the 2023 DataSecureAI Web Summit in Jakarta’s Central District.

According to the Interpol Cyber Assessment (Report 2021), 2.7 million ransomware attacks were recorded in ASEAN nations between January and September of 2020. With 1.3 million instances, Indonesia as having one of the highest cases.

On October 17, 2022, the government took a significant step towards bolstering cyber security in the country by enacting Law Number 27 of 2022 About the Protection of Personal Data (UU PDP).

Airlangga disclosed that the government is still working on a structural reform plan to achieve economic development that benefits everyone. The passage of the Job Creation Law, the pace of digitisation, and the elimination of extreme poverty all continued as part of the ongoing structural reform efforts. The government also deregulated risk-based business licencing (OSS-RBA) in the hopes that it would become a game-changer in attracting new capital.

Additionally, the downstream development of green economy industries and the improvement of Investment Management Institutions geared towards the renewable energy sector become part of the efforts. Indonesia is working to speed up the transition to green technology by developing electric vehicles (EVs) to distribute downstream goods. This approach aims to ensure that the downstream industry always has access to raw materials by increasing investment in the entire value chain for electric vehicle batteries.

President Joko Widodo has stressed the significance of the digital economy, which he said accounts for 15.5% of the global GDP and serves as the key to the future of the global economy. The internet economy has also helped many formerly underserved areas join international supply chains.

Angela Tanoesoedibjo, Deputy Minister of Tourism and Creative Economy and Deputy Head of the Tourism and Creative Economy Agency have advocated for increasing the number and calibre of people working in the digital economy. “With a projected 20% CAGR between 2021 and 2025, Indonesia’s digital economy is poised to reach USD 146 billion in 2025. It is anticipated that by 2030, this number will have increased to $US 330 billion.”

She has called on people in the digital business to be well-versed in humanities and equipped with problem-solving skills. Those future technological growth benefits businesses and contributes to national progress and individual well-being.

EXCLUSIVE! Governance of Effective Data Protection in the Information Age

The management and governance of data are crucial components of an organisation’s operations, ensuring the accuracy, reliability, security and accessibility of information when required. However, with the exponential increase in data generation daily, data management and governance have become more challenging.

Eliminating organisational data silos, sharing data securely and ensuring interoperability are primary objectives of data governance. These objectives are achieved by harmonising data across various systems through a collaborative process, including stakeholders from multiple domains.

As organisations increasingly rely on a range of data sources and data analytics, robust safety and protection frameworks are being put in place. They need to optimise their data governance and management processes to ensure they access clean data and use their data assets safely, effectively, and efficiently in line with these standards.

As governments require compliance with such standards, data governance becomes even more of a priority. In this context, a sound data governance strategy ensures data consistency, reliability, and ethical usage.

In the digital era, data has emerged as a vital national strategic resource and is increasingly crucial in nation-building. However, every day, new data security challenges arise, with cyberattacks and data breaches posing significant threats to countries and businesses worldwide. Consequently, both the public and private sectors are working continuously to find effective ways of addressing these mounting security concerns.

To fully leverage their data assets, organisations must prioritise the optimisation of their data governance and management processes. This includes defining data governance policies and standards, establishing data quality metrics, implementing data governance tools, promoting a data-driven culture, and monitoring and measuring data governance performance. These steps ensure that their data is accurate, reliable, secure, and readily available whenever required.

The OpenGov Breakfast Insight on 14 March 2023 held at Shangri-La The Fort Manila delivered the most effective information and data governance policies, regulations, and frameworks to drive the quality, accuracy, and availability of insights for Philippine public sector organisations.

Opening Remarks

“Data is the new oil,” according to Mohit Sagar, CEO & Editor-in-Chief, OpenGov Asia. “It must be extracted, refined and processed like oil before it can be used.”

If handled appropriately, data possesses the ability to provide remarkable and practical insights, facilitating quick and precise decision-making, which in turn can lead to gaining a competitive edge.

“When data is handled and used correctly, it allows governments to be more effective and efficient in their work. Service delivery and citizen satisfaction reflect such effectiveness and efficiency,” Mohit opines.

Data effectiveness ensures that data is fit for purpose and provides valuable insights. On the other hand, data efficiency is concerned with optimising data processing and use to maximise its value while minimising the resources needed to work with it.

In essence, they are two sides of the same coin. Both the effectiveness and efficiency of data are crucial factors for organisations that rely on data to gain business insights for making informed decisions.

However, the growing volume of data automatically collected by systems introduces a new set of risks, responsibilities and challenges. This current surge in data flow and the prevalence of cybercrime highlights the need for a comprehensive governance framework. It is imperative to implement a rigorous approach to ensure that systems and technology have a solid foundation on which to operate.

The Philippines government enacted Republic Act 10173, or the Data Privacy Act, to establish a legal framework for safeguarding citizens’ data. This law serves as a cornerstone for establishing cybersecurity standards.

Building a well-planned and strengthened foundation enables organisations to fully utilize the benefits of integrated and automated systems. Such an environment creates a seamless platform that further enhances effective and efficient citizen service delivery. It promotes alignment, making interconnectivity, integration and collaboration seamless.

A governance framework has a significant impact on data security. Although collaboration among government agencies is desirable, it comes with increased risk, particularly when data is shared. Cybercriminals can exploit the weakest link at each point where two or more organisations connect.

Nevertheless, with the right planning, the deployment of robust cybersecurity systems and the right monitoring measures could be put in place and serve as a shield against such threats. Proper planning can help establish appropriate security policies, protocols, frameworks and tech solutions. This proactive approach can help prevent security breaches, minimise vulnerabilities, and ensure the protection of sensitive data.

Mohit feels, “One of the most common solutions employed is access control. Once access and permission protocols are set in the governance policies, people across agencies work faster.”

Through such safe collaboration among agencies, data can be more effectively managed, leading to greater accuracy, security and ethical and responsible use of data. Citizens are more likely to trust a government that operates this way, promoting better relationships between governments and citizens.

“Protecting citizens’ data increases the public’s confidence in the government. Public trust is a vital component of economic security and national well-being,” Mohit says.

In the end, the establishment of secure and reliable systems builds confidence, resulting in increased uptake of government services and the best possible citizen experience. By prioritising data governance and security, agencies can foster trust, promote collaboration and enhance service delivery, ultimately leading to better outcomes for citizens.

Welcome Address

In her welcome address, Aileen Judan Jiao, President and Country General Manager of IBM Philippines, welcomed participants and highlighted their role in promoting understanding of data governance concepts, including privacy and security.

“We remain dedicated to re-engaging with the government and our goal is to clarify concepts related to data governance, including privacy and security,” Aileen confirms.

IBM has had a presence in the Philippines for 87 years and has made significant contributions to the government sector by providing technological solutions and services that enhance the efficiency and effectiveness of government operations.

The company has provided technical solutions and services to enhance the efficiency and effectiveness of government operations in the Philippines. They have collaborated with various government agencies to deliver technical solutions and services in industries like healthcare, education and transportation.

Their contributions to the government sector in the Philippines are demonstrated through successful projects such as the Tax Administration System, Disaster Response System, National ID System, and Electronic Passport System. These technological solutions have modernised and streamlined government operations, improving citizen services and promoting national development objectives.

“We know that public-private sector partnerships have the potential to improve the delivery of public goods and services,” Aileen is convinced. “We remained committed to and capable of assisting the government in its digital transformation efforts.”

Technology Insight

Kieran Hagan, Data, AI and Automation Principle Technical Sales Manager (ASEANZK), IBM recognizes that while the world has been disrupted by various events, digital transformation remains a significant driving force for change.

This is especially true in how businesses engage with their customers, as the pandemic accelerated the need for digital solutions to meet the evolving needs of customers.

The trend towards digital transformation is expected to continue as technology advances and consumers rely more heavily on digital channels, leading to a greater need for easily accessible and understandable data.

As a result, there is now a greater need for consumable data – data that is easily accessible and understandable – on which people can make informed decisions.

Kieran emphasises the importance of engaging citizens and providing them with personalised, seamless experiences across government services to improve service delivery. This is crucial for any government looking to make it easier for citizens to access and benefit from the services they require and improve their citizens’ trust, satisfaction and overall experience.

Sonoma County is a great example of a government that prioritised strengthening its safety net and transformed how it addressed the needs of its most vulnerable individuals and families.

Kieran highlighted the need to digitally modernise workflows and operations and maintain regulatory compliance while cutting costs and fostering innovation. DataOps is emerging as the ideal approach to managing data to improve organisations’ agility and efficiency.

DataOps, like its precursor DevOps, emphasises collaboration, automation and continuous delivery in software development. It also seeks to break down the silos between teams involved in managing data, such as data engineers, data scientists, and business analysts.

“The advent of DataOps represents a significant shift in the way that organisations manage and leverage data,” Kieran points out. “By adopting a more agile and collaborative approach to data management, organisations can make better use of their data, respond more quickly to changing business needs, and gain a competitive advantage in their respective markets.”

An essential feature of DataOps is its emphasis on data quality. DataOps focuses on ensuring data accuracy, comprehensiveness, and consistency which are crucial for making sound business decisions. Automated testing and validation technologies are used to identify data quality issues before they affect company operations.

Another example provided by Kieran was the Government of Odisha (India), which sought to address the issue of welfare fraud and ensure that the most vulnerable members of the population received the necessary assistance.

The Government of Odisha (India) utilised IBM Analytics tools to crack down on welfare fraud and identified around 500,000 false beneficiaries. By leveraging the available insights on citizens, the government was able to ensure that resources were delivered equitably and tax rupees were employed more efficiently. This effort helped the government to provide the right assistance to those who need it most and eliminate fraudulent activities that siphoned off valuable resources.

In today’s digital age, securing and protecting people, the nation and infrastructure while mitigating data collaboration risks across hybrid cloud environments are of utmost importance. The rise of cloud computing and hybrid cloud environments and the accompanying cyber security challenges now require governments to balance the need to secure their data and infrastructure while ensuring that critical information is available to those who need it.

To mitigate data collaboration risks across hybrid cloud environments, organisations should implement a comprehensive security strategy that includes a combination of technologies, processes and policies. A potent tool is Artificial Intelligence (AI).

“AI is being integrated into daily life, business, government and other fields. IBM assists individuals and organisations in adopting AI safely. Only by incorporating ethical standards into AI applications and processes can we construct trustworthy systems,” Kieran believes.

A holistic approach with robust security measures, transparency, accountability, and secure technology design is highly recommended. The approach becomes more potent when combined with a continuous drive for information and education.

In Conversation With: Enhanced Data Governance that Empowers Stakeholders

Complex information sets are often the norm in today’s government data systems, necessitating the involvement and input of a wide range of stakeholders. The development of meaningful data necessary for efficient and effective decision-making requires extensive cooperation between numerous stakeholders from various government departments and sectors. Hence, the importance of data accessibility and sharing in realising the full cross-sector potential of all data types has grown in recent years.

Hector Melencio, Assistant Vice President and Head of Information Technology, Philippine Amusement and Gaming Corporation (PAGCOR) revealed that they have open communication and every employee is involved in the whole process.

“We have the training and a customer feedback monitoring system in place, and we welcome all suggestions and input from various employees to assist us in making the data protection process better and simpler for everyone,” Hector said.

During the discussion, it was noted that allowing employees to use their personal devices or computers for official work can lead to such situations, making it challenging for organisations to maintain data privacy and security.

Hector’s agency faces challenges in ensuring data privacy because employees use their personal email addresses, making it difficult to track and secure data. While he understands the convenience of using personal email addresses, he acknowledges the need to persuade employees to use company email addresses to prevent security breaches.

Danilo N. Javier, Chief, Information and Data Management, Department of Energy (DoE) shared that his agency promotes inclusive representation and engaged relevant stakeholders in the data ecosystem through its community engagements, data-sharing policy and an open source platform.

Danilo’s department has implemented a data-sharing policy to improve operational efficiency and increase the trustworthiness of its data ecosystem. This policy empowers and proactively engages all relevant stakeholders, including government agencies and private sector partners. The Department of Energy works with various organisations to ensure the energy needs of the Philippines are met securely and sustainably.

“The policy ensures that data is shared transparently and securely, while also respecting individuals’ privacy and encouraging researchers to share their findings with a broader scientific community,” Danilo explains.

Danilo confirmed that the Department of Energy has a strong commitment to securing data sharing, with a focus on ensuring that data is stored and shared securely through robust data infrastructure.

“We are planning to have a zero trust architecture to further enhance their security measures. Right now, we have standard security measures to protect data, encryption, access control and secure data storage.”

The aim is to ensure that their data ecosystem is trustworthy and reliable, and stakeholders can have confidence in the accuracy and confidentiality of the data being shared.

PAGCOR has similar data privacy and data sharing policies to DoE. To improve the system’s trustworthiness, the agency has data safety and privacy, data encryption, access controls, regular security audits and feedback from various stakeholders, Hector confirms. As an added security measure, they conduct numerous audits and risk assessments regularly.

PAGCOR’s main data storage strategy involves the use of hybrid systems. They combine old and new systems to ensure robust security with continuity. They have been involved in improvements over the past two years, and are in the process of procuring the ERP, HRIS, casino management system and different initiatives that would make them competitive and more secure.

Closing Remarks

In closing, Aileen emphasised two areas in data governance. First is the true value of data and second skills. As organisations seek to leverage data to gain insights, make informed decisions, and achieve strategic goals, there is a growing demand for skilled professionals in data management.

“By addressing the data management skills gap, organisations can help individuals advance in their careers and organisations realise the full potential of their data,” says Aileen. “Rectifying the mismatch requires a collaborative effort from individuals, organisations and communities. We are trying to do our part in terms of the skills problems.”

She encourages participants to approach them to avail themselves of their free data governance co-creation workshop for all organisations.

“Transforming the culture of an organisation is a challenging and prolonged undertaking that necessitates consistent endeavours over time,” says Mohit. “You cannot change the culture of your organisation overnight, but you can make one small change.”

Although it is impossible to instantly transform the culture of an organisation, making minor adjustments can result in substantial long-term outcomes. Even small modifications have the power to spark substantial transformations within a company’s culture and serve as positive catalysts for broader change.

“The success of data governance developments hinges on the power of collaboration. Uniting various stakeholders, each with unique insights and proficiencies, is integral to guaranteeing that organisations’ procedures and policies concerning their information management are productive, streamlined, and embraced throughout the company,” Mohit concludes.

EKSKLUSIF! Efektif Kelola Perlindungan Data di Era Informasi

Manajemen dan tata kelola data adalah komponen penting dari operasi organisasi dengan memastikan keakuratan, keandalan, keamanan, dan aksesibilitas informasi yang diperlukan. Namun, peningkatan jumlah data besar-besaran membuat pengelolaan data menjadi makin menantang.

Tujuan utama tata kelola data adalah untuk menghilangkan silo data di organisasi, berbagi data dengan aman, dan memastikan interoperabilitas. Hal ini dicapai lewat kolaborasi untuk menyelaraskan data di berbagai sistem.

Organisasi makin mengandalkan data sebagai sumber data dan analisis mereka. Untuk mendapat hasil akurat, tata kelola dan manajemen data perlu memastikan data yang digunakan sebagai bahan analisis sudah bersih. Selain itu, perlu ada kerangka kerja untuk keamanan dan perlindungan agar sistem data memiliki konsistensi, keandalan, dan digunakan secara etis.

Di era digital, data telah muncul sebagai sumber daya strategis nasional yang vital dan memainkan peran yang semakin penting dalam pemerintahan. Namun, tantangan keamanan data terus bermunculan setiap harinya, dengan serangan siber dan pembobolan data yang menjadi ancaman signifikan bagi negara dan bisnis di seluruh dunia. Sebagai konsekuensi, baik sektor publik maupun swasta bekerja terus menerus mencari cara efektif untuk mengatasi masalah keamanan yang semakin mendesak.

Untuk memanfaatkan aset data mereka secara sepenuhnya, organisasi harus memprioritaskan pengoptimalan proses tata kelola dan manajemen data mereka. Ini termasuk menentukan kebijakan dan standar tata kelola data, menetapkan metrik kualitas data, menerapkan alat tata kelola data, mempromosikan budaya berbasis data, serta memantau dan mengukur kinerja tata kelola data. Dengan mengambil langkah-langkah ini, mereka memastikan bahwa data mereka akurat, andal, aman, dan tersedia kapan pun diperlukan.

OpenGov Breakfast Insight pada 14 Maret 2023 di Shangri-La the Fort Manila menyampaikan kebijakan, peraturan, dan kerangka kerja tata kelola informasi dan data yang paling efektif untuk mendorong kualitas, akurasi, dan ketersediaan wawasan untuk organisasi sektor publik Filipina.

Sambutan

Mohit Sagar, CEO dan Pimpinan Redaksi OpenGov Asia, menyebut saat ini berbagai organisasi melakukan pengumpulan data, sebab data disebut-sebut sebagai sumber tambang minyak baru. Tapi, semua data yang dikumpulkan tidak akan memberi manfaat jika hanya ditumpuk. Data hanya akan menyumbang pengetahuan dan strategi yang bermanfaat jika dimanfaatkan secara tepat.

“Data hanya akan menjadi sumber minyak baru jika dikonsumsi. Jika hanya disimpan, data hanya menjadi sampah,” tegasnya.

Bahkan, data bisa menjadi sumber bencana jika disimpan tanpa pengamanan yang tepat. Sebab, data-data itu rentan menjadi incaran peretas. Reputasi organisasi pun dipertaruhkan jika data yang seharusnya mereka simpan dengan baik malah tersebar ke publik atau dijual di pasar dark web.

Namun, keunikan data adalah potensinya yang bisa memberikan manfaat berkali-kali. Tidak seperti sumber minyak yang begitu dipakai akan habis, pengguna bisa mendapat manfaat dan insight yang berbeda berdasarkan cara pengolahannya.

Masalah lain dari pengelolaan data adalah soal kebijakan berbagi data. Banyak pemerintahan di Asia Tenggara yang sangat ketat soal kebijakan ini. Indonesia, misalnya. Mereka meminta semua perusahaan besar untuk menaruh data di dalam negeri guna menjaga ketat soal privasi data warga. Pemerintah Singapura juga sangat menyucikan data yang mereka miliki sehingga sangat hati-hati dalam membagikan data tersebut.

Namun, semua berubah ketika pandemi COVID-19 terjadi. Pemerintah Singapura terpaksa membuka akses pada data mereka untuk memfasilitasi para pekerja yang harus bekerja dari rumah bahkan luar negeri. Sementara, Indonesia belakangan menyatakan bahwa saat ini bukan waktu yang tepat untuk menjalankan strategi itu. Indonesia hanya memberlakukan kewajiban menyimpan data di dalam negeri hanya untuk data dengan kriteria tertentu, seperti tertuang pada Peraturan Pemerintah Nomor 71 Tahun 2019 tentang Penyelenggaraan Sistem dan Transaksi Elektronik (PP PSTE).

Mohit mengingatkan agar pengguna membayar harga yang harus dibayar untuk mendapat manfaat dari data yang dikumpulkan. “Olah dan jadikan manfaat,” ajak Mohit. “Atau Anda tak akan mendapat apapun dari data itu.”

Pembuka

Aileen Judan Jiao, Presiden dan General Manager IBM Filipina, mengungkap IBM telah membantu transformasi digital pemerintah selama 87 tahun berkiprah di Filipina. Mereka menyediakan solusi teknologi dan layanan teknologi yang meningkatkan efisiensi dan efektivitas operasional pemerintah.

Pemerintah Filipina telah melakukan sejumlah kerja sama dengan IBM. Di antaranya adalah menghadirkan Sistem Administrasi Perpajakan, Sistem Tanggap Bencana, Sistem ID Nasional, Sistem Paspor Elektronik. Lewat kerja sama ini, IBM membantu modernisasi dan perampingan struktur operasi pemerintah, meningkatkan layanan masyarakat, dan membantu mencapai tujuan pembangunan nasional.

“IBM Filipina juga telah bekerja sama dengan berbagai lembaga pemerintah untuk memberikan solusi dan layanan teknis di industri seperti kesehatan, pendidikan, dan transportasi,” jelas Aileen.

Ia menambahkan bahwa kemitraan pemerintah-swasta memiliki potensi untuk meningkatkan pengiriman barang dan jasa publik, seperti yang ditunjukkan oleh kerja sama IBM dengan pemerintah Filipina.

Terkait dengan pengelolaan data, IBM siap membantu pemerintah dan swasta bagi yang ingin meluruskan sejumlah miskonsepsi dan memberikan solusi terkait dengan pengelolaan data, baik terkait keamanan dan privasi data. “Kami tetap berkomitmen dan mampu membantu sektor publik, khususnya pemerintah, dalam upaya transformasi digital,” tutur Aileen.

Insight teknologi

Dunia telah berubah, sebab kini semua orang bisa dan memiliki akses ke data. Hal pun berimbas pada transformasi digital di berbagai lini kehidupan. Kieran Hagan, Manajer Utama Penjualan Teknis Data, AI, dan Automasi IBM, menekankan dua catatan penting ketika mengelola data, yaitu integrasi data serta pengaturan pengiriman data. Ia lantas membeberkan sejumlah studi kasus bagaimana kedua hal itu bisa membawa manfaat berbagai organisasi pemerintahan di berbagai negara.

Pertama, terkait dengan integrasi data. Pemerintah Sonoma County di Amerika Serikat telah merasakan dampak bagaimana integrasi data membantu mereka mengurangi jumlah warga yang terlantar imbas kebakaran hebat di kawasan itu. Sebelum penerapan integrasi data, tiap departemen di wilayah itu berdiri sendiri dan menggelontorkan solusi masing-masing untuk mengatasi suatu masalah, hingga kebakaran besar pada Oktober 2017 memberikan tekanan hebat bagi pemerintah kota.

Kebakaran itu melalap habis 36 ribu are lahan dan menghanguskan seribu rumah. Banyak dari warga yang terlantar dan ditempatkan di tenda-tenda darurat. Namun, setelah dua pekan, tenda-tenda tersebut harus dibongkar dan sebagian orang tak memiliki tempat tinggal.

IBM lalu membantu pemerintah dengan merancang strategi design thinking untuk mengintegrasikan 16 badan pemerintah lokal ke dalam satu situs yang kemudian dinamai Akses Aksi Kepedulian untuk Kemandirian (Accessing Coordinated Care to Enable Self Sufficiency/ ACCESS). “Situs ini melayani 91 ribu klien dan mengurangi jumlah warga terlantar sebanyak sembilan persen,” terang Kieran.

Pemanfaatan lain adalah lewat pengiriman data yang efektif. Dalam konteks ini, DataOps memiliki peran penting. DataOps adalah proses pengaturan dan perancangan alur data yang disimpan dalam volume yang besar. Fungsi ini penting untuk memudahkan data scientist and analis mengekstrak data menjadi insight.

Sebagai contoh, seperti yang dilakukan oleh pemerintah provinsi Odisha, India. Proses manual membuat mereka kesulitan untuk mengirimkan paket bantuan sosial. Selain itu, cara itu juga membuat mereka kesulitan mendapat pemahaman soal warga mereka. Sehingga, IBM mencetuskan solusi untuk membuat program manajemen data massal.

Pemerintah Odisha lantas mengumpulkan data dari 45 juta aset dokumen yang dicocokkan dan dibersihkan dari data yang repetitif secara real time. Cara ini mengurangi 65% pekerjaan manual yang berkaitan dengan penyelidikan klaim bantuan sosial dan menemukan 500 ribu klaim yang eror. Berkat hal ini, pemerintah bisa memetakan ulang pemberian bantuan sosial yang lebih tepat saran. Sebagian dana yang tidak tepat sasaran juga bisa digunakan untuk menunjang program sosial lain.

“DataOps yang berkualitas tidak selalu berkaitan dengan pengeluaran biaya, namun bisa menjadi penggerak manfaat untuk mencapai target yang tepat sasaran.”

Untuk lingkungan dengan peraturan yang ketat, IBM punya studi kasus dengan ING Bank. Bank itu memiliki informasi yang terpisah (silo) dengan 14 ribu cabang yang tersebar di berbagai negara. Untuk menyatukan seluruh data itu, mereka membuat inisiatif open data platform bersama IBM yang kemudian disebut sebagai Proyek Egeria.

“Platform ini terbuka, dalam jaringan, tetapi disekelilingnya terdapat layanan mandiri dan semantic access layer. Platform ini menjadi penggerak teknologi yang bagus meskipun mereka terikat dengan berbagai peraturan dan hukum. Sebab, mereka tetap bisa menjaga keamanan dan pengaturan yang diharuskan oleh aturan tersebut.”

Ketika menggunakan kecerdasan buatan (artificial intelligence/ AI) untuk mengelola data, Kieran menyarankan agar pengguna memastikan bahwa hasil yang disarankan memang dapat dipercaya. Salah satu rekanan IBM bekerja untuk agensi di Eropa, mereka membuat model yang bisa menganalisis media sosial secara real-time.

Eropa memiliki peraturan privasi data GDPR (General Data Protection Regulation) yang ketat. Namun, kerja sama keduanya menunjukkan bahwa pengolahan data dari berbagai sumber di media sosial dengan AI tetap bisa dilakukan dan tetap selaras dengan aturan GDPR tanpa melanggar privasi warga.

In Conversation With: Perbaikan Pengelolaan Data

Sistem data pemerintah kerap menjadi terlalu rumit. Padahal, pengambilan keputusan berbasis data membutuhkan integrasi data dari berbagai sektor agar bisa melihat permasalahan secara menyeluruh. Untuk mewujudkan integrasi sistem data yang perlu melibatkan berbagai pihak, Danilo N. Javier, Kepala Informasi dan Manajemen Data, Departemen Energi Filipina, mengungkap sejumlah langkah yang mereka ambil untuk melibatkan semua pihak dalam ekosistem data mereka.

“Kami memiliki kebijakan berbagi data dan infrastruktur open source,” tuturnya.

Sementara Hector Melencio, Asisten Wakil Presiden dan Kepala Teknologi Informasi PAGCOR menuturkan perlunya mengembangkan komunikasi terbuka dalam ekosistem data. Dengan komunikasi terbuka, tiap karyawan bisa terlibat dalam proses pengolahan data. Mereka pun terbuka terhadap masukan dari karyawan ataupun pengguna layanan. Sebab, masukan itulah yang berguna untuk memperbaiki kenyamanan penggunaan data.

Berbicara soal keamanan data, Hector juga menaruh perhatian pada penggunaan email pribadi dari pihak penyedia atau pihak ketiga. Ia merasa perlu dilakukan lebih banyak sosialisasi agar pegawai memakai email resmi pemerintah untuk mencegah kebocoran data.

“Kami memastikan kepada mereka bahwa penggunaan email pribadi adalah pelanggaran keamanan dan bisa dikenakan sanksi,” tegas Hector.

Untuk meningkatkan kepercayaan pada pengelolaan data di Departemen Energi, Danilo berpendapat mereka memiliki aturan yang memastikan data dibagikan secara transparan, aman, dan menghargai privasi. Untuk meningkatkan keamanan data, mereka memastikan infrastruktur data yang aman dan mengimplementasikan arsitektur ‘zero trust’, melakukan enkripsi, dan memantau akses pengguna.

Hector menambahkan audit keamanan secara berkala menjadi prasyarat berikutnya seraya mengingatkan agar terus mencari umpan balik dari pihak-pihak yang menggunakan layanan itu. Mereka juga menggabungkan sistem lawas mereka dengan sistem baru. Sistem lawas yang tidak terhubung dengan internet tentu lebih aman. Namun, sistem baru diperlukan untuk menunjang sistem lawas mereka agar lebih lincah dan terpercaya.

Penutup

Sebagai penutup, Aileen menyimpulkan ada dua masalah besar dalam pengelolaan data; apa yang harus saya lakukan dengan data yang dimiliki dan keahlian pengelolaan data. Sering kali organisasi memiliki banyak data yang bagus, tapi Anda tak yakin apa yang harus dilakukan untuk menambang insight terbaik dari data itu. Namun, saat ini kita makin paham bagaimana memanfaatkan data itu dengan baik.

Untuk masalah keahlian, perusahaannya berkomitmen untuk memberikan dukungan kepada organisasi yang membutuhkan. “Kami bisa memberikan pemahaman lebih mendalam, melakukan pelatihan dan memberikan solusi,” tandasnya.

Mohit setuju bahwa banyak organisasi memang lebih mudah menjadi juara penimbun data dan mereka berhenti di situ saja. Mereka tidak berbagi dan menghubungkan dengan data lain untuk mendapat informasi tambahan atau insight dari data tersebut.

Kieran menambahkan untuk mendapatkan insight dari data, banyaknya data yang dikumpulkan tidak menjamin data tersebut menjadi berguna. Ia mencontohkan sejumlah kesuksesan aplikasi pembelajar bahasa seperti ChatGPT, lantaran mereka bisa memproses data yang dimiliki untuk menyajikan konten yang sesuai dengan konteks.

New Zealand: Online Security in the Age of Remote Working

A survey report indicates a growing preference for remote work in New Zealand, with many expressing a desire to replace their daily office commute with a virtual login from home.

For its annual Internet Insights report, InternetNZ surveyed 1,001 New Zealanders aged 18 and above. InternetNZ is the home and guardian of the .nz domain that has the vision to create an internet that is open, secure and for everyone in New Zealand.

Around 60% of individuals were employed in positions that allowed for remote work, and nearly 78% of them worked either partially or fully from home. While this represented a slight decrease from the previous year’s figure of 83%, over half of those surveyed (54%) who had the option to work remotely expressed a desire to do so more frequently.

According to the report, those who had little to no experience with remote work were the most enthusiastic about increasing their frequency of working from home. About half of New Zealanders cited being required to stay in the office for specific hours as a hindrance to working from home more frequently.

The survey found that a net 53% of individuals who had the option to work remotely would consider relocating to a more affordable location with a better quality of life while maintaining their current job. This represents a notable increase from the previous year’s figure of a net 45%.

Vivien Maidaborn, CEO of InternetNZ, said this was food for thought and could stimulate a productive conversation among employers. “This is evolving into a more employee-driven programme. I think it asks companies how to respond culturally, how to respond to make it a positive for productivity and teamwork.”

The survey revealed that compared to the previous year, there was a significant increase in the number of respondents who believed that their workplace culture had improved as a result of more employees working from home. A net 30% of respondents expressed this belief, compared to only 19% in the previous year.

Nonetheless, people have become increasingly concerned about online security. More than half of those who utilised their personal information on the internet were extremely or very concerned about the safety of their data. Online crime, personal data security, cyberbullying, and privacy risks were also among the top worries expressed by respondents.

“There is an overall trend to believe the internet is slightly less beneficial than they believed last year,” concludes Vivien Maidaborn.

The survey found that older New Zealanders, women, and Pacific Islanders tend to be more apprehensive about the most commonly reported issues with the internet than the average New Zealander.

About 74% of respondents were highly apprehensive about children accessing unsuitable material online. In the previous year, 65% of respondents decided not to utilise an online service due to security or privacy concerns. Respondents were substantially more inclined than last year to be highly concerned about individuals being socially or physically alienated from one another, at 19% versus 15%.

It appears that New Zealanders are developing a more mature perspective on the internet, recognising both its benefits and potential risks, and striving to find a balance between the two.

From a connectivity point of view, the proportion of New Zealanders with a fibre connection at home rose to 64% in 2022, up 2% from 2021. OpenGov Asia reported that the government has completed the Ultra-Fast Broadband (UFB) project, providing over 1.8 million homes in 412 cities and towns with access to high-quality broadband, covering 87% of the population, according to David Clark, the Minister of Digital Economy and Communications.

The UFB initiative, which began in major cities, now covers rural areas with populations under 300. Combined with other government connectivity programs, the initiative aims to provide 99.8% of the population with improved broadband access by the end of 2023.

EXCLUSIVE! Combat Complex Threat Landscapes with Simplicity for Financial Institutions 

Employing a risk-based approach to cybersecurity is the optimal method for safeguarding an organisation against cyber threats due to the constantly evolving nature of these threats. IT Governance can provide valuable assistance in developing a comprehensive cyber risk management strategy, enabling firms to manage their security concerns in a structured manner.

With this, a cyber risk assessment is the first step in the process of managing the risk associated with cyber security. This assessment gives an overview of the dangers that could compromise the organisation’s cyber security along with an understanding of the severity of those threats.

Subsequently, the cyber risk management programme evaluates how to prioritise and mitigate these identified threats based on the organisation’s risk tolerance or appetite.

The MAS TRM Guidelines are a set of best practices and guiding principles developed by the Monetary Authority of Singapore to promote effective Technology Risk Management (TRM). These guidelines are meant to assist financial institutions in establishing robust governance and oversight frameworks to handle technological risk, enhance IT and cyber resilience and address other pressing concerns.

As per these guidelines, the corporate Chief Information Officers (CIOs) and Chief Risk Officers (CROs) should play a key role in various critical business operations, including technology deployment plans. However, due to the increasing importance of information and cyber resilience, these officers have been focusing more on security to ensure the protection of organisational data and systems from cyber threats.

In addition, recent reports suggest that in 2023 cybersecurity will be the primary area of investment for CIOs. This shows that organisations are prioritising reducing and managing risks to their operations in the face of increasingly sophisticated cyberattacks.

The OpenGov Breakfast Insight on 9 March 2023 provided the most recent information on risk management in today’s complicated and high-threat cyber environment for Singapore financial institutions.

Opening Address

Kicking off the session, Mohit Sagar, CEO & Editor-in-Chief, acknowledges that financial institutions in Singapore are heavily regulated and have implemented a variety of cybersecurity measures to safeguard themselves and their clients from cyber threats.

Mohit highlights the key components of cybersecurity in Singapore’s financial institutions, which include the regulatory framework, cybersecurity measures, threat intelligence, and staff awareness.

“For the most part, Singapore’s financial institutions have implemented a range of measures to protect themselves and their customers from cyber-attacks, indicating their commitment to cybersecurity,” observes Mohit. “However, as cyber risks continue to evolve and bad actors become more sophisticated, financial institutions must remain vigilant and proactive in their approach to prevent potential cyber-attacks.”

The cornerstone of an organisation’s protection against cyber-attacks is its cyber security architecture, which safeguards all IT infrastructure components. This includes safeguarding the Internet of Things (IoT) and cloud environments through the implementation of a robust cyber security architecture.

The current cyber security architecture in the finance industry is intended to safeguard financial institutions from cyberattacks while ensuring the availability, integrity, and confidentiality of financial data.

“Firewall and Network Security, Secure Application Development, Endpoint Security, Multi-Factor Authentication, Incident Response, and Compliance are among some of the most critical components of the cybersecurity architecture in the banking industry,” Mohit asserts.

Generally, the present cyber security architecture in finance is a multilayered strategy that integrates numerous technologies and processes to safeguard financial organisations and their consumers against cyber threats.

Due to the sensitive nature of the financial data managed by financial institutions, data protection is of paramount importance in finance. Financial institutions deal with huge quantities of sensitive data on a daily basis, including the personal and financial information of their customers, such as account numbers, credit card information, social security numbers, and other identifying information.

The success of cyber security architecture in finance can be determined by organisations’ capacity to prevent, identify and respond to cyber threats. Financial institutions can implement measures to limit the likelihood and effect of cyber incidents, even though no cyber security architecture can offer complete protection against cyber-attacks.

According to Mohit, being prepared to mitigate cyber threats demands a proactive and ongoing effort to identify and mitigate cyber risks, implement effective cyber security controls, and engage with internal and external stakeholders to strengthen the organisation’s cyber security architecture.

In this context, Zero Trust will undoubtedly affect the future of finance by providing financial organisations with a more secure and robust cybersecurity architecture.

Mohit emphasised that in the future, success will depend on “navigating through the people you know”. This is because these connections can provide valuable resources and information, especially when working collectively.

“When a person or organisation has a large network of individuals they can trust and who trust them, you can utilise their knowledge, talents and experiences,” Mohit concludes.

Welcome Address

Nick Savvides, Senior Director of Strategic Business, Asia Pacific, Forcepoint agrees people have had to alter their approach to almost all aspects of life due to the impact of the pandemic. This has resulted in significant changes to behaviour, the economy, technology and other areas.

“We’ve been forced to rethink our thinking and attitudes during the past few years. COVID-19 has triggered a massive paradigm shift in how we deploy tech in the way we, transact, learn and more.”

The pandemic has created major personal and professional challenges for people around the world. Ranging from health concerns to financial instability, its effects have been far-reaching and profound.

Due to the physical and emotional toll of the pandemic, many people have been devastated in multiple aspects – financially, health-wise and relationally. Companies have shut down, jobs have been lost and the global economy has suffered as a result. The unexpected loss of income and financial insecurity have caused untold numbers of people and families tremendous stress and anxiety.

The COVID culture has driven many individuals to adopt new methods of employment. Remote work has become the new normal for many, requiring individuals to adapt to new technologies and work-from-home arrangements.

Despite the difficulties, individuals have demonstrated resilience, flexibility and adaptability, finding new ways to connect with loved ones, work from home and support each other during these difficult times. It is a testament to the human spirit and the power of community to come together in the face of adversity.

“With the technology emerging, especially during COVID-19, security became paramount,” Nick observes. “The pandemic hastened the adoption of new technologies, particularly those that facilitate remote work and virtual interaction.”

Yet, this quick transition to digital solutions has also produced new security issues, as hackers have sought to exploit the increased usage of technology and its associated vulnerabilities.

The rapidly increasing remote workforce using online platforms for communication and collaboration has allowed cybercriminals to exploit vulnerabilities in these systems, gaining access to confidential information and financial data.

As a result, there has been an upsurge in the frequency of cyber attacks, including data breaches, identity theft, and other forms of online crime.

Furthermore, the requirement to secure remote access to corporate networks and systems has presented yet another security challenge. Businesses have been compelled to implement novel security methods and technologies to guarantee the safety of their networks and data as a growing number of employees work from home. Such measures have included the deployment of virtual private networks (VPNs), multifactor authentication, and other security protocols to prevent unauthorised access.

In addition, the need to secure remote access to enterprise networks and systems presents another security challenge. Companies have been compelled to deploy new security methods and technologies to ensure that their networks and data stay secure as more employees work from home. This has included the implementation of virtual private networks (VPNs), multifactor authentication and other security measures to prevent unauthorised access.

The pandemic has emphasised the need for stronger security controls and protocols as organisations rely on digital solutions. To safeguard their networks and data against cyber threats, businesses and individuals must remain vigilant and adopt appropriate measures. This may involve implementing new security technologies or simply being more mindful of potential risks.

The security problem posed by the pandemic highlights the significance of ensuring that technology is secure and robust against new and developing threats.

“Data is useful, and we should make the most of it. When we are finished, we must dispose of it, otherwise, we will become a targeted breach for those attackers,” Nick explains. “The concept of Zero Trust is particularly crucial for financial institutions, as they are confronted with numerous security risks and regulations.”

Implementing a Zero Trust policy enables financial institutions to ensure that confidential financial information remains inaccessible to unauthorised individuals and that customer service is governed by ethical and legal principles.

As technology continues to play a bigger role in society, it’s important to focus on making things simple and easy to use while simultaneously ensuring there are strong cybersecurity measures in place.

Nevertheless, security cannot be sacrificed in favour of simplicity. Cybersecurity threats are constantly evolving and becoming more sophisticated. Therefore, organisations must cybersecurity to their employees, stakeholders, and customers in clear, simple terms.

For technology to be used successfully, simplicity and cybersecurity must go hand in hand. Organisations can achieve simplicity without compromising security by prioritising user-centric design and implementing robust cybersecurity measures.

Organisations must define their commitment to cybersecurity and build trust with their stakeholders and consumers through clear and proactive communication.

End-User Insight

As the world becomes increasingly digitalised, more enterprises are shifting online. This can offer several advantages, including wider reach and reduced operational costs. However, it also presents new opportunities for cybercriminals to exploit and generate profits.

Lionel Bruchez, Chief Information Security Officer, UBS Singapore believes that “low-effort, low-risk attacks are one of the most prevalent ways for cybercriminals to generate income”.

These attacks are designed to be swift and simple to execute, with little skill or technical expertise. They frequently include exploiting software flaws or employing simple social engineering techniques to deceive users into divulging important information.

Cybercrime is a more lucrative and safer alternative to traditional illegal operations for criminals. The growth of the internet and the proliferation of digital technology have provided criminals with new opportunities to earn money without the inherent dangers of physical crimes.

Individuals and companies must take cybersecurity seriously and invest in comprehensive security solutions to protect their digital assets to battle this growing danger. In addition, law enforcement organisations must continue to adapt their procedures and plans to effectively pursue and convict cybercriminals.

Lionel feels that “There are several forms of cyber criminals, including hacktivists, terrorists, organised crime groups and insiders, among others.”

Hackers are well-structured and organised, whereas threat actors are more capable, coordinated and clever Cybercriminals use company structures with clearly defined primary functions and duties to optimise profit and return on investment.

The ransomware groups contact first access brokers and create their adverts, which include parameters such as region, industries, revenue greater than $100 million and reward price. In addition, these groups have access to victim infrastructure, undertake data exfiltration and encryption (double extortion), and publish victim data on a “name and shame” website.

Lionel also discussed some of the anticipated cyber threat trends for 2023 which include Geopolitical Conflicts, Cloud Security, Abuse of AI, Financial Motivated attacks, Internet of Things, N^th extortion attacks, Supply Chain Risk, C2 Framework, and Disinformation.

He believes that protecting an organisation’s assets should include the following:

Identifying (a strong understanding of who the stakeholders are);
Protecting (strong layer of defence);
Detecting (empowering cyber monitoring);
Responding (with strong capability to threats); and
Recovery (a resilience aspect that once the organisation is targeted, the business would recover).

Having a layered defence, also known as defence in depth, is essential. It is a comprehensive security strategy that involves deploying multiple layers of security controls to safeguard against various potential threats.

This holistic security posture is based on the idea that no single security measure can provide complete protection. Therefore, by deploying several layers of security, an organisation can establish a more comprehensive, resilient and all-encompassing security approach.

Closing Remarks

Nick reiterates that cybersecurity is a critical issue in today’s digital age, as more activities are conducted online. While technology plays a significant role in preventing cyber-attacks, many other factors are equally important in ensuring the safety and security of digital information.

He believes that cybersecurity should be taught to be more than just compliance. “While compliance with cybersecurity regulations and standards is important, it’s equally important to understand the underlying principles and best practices that help protect against cyber threats.”

For him, collaboration is also critical in cybersecurity. Organisations collaborate to share information about threats and vulnerabilities to develop effective strategies for preventing and responding to cyber-attacks. This requires cooperation not only between companies but also between governments and international organisations.

Mohit is convinced that resilience and partnership are two critical concepts that are essential for personal and professional growth, as well as for building a strong and supportive community. Resilience pertains to the ability to overcome challenges, adapt to change and bounce back from adversity, while partnership refers to the collaborative effort of individuals or groups working together towards a common goal.

Resilience and partnership are closely linked, as both require a willingness to work together, share resources, and support each other in times of need. When individuals or groups work together in a partnership, they can better withstand adversity and overcome obstacles, enhancing their resilience. At the same time, a resilient community fosters partnerships that promote support and cooperation among its members.

“By building resilient partnerships, individuals and groups can create a strong foundation for success, even in the face of adversity,” Mohit concludes.

March 22, 2023

8th Annual Singapore OpenGov Leadership Forum 2023, 10 - 11 MAY 2023 - CLICK HERE FOR DETAILS

We are creating some awesome events for you. Kindly bear with us.

Singapore Government Strengthens Cybersecurity with MoU with the U.S.

EXCLUSIVE! Governance of Effective Data Protection in the Information Age

EKSKLUSIF! Efektif Kelola dan Lindungi Data di Era Informasi

Cyber Resilience to Support Indonesia’s Digital Economy

EXCLUSIVE! Governance of Effective Data Protection in the Information Age

EKSKLUSIF! Efektif Kelola Perlindungan Data di Era Informasi

New Zealand: Online Security in the Age of Remote Working

EXCLUSIVE! Combat Complex Threat Landscapes with Simplicity for Financial Institutions

Recommended Stories

EXCLUSIVE! Governance of Effective Data Protection in the Information Age

EKSKLUSIF! Efektif Kelola dan Lindungi Data di Era Informasi

Cyber Resilience to Support Indonesia’s Digital Economy

EXCLUSIVE! Governance of Effective Data Protection in the Information Age

EKSKLUSIF! Efektif Kelola Perlindungan Data di Era Informasi

New Zealand: Online Security in the Age of Remote Working

Hong Kong: Reducing Emissions with Tech

Integrating Budgeting Apps to Simplify Services in Indonesia

Machine Learning for More Efficient Hash Functions

Thailand Expands Smart City and Digital Economy Initiatives to 3 Provinces

Singapore: Tech-Driven Transportation for a Sustainable Workforce

New Smart Factory to Launch in Batu Kawan, Malaysia

AI, Innovation to Improve Public Service in Indonesia

MENU

PARTNER

CTC

PARTNER

Planview

SUPPORTING ORGANISATION

SIRIM

PARTNER

HashiCorp

PARTNER

IBM