September 27, 2023

Subscribe
Linkedin-in Twitter Facebook-f Youtube Instagram
#image_title

5th Annual Thailand OpenGov Leadership Forum 2023, 05 OCTOBER 2023 - CLICK HERE FOR DETAILS

We are creating some awesome events for you. Kindly bear with us.

Vietnam IT, Telecom Industries Record Major Growth in June

Share via

The proportion of online administrative services hit 45.78% as of June, growing 1.6 times from the same period last year. The figure was among the highlights listed in a report by the Ministry of Information and Communications (MIC) released earlier this week.

The revenue of the IT industry in June was estimated at US$12.2 billion, up 30% year-on-year, with hardware and electronics export turnover hitting some US$9.5 million, increasing by 28% over the same period in 2021. Last month, government departments and industry players completed major projects in the post, telecommunications, and IT sectors. Among them were the organisation of a symposium on The Future of the Internet and an international seminar and exhibition: Vietnam Security Summit 2022.

Also in the month, MIC launched the make-in-Vietnam digital products award 2022 to encourage, promote, and find outstanding Vietnamese technology products. Directing the sector’s operations in the time to come, the Minister of Information and Communications, Nguyen Manh Hung, underscored the opening of digital museums, shutting off 2G networks, and running frequency auctions in the last six months of the year. He also requested completing the content of several laws including ones regarding electronic transactions, the digital technology industry, and telecommunications, among others.

Meanwhile, in June, several provinces across the country launched digital-centric initiatives and set digital transformation goals for the future. For example, Ha Long, a city in Quang Ninh province, announced its plans to have a 20%-25% average annual growth rate in the number and value of cashless payments by 2025. Officials held a teleconference discussing the implementation of a project for non-cash payment development for 2022-2025 across the city’s 33 communes and wards.

Ha Long plans to secure cashless payments, improve the banking system’s operational efficiency and state authorities’ supervision and management effectiveness, and use emerging technologies to develop a robust payment infrastructure system. By 2025, it expects that at least 90% of the residents aged 15 and above will have cashless transaction accounts. Up to 99% of contributions to the State budget and 100% of tuition fees at local schools and educational establishments are expected to be paid through digital methods.

Further, the Thanh Hoa provincial Farmers’ Union and Post Office signed a cooperative agreement to help farmers digitise the production and sale of farm produce and goods for the 2021-2025 period. So far, over 70% of the Farmers’ Union direction and guidance documents at the provincial and district levels are available online. Many agricultural products of the Union’s members have been introduced on two state-owned e-commerce platforms, namely, Postmart and Vo So.

Over the next two years, the federation plans to create content in the form of short video clips and news broadcasts, using artificial intelligence (AI) and infographic technology for social media sites. It will also release monthly news bulletins and clips outlining procedures to establish grassroots trade unions and new labour policies, as well as healthcare for workers. By 2025, the federation aims to complete and operationalise information processing software for all its units and process at least 80% of work papers at the provincial level and 70% of work papers at the district level online.

Exclusive! Automation Revolution: Securing Modern IT Infrastructure for the Future

Share via

In the rapidly evolving digital landscape of today, organisations are increasingly turning to multi-cloud systems to take advantage of their flexibility, scalability, and cost-efficiency. However, this shift often brings about complex challenges in the realms of identity management and security.

To fully capitalise on the benefits of cloud computing while safeguarding their data and operations, businesses are now placing a high priority on certain objectives. These include automating security measures, mitigating risks, and effectively managing identities within the multi-cloud environment.

Enhancing security in multi-cloud systems heavily relies on automation. Automation empowers enterprises to promptly address threats, identify vulnerabilities, and maintain continuous monitoring of their cloud infrastructure. Automated security systems possess the capability to analyse extensive datasets, pinpointing trends and anomalies that may go unnoticed by human observers.

By taking a proactive approach, businesses can not only reduce downtime and financial risks but also significantly lower the chances of data breaches. Mitigating risks in a multi-cloud setting calls for the implementation of a comprehensive strategy. This encompasses establishing robust encryption, access control, and data loss prevention protocols across all cloud providers and applications.

Additionally, it is crucial to adopt a unified security framework that provides centralised visibility and control over the entire multi-cloud ecosystem within an organisation. Such an approach streamlines risk management by ensuring consistent policy enforcement, threat detection, and incident response procedures.

Identity management plays a vital role in multi-cloud security, especially when individuals like customers, partners, and employees access resources from various devices and locations. Identity and Access Management (IAM) assume a pivotal role in this context, enabling organisations to enforce precise access controls, ensuring that only authorised users can access resources.

Furthermore, IAM systems offer single sign-on (SSO) capabilities, which not only enhance security but also simplify the user experience by allowing users to access multiple resources with a single set of credentials.

As businesses increasingly embrace multi-cloud architectures to protect their data, assets, and reputation in today’s interconnected digital landscape, the adoption of automation and robust security practices becomes imperative.

A comprehensive cloud strategy that encompasses automated security measures, risk reduction strategies, and effective identity management in multi-cloud environments is foundational. Prioritising these elements empowers organisations to mitigate risks and fully harness the benefits of multi-cloud setups.

The OpenGov Breakfast Insight on 26 September 2023 convened Singapore’s leading technology experts at the Voco Orchard Singapore to discuss the latest developments in digital integration, cybersecurity, cloud computing, and data governance.

Opening Remarks

Mohit Sagar∶ IT automation has emerged as a critical tool in bolstering security measures

Mohit Sagar, the CEO and Editor-in-Chief of OpenGov Asia believes the role of IT automation in bolstering cybersecurity has never been more critical, particularly in the face of the growing sophistication of cyber threats.

He highlights the escalating intricacies of modern business infrastructures, compounded by the proliferation of remote work, mobile devices, and the Internet of Things (IoT). These developments have introduced vulnerabilities that traditional security approaches find challenging to combat.

Recent data breaches in Singapore, a global financial and tech hub, also underscore the urgency of robust security measures, highlighting the severe consequences of inadequate security practices in the face of evolving cyber threats.

In this context, Mohit underlines the revolutionary nature of Zero Trust Security, which eliminates the inherent trust traditionally placed in both internal and external entities. The importance of rigorous identity verification for users, devices and applications, emphasising the use of multiple-factor authentication as a core principle of this approach, is key.

“Continuous monitoring serves as a rapid anomaly detection mechanism, while micro-segmentation effectively constrains lateral network movement, ultimately minimising the impact of potential breaches,” he elaborates. “Here, automation assumes a critical role by swiftly analysing data, enforcing access controls, and providing real-time responses to incidents.”

According to Mohit, the adoption of automation is paramount for organisations looking to bolster their security measures. Automation accelerates processes, minimises errors, and empowers proactive threat detection and swift incident responses through real-time analysis.

Additionally, automated patch management guarantees timely updates, thereby reducing exposure to vulnerabilities, while orchestration optimises security tools and processes for efficient threat management

“To defend against modern cyber threats, organisations should employ a comprehensive approach that includes secure coding, infrastructure hardening and Zero Trust principles,” Mohit is convinced. “This strategy safeguards applications with secure coding, regular testing, and continuous monitoring.”

Infrastructure hardening serves to diminish attack surfaces while extending the principles of Zero Trust through stringent access controls and identity-based authentication, thereby fortifying the overall defence. This comprehensive approach integrates application-centric security, infrastructure hardening, and the Zero Trust Architecture, offering a multi-faceted defence against a wide range of threats.

A seamless identity-based framework begins with the establishment of robust Identity and Access Management (IAM) practices, which form the cornerstone of modern security. IAM effectively manages digital identities for users, devices, and applications, enabling precise control over resource access.

Mohit stresses the importance of access control policies that are structured around roles and responsibilities, emphasising their role in mitigating unauthorised access risks. He also underscores the significance of continuous monitoring of user activities, as it bolsters security by identifying unusual behaviour and potential breaches.

Additionally, he recommends that organisations prioritise the security of credentials for critical systems and data. This can be achieved through the implementation of robust password policies and user education. He also suggests that the adoption of password management tools can prove highly beneficial in this regard.

Elevated access management includes securing privileged accounts with strict controls, regular reviews, and just-in-time access. Data encryption safeguards sensitive information at rest and in transit, making unauthorised access ineffective. Continuous monitoring, with real-time alerts for strange behaviour, enables rapid response to possible breaches and improves security overall.

“In today’s evolving cybersecurity landscape, a comprehensive approach is key,” Mohit concludes. “From IT automation to Zero Trust Security and robust identity management, organisations must implement security measures to defend against modern cyber threats and safeguard critical systems and data.”

Welcome Address

Morgan Hite∶ Infrastructure automation will increase organisational success

Morgan Hite, the Area Vice President for Asia at HashiCorp, recognises the growing complexity of contemporary information technology infrastructure, underscoring the significance of safeguarding and preserving valuable assets for companies.

He agrees that advanced automation solutions can effectively address the intricate security requirements within hybrid and multi-cloud environments. These solutions offer valuable insights into secure asset management, threat detection, and incident response.

The ongoing shift towards cloud adoption is compelling organisations to transition from rigid to more agile infrastructure management, particularly within the public cloud domain. Consequently, IT operations teams are confronted with emerging hurdles.

These challenges include coping with sluggish manual workflows that can lead to errors and inefficiencies. Moreover, development teams may also find themselves burdened by intricate manual processes and less-than-optimal ticketing systems.

Moreover, the obstacles associated with implementing consistent policies not only hamper productivity but also elevate the risks an organisation must contend with. Consequently, having scalable and adaptable infrastructure automation becomes crucial in tackling these challenges effectively. Hence, many organisations opt for solutions that help them steer clear of such complexities.

Morgan explains that HashiCorp assists enterprises in resolving these issues by employing infrastructure as code principles for provisioning, compliance, and management across various domains, including public clouds, private data centres, and third-party services.

“Infrastructure automation plays a pivotal role in efficiently managing the progressively intricate cloud environments that organisations encounter,” he says. “This is a critical component in efforts to maintain security and protect critical assets in a frequently changing environment.”

In a dynamic cloud environment characterised by fluctuating demands, the capability to swiftly adapt and oversee resources emerges as a critical necessity. Automation assumes a pivotal role in guaranteeing efficient scalability, enabling organisations to effortlessly adjust their capacity as required without getting entangled in time-consuming manual processes.

Further, apart from scalability, operational efficiency stands out as another compelling rationale for the implementation of infrastructure automation. Automation empowers organisations to automate routine tasks like provisioning, scheduling, and resource management. Consequently, this not only lessens the burden of manual labour but also mitigates the potential for human errors.

Ultimately, it results in significant time savings when it comes to managing the intricacies of cloud environments.

“Security is another key factor that makes infrastructure automation very important. With automation, organisations can apply security policies consistently across their infrastructure,” Morgan elaborates. “This helps prevent vulnerable configurations and ensures compliance with required security standards. In a world full of security threats, automation helps keep cloud environments safe.”

Additionally, automation serves as a critical tool for enhancing infrastructure resilience. Its capacity to swiftly identify and respond to security incidents or infrastructure failures allows organisations to uphold the availability of their services. In this regard, automation proves invaluable in addressing the challenges that arise within the ever-changing landscape of a dynamic cloud environment.

Morgan strongly emphasises the fundamental importance of implementing infrastructure automation in today’s organisational landscape. He firmly believes that automation not only boosts productivity but also has the potential to curtail risk and optimise expenses, underlining its multifaceted value.

Automation has a positive impact on organisational productivity. By eliminating valuable time-consuming manual workflows associated with cloud infrastructure, organisations can experience significant time savings. That means less time is wasted on tasks like creating, managing and provisioning cloud infrastructure. As a result, the IT team and related staff can focus on more strategic and value-added tasks.

Automation further elevates the level of security by upholding rigorous operational consistency and ensuring compliance with established security policies. In this context, automation serves as a safeguard against the risk of security incidents stemming from human error or policy deviations. By automating security measures, organisations can execute them consistently and with high efficiency, providing a sense of confidence and peace of mind.

Additionally, automation enables organisations to pinpoint and curtail unnecessary or redundant utilisation of cloud resources, leading to significant cost savings. Organisations have the potential to realise substantial savings of up to 40% on their cloud infrastructure costs.

Such significant savings represent an opportunity to allocate budgets more efficiently towards other pressing needs. Consequently, investing in infrastructure automation can yield tangible economic benefits for organisations, freeing up resources for strategic initiatives and growth.

Morgan holds a firm conviction that infrastructure automation constitutes a strategic decision that delivers not only operational advantages but also risk mitigation and the intelligent and efficient allocation of budgets.

This proactive step has proven to have a positive and far-reaching impact on various aspects of an organisation’s operations and finances. In essence, automation acts as a multifaceted asset, enhancing security, reducing costs and streamlining operations for organisations operating in dynamic cloud environments.

Knowledge Insight

Mary Wee∶ A comprehensive medical history improves patient care

Mary Wee, Director of Cloud Services and Support at CPF Board, reflected on the devastating impact of COVID-19 on countless people. The pandemic took many by surprise with its sudden shifts in employment and lifestyle. Consequently, access to essentials such as food, medical services, and education unexpectedly became more challenging for many.

She underscored the paramount importance of preserving continuity and well-being amid the prevailing uncertainty. In a post-pandemic era marked by unprecedented challenges and unforeseen disruptions, maintaining financial stability has emerged as an essential pillar of resilience.

Mary strongly advocates having sufficient financial savings to effectively cope with unforeseen emergencies, particularly those triggered by events like the pandemic. This financial cushion not only imparts a sense of security but also equips individuals and families to surmount economic hardships that may arise unexpectedly. It underscores the pivotal role played by institutions like the Central Provident Fund (CPF) in extending vital financial services to the community.

CPF stands as a pivotal mechanism for helping individuals and families enhance their financial planning. This encompasses a spectrum of considerations, from long-term investments and retirement savings to health protection. By cultivating well-managed financial savings, individuals are better poised to confront challenging circumstances such as a pandemic with a greater sense of readiness and resilience.

The CPF, in this context, serves as a valuable tool in fortifying financial security and enabling individuals to navigate the uncertainties of the future with greater confidence.

Mary also underscored the paramount importance of effectively safeguarding client data, particularly in the context of social enterprises. In an age where data serves as a linchpin for informed decision-making and enhanced client services, the preservation of data security and integrity emerges as a foremost concern.

CPF frequently handles the personal and sensitive information of their clients, including financial, medical and various other personal details. Consequently, they bear a substantial responsibility to shield this data from cyber threats and potential misuse.

The loss of data or a security breach can wield far-reaching consequences, impacting not only client trust but also the seamless functioning of an organisation. It underscores the imperative of unwavering diligence in preserving data security and ensuring the highest standards of data protection to safeguard both clients and the organisation itself.

“In an age where services and operations are increasingly tied to cloud technology, security cannot be ignored,” says Mary. “As such, upholding cloud infrastructure cybersecurity is our top goal since it boosts client satisfaction through quality support.”

When customers entrust their vital data and information to an organisation, they hold the expectation that this data will be handled and stored with the highest level of security. This is not merely a matter of practicality; it is a profound issue of trust.

Mary understands that when customers have the assurance that their data is securely managed within the CPF Board’s cloud infrastructure, their satisfaction with the service provided is assured.

Robust security forms the bedrock of customer trust, and this trust is unequivocally reflected in the quality of service delivered. It’s a symbiotic relationship where security breeds trust, and trust, in turn, elevates the calibre of service provided.

The CPF Board’s commitment to cybersecurity extends beyond the technical aspects; it focuses on instilling a sense of safety and confidence in customers regarding the security of their data. This approach not only engenders customer satisfaction but also contributes to cementing the CPF Board’s reputation as an organisation that is both responsible and trustworthy in its stewardship of client data.

In the multi-cloud era, there has been a significant shift in the locus of control. Instead of relying on physical controls, the emphasis is now shifting to trusted identities, Mary explains. This means each entity must go through an authentication and authorisation process to gain access to a system or resource. By adopting this identity-based framework, they can effectively navigate the complexities of securing dynamic multi-cloud environments while ensuring higher levels of security.

Mary reaffirms the CPF Board’s unwavering dedication to the utmost protection of their clients’ data. They have put significant measures in place by implementing stringent security protocols, which include leveraging the latest in security technology and providing comprehensive training to employees in identifying and mitigating cyber threats.

In addition to these initiatives, they have established rigorous policies governing data management and storage, ensuring compliance with all relevant privacy regulations.

“It’s a holistic strategy where technical prowess combines with a commitment to customer trust, fostering a solid and reliable image for the organisation,” Mary concludes. “This multi-faceted approach underscores CPF’s dedication to the highest standards of data security and privacy, further cementing its reputation as a responsible custodian of client information.”

Closing Remarks

Binny Peh∶ AWS is dedicated to innovating and transforming governments and organisations worldwide

Binny Peh, Head of Partners & Alliances Singapore Public Sector, Amazon Web Services (AWS) expressed her appreciation for the attendees’ perceptive and insightful event as they came together to explore the transformative power of technology in the public sector.

“The discussions and interactions we’ve had reaffirm the pivotal role that technology plays in shaping the future of our societies, and more importantly, in improving the lives of our citizens,” she acknowledges.

Binny confirms that Amazon Web Services is deeply committed to driving innovation and enabling digital transformation for governments and organisations worldwide. “Our mission is to empower you to leverage the cloud to build more agile, efficient, and citizen-centric services. But it’s not just about technology; it’s about the partnerships and alliances we form, the collaborative spirit we nurture, and the shared vision we pursue together.”

She believes that the success they have achieved in the public sector is a collective effort. It’s the result of collaboration between government agencies, industry partners, and technology providers like AWS, “Your insights, your commitment to excellence, and your tireless efforts to push the boundaries of what’s possible are what make this transformation journey so exciting and impactful.”

Binny encouraged the participants to continue fostering innovation, build strong partnerships, and embrace the opportunities that lie ahead. She emphasised the importance of pushing boundaries and harnessing technology to tackle the most critical challenges in communities, ultimately working towards a brighter and more interconnected future for everyone.

“Thank you once again for your participation, your passion, and your dedication to the mission of OpenGov Asia. Together, we can achieve great things, and I look forward to our continued collaboration in shaping a better tomorrow,” Binny ends emphatically.

Li Wen Chi, Group Chief Technology Officer at Cloud Kinetics, expressed his appreciation to OpenGov Asia and all attendees for contributing to the event’s success, highlighting OpenGov Asia’s role as a facilitator of knowledge exchange, innovation and collaboration.

“OpenGov Asia has consistently created effective platforms for sharing ideas, stimulating discussion, building relations and driving change,” he acknowledges. “And this year has been no exception!”

Li Wen Chi∶ Cloud is a fundamental transformation in business and society, extending beyond mere technology

As usual, Wen Chi confirms, the event featured insightful presentations, thought-provoking interactions and valuable networking opportunities, showcasing the dynamic evolution of digital transformation in Asia and the enthusiastic embrace of technology by governments, businesses, and individuals to catalyse positive change.

“One recurring theme of this event has been the pivotal role of technology in addressing our most urgent challenges. We’ve witnessed inspiring instances of technology’s potential for the common good. It’s evident that we’re not merely envisioning the future; we’re actively constructing it collectively,” Wen Chi reiterates.

Cloud Kinetics firmly believes that the cloud represents more than just a technological shift; it embodies a fundamental shift in our approach to business and society. And they are dedicated to leading this transformation, aiming to equip organisations with cutting-edge cloud solutions to navigate the intricacies of the digital era effectively, he confirms.

He encouraged the attendees to take the knowledge, insights, and connections acquired during the event and to further collaborate, share, learn from one another, and collectively strive for an inclusive, sustainable future driven by technology for the betterment of all.

“Remember that innovation knows no boundaries, and together, we can overcome any challenge that comes our way,” Wen Chi concludes, “The road ahead may be uncertain, but with the spirit of collaboration and innovation, we can navigate it successfully.”

In closing, Mohit extended his sincere gratitude to all the esteemed speakers, participants, and partners who graced the event with their presence and wisdom. Their expertise and unwavering commitment to innovation not only illuminated the discussions but charted a course for the future.

“Together, we have explored the limitless possibilities that emerge when governments, industry leaders, and technology providers join forces. We’ve delved into the transformative power of cloud computing,” Mohit appreciates.

It’s crucial, he adds, to acknowledge the transformative potential of AI, cybersecurity, and data analytics in the realm of public services. These technologies are pivotal in shaping the future of government operations and service delivery in several ways

Moreover, Mohit remains strongly convinced that in this era of unprecedented change, collaboration is not just a buzzword; it is the cornerstone of success, “It is through partnerships, alliances, and the exchange of ideas that we can unlock the full potential of technology and effectively navigate the intricate challenges that lie ahead.”

He urged the attendees to persist in the spirit of collaboration, encouraging them to forge new alliances, nurture existing partnerships, and remain open to the opportunities that technology continually unfolds.

“Let us always bear in mind that our collective mission is to enhance the well-being of citizens and stimulate comprehensive growth, “Mohit concludes, “We must keep the broader purpose of our endeavours at the fore and pave the way for a more sustainable and inclusive future for everyone.”

Eksklusif! Revolusi Automasi ∶  Mengamankan Infrastruktur TI Modern untuk Masa Depan

Share via

Dalam lingkungan digital yang terus berubah dengan cepat saat ini, organisasi memanfaatkan sistem multi-cloud untuk mencapai fleksibilitas, skalabilitas, dan efisiensi biaya. Akan tetapi, transisi ini seringkali memunculkan tantangan kompleks terkait pengelolaan identitas dan keamanan.

Untuk sepenuhnya memanfaatkan komputasi cloud sambil melindungi data dan operasi, bisnis sekarang memberikan prioritas pada tujuan-tujuan penting seperti mengotomatiskan langkah-langkah keamanan, mengurangi risiko, dan mengelola identitas secara efektif dalam lanskap multi-cloud.

Peningkatan posisi keamanan dalam sistem multi-cloud sangat bergantung pada otomatisasi. Sebuah otomatisasi memberdayakan perusahaan untuk dengan cepat mengatasi ancaman, mendeteksi kerentanan, dan menjaga pemantauan berkelanjutan terhadap infrastruktur cloud mereka.

Sistem keamanan otomatis memiliki kapasitas untuk menganalisis kumpulan data besar, mengidentifikasi tren dan anomali yang mungkin luput dari pengamatan manusia. Dengan mengadopsi pendekatan proaktif, bisnis tidak hanya dapat mengurangi waktu henti dan risiko finansial, tetapi juga secara signifikan mengurangi kemungkinan pelanggaran data.

Mengurangi risiko dalam lingkungan multi-cloud memerlukan implementasi strategi komprehensif. Ini termasuk pembentukan enkripsi yang kuat, kontrol akses, dan protokol pencegahan kehilangan data di semua penyedia cloud dan aplikasi.

Selain itu, sangat penting untuk mengadopsi kerangka keamanan bersatu yang menawarkan visibilitas dan kontrol yang terpusat atas seluruh ekosistem multi-cloud dalam sebuah organisasi. Pendekatan seperti ini menyederhanakan pengelolaan risiko dengan memastikan penegakan kebijakan yang konsisten, deteksi ancaman, dan prosedur tanggapan insiden yang seragam.

Pengelolaan identitas adalah aspek penting dari keamanan multi-cloud, terutama ketika individu seperti pelanggan, mitra, dan karyawan mengakses sumber daya dari berbagai perangkat dan lokasi. Manajemen Identitas dan Akses (IAM) memainkan peran penting dalam konteks ini, memungkinkan organisasi untuk mengimplementasikan kontrol akses yang tepat untuk memastikan hanya pengguna yang diotorisasi yang dapat mengakses sumber daya.

Selain itu, sistem IAM menawarkan kemampuan single sign-on (SSO), yang tidak hanya meningkatkan keamanan, tetapi juga menyederhanakan pengalaman pengguna dengan memungkinkan pengguna untuk mengakses berbagai sumber daya dengan satu set kredensial.

Seiring dengan maraknya adopsi arsitektur multi-cloud untuk melindungi data, aset, dan reputasi mereka dalam lanskap digital yang saling terhubung saat ini, adopsi otomatisasi dan praktik keamanan yang kuat menjadi sangat penting.

Strategi cloud yang komprehensif yang mencakup otomatisasi posisi keamanan, langkah-langkah pengurangan risiko, dan pengelolaan identitas yang efektif dalam konteks lingkungan multi-cloud adalah hal yang mendasar. Memberikan prioritas pada elemen-elemen ini memungkinkan organisasi untuk mengurangi risiko dan sepenuhnya memanfaatkan kelebihan dari pengaturan multi-cloud.

OpenGov Breakfast Insight telah menghadirkan para pemimpin teknologi di Singapura pada tanggal 26 September 2023 di Voco Orchard Singapore untuk mendiskusikan terkait perkembangan terbaru dalam integrasi data, kemanan siber, cloud, dan tata kelola data.

Salam Pembuka

Mohit Sagar∶ Automasi TI kian meluas sebagai basis memperkuat ketahanan siber

Mohit Sagar, CEO dan Kepala Redaktur OpenGov Asia, meyakini bahwa peran otomatisasi TI dalam memperkuat keamanan siber adalah penting terutama dalam menghadapi kecanggihan ancaman siber.

Dia menyoroti kompleksitas infrastruktur bisnis modern yang semakin meningkat. Hal ini diperparah oleh peningkatan pekerjaan jarak jauh, perangkat seluler, dan Internet of Things (IoT). Perkembangan ini telah memperkenalkan kerentanan yang sulit ditangani oleh pendekatan keamanan tradisional.

Pelanggaran data baru-baru ini seperti yang terjadi di Singapura, pusat keuangan dan teknologi global, juga menggarisbawahi urgensi untuk menciptakan keamanan siber yang kuat.

Dalam konteks ini, Mohit menekankan untuk memiliki sifat revolusioner dari Keamanan Zero Trust, yang menghilangkan kepercayaan inheren yang biasanya ditempatkan pada entitas internal dan eksternal. Pentingnya verifikasi identitas yang ketat untuk pengguna, perangkat, dan aplikasi, dengan menekankan penggunaan otentikasi multi-faktor sebagai prinsip inti dari pendekatan ini, sangat penting.

“Monitoring berkelanjutan berfungsi sebagai mekanisme deteksi anomali yang cepat, sementara segmentasi mikro secara efektif membatasi pergerakan jaringan lateral, pada akhirnya meminimalkan dampak pelanggaran potensial,” jelasnya. “Di sini, otomatisasi memainkan peran penting dengan cepat menganalisis data, menegakkan kontrol akses, dan memberikan tanggapan waktu nyata terhadap insiden.”

Menurut Mohit, adopsi otomatisasi sangat penting bagi organisasi yang ingin memperkuat langkah-langkah keamanan mereka. Otomatisasi mempercepat proses, meminimalkan kesalahan, dan memberdayakan deteksi ancaman proaktif dan tanggapan cepat melalui analisis waktu nyata.

Selain itu, manajemen patch otomatis menjamin pembaruan tepat waktu, dengan demikian mengurangi paparan terhadap kerentanan, sementara orkestrasi mengoptimalkan alat dan proses keamanan untuk manajemen ancaman yang efisien.

“Untuk bertahan dari ancaman siber modern, organisasi harus menggunakan pendekatan komprehensif yang mencakup pemrograman yang aman, perkuatan infrastruktur, dan prinsip-prinsip Zero Trust,” tekan Mohit. “Strategi ini tentunya dapat melindungi aplikasi melalui pemrograman yang aman, pengujian teratur, dan pemantauan berkelanjutan.”

Pemantapan infrastruktur bertujuan untuk mengurangi permukaan serangan sambil memperluas prinsip-prinsip Zero Trust melalui kontrol akses yang ketat dan otentikasi berbasis identitas, dengan demikian memperkuat pertahanan secara keseluruhan. Pendekatan komprehensif ini mengintegrasikan keamanan berbasis aplikasi, perkuatan infrastruktur, dan Arsitektur Zero Trust, menawarkan pertahanan multi-faset terhadap berbagai ancaman.

Kerangka kerja berbasis identitas yang mulus dimulai dengan pembentukan praktik Manajemen Identitas dan Akses (IAM) yang kuat, yang merupakan dasar keamanan modern. IAM mengelola identitas digital untuk pengguna, perangkat, dan aplikasi, memungkinkan kontrol yang tepat atas akses sumber daya.

Mohit menekankan pentingnya kebijakan kontrol akses yang terstruktur berdasarkan peran dan tanggung jawab melalui penekanan peran mereka dalam mitigasi risiko akses yang tidak sah. Dia juga menekankan pentingnya pemantauan berkelanjutan terhadap aktivitas pengguna, karena ini memperkuat keamanan dengan mengidentifikasi perilaku yang tidak biasa dan potensi pelanggaran.

Selain itu, dia merekomendasikan agar organisasi memprioritaskan keamanan kredensial untuk sistem dan data penting. Hal ini dapat dicapai melalui implementasi kebijakan kata sandi yang kuat dan edukasi user yang holistik.

Manajemen akses yang ditingkatkan mencakup pengamanan akun berhak dengan kontrol ketat, tinjauan teratur, dan akses sesuai kebutuhan. Enkripsi data melindungi informasi sensitif dalam keadaan diam dan saat transit, membuat akses tidak sah tidak efektif. Pemantauan berkelanjutan, dengan peringatan waktu nyata untuk perilaku yang aneh, memungkinkan tanggapan cepat terhadap pelanggaran risiko yang mungkin terjadi dan meningkatkan keamanan secara keseluruhan.

“Dalam lanskap keamanan siber yang terus berkembang saat ini, pendekatan komprehensif sangat penting,” simpul Mohit. “Mulai dari otomatisasi TI hingga Keamanan Zero Trust dan manajemen identitas yang kuat, organisasi harus menerapkan langkah-langkah keamanan untuk membela diri dari ancaman siber modern dan melindungi sistem dan data penting.”

Welcome Address

Morgan Hite∶  Otomatisasi infrastruktur membawa banyak manfaat bagi organisasi

Morgan Hite selaku Vice President untuk Asia di HashiCorp mengatakan bahwa dengan meningkatnya kompleksitas infrastruktur teknologi informasi yang modern, penting bagi perusahaan untuk mengamankan dan melindungi aset-aset pentingnya. Morgan menyoroti bahwa solusi otomatisasi mutakhir memang dapat secara efektif mengatasi kebutuhan keamanan yang rumit dalam lingkungan hybrid dan multi-cloud, memberikan wawasan tentang manajemen yang aman, deteksi ancaman, dan respons terhadap insiden.

Perubahan ke arah cloud memaksa organisasi untuk melakukan transisi dari pengelolaan infrastruktur yang kaku menjadi lebih dinamis di cloud publik. Konsekuensinya, tim operasi TI harus berurusan dengan berbagai tantangan yang baru muncul seperti kewalahan dengan alur kerja manual yang lambat dan potensi kesalahan yang tinggi. Tim pengembang juga terkadang merasa terhambat oleh proses manual yang rumit dan sistem tiket yang tidak efisien.

Tidak hanya itu, kendala dalam mengimplementasikan kebijakan yang konsisten juga memengaruhi produktivitas dan menambah risiko yang harus dihadapi. Penting bagi organisasi untuk memiliki otomatisasi infrastruktur yang dapat disesuaikan dan diskalakan untuk mengatasi tantangan ini. Oleh karena itu, banyak organisasi yang lebih memilih untuk menghindari kerumitan tersebut. Bahkan, data Cloud Thales 2023 menyebutkan bahwa hanya 41% organisasi yang telah menerapkan kontrol zero trust dalam infrastruktur cloud mereka.

Morgan menjelaskan bahwa HashiCorp memberikan pelayanan instruktur automasi. HashiCorp membantu perusahaan mengatasi masalah ini melalui infrastruktur sebagai kode untuk penyediaan, kepatuhan, dan manajemen di seluruh cloud publik, pusat data pribadi, dan layanan pihak ketiga. Automasi infrastruktur adalah elemen kunci dalam pengelolaan lingkungan cloud yang semakin kompleks. “Ini adalah komponen penting dalam upaya untuk menjaga keamanan dan melindungi aset kritis dalam lingkungan yang sering berubah-ubah.”

Dalam dunia cloud yang dinamis, di mana permintaan dapat berfluktuasi secara drastis, kemampuan untuk dengan cepat menyesuaikan dan mengelola sumber daya menjadi sangat penting. Automasi memainkan peran kunci dalam memastikan skalabilitas yang efisien, memungkinkan organisasi untuk menambah atau mengurangi kapasitas sesuai kebutuhan tanpa melibatkan tindakan manual yang memakan waktu.

Selain skalabilitas, efisiensi operasional adalah alasan penting lainnya untuk menerapkan automasi infrastruktur. Dengan otomatisasi, tugas-tugas rutin seperti penyediaan, penjadwalan, dan manajemen sumber daya dapat diotomatiskan. Hal ini mengurangi beban kerja manual, menghindari kesalahan manusia, dan menghemat waktu yang berharga dalam pengelolaan lingkungan cloud yang kompleks.

Lebih lanjut, Morgan menjelaskan bahwa keamanan adalah faktor kunci lainnya yang menjadikan automasi infrastruktur sangat penting. Dengan otomatisasi, organisasi dapat menerapkan kebijakan keamanan secara konsisten di seluruh infrastruktur mereka. Ini membantu mencegah konfigurasi yang rentan dan memastikan kepatuhan terhadap standar keamanan yang diperlukan. Dalam dunia yang penuh dengan ancaman keamanan, automasi membantu menjaga lingkungan cloud tetap aman.

Selain itu, automasi juga membantu meningkatkan resiliensi infrastruktur. Dengan kemampuan mendeteksi dan merespons insiden keamanan atau kegagalan infrastruktur dengan cepat, organisasi dapat menjaga ketersediaan layanan mereka. Dalam hal ini, automasi membantu menghadapi tantangan-tantangan yang timbul di lingkungan cloud yang dinamis.

Morgan dengan tegas menggarisbawahi betapa esensialnya langkah penerapan otomatisasi infrastruktur dalam lingkungan organisasi saat ini. Dalam pandangannya, otomatisasi tidak hanya berperan dalam meningkatkan produktivitas, tetapi juga berpotensi mengurangi risiko dan mengoptimalkan pengeluaran.

Pertama-tama, otomatisasi membawa dampak positif terhadap produktivitas organisasi. Dengan menghilangkan berbagai alur kerja manual yang sebelumnya memakan waktu berharga terkait infrastruktur cloud, organisasi dapat merasakan penghematan waktu yang signifikan. Itu berarti ada lebih sedikit waktu yang terbuang untuk tugas-tugas seperti penciptaan, pengelolaan, dan penyediaan infrastruktur cloud. Sebagai hasilnya, tim TI dan staf terkait dapat fokus pada tugas-tugas yang lebih strategis dan bernilai tambah.

Selanjutnya, otomatisasi juga berkontribusi pada peningkatan tingkat keamanan. Ini terwujud melalui pemeliharaan konsistensi operasional yang ketat dan penegakan kepatuhan terhadap kebijakan keamanan yang telah ditetapkan. Dalam konteks ini, otomatisasi membantu mengurangi risiko insiden keamanan yang mungkin timbul akibat kesalahan manusia atau pelanggaran kebijakan. Dengan otomatisasi, langkah-langkah keamanan dapat dijalankan dengan konsisten dan efisien, memberikan ketenangan pikiran kepada organisasi.

Namun, salah satu manfaat paling mencolok dari otomatisasi adalah aspek ekonomisnya. Dengan memungkinkan organisasi untuk mengidentifikasi dan mengurangi penggunaan sumber daya cloud yang tidak diperlukan atau berlebihan, otomatisasi dapat menghasilkan penghematan biaya yang substansial.

Bahkan, Morgan mengungkapkan bahwa organisasi dapat menghemat hingga 40% dari biaya infrastruktur cloud mereka. Ini adalah potensi penghematan yang signifikan, yang berarti anggaran yang tersedia dapat dialokasikan dengan lebih efisien untuk kebutuhan lain yang mendesak. Sebagai akibatnya, organisasi dapat mencapai manfaat ekonomis yang nyata melalui investasi dalam otomatisasi infrastruktur.

Dengan demikian, dalam pandangan Morgan, otomatisasi infrastruktur adalah langkah strategis yang tidak hanya memberikan keuntungan operasional, tetapi juga memitigasi risiko serta memastikan penggunaan anggaran yang cerdas dan efisien. Itu adalah langkah yang membawa dampak positif dalam berbagai aspek operasional dan keuangan organisasi.

Knowledge Insight

Mary Wee ∶  Riwayat medis yang terintegrasi dan aksesible dapat meningkatkan pelayanan pasien

Pandemi telah menjadi pukulan telak bagi banyak individu, dan telah menyadarkan betapa pentingnya memiliki keamanan finansial di tengah ketidakpastian. Perubahan mendadak dalam gaya hidup dan cara kerja selama pandemi membuat banyak orang merasa tidak siap menghadapinya. Akses ke berbagai kebutuhan dasar seperti makanan, perawatan kesehatan, dan pendidikan tiba-tiba menjadi lebih sulit.

Penting untuk memiliki simpanan finansial yang memadai untuk menghadapi situasi darurat seperti yang disebabkan oleh pandemi. Keamanan finansial ini dapat memberikan ketenangan pikiran dan membantu individu dan keluarga mengatasi tantangan ekonomi yang mungkin muncul. Itu sebabnya keberadaan CPF, atau Central Provident Fund, sangat penting dalam memberikan pelayanan keuangan kepada masyarakat.

CPF adalah salah satu cara untuk membantu individu dan keluarga merencanakan keuangan mereka dengan lebih baik. Ini dapat mencakup investasi jangka panjang, tabungan pensiun, dan perlindungan kesehatan. Dengan memiliki simpanan finansial yang dikelola dengan baik, individu dapat merasa lebih siap menghadapi masa-masa sulit seperti pandemi.

Mary Wee, Director, Cloud Services and Support di CPF Board, mengatakan betapa pentingnya menjaga data klien dengan baik, terutama dalam konteks perusahaan sosial. Dalam era di mana data memiliki peran kunci dalam menginformasikan keputusan dan memberikan layanan yang lebih baik kepada klien, menjaga keamanan dan integritas data merupakan prioritas utama.

CPF seringkali memiliki akses ke informasi pribadi dan sensitif dari klien mereka, termasuk informasi keuangan, medis, atau pribadi lainnya. Oleh karena itu, mereka memiliki tanggung jawab besar untuk melindungi data ini dari ancaman siber dan potensi penyalahgunaan. Kehilangan data atau pelanggaran keamanan dapat berdampak serius tidak hanya pada kepercayaan klien, tetapi juga pada operasi organisasi.

“Menjaga keamanan siber untuk infrastruktur cloud adalah prioritas kami. Dengan menjaga keamanan cloud, kepuasan pelanggan karena pelayanan yang baik akan semakin meningkat,” ujar Mary.

Dalam era di mana layanan dan operasi semakin terkait dengan teknologi cloud, keamanan tidak bisa diabaikan. Ketika pelanggan mempercayakan data dan informasi penting mereka kepada suatu organisasi, mereka mengharapkan bahwa data tersebut akan dikelola dan disimpan dengan sangat aman. Ini bukan hanya masalah praktis, tetapi juga masalah kepercayaan.

Mary Wee memahami bahwa ketika pelanggan merasa yakin data mereka aman dalam infrastruktur cloud CPF Board, mereka akan merasa puas dengan layanan yang diberikan. Keamanan yang kuat adalah dasar dari kepercayaan pelanggan, dan hal ini tercermin dalam kualitas pelayanan yang diberikan.

Oleh karena itu, CPF Board tidak hanya berfokus pada aspek teknis keamanan siber, tetapi juga pada memastikan bahwa pelanggan merasa aman dan yakin dengan keamanan data mereka. Hal ini tidak hanya menciptakan kepuasan pelanggan, tetapi juga membangun reputasi CPF Board sebagai organisasi yang bertanggung jawab dan dapat dipercaya dalam pengelolaan data klien.

Mary Wee telah menegaskan bahwa CPF Board berkomitmen untuk menjaga data klien mereka dengan sangat baik. Mereka telah mengambil langkah-langkah penting dalam mengimplementasikan protokol keamanan yang ketat, termasuk penggunaan teknologi keamanan terkini dan pelatihan karyawan dalam mengenali ancaman siber. Selain itu, mereka juga memiliki kebijakan ketat dalam hal pengelolaan dan penyimpanan data yang mematuhi peraturan privasi yang berlaku.

“Di era multi-cloud, terjadi pergeseran signifikan dalam lokus kontrol. Alih-alih mengandalkan kontrol fisik, sekarang penekanannya beralih ke identitas yang terpercaya. Ini berarti setiap entitas harus melalui proses otentikasi dan otorisasi untuk mendapatkan akses ke sistem atau sumber daya.

Dengan mengadopsi kerangka kerja berbasis identitas ini, organisasi dapat secara efektif menavigasi kompleksitas pengamanan lingkungan multi-cloud yang dinamis sambil memastikan tingkat keamanan yang lebih tinggi,” tutup Mary

Salam Penutup

Binny Peh∶ AWS berdedikasi untuk mentransformasikan tata kelola di seluruh dunia

Binny Peh, Head of Partners & Alliances untuk Singapore Public Sector, Amazon Web Services (AWS), mengungkapkan apresiasinya atas kehadiran peserta yang berwawasan dan berpandangan tajam dalam acara ini saat mereka bersatu untuk menjelajahi kekuatan transformasional teknologi dalam sektor publik.

“Diskusi dan interaksi yang telah kita lakukan telah mengonfirmasi peran sentral teknologi dalam membentuk masa depan masyarakat kita, dan yang lebih penting, dalam meningkatkan kehidupan warga negara kita,” katanya.

Binny mengonfirmasi bahwa Amazon Web Services sangat berkomitmen untuk mendorong inovasi dan memungkinkan transformasi digital bagi pemerintah dan organisasi di seluruh dunia. “Misi kami adalah memberdayakan Anda untuk memanfaatkan cloud untuk membangun layanan yang lebih lincah, efisien, dan berorientasi pada warga. Tapi, ini bukan hanya tentang teknologi; ini tentang kemitraan dan aliansi yang kita bentuk, semangat kolaboratif yang kita pelihara, dan visi yang kita kejar bersama.”

Dia percaya bahwa kesuksesan yang telah mereka capai di sektor publik adalah hasil dari kerja sama antara lembaga pemerintah, mitra industri, dan penyedia teknologi seperti AWS, “Wawasan Anda, komitmen Anda terhadap keunggulan, dan upaya tanpa lelah Anda untuk mendorong batas-batas apa yang memungkinkan telah membuat perjalanan transformasi ini begitu menarik dan berdampak.”

Binny mendorong peserta untuk terus melakukan inovasi, membangun kemitraan yang kuat, dan merangkul peluang yang ada. Dia menekankan pentingnya untuk mendorong batas-batas dan memanfaatkan teknologi untuk mengatasi tantangan paling kritis dalam masyarakat, dengan tujuan akhirnya bekerja menuju masa depan yang lebih cerah dan lebih terhubung untuk semua orang.

“Terima kasih sekali lagi atas partisipasi Anda, semangat Anda, dan dedikasi Anda terhadap misi OpenGov Asia. Bersama-sama, kita dapat mencapai hal-hal besar, dan saya menantikan kerjasama berkelanjutan kita dalam membentuk hari esok yang lebih baik,” Binny mengakhiri dengan tegas.

Li Wen Chi∶ Cloud adalah basis transformasi untuk dapat menjangkau teknologi lebih jauh

Li Wen Chi, Group Chief Technology Officer at Cloud Kinetics, Dia menyatakan apresiasinya kepada OpenGov Asia dan semua peserta atas kontribusinya dalam kesuksesan acara tersebut, menyoroti peran OpenGov Asia sebagai fasilitator pertukaran pengetahuan, inovasi, dan kolaborasi.

“OpenGov Asia secara konsisten telah menciptakan platform efektif untuk berbagi ide, merangsang diskusi, membangun hubungan, dan mendorong perubahan,” katanya. “Dan tahun ini tidak terkecuali!”

Sesuai dengan biasanya, Wen Chi memastikan bahwa acara tersebut menampilkan presentasi yang penuh wawasan, interaksi yang merangsang pemikiran, dan peluang jaringan berharga, memamerkan evolusi dinamis transformasi digital di Asia dan dukungan antusiasme terhadap teknologi oleh pemerintah, bisnis, dan individu untuk memacu perubahan positif.

“Salah satu tema berulang dalam acara ini adalah peran penting teknologi dalam mengatasi tantangan-tantangan mendesak kita. Kami telah menyaksikan contoh-contoh inspiratif dari potensi teknologi untuk kebaikan bersama. Jelas bahwa kita tidak hanya membayangkan masa depan; kita sedang secara aktif membangunnya bersama,” tegas Wen Chi.

Cloud Kinetics yakin bahwa cloud mewakili lebih dari sekadar pergeseran teknologi; itu mencerminkan pergeseran mendasar dalam pendekatan kita terhadap bisnis dan masyarakat, dan mereka berkomitmen untuk memimpin transformasi ini, bertujuan untuk memberikan organisasi solusi cloud mutakhir untuk mengarungi kompleksitas era digital dengan efektif.

Wen Chi mendorong para peserta untuk mengambil pengetahuan, wawasan, dan koneksi yang diperoleh selama acara ini dan untuk lebih berkolaborasi, berbagi, belajar satu sama lain, dan bersama-sama berusaha untuk masa depan yang inklusif dan berkelanjutan yang didorong oleh teknologi demi kesejahteraan semua.

“Perlu diingat bahwa inovasi tidak mengenal batas, dan bersama-sama, kita dapat mengatasi setiap tantangan yang datang,” tutup Wen Chi, “Jalan ke depan mungkin tidak pasti, tetapi dengan semangat kolaborasi dan inovasi, kita dapat menavigasinya dengan sukses.”

Dalam penutupan tersebut, Mohit menyampaikan rasa terima kasih yang tulus kepada semua pembicara terhormat, peserta, dan mitra yang memeriahkan acara ini dengan kehadiran dan kebijaksanaan mereka. Keahlian mereka dan komitmen yang teguh terhadap inovasi tidak hanya menerangi diskusi tetapi juga merancang arah untuk masa depan.

“Bersama-sama, kita telah menjelajahi kemungkinan tanpa batas yang muncul ketika pemerintah, pemimpin industri, dan penyedia teknologi bergabung. Kita telah mendalami kekuatan transformatif komputasi awan,” Mohit mengapresiasi.

Hal ini penting, tambahnya, untuk mengakui potensi transformatif dari kecerdasan buatan (AI), keamanan siber, dan analitik data dalam ranah pelayanan publik. Teknologi-teknologi ini sangat penting dalam membentuk masa depan operasi pemerintah dan penyampaian layanan dalam beberapa cara.

Selain itu, Mohit tetap kuat yakin bahwa di era perubahan yang belum pernah terjadi sebelumnya ini, kolaborasi bukan hanya sekadar kata-kata yang digembar-gemborkan; itu adalah pondasi kesuksesan, “Melalui kemitraan, aliansi, dan pertukaran ide, kita dapat membuka potensi penuh teknologi dan secara efektif mengatasi tantangan yang rumit yang ada di depan.”

Dia mendorong peserta untuk terus bergerak dalam semangat kolaborasi, mendorong mereka untuk membentuk aliansi baru, merawat kemitraan yang ada, dan tetap terbuka terhadap peluang yang terus-menerus muncul dari teknologi.

“Marilah kita selalu mengingat bahwa misi kolektif kita adalah untuk meningkatkan kesejahteraan warga negara dan merangsang pertumbuhan yang komprehensif,” Mohit mengakhiri, “Kita harus selalu mempertimbangkan tujuan yang lebih luas dari usaha kita dan membuka jalan menuju masa depan yang lebih berkelanjutan dan inklusif untuk semua orang.”

Strengthening Thailand’s Digital Defences

Image credits: dga.or.th
Share via

Recently, the Digital Government Development Agency (DGA) and the Thailand Digital Government Academy (TDGA) have joined forces to provide training to raise awareness about cybersecurity. This collaborative effort is designed to enhance participants’ knowledge and comprehension of the fundamental principles and the significance of cybersecurity laws, regulations, and announcements. Moreover, the training seeks to promote awareness of information systems’ safe and secure use.

Panithan Khennanuay, Director of the Cyber Security Department, emphasised the increasing prevalence of cyberattacks in today’s digital landscape, affecting many sectors. As organisations transition into the digital realm, they become more susceptible to cyber threats. These threats can range from data breaches and hacking attempts to ransomware attacks and other malicious activities that can compromise sensitive information and disrupt essential services.

Recognising the evolving nature of these cybersecurity challenges, the collaboration between the DGA and TDGA underscored the importance of equipping individuals and organisations with the knowledge and skills to safeguard their digital assets. The training initiative aims to empower participants to proactively identify and mitigate potential cyber risks, thereby enhancing the overall cybersecurity posture of both the public and private sectors.

Panithan Khennanuay further emphasised that as digital transformation continues to reshape the governance, commerce, and communication landscape, it is imperative to prioritise cybersecurity as an integral component of this evolution. By fostering a cybersecurity-conscious culture and ensuring that individuals and organisations stay well-informed and vigilant, Thailand can better protect its digital infrastructure and sensitive data. “Ultimately, it will contribute to the country’s resilience in the face of cyber threats and bolster its position as a leader in the digital age,” he expressed.

Additionally, Khomkrit Khamsawat, Head of the Service Operations Team, added that the workforce and citizens are crucial to any cybersecurity strategy’s success. As the Head of the Service Operations Team, Khomkrit Khamsawat recognises that a well-informed and cyber-aware workforce is the first line of defence against cyber threats. Employees and citizens alike play pivotal roles in maintaining the security of digital systems and data.

In the ever-evolving landscape of cyber threats, individuals within organisations and the broader public must be educated and trained to recognise and respond effectively to potential security risks. It includes understanding the latest cyber threats, practising good cybersecurity hygiene, and adhering to best practices for secure digital behaviour.

Moreover, citizens and employees should be aware of cybersecurity laws, regulations, and guidelines. Compliance with these measures is essential for protecting critical infrastructure and sensitive information.

The collaboration between the DGA and TDGA not only aimed to equip individuals with the technical knowledge needed to defend against cyber threats but also strives to cultivate a cybersecurity mindset. This cultural shift toward cybersecurity awareness can help foster a safer digital environment for all.

Thailand is taking proactive steps to fortify its defences against cyberattacks by focusing on workforce and citizen education. These efforts will ultimately contribute to the country’s ability to harness the full potential of digital technologies while safeguarding its digital assets and interests.

“Cybersecurity is not just a technical issue but a shared responsibility. It requires collaboration across sectors, proactive measures to stay ahead of emerging threats, and a commitment to ongoing education and awareness,” Mr Khomkrit emphasised. “We are optimistic that with the concerted efforts of organisations, government agencies, and individuals, Thailand can build a robust cybersecurity ecosystem. This ecosystem will not only protect critical infrastructure but also promote innovation, trust, and economic growth in the digital age.”

Taiwan: Uninterrupted Communication in Emergencies

Share via

In a proactive move to bolster digital resilience, Taiwan’s Ministry of Digital Affairs (moda) recently conducted its first-ever “disaster roaming” drill in collaboration with the nation’s three major telecommunications providers.

This exercise, held as part of the “2023 National Disaster Prevention Day Large-Scale Earthquake Disaster Response Mobilisation Exercise,” showcased the critical role of cross-network roaming in ensuring citizens’ access to basic and secure communication during emergencies.

The concept of “disaster roaming” differs from commercial roaming mechanisms. It is a government-driven initiative designed to ensure uninterrupted communication services for the public during significant disasters or emergencies.

In essence, it allows individuals to connect to operational mobile communication networks of other providers, irrespective of their original contracts. This initiative addresses a fundamental need: maintaining communication rights when they matter most.

The recent disaster roaming exercise took place in the Hsinchu County Sports Complex area, strategically chosen due to its high population density. Notably, the exercise was conducted without disrupting nearby base stations, using a “manual network selection” method to facilitate cross-network roaming.

Participants engaged in practical scenarios, from connecting with loved ones to accessing real-time news updates and evacuation information.

One of the key takeaways from this exercise is the importance of cooperation between moda and telecommunications providers. By developing Standard Operating Procedures (SOPs) and studying international cross-network roaming frameworks, Taiwan aims to further enhance the disaster roaming mechanism.

This forward-looking approach will ensure that the nation’s communication networks remain resilient and robust, even in the face of major disasters.

The significance of disaster roaming extends beyond mere convenience; it’s about safeguarding citizens’ well-being and ensuring they have access to crucial information during emergencies. This initiative is particularly relevant nowadays as societies become increasingly reliant on digital communication networks for information dissemination, emergency alerts, and coordination during crises.

During her visit to moda, President Tsai Ing-wen underscored the importance of such initiatives in enhancing Taiwan’s overall resilience. In an era where digital connectivity is integral to daily life and critical infrastructure, the ability to maintain communication rights during disasters is paramount.

The disaster roaming programme’s continuation from 2024 to 2025 demonstrates Taiwan’s commitment to preparedness and resilience. By studying global best practices and working closely with domestic telecommunications providers, the country aims to establish a robust disaster response framework. This proactive stance will serve as a model for other nations seeking to enhance their digital resilience.

Reports cited that Taiwan’s disaster roaming initiative stands as a beacon of innovation and preparedness. It reaffirms the government’s commitment to safeguarding its citizens’ communication rights and ensuring that vital information flows even when the unexpected occurs.

Many industries and organisations are subject to regulatory requirements regarding data protection and cybersecurity. Digital resilience helps meet these requirements and avoids legal and financial repercussions.

Also, it ensures that critical government systems and communication networks remain operational during emergencies and can withstand cyber threats from adversaries.

As digital technologies continue to evolve, so too must disaster preparedness strategies. Taiwan’s dedication to enhancing digital resilience through initiatives like disaster roaming demonstrates that the nation is not only adapting to the digital age but also leading the way in ensuring that no one is left disconnected when it matters most.

It is a testament to the nation’s unwavering commitment to the well-being and safety of its citizens, setting a commendable example for the world to follow.

U.S. Tackling Deepfake Challenges

Share via

The National Security Agency (NSA) and its federal agency partners have released new guidance concerning a cybersecurity risk posed by deepfakes, a type of synthetic media. This emerging threat poses cybersecurity challenges for National Security Systems (NSS), the Department of Defence (DoD), and organisations within the Defence Industrial Base (DIB).

They have jointly published a Cybersecurity Information Sheet (CSI) titled “Contextualising Deepfake Threats to Organisations” to assist entities in recognising, safeguarding against, and responding to deepfake threats. NSA developed the CSI with the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA).

The term “deepfake” encompasses multimedia content that has been either artificially created or manipulated through machine learning and deep learning technologies, which are forms of artificial intelligence (AI). Other phrases used to describe such synthetically generated or altered media include “Shallow/Cheap Fakes,” “Generative AI,” and “Computer Generated Imagery (CGI).”

Candice Rockell Gerstner, an NSA Applied Research Mathematician with expertise in Multimedia Forensics, emphasised that while the tools and methods for altering authentic multimedia have been in existence for some time, the noteworthy shift lies in the ease and widespread adoption of these techniques by cyber actors. This evolving landscape introduces a fresh set of challenges to national security.

Gerstner pointed out that organisations, as well as their employees, must adapt to this changing environment. They need to identify the tradecraft and techniques associated with deepfakes. Moreover, it is essential to establish comprehensive plans to respond to potential deepfake attacks and mitigate their impact effectively. As cyber adversaries increasingly leverage these technologies, recognising and countering deepfake threats becomes paramount to ensuring national security and safeguarding sensitive information.

The joint Cybersecurity Information Sheet (CSI) provides valuable recommendations for organisations to address the challenges posed by synthetic media threats, particularly deepfakes. The CSI suggests implementing various technologies and strategies to counter this emerging threat.

One key recommendation is adopting real-time verification capabilities, which enable organisations to identify and respond to potential instances of deepfake content swiftly. Passive detection techniques are also emphasised for ongoing monitoring and early detection. Furthermore, the CSI highlighted the importance of safeguarding high-priority officers and their communications, as they are often the targets of deepfake attempts.

In addition to detection, the guidance underscores the significance of minimising the impact of deepfake attacks. This involves information sharing within and across organisations to stay ahead of evolving threats. It also advocates for comprehensive planning and rehearsing of responses to potential exploitation attempts, ensuring that organisations are well-prepared to mitigate the consequences of deepfake incidents. Personnel training is another crucial component, equipping individuals with the skills and knowledge to recognise and respond effectively to synthetic media threats.

The CSI underscores the diverse nature of synthetic media threats, encompassing techniques that jeopardise an organisation’s brand, impersonate its leaders and financial officers, and employ fraudulent communications to gain unauthorised access to networks and sensitive information. These threats highlighted the need for a holistic approach to cybersecurity.

Advancements in computational power and deep learning have facilitated the mass production of fake media, making it more accessible and cost-effective. This not only undermines brands and financial stability but also has the potential to incite public unrest by disseminating false information on critical issues such as politics, society, the military, and the economy.

The CSI draws attention to the concerning availability of deep learning-based algorithms on open-source repositories. These accessible resources pose a security risk, as their application requires minimal technical skill and can be executed using little more than a personal laptop. Consequently, the widespread availability of such tools amplifies the urgency of addressing synthetic media threats.

In light of these evolving challenges, the NSA, FBI, and CISA strongly encourage security professionals to adopt the strategies outlined in the report. By proactively implementing these recommendations, organisations can enhance their resilience to the growing threats posed by synthetic media and deepfakes. This collaborative effort among government agencies and security experts is vital to ensuring the integrity of digital information and safeguarding national security.

Australia’s Digital Identity and AI Initiatives

Share via

The Minister for Finance, Minister for Women, and Minister for the Public Service of Australia provided updates on technology and digital identity-related legislation. The Minister delved into the topic of Digital ID and its significance for Australia’s future.

The primary focus of the address was the introduction of the draft Digital ID legislation, marking the commencement of consultations for the exposure draft. She highlighted that Digital ID is akin to an online version of presenting one’s passport or driver’s license to verify their identity but without relinquishing the physical document. It aims to provide a secure and convenient way to verify identity online.

The draft Digital ID legislation, now open for consultation, represents a significant milestone in Australia’s efforts to create a national Digital ID system. The Minister outlined four guiding principles for this system: security, convenience, voluntariness, and inclusivity. She stressed that Digital ID would remain voluntary, ensuring alternate channels for those who prefer not to use it.

Moreover, Digital ID is seen as a means to enhance inclusion by bringing government services online and extending their accessibility to underserved communities, including individuals with disabilities. However, the Minister emphasised that those unable or unwilling to obtain a Digital ID would still have access to government services through traditional channels.

The current system, which operates without legislation, allows individuals with Digital IDs to verify their identity without repeatedly providing sensitive documents. Nevertheless, it has limitations, as it is not yet a nationwide system and private sector providers cannot verify individuals against government-issued ID documents. The government envisions a national Digital ID system as an important economic, productivity, and security reform, and efforts are underway to address these shortcomings.

To ensure trust, data protection, and choice in the Digital ID system, the draft legislation establishes governance arrangements, a regulator (with the ACCC as the interim regulator), and privacy safeguards. Senator Gallagher emphasised the need for explicit consent for sharing identity information, the secure deletion of biometric data, and the prohibition of using identity data for direct marketing purposes.

Additionally, the Minster announced the formation of an AI taskforce, in collaboration with colleague Ed Husic, to ensure responsible and safe usage of AI across government agencies. AI has the potential to improve productivity within the APS and enhance government services, but it also requires careful management to mitigate risks.

The government is committed to creating boundaries and safeguards for emerging technologies like AI. The AI Taskforce will assess the risks and benefits of different AI systems within the public service.

The upcoming release of the first Long Term Insights Brief on AI and trust in public service delivery was also mentioned. Four key findings from the brief highlighted the importance of designing AI with integrity, preserving empathy in service design, enhancing public service performance, and investing in AI literacy and digital connectivity for all Australians.

The Minister expressed her determination to see the establishment of an Australian Digital ID system through legislation, despite the challenges and opposition. She acknowledged that it has been an eight-year work in progress, but she believes it is a worthy project with significant benefits for individuals, businesses, and the economy as a whole.

The address highlighted the importance of Digital ID legislation and AI governance in shaping Australia’s technological future. These initiatives aim to enhance security, convenience, and inclusivity while safeguarding individuals’ privacy and ensuring responsible AI usage within the public service.

Efforts to advance digital identification in Australia align with the country’s broader initiatives to establish a national Digital ID system, as discussed by the Minster. The focus of one pilot program, reported on by OpenGov Asia earlier, was on enabling individuals to prove their identity without the need for multiple physical documents corresponds to the principles of Digital ID outlined by the Minister, emphasising secure digital verification over physical information exchange.

Additionally, student volunteers from Deakin University demonstrated practical applications of digital identity within the education sector, mirroring the efficiencies mentioned by Senator Gallagher in her speech. These developments reflect Australia’s growing interest and innovation in the digital identification ecosystem.

Vietnam, Laos, Cambodia Cooperate to Grow Digital Economy

Share via

Vietnam, Laos, and Cambodia will cooperate in the digital economy. Experts have said that the substantial potential for trade and investment collaboration among the countries has not yet been fully realised.

The three governments jointly organised a conference to discuss digital economic development trends and their potential to enhance trade and investment among the countries, opportunities and challenges arising from digital transformation for the growth of trilateral ties, and strategies to advance their cooperative efforts in the digital era. The conference reflects the countries’ readiness to build digital-transformation-oriented socio-economic infrastructure.

Experts at the event recommended that the sides establish and improve institutional and legal environments that align with the demands of the international integration era within the context of the digital economy. Additionally, the nations should invest in developing digital infrastructure to foster their national digital economies.

The conference, which was organised by the Vietnam Academy of Social Sciences (VASS), Lao Academy of Social and Economic Sciences (LASES), and Royal Academy of Cambodia (RAC), saw the participation of over 100 experts, managers, and diplomats from the three countries.

According to a representative from VASS, prioritising the advancement of the digital economy is considered a key task in accelerating the restructuring of an economy. This approach is closely linked with innovation in the growth model and the enhancement of growth quality. The aim is to assist a nation in escaping the middle-income trap and progressing toward becoming a fully developed, industrialised country. The trend presents both opportunities and challenges for countries involved, as they work to develop and expand their investment and commercial partnerships.

An official from LASES noted that Laos is in the early stages of its digital transformation journey, encompassing multiple sectors, including commerce and investment. Consequently, Laos is eager to collaborate with experts from Vietnam and Cambodia, aiming to exchange knowledge and gain insight from their respective digital transformation efforts.

Highlighting the longstanding bond among the three nations, an official from RAC acknowledged that in the realm of digital transformation, Vietnam has been making swifter advancements compared to Cambodia and Laos, particularly in sectors like tourism, commerce, and investment. Collaborative efforts among these nations, particularly in the domain of the digital economy, hold considerable importance in advancing the development of each country.

In 2020, Vietnam kicked off a national digital transformation programme, under which the country would renovate the management and administration activities of the government, the production and business activities of enterprises, and the overall way of living and working. It is working to develop a safe, humane, and wide digital environment. The national digital transformation programme has the dual purpose of both developing the digital government and economy and establishing Vietnamese digital businesses with a global capacity.

In the second quarter of 2023, the digital economy contributed approximately 15.26% to the total Gross Domestic Product (GDP) of Vietnam. Compared to 2021, the growth of Vietnam’s national digital transformation index did slow down, but the component indices of digital government, digital economy, and digital society still maintained a high growth rate of 45-55%.

Vietnam’s digital economy was valued at around $14 billion in 2020, showing remarkable growth of 450% since 2015. Projections indicate that it is expected to expand by roughly 30% between 2020 and 2025.

Recommended Stories

Linkedin-in Twitter Facebook-f Youtube Instagram
© 2023 OpenGov Asia – CIO Network Pte Ltd.

MENU

Linkedin-in Twitter Facebook-f Youtube Instagram

PARTNER

#image_title

Qlik

Globe Facebook Twitter Linkedin

Qlik’s vision is a data-literate world, where everyone can use data and analytics to improve decision-making and solve their most challenging problems. A private company, Qlik offers real-time data integration and analytics solutions, powered by Qlik Cloud, to close the gaps between data, insights and action. By transforming data into Active Intelligence, businesses can drive better decisions, improve revenue and profitability, and optimize customer relationships. Qlik serves more than 38,000 active customers in over 100 countries.

PARTNER

#image_title

CTC

Globe Facebook Twitter Linkedin Youtube

CTC Global Singapore, a premier end-to-end IT solutions provider, is a fully owned subsidiary of ITOCHU Techno-Solutions Corporation (CTC) and ITOCHU Corporation.

Since 1972, CTC has established itself as one of the country’s top IT solutions providers. With 50 years of experience, headed by an experienced management team and staffed by over 200 qualified IT professionals, we support organizations with integrated IT solutions expertise in Autonomous IT, Cyber Security, Digital Transformation, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Well-known for our strengths in system integration and consultation, CTC Global proves to be the preferred IT outsourcing destination for organizations all over Singapore today.

PARTNER

#image_title

Planview

Globe Facebook Twitter Linkedin Youtube

Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit www.planview.com.

SUPPORTING ORGANISATION

#image_title

SIRIM

Globe Facebook Twitter Linkedin Youtube

SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.

PARTNER

#image_title

HashiCorp

Globe Facebook Twitter Linkedin Youtube

HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 

PARTNER

#image_title

IBM

Globe Facebook Twitter Linkedin Youtube

IBM is a leading global hybrid cloud and AI, and business services provider. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity and service.

Send this to a friend