The lack of connectivity to the cloud is a core aspect of Enerlyf’s current vision for its CX. “Customers don’t need to share any data and they are still able to get their own personalised temperature and energy saving. That was one of the key things we identified in its popularity,” Chirag told us.

The company’s invention saves its customers up to 35% on their home cooling costs, enough that over two nights, the equivalent electricity could cover two rural households’ energy needs.

The lack of need for potentially privacy-invasive ‘smart home’ technologies comes at a time when data privacy is becoming increasingly central in many consumers’ minds. Data aggregated from multiple sources can be used to influence our behaviour in ways we find disturbing, and when those influences are traced back to a product purchase or service sign-up, the effects can easily negate any investment a brand has made in its CX.

That’s because, at present, there is an imbalance in our current concepts of CX, one that loses companies loyal customers and destroys trust carefully built over months and years.

The unevenly weighted scales

When buying a product or service, and in every interaction with an organisation, we expect a quality CX. It’s part of the reciprocal arrangement entered into at the point of purchase, with the standards of our expected experiences set high by global household names like Uber, Amazon, Rakuten and Ola.

But in addition to the quid pro quo, many companies will additionally monetise or even abuse the data they gain from every interaction. By piecing together information gathered with that from third parties, companies build detailed yet often irrelevant pictures of their buyers or users. Too often, their reasons for doing so have little to do with improving CX or the product now in the customer’s hands. Instead, data is used as a secondary revenue source, the benefits of which never reach the customer.

Source: Shutterstock

Digitisation without tears

Like every product, iterating on Enerlyf’s core designs is how it will improve. To achieve this, Chirag knows that user data can be incredibly helpful for each of his customers. “[We want to] add internet connectivity, IoT capabilities and AI to our systems, so that we can build to make greater systems. When we envisioned adding IoT [functions] and AI, that is where Affinidi came in and [our] mission and vision becomes much stronger,” he said.

Affinidi’s vision for how data can be shared anonymously is central to what Chirag perceives as the next generation of customer experience for Enerlyf customers. With zero-party data (first-party or user data whose source is not identifiable by a third party – see our previous articles here and here for more) the customer experience for Enerlyf’s products can give each customer advantages that will not compromise their personal information.

Initially, Chirag aims to produce personal and community value for Enerlyf users via the Affinidi Trust Network. “So say for example, if there is a community with 1000 apartments, and we have 200-500 users using our product, we wanted to offer access to a local weather station for them. […] For example, if parents want to take their children out, they can immediately check what is the air quality of that area? What is the outside temperature, humidity, so many other things. So that is a roadmap Enerlyf is connecting, like user-personalised profiles with community-level data.”

Affinidi’s CEO, Glenn Gore sees further benefits for Enerlyf user communities that are both empowered and protected by the Affinidi Trust Network (see here for more details): “Air con repair services could do reverse bidding, for example, saying, ‘We know you run your air conditioning for 300 hours, by giving it a service, it’s going to be more efficient, you’ll save some energy.’ These are new techniques that people could use, but while maintaining user anonymity.”

Customer experience at present goes little further than easy-to-use GUIs (graphical user interfaces) and personalised recommendations to buy more product (‘Hey [name], you bought [x], so why not buy [y]?’). What Enerlyf and Affinidi envisage is a CX where the ‘C’ for Customer is writ large – realisable benefits that come from anonymised, specific data deliberately released by individuals and companies to others, with both parties gaining.

Source: Shutterstock

National level advantages

The Indian government’s Green Credits scheme is an example of a nascent market that can be seized on by entrepreneurs like Chriag. He sees the users of Enerlyf products as being able to prove – without compromising their personal information or identities – exactly how much power their activities have saved and be able to ‘spend’ those credits elsewhere.

Glenn said, “There is value in consumers being able to say to brands, ‘Hey, I am taking actions in my own life.’ And brands can turn that into giving you savings or opportunities or preferences based on the decisions being made.”

New definitions of CX

End-users confident of their privacy are so much more likely to trade with brands they know are respectful of data security and anonymity. Customer experience on the Affinidi Trust Network is self-determined by the individual and goes far beyond our present concepts of CX. In 2024, CX is too often designed not for the benefit of the customer, but as a crude and often unwanted opportunity to cross-sell and upsell.

Instead of a reluctance to interact with a brand because of the potential for personal information misuse, brands can build trust with customers and prospects based on information that people approve for release to specific organisations.

As Enerlyf iterates on its energy-saving product line, it’s changing the way we think about personal well-being and energy-saving. With its cutting edge ClimateOS and state-of-the-art CX, Enerlyf allows households to reduce energy consumption and transform into fully-connected, distributed energy resources in the wider energy grid. Doing so offers the potential for enormous new markets and a more sustainable future for all of us.

The Affinidi Trust Network is the basis on which we will see this new data and energy economy built and the new definition of customer experience emerge. You can find out more about Affinidi Trust Network here.

The post Building trust in the data economy: Enerlyf and Affinidi redefine CX, privacy and energy efficiency appeared first on Tech Wire Asia.

Pavel has extensive experience in both finance and advanced machine learning technologies, with a background in data science, analysis, and research. We asked Pavel first to describe what we mean by the phrase ‘fraud network’ and, broadly, how their activities can be counteracted.

“Fraud networks are organized groups or individuals that collaborate to carry out fraudulent activities. [They] exploit gaps where [an organization’s] infrastructure is not connected to transaction or event monitoring. Fraud networks, or fraud rings, are groups of individuals – operating globally or within the same location – who jointly participate in fraudulent activities, such as multi-accounting, money laundering, money muling, and personal data breaches. They collaborate to take advantage of a digital platform like a cryptocurrency exchange, fintech app, dating service, or online casino. By connecting who the person is (with IP addresses, payment details, and so on) to what they actually do on the platform, we can detect and act on fraudulent patterns.”

Although such groups operate globally, there is a greater instance of this type of crime in the APAC region, plus the problem is growing faster there too. Pavel told us that attack numbers are growing about eight times faster than in Europe and the Americas. The issue is not necessarily linked to national economic status: Singapore and Hong Kong are among those countries where fraud networks operate commonly. Singapore, with the highest GDP (PPP) per capita in the world, saw 4,800 people investigated for ‘money muling’ (the transfer of illegally-gained funds on behalf of others) in 2020 alone, according to Singapore Police data. There were 4,700 similar cases in Singapore in the first three months of 2023 alone.

Source: Sumsub

“In Asia, fraud rings are affecting both developed and developing markets alike. For example, Bangladesh has an average fraud network incident rate of a worrying 10.2%, with alarming rates in other growing economies such as Thailand (6.6%), Vietnam (3.7%) and Indonesia (2.2%),” Pavel said.

Of course, the problem isn’t limited to the APAC. In Estonia – arguably one of the most digitized countries in Europe –  a group of several dozen cryptocurrency exchange applicants uploaded identical Proof of Address documents from an unlicensed foreign bank in an attempt to get multiple cryptocurrency-based payment cards issued to the same address.  , Sumsub, discovered the attempt. “This is just one case of how serial fraud operates; other instances include money muling schemes, tech support scams, ransomware, and phishing attacks, and account takeovers.”

Legacy methods of combating the types of fraud we see today depended on only initial KYC (know your customer) checks. Once a new user had passed those, their activity was not monitored. Fraudsters can, in those circumstances, persuade legitimate citizens to ‘lend’ (or sell) their credentials, to then go on to use the account to perpetrate crimes. “Continuous monitoring and analysis ensure that even those applicants who’ve passed initial verification are consistently under observation,” Pavel told us. But there are significant challenges in deploying full-lifespan countermeasures. These include:

• High volumes of data mean manual identity of suspicious activity is resource-intensive,
• False positives can impact genuine users and sour relationships between customers and provider,
• Evolution of methods used by fraudsters means training and adaptation are required constantly by enforcement organizations,
• Regulatory compliance means there are boundaries that simply cannot be crossed during investigation,
• Customer experiences are easily compromised by heavy-handed anti-fraud measures,
• Costs rise and profits take a hit because of the need for fraud prevention.

Pavel Goldman-Kalaydin, Head of Artificial Intelligence & Machine Learning. Source: Sumsub

Pavel told us that today’s machine learning algorithms are a huge boon in fraud detection. “AI is a powerful tool for detecting fraud networks. Should users show signs of fraud after being onboarded, they won’t go unnoticed. Through leveraging AI, companies can implement behavioral analysis and risk scoring algorithms, which were previously challenging to implement effectively. Such advanced capabilities enable continuous monitoring of users’ activities, meaning early detection of suspicious behavior and enhancing fraud prevention measures.”

Sumsub holds an ever-evolving database that has identified and reported over 2 million fraudsters and operates a KYC platform built on over a billion identities. It analyzes more than 5,000 fraud attacks daily, building a comprehensive picture of the digital landscape that examines historical connections and relationships among entities, using ML-powered algorithms.

It’s in proactive, constant monitoring that the company’s platform excels. Its platform pre-screens service applicants using ID verification and behavioral intelligence that adds an invisible layer of fraud prevention. Verification processes detect deepfakes, suspicious device fingerprints, create risk scores, and detect the activities of today’s fraud networks. On an ongoing basis, Sumsub oversees login behavior and looks deeply into account activity using AI that ensures near-zero instances of false positives, guaranteeing a highly accurate and reliable detection of fraudulent activities in real-time.

“We adopt a multi-layered approach, offering a solution with ‘Detect & Act’ capabilities in one platform. This goes beyond traditional anti-fraud or KYC methods to ensure a fortified defense against a wide array of fraud, including account theft, romance scams, payment fraud, and many more. We provide the ability to set action alerts to automatically trigger additional checks, to simplify the decision-making process and reduce false positives.”

Given the sums of money that change hands daily over the internet, it’s perhaps no surprise that fraud networks are constantly developing new methods to launder and steal money from legitimate sources. Sumsub is the only platform that uses technologies that are in advance of those employed by these cyber criminals, preventing fraud and illegal activity in the APAC and across the world.

To find out more about Sumsub, head over to the company’s website and join over 2,000 companies that protect themselves and their customers with preventative measures that don’t impact customer experience or statutory compliance. Sign up for the free demo today.

The post The threat of fraud networks in the APAC: KYC and beyond appeared first on Tech Wire Asia.

The adoption of Secure Access Service Edge (SASE) has become a strategic imperative for organisations in the Asia-Pacific (APAC) region, and aims to bolster cybersecurity, improve network performance and enhance business agility.

The case studies in the qualitative research commissioned by S&P Global Market Intelligence on behalf of Verizon Business Group¹ shows a timeline of APAC organisations’ journeys.

Source: Shutterstock

“We learned that the global pandemic was an accelerant of digital transformation that underpinned a broad spectrum of readiness and capability for customers. Initially, they were compelled to change their operating environments very rapidly, then many went through a process to understand and appreciate the value they can unlock from that transition by migrating to a SASE environment,” said Rob Le Busque, Regional Vice President at Verizon APAC.

“We see the adoption of SASE continue to accelerate among enterprise and government customers in this region for two reasons. First, there is an intrinsic cost benefit to moving to SASE architecture. Second, the cyber attack surface is increasing and becoming more complex; SASE provides the ability to containerise applications or servers under attack,” said Le Busque.

Delivering outcomes from SASE

The research revealed the value for CIOs in examining the differences between a project’s expected outcomes versus the reality. For SASE, many expect reduced risk, cost savings and improved productivity and/or user experience.

While most participants with complete (or nearly complete) SASE projects reported that they achieved their expected outcomes, they also discovered some unexpected results.

For example, a large mining and metals organisation in Singapore reported: “One unexpected benefit of a SASE framework is to have synergies and convergence of interests between infra/network and security where usually it is a fight between what performance/user experience versus security constraints will be considered (which is rare enough to be highlighted!). Here we have a common ground where both can be conciliated.”

Effects of SASE on the overall digital transformation journey

While most participating organisations in the research did not consider their SASE deployment a part of a larger digital transformation initiative, some said that SASE helped their larger transformation project by reducing risk and simplifying user experience.

“We started off with streamlining connectivity and the effort that spearheaded the related identity and access management projects are now supporting almost all the other applications as well. So, yes, there was an acceleration effect in our DX journey,” said a regional information security manager for a large IT services firm in Australia.

“We hear from our customers that SASE shortened provisioning times and access to networks on traditional VPN architectures. This solves the first principle issue of connecting dynamic users to dynamic applications. SASE provides capability and uplift to do that as organisations,” said Rob Le Busque.

Key benefits from SASE, according to the research, included:

• Unified security architecture,
• Enhanced user experience,
• Scalability and flexibility,
• Improved compliance and governance.

Source: Shutterstock

Identifying top SASE deployment roadblocks

Several themes emerged regarding the barriers participants encountered and expected to encounter during SASE implementation.

Technical debt was most cited as the barrier to overcome before gaining the rewards of SASE. “You need to invest time up front to fully understand all aspects, rather than piecing it all together in a troubleshooting mode during project implementation,” said a CIO of a large Hong Kong-based Insurance organisation.

The main deployment roadblocks included:

• Legacy infrastructure challenges: Legacy systems and outdated network architectures pose integration challenges during SASE adoption. CIOs should address compatibility issues, data migration complexities, and ensure integration with existing IT environments to maximise the benefits of SASE while minimising disruptions to business operations.
• Skills gap and talent acquisition: The shortage of skilled cybersecurity professionals and network engineers is a significant barrier to effective SASE implementation. CIOs should invest in talent development, upskilling initiatives, and partnerships with managed security service providers (MSSPs) to bridge the skills gap and build internal expertise for managing SASE solutions effectively.
• Change management and organisational alignment: Implementing SASE often requires cultural and organisational changes to move to a Zero Trust security model, including the adoption of agile practices, and increasing collaboration between IT and business functions. CIOs must address resistance to change, communicate the benefits of SASE to stakeholders and align the organisation’s goals with security and digital transformation initiatives.

Lessons Learned from SASE Implementation

The final section of the study focused on gathering participants’ insights they gained during a SASE implementation project.

• Needs assessment: Participants noted the need for a strong requirements framework and business case development before initiating the project. They recommended taking a ‘security first’ approach and advised prospective implementors not to run SASE implementation like a network infrastructure alteration. They cited the importance of obtaining support from key stakeholders and establishing strong governance structures.
• Upskill, plan and prepare: Participants emphasised increasing internal competencies and resources in advance. A common theme was the importance of understanding the data, application and device assets involved in or affected by SASE.
• Vendor/partner selection: Study participants recommended focusing on vendor competencies, examining specific SASE requirements and comparing vendor claims versus actual competencies, although they reported this was difficult. Participants also mentioned the importance of using a tried-and-tested partner and establishing strong vendor and partner relations.
• Deployment planning: Respondents said using a standardised deployment model was particularly important, as well as planning and scheduling the rollout.

Conclusion

SASE implementation offers significant outcomes such as unified security, enhanced user experience, scalability and compliance for organisations in APAC. However, barriers such as legacy infrastructure, skills gaps, and resistance to organisational change require planning, talent development, and effective change management.

By learning from industry best practices, and emphasising user-centric design and continuous monitoring, CIOs can collaborate with CISOs to successfully navigate SASE adoption, strengthen cybersecurity resilience, and drive business agility.

Download the full report to read the findings in detail, and to talk to an expert on SASE deployment best practices and technologies, contact a Verizon representative near you.

¹ “SASE Enables Zero-Trust Networking, Improves Business Agility, Reduces Costs and Streamlines Digital Transformations”

The post Enhancing Business Agility with SASE: Insights for CIOs in APAC appeared first on Tech Wire Asia.

Many endpoint devices are commonly recognisable: the smartphone in your back pocket, the desktop computer or laptop. However, endpoints can also include servers – powerful computers that provide digital services to users, such as file storage, data retrieval, or commonly used applications. When all an organisation’s endpoints are added up, they can number hundreds of thousands in large enterprises.

Source: Shutterstock

Often, even discovering the existence of every endpoint is challenging, a situation that has been made more complicated since the COVID-19 pandemic and the continuing habit of working remotely. Endpoints suddenly included computers in people’s homes or personal laptops used during periods of lockdown.

Within just a couple of years from 2020, the number of endpoints using a company’s network rose sharply, and the number of cybersecurity incidents involving endpoints rose in step. Additionally, the cost of each security breach rose from $7.1m to $8.94m [PDF].

The higher number of endpoints in today’s businesses also means that more devices have at least the capability to delete, corrupt or compromise valuable data. Managing endpoints, therefore, means ensuring that devices work safely, whether from the actions of bad actors, from misuse or operators’ mistakes.

It’s clear, therefore, that managing and securing these devices needs to be at the forefront of any organisation’s cybersecurity and device management priorities. A properly managed and monitored endpoint fleet gives IT teams a clear definition of the devices it’s responsible for and a head-start on tracking down and responding to incidents caused by attackers or so-called internal threats. It also shows which devices are at greater risk of possible compromise, informing teams which endpoints need updating, patching or replacing, and with what priority.

Putting in place a rigorous endpoint management system gives organisations the best ROI of any security platform, and should be the foundation of a range of measures designed to protect the organisation’s users, digital assets and intellectual property.

Best practices in endpoint management are discussed in detail in “The Endpoint Defense Playbook: Locking Down Devices with NinjaOne“, which includes advice on how large fleet management tasks can be automated. But for the purposes of this article, let’s consider some steps that any company can take to close off many of the ways that endpoints put their owners’ digital assets at risk.

Audit
Before an IT team can know what they need to monitor, manage and protect, it has to know what devices appear on the network. An audit is therefore an unambiguous first step, although it should be noted that auditing has to be an ongoing process, as day-to-day, endpoints will change as the organisation evolves and the devices used cycle over time. A real-time network map is therefore required.

Secure access
Users, like endpoints, have to be able to prove who they are, and be granted privileges to operate on the company’s network. Passwords, two-factor authentication and single sign-on (SSO) are methods by which employees show they have the rights to be present on the network.

Zero-trust
Zero-trust is a security posture that dictates users and endpoints have no privileges whatsoever on a network by default. Then, policies grant access to applications, services, and devices on a per-case basis. In cases where no policy applies, the system reverts to zero trust or no access.

Encrypt
Encryption means that any data exchange inside or from outside the network is obfuscated and therefore immune to any eavesdropping. Data at rest should also be encrypted, so physical theft of, for instance, storage drives, will not yield any readable data by third parties.

BYOD policies
Since the emergence of the modern smartphone in the mid-00’s, users often prefer the convenience of at least occasional use of their own devices. BYOD (bring your own device) policies can determine which device types are allowed, and also stipulate which versions of software may run and operate on the network. Enacted policies will prevent insecure operating systems and software from running on users’ devices and ensure a maximum level of security among what is an unpredictable population of endpoints.

Proactive scanning
Endpoint detection and response (EDR) systems scan endpoints and log activity to flag anomalous behaviour to users or to systems administrators. Alerts can tell IT staff when action has to be taken to address apparent threats or to surface unusual patterns of behaviour that need further investigation.

Source: Shutterstock

Patch & update
Software vendors are constantly updating their code to ensure that it is as safe as possible from malicious activity. Software on endpoints should run the latest versions of all software (including the operating system) so every device does not carry at least a potential attack vector. Zero-trust policies are applicable in this respect: endpoints not fully up-to-date can be denied access or given limited privileges by default.

Remediation planning

Despite all preventative measures, every network will always suffer some security or misuse issues. It is essential that IT teams have coherent plans that can be followed when there is the possibility of data breach or corruption. Remediation planning also requires the practise of recovery procedures, so teams are aware of the steps they need to take in the event of a possible incident.

Next steps
Endpoint management and security are mutually supportive processes that together form the basis for strong IT security and data loss prevention. In very small companies, it’s possible to manually implement endpoint management on a per-device basis. But in the majority of cases, an endpoint management software platform is necessary to oversee and, where possible, automate management policies.

Creating a strong and safe IT environment for any organisation is essential for a business to operate in 2024, and it’s a subject that requires a great deal of attention. You can read in more detail about the best practices to implement endpoint management in “The Endpoint Defense Playbook: Locking Down Devices with NinjaOne“, which is available to download now.

The post The criticality of endpoint management in cybersecurity and operations appeared first on Tech Wire Asia.

Organizations and governments worldwide, including Japan, face the dual challenge of mitigating risks and embracing the rapid advancements in AI. This involves managing uncertainties while also accelerating innovation and adoption to reap the benefits of this transformative technology.

Japan’s unique position in AI

Although Japan is known for its cautious approach to risk, it is also renowned for its innovative contributions to technology, particularly in smart robotics and automotive AI. However, reports suggest that Japan’s prowess in AI-powered hardware does not equally extend to its software capabilities, making it reliant on foreign large language models for generative AI.

Japan faces unique AI development and adoption hurdles, including limited data availability and cultural attitudes towards business risk. These factors complicate the integration of AI technologies within traditional business frameworks.

A recent study by Barracuda, titled ‘SMB cyber resilience in Japan: Navigating through doubt to an AI-powered future,’ examines AI’s impact on small to medium-sized businesses (SMBs) in Japan. It reveals a mix of optimism about AI’s benefits and concerns about security, knowledge, and skill gaps.

The research underscores general optimism among smaller Japanese organizations about the positive effects of AI on business operations. The majority of these businesses anticipate that adopting AI solutions will lead to workforce reductions over the next two years—66% foresee fewer full-time employees, and 70% expect to rely less on freelancers and contractors. This trend is expected to lower costs and reduce the human resource demands on companies, though it also highlights a precarious future for workers in roles vulnerable to automation.

ARE YOUR WEB APPLICATIONS SECURE? BARRACUDA REPORTS HIGH INCIDENT AND BREACH INVOLVEMENT

Muhammad Zulhusni | 22 February, 2024

In addition to cost reduction, businesses expect AI to enhance operational efficiencies across various functions, including marketing and customer relations. Approximately 67% predict that AI tools will produce over half of their content soon, and 60% believe AI will become the primary interaction point for customers. Moreover, thanks to AI, 76% anticipate quicker and more accurate customer insights.

Strengthening cybersecurity through AI

On a broader scale, 65% of respondents are confident that AI tools can streamline their cybersecurity needs, reducing reliance on human security teams or third-party services. Given Japan’s acute shortage of cybersecurity professionals, integrating AI for automated threat detection and response is seen as essential for enhancing security across all business sizes.

Most organizations recognize the need for external assistance to fully leverage AI for business benefits. A significant majority of businesses surveyed—76%—indicate the necessity of partners for researching and exploring AI. The same proportion (77%) seek help with implementing AI solutions and managing these technologies on an ongoing basis. Security vendors and managed service providers in Japan are well-positioned to help smaller businesses exploit AI’s advantages.

The release of ChatGPT by OpenAI in November 2022 showcased the capabilities of generative AI tools in creating natural, engaging dialogues. Despite widespread attention, businesses exhibit cautious engagement with generative AI. Awareness does not equate to comprehensive understanding; 56% grasp the distinctions between generative AI and other AI types like machine learning, while 44% admit to limited or no understanding. Consequently, many Japanese companies impose restrictions on AI use due to potential risks.

Approximately 69% of businesses perceive risks with workplace generative AI usage. While 18% permit its use—6% broadly and 12% in limited team settings—62% do not officially sanction it, suggesting covert use that may heighten security risks. Concerns also include data protection (57% of respondents), the absence of regulatory frameworks (47%), and opaque AI decision processes (31%). Additionally, 13% fear AI systems being compromised by cyber attackers.

Risks of using generative AI (Source – Barracuda)

AI and cyber threat evolution

There’s notable uncertainty about AI’s role in evolving cyber threats. About 55% of businesses are unsure how AI could be utilized in email attacks, with similar uncertainty extending to denial-of-service (62%), malware (57%), API attacks (56%), and cyber espionage (55%).

Despite these uncertainties, email threats remain a prominent concern for Japanese small businesses, with 53% highlighting account takeover attacks as a top threat. This form of identity theft allows attackers to misuse accounts, potentially leading to phishing scams, data theft, and more. Other significant threats include phishing and social engineering (37%), with ransomware also critical (39% reported it as a top concern, predominantly initiated via email).

Cyber threats concerning businesses in Japan (Source – Barracuda)

Survey participants generally understand the role of AI in fortifying cyber defenses, especially in areas like email security and employee cybersecurity training. However, there’s some ambiguity about AI’s effectiveness in other domains, possibly due to these areas being less familiar to smaller enterprises.

When asked which AI-enhanced security measures would improve their organizational safety, 36% pointed to AI-enhanced email security, especially against sophisticated threats like deepfakes. Another 24% believed AI could support more tailored, frequent training programs. The benefits of AI in continuous threat intelligence and response, as performed by Security Operations Centers (SOCs), were not as clearly understood.

The survey reveals a deficiency in AI-specific practices and policies needed for responsible AI usage. While 52% of businesses conduct employee training on AI use and vulnerabilities, only 35% have formal policies dictating AI usage. Even fewer have comprehensive governance structures in place, such as legal frameworks. This indicates a lack of control and management over AI applications within businesses.

A YEAR OF HIGH-SEVERITY ATTACKS AND GROUNDBREAKING CYBERSECURITY STRATEGIES IN 2023

Muhammad Zulhusni | 5 March, 2024

The latest ICS2 Cybersecurity Workforce Study shows that Japan has nearly half a million cybersecurity professionals, a notable 23.8% increase from the previous year, contrasting with a global average of 8.7%. Despite this growth, the demand far exceeds supply, with a shortage of 110,254 professionals, marking a 97.6% increase year-over-year — significantly higher than the global average of 12.6%. This gap is unprecedented compared to other nations evaluated in the ICS2 study.

This macro perspective mirrors smaller businesses’ daily challenges, particularly with AI-driven cyber threats.

Makoto Suzuki, Regional Sales Director for Japan at Barracuda, highlights the survey’s findings: Japanese SMBs recognize AI’s benefits for enhancing business productivity but remain cautious about the cyber threats it poses. Suzuki notes, “This could hold businesses back from harnessing the full potential of AI to revolutionize business performance and competitiveness by optimizing processes, reducing costs, improving quality, and providing new insights and ideas.”

The post How Japan balances AI-driven opportunities with cybersecurity needs appeared first on Tech Wire Asia.

A change is occurring in how organisations secure their network perimeters, users, applications and data. Secure access service edge (SASE) is starting to disrupt traditional approaches to networking and security, and is giving IT professionals an opportunity to fundamentally reimagine how they design their network and security architectures.

Previously, enterprise network architecture was based on discrete silos of network and security controls, with remote access provided via virtual private networks (VPNs). These approaches are being rapidly replaced by SASE and zero-trust network access (ZTNA) architectures.

Source: Shutterstock

Getting SASE right can be a complex proposition that presents significant challenges. While major elements that make up SASE have been around in some form for at least 10 years, it is still an evolving technology.

A case study in SASE Success: India Insurance Company

As part of the research commissioned by Verizon Business to help companies cut through the noise to get a true picture of obstacles and opportunities in implementing SASE, S&P Global Market Intelligence conducted 10 in-depth interviews with decision makers and those purchasing SASE technology.

One successful SASE implementation case study was shared in an interview with a VP at one of the largest insurance companies in India, which we will refer to as “IIC” (India insurance company).

“The primary driver [for SASE] was the pandemic. Before, we had a traditional bricks-and-mortar office infrastructure. When the pandemic hit, everything was being provisioned by the company. There was no way to use ‘bring your own devices (BYOD) – only company-owned, hardened machines could be used […] which took 10-15 days to provision,” he said.

Suddenly, many users, particularly contractors, did not meet security requirements because controls were not designed for off-site workers. In response, IIC implemented a SASE project focused initially on data access, followed by applications.

“Now, we can fully support BYOD, which was the hardest problem to solve. We were forced to go with an agentless approach, through an outside portal […] new employees and contractors are now productive from day one instead of waiting for their machine to arrive,” said the respondent, an Executive Vice President and Head of Business Systems and Infrastructure at the IIC, which currently employs over 10,000 people..

The company could immediately improve the user experience, meet remote worker security and compliance requirements, and improve productivity by supporting BYOD, which enabled employees and contractors to begin work immediately.

What is driving SASE adoption?

Some compelling factors driving SASE adoption are the size and maturity of organisations. For more mature, technically sophisticated enterprises, SASE implementations are motivated more by business and digital transformation needs than technical requirements.

Common business drivers include improved business agility, cost reduction, support for hybrid work (office-based and remote workers), improved end-user experience, reduced threat impact and risk, improved compliance and competitive pressure.

Source: Shutterstock

Larger organisations, especially those with over 10,000 employees, tend to suffer from technical debt and incompatible legacy systems that slow down deployments. Conversely, smaller organisations tend to adopt solutions faster and can often source the entire SASE stack from a single vendor.

Common technical drivers include network, security, IT modernisation and simplification, and simplified management of rapidly growing networks.

Key considerations for implementing SASE

Research participants indicated a variety of deployment approaches. None indicated embarking on a “big bang” implementation: some organisations rolled SASE out to high-risk users and apps first, while others chose lower-risk users and applications.

For example, some organisations with high short term risk exposures, such as the potential for breaches or failing compliance audits, chose to solve the issue for those groups first. Others, less concerned about short-term risk, took a more conservative approach like deploying to staff already using modern cloud apps.

“It was all about basic access first to support the remote workforce. Subsequently, it was about business-critical targets and high-risk estates, with quick wins peppered in between,” said one respondent, a Regional Information Security Manager for a large Australian IT services company.

“Any users who can migrate without losing any access to unsupported apps naturally will do so. This provides a faster, better user experience that rewards the user to move to SASE. They were excited to move away from VPN and use [it] as a […] fall-back plan,” said another, a Regional CISO at a large Singapore engineering firm.

Overall SASE projects vary in duration (from initial sign-off to production) from 6-12 months to over three years. Nearly half (45%) of all respondents indicated durations of 12 months or less; another 45% fell in the 13 to 36 month range; and the remaining 10% indicated more than three years to complete a SASE implementation.

In Asia Pacific, only one-third of participants indicated that SASE was deployed as part of a digital transformation initiative, as compared with three-quarters of their counterparts in Europe.

End matters

In the next part of this article, we’ll be looking more deeply into the study’s results, and getting the thoughts of Rob Le Busque, Regional Vice President at Verizon, APAC. In the meantime, head to this page to learn from the experiences of enterprises who have already migrated to SASE, detailed in the report produced in collaboration with S&P Global Market Intelligence.

Continue your exploration of SASE adoption with Part 2 of this feature, which will cover in-depth study results and insights from Rob Le Busque. Check back in the coming weeks for the next instalment and in the meantime, you can explore the research and business impact briefs for comprehensive insights at the following links: Research | Business Impact Briefs.

The post Deploying SASE: Benchmarking your approach appeared first on Tech Wire Asia.

Malaysia is no stranger to the cybersecurity landscape, having been involved in and targeted by a significant number of cyberattacks and data leaks. These incidents raise questions about the country’s readiness to face cyber threats within this evolving cybersecurity environment.

The 2024 Cybersecurity Readiness Index for Malaysia

In Cisco’s 2024 Cybersecurity Readiness Index, it is revealed that only two percent of organizations in Malaysia are classified at the ‘Mature’ level for readiness. This classification indicates robust resilience against the myriad of modern cybersecurity risks that today’s businesses face.

This critical assessment arrives at a time when hyperconnectivity defines our era, alongside a threat landscape that is rapidly evolving. Businesses are incessantly bombarded with sophisticated cyber threats, ranging from phishing and ransomware to supply chain attacks and social engineering tactics. Despite concerted efforts to fortify defenses against these onslaughts, many organizations are burdened by their complex security frameworks, which often consist of disparate point solutions.

WHAT’S GOING ON WITH CYBER SECURITY IN MALAYSIA?

Muhammad Zulhusni | 14 July, 2023

The complications of defending against cyber threats are further amplified in today’s distributed work environment, where organizational data is dispersed across an infinite array of services, devices, applications, and user interfaces.

Yet, despite these daunting challenges, a surprising 85% of companies profess a moderate to a high level of confidence in their cybersecurity defenses, despite their actual state of preparedness. This stark disparity between perceived confidence and actual readiness points to a potentially dangerous overestimation of their cybersecurity capabilities and a failure to accurately gauge the magnitude of the threats they face.

The 2024 Cisco Cybersecurity Readiness Index undertakes a comprehensive examination of organizational preparedness against cyber threats across five critical domains: Identity intelligence, network resilience, machine trustworthiness, cloud reinforcement, and AI fortification. These domains encompass 31 distinct solutions and capabilities, evaluated through a double-masked survey of more than 8,000 security and business leaders across the globe.

2% of organizations in Malaysia are classified at the ‘Mature’ level for readiness. (Source – Cisco)

The survey’s respondents were asked about their deployment of these cybersecurity measures, classifying them into four ascending stages of readiness: Beginner, Formative, Progressive, and Mature.

Jeetu Patel, Cisco’s Executive Vice President and General Manager of Security and Collaboration, cautions against the peril of overconfidence within the organizational psyche, advocating for a strategic shift towards integrated security platforms and leveraging AI to scale defense mechanisms effectively.

The findings from the study paint a grim picture of readiness among Malaysian companies, with a mere two percent poised to effectively counter contemporary cyber threats. A significant majority find themselves at the lower echelons of cybersecurity maturity, ill-prepared for the inevitabilities of the cyber threat landscape.

Forecasting cyber risks and financial implications

Moreover, the study forecasts a high likelihood of future cybersecurity incidents and sheds light on the financial ramifications of such breaches, with some incidents costing organizations upwards of US$300,000. The reliance on multiple cybersecurity point solutions has proven counterproductive, hampering the swift detection, response, and recovery from incidents. This issue is exacerbated by the admission from a vast majority that the cumbersome management of numerous point solutions slows their security operations.

The survey also highlights the pervasive issue of unmanaged device access, critical talent shortages, and the ambitious plans of organizations to significantly bolster their IT infrastructures and cybersecurity measures in the near term. This includes a notable emphasis on upgrading existing solutions, deploying new technologies, and a considerable increase in cybersecurity budgets.

Addressing the complex challenges posed by today’s threat landscape necessitates a concerted effort from companies to accelerate their investment in security infrastructure, adopt innovative security measures, and embrace a platform-based approach to cybersecurity. This strategy is essential for enhancing network resilience, making meaningful use of AI, and bridging the significant cybersecurity skills gap.

Hana Raja, Managing Director of Cisco Malaysia, underscores the complexity of the current cybersecurity environment, pointing out the lag in cyber resilience among organizations globally, including those in Malaysia. Raja advocates for a comprehensive platform approach to cybersecurity, which promises a simplified, secure, and holistic view of an organization’s security posture, enabling businesses to better navigate and exploit the advantages of emerging technologies amid the ever-evolving threat landscape.

MALAYSIA’S CENTRAL DATABASE HUB: IS PADU A CYBERSECURITY TIMEBOMB?

Aaron Raj | 7 February, 2024

The first reading of the Cyber Security Bill 2024

Recognizing that only a small fraction of companies in Malaysia achieve a “Mature” status in cybersecurity preparedness, the Malaysian government acknowledges the critical need to bolster cybersecurity nationwide. Consequently, the Cyber Security Bill 2024 has been introduced, marking its initial reading in Parliament. Aimed at strengthening national cybersecurity, this legislative proposal was presented by Digital Minister Gobind Singh Deo on March 25th.

The Star reported that The bill is scheduled for a second reading during the ongoing session of the Dewan Rakyat and outlines a comprehensive approach to elevate cybersecurity standards. It mandates adherence to specific measures and standards for improved national security, detailing protocols for managing cybersecurity incidents that affect the country’s critical national information infrastructure.

Additionally, the legislation proposes the creation of a National Cyber Security Committee and defines the responsibilities and authority of the National Cyber Security Agency’s chief executive officer. It includes provisions for the licensing of cybersecurity service providers and establishes the role of a national critical information infrastructure sector lead.

According to the bill, the Digital Minister, following recommendations from the chief executive, may designate any government body or individual as the sector lead for national critical information infrastructure, potentially appointing multiple leads for various sectors. These appointments will be officially announced on the National Cyber Security Agency’s website.

The sector leads will be responsible for developing a code of practice and creating and updating guidelines on best practices for managing cybersecurity. The National Cyber Security Agency has stated that the proposed bill will legally empower it to define and enforce cybersecurity standards for entities deemed as National Critical Information Infrastructure. Failure to comply with these standards could result in legal repercussions.

The post Cybersecurity in Malaysia: A reality check on readiness and resilience appeared first on Tech Wire Asia.

China finds itself at the heart of global scrutiny once more. Following its recent shift in tech policy, including the move to phase out AMD and Intel microprocessors in governmental applications, serious allegations have emerged from the U.S. and the UK. Authorities in these countries have leveled charges, imposed sanctions, and accused Beijing of orchestrating a vast cyberespionage campaign, reportedly affecting millions, including lawmakers, academics, journalists, and companies, notably in the defense sector.

Termed Advanced Persistent Threat 31, or “APT31,” this hacking ensemble is characterized by officials as a branch of China’s Ministry of State Security. A broad spectrum of individuals and entities has been identified as targets, encompassing White House personnel, U.S. senators, British legislators, and international officials critical of Beijing, as reported by Reuters.

Although specific victims have not been fully disclosed, it’s clear that over the past decade, these hackers have penetrated defense contractors, dissidents, and various sectors in the U.S., such as steel, energy, and apparel. They’ve also targeted leaders in 5G and wireless technology, extending even to the spouses of prominent U.S. officials and lawmakers.

HOW 5G CONNECTIVITY AND WI-FI 7 WILL SHAPE UP IN 2024

Aaron Raj | 19 December, 2023

Deputy U.S. Attorney General Lisa Monaco stated that the operation aimed to stifle criticism of the Chinese regime, compromise government institutions, and steal trade secrets.

A recent indictment of seven alleged Chinese hackers has brought to light the magnitude of their operations, detailing breaches involving work accounts, personal emails, and more, impacting millions in the U.S. British officials have also highlighted APT31’s hacking of key UK lawmakers and have connected another group of Chinese spies to a significant breach of Britain’s electoral commission.

International reactions and repercussions on the “China hacking”

In response, Chinese officials in the UK and U.S. have dismissed these allegations as unfounded and slanderous.

Amidst these disclosures, the UK and U.S. have sanctioned individuals and entities believed to be linked to China’s state security apparatus and involved in these cyber operations.

This situation intensifies the already heightened tensions between Beijing and Washington over cybersecurity, with each side increasingly accusing the other of espionage. China has retorted with allegations of U.S. cyber intrusions into major Chinese corporations, such as Huawei Technologies.

One notable incident highlighted by U.S. prosecutors involved targeting staffers from a U.S. presidential campaign in 2020, corroborating Google’s reports of malicious emails sent to President Joe Biden’s campaign team, though no breach was confirmed.

The hacking of a significant American public opinion research firm in 2018, during the U.S. midterm elections, underscores the hackers’ strategic interest in political entities for their invaluable intelligence and data.

John Hultquist, chief analyst for U.S. cybersecurity intelligence firm Mandiant, has pointed out the substantial value political organizations offer to espionage efforts, underlining the critical insights and extensive data they provide to actors like APT31 in search of geopolitical intelligence.

The global stage of cyber warfare

The narrative has broadened beyond the initial U.S. and UK accusations against China regarding cyberespionage. The New Zealand government has also come forward, expressing its concerns to the Chinese government about a state-backed cyberattack on New Zealand’s parliament in 2021, discovered by the country’s intelligence services. This incident contributes to the intricate landscape of international cyber tensions.

This exposure of unauthorized access to New Zealand’s parliamentary systems through malicious cyber activities aligns with the allegations of cyberespionage by Britain and the U.S. against China. New Zealand and Australia have both denounced these extensive cyber operations.

New Zealand’s Foreign Minister, Winston Peters, has criticized such foreign interference as unacceptable. He highlighted that New Zealand has conveyed its concerns about cyber activities attributed to Chinese government-sponsored groups targeting democratic institutions in New Zealand and the UK to the Chinese ambassador.

The Chinese Embassy in New Zealand has not yet commented on these accusations.

We reject outright the groundless and irresponsible accusations against China on cyber attacks or intrusions, and have lodged serious démarches to New Zealand’s relevant authorities, expressing strong dissatisfaction and resolute opposition.

Cybersecurity is a global challenge.…

— Wang Xiaolong (@AmbChina2NZ) March 26, 2024

The New Zealand Communications Security Bureau (GCSB), in charge of cybersecurity and signals intelligence, has linked a state-sponsored Chinese entity, known as Advanced Persistent Threat 40 (APT40), to the malicious cyber activities against New Zealand’s parliamentary services and parliamentary counsel office in 2021. The GCSB associates APT40 with the Ministry of State Security, noting that while no sensitive or strategic information was compromised, the attackers extracted technical data, potentially enabling further intrusive activities.

According to the GCSB, a notable portion of the malicious cyber events targeting nationally significant organizations last year were traced back to state-sponsored actors, not exclusively China. The bureau also criticized similar cyber activities linked to Russia.

Judith Collins, the minister responsible for the GCSB, stated that cyberespionage efforts targeting democratic institutions are universally condemnable.

Towards a unified stance against cyber intrusions

This development follows charges, sanctions, and accusations by American and British officials against Beijing, accusing it of conducting a widespread cyberespionage campaign that allegedly affected millions globally, including lawmakers, academics, journalists, and businesses, such as defense contractors. The group behind these activities, identified as Advanced Persistent Threat 31 or “APT31,” is said to be an extension of China’s Ministry of State Security, with a broad list of global targets reported by officials from the two countries.

CHINA’S NEW TECH POLICIES CHALLENGE INTEL AND AMD IN A SHIFTING LANDSCAPE

Muhammad Zulhusni | 26 March, 2024

A joint statement from Australia’s Foreign Minister Penny Wong and Home Affairs Minister Clare O’Neil criticized the continuous cyber targeting of democratic institutions, emphasizing the adverse impact on democratic and open societies like Australia. They stated that such behavior is unacceptable and must cease.

In 2019, Australian intelligence attributed a cyberattack on its national parliament and the country’s three largest political parties before the general election to China, though the Australian government has not officially confirmed the perpetrator.

Well, it looks like the cyber saga is thickening, with China in the hot seat for allegedly orchestrating a vast network of cyberespionage that spans continents. The U.S., UK, New Zealand, and Australia are ramping up their cybersecurity defenses and calling out China’s actions on the global stage. It’s a classic case of “your move, China,” as the international community tightens its ranks against these cyber intrusions.

But what does the future hold? Well, if history has taught us anything, it’s that with every action comes a reaction. China might double down on its cybersecurity measures and retaliate, or perhaps, just perhaps, this international spotlight could usher in a new era of cyber diplomacy. In a world where technology continues to blur the lines between the possible and the impossible, who’s to say what the future might hold? One thing’s for sure: the global dialogue on cybersecurity is heating up.

The post Global concerns rise over alleged cyber hacking activities linked to China appeared first on Tech Wire Asia.

Source: Shutterstock

To understand how this situation arises, we need to distinguish between data types: first- and second-party data, for example. Plus, we should examine the concept of zero-party data. To help us demarcate data types and explore the implications of the relationship between customer experience and data, we spoke to Glenn Gore, CEO of Affinidi. (Read about the Affinidi Trust Network here and here for background.)

Defining data

Zero-party data is preference-based or intent-based and is held by the individual to represent the different online versions of themselves. Those different versions could be categorised, for instance, as an individual who is, depending on the context, an employee, a gamer, a charity worker, and a fitness fanatic.

This is the type of information that may help determine broad preferences for interaction with companies and brands. For example, someone who identifies as female in their zero-party data could be shown a women’s clothing line by default when they land on a clothing website.

First-party data is the information gathered by an organisation when an individual interacts with them. That could be a list of foodstuffs bought at a store. What’s interesting, Mr Gore told us, is that zero and first-party data are sometimes contradictory.

Source: Shutterstock

He said: “I say that I don’t want to eat sugary products; that’s zero-party data. But my shopping history says that’s an outright lie because I buy chocolate and fruit juice all the time! So now you can start seeing something really fascinating.”

In that context, a brand could show a message at checkout offering alternative, low-sugar products. That might lower their revenues, assuming diet alternatives are cheaper, but it would be a better customer experience and a net gain for the relationship.

Second-party data is information that’s shared, with approval, between the first party and another. “Let’s say I’ve engaged with a nutritionist and I’ve decided to help with the nutritional accuracy,” said Mr Gore. “I share what I buy at the supermarket. So, that data from the grocery store, which is first-party data, is shared with my new nutritionist.

“The difference here is that it’s with my consent, my knowledge. Nothing else is going to be shipped. The grocery store is not going to share the videotapes of how long I stood staring at the chocolates even though I didn’t buy any.”

Third-party data is the type of information that is collected and often sold and is “kind of the one that gets everyone in trouble.”

Mr Gore said: “This is where data that’s been collected about myself is aggregated with lots of other data sets combined and then sold without my consent, without my knowledge. To stay with that same example, my nutritionist says, ‘Well done, Glenn, you’re buying kale, you’re eating lots of healthy things. But I see that you’re not going to the gym?’ How do you know I’m not going to the gym? I never gave you access to my gym membership! I’m not going to be very happy about that. That’s the invasion of privacy that occurs.”

As awareness of data privacy among consumers grows and increasingly strict laws about data governance fall into place, third-party data not only begins to look less attractive as a concept for the individuals it’s describing but as a potential destroyer of trust and, therefore, customer experience. It’s also a burden of responsibility on organisations that hold it, as it also represents an attractive target for bad actors and legislators.

Consenting data exchange

The key to better customer experiences, and ones that are truly personalised, is the combination of zero and first-party data, which combines intent with action. Then, multiple second-party data instances form a network of consensual data sharing, building mutual trust between the consumer and other organisations.

Mr Gore sees the future of what we now call the ‘data economy’ as one where consumers can join or create their own versions of trust networks, parties with whom they consensually share and receive value in return.

The Affinidi Trust Network is the system that Affinidi is building, comprising a “duality of innovation, the two sides of the same coin.” Developers can already build the components of the Trust Network into vendors’ and service-creators’ offerings. For end-users, the arbiters of their own data, Mr Gore envisages services that will help with the minutiae of zero-party data interactions.

“They will be custodial hub managers of your data,” he said. “These custodial holders who manage how you represent and manage yourself will help you do this on your behalf. That app will be driven by a personal AI capable of sifting the many digital interactions that take place online for each user every day and remove much of the detail of personal data management which is cumbersome.

“You don’t want to wake up every morning with an app saying, ‘We just found another 60 pieces of information about yourself out there on the internet. Do you mind just cataloging those 60?’ Personal AIs will help you with cataloging on your behalf.

Source: Shutterstock

“The worst they may do is to ask about instances where there’s some conflict resolution needed. For example, ‘I’ve automatically organised these 180 different things for you, but these two look like they’re in conflict’, or ‘I know that you might be in the process of changing how you think about this. Can you just help guide me?'”

As personal data privacy issues accelerate and big tech companies work actively to discourage privacy-focused tools – Google’s intended ban on Chrome ad-blockers later this year is a fine example – solutions like the Affinidi Trust Network and the concept of Holistic Identity make increasing sense.

Consumers don’t have to subscribe to every aspect of Rana Foroohar’s ‘Don’t Be Evil‘ to feel that information about them is being misused. That’s already apparent in so-called customer experience platforms that present personalised interactions that are too all-knowing. Representations of prospects and customers derived from bought, aggregated third-party data produce ‘personalisation’ that’s inaccurate because every individual presents multiple versions of themselves online according to context.

Allowing individual users to consensually share relevant information with trusted organisations and brands is the way to build a relationship and establish trust. Those are the relationships that will endure and will produce long-term results for commercial entities. The move to consensual (and profitable) provision of customer experiences begins with becoming part of the Affinidi Trust Network, and you can read more here.

The post Data ownership and control at the heart of tomorrow’s CX appeared first on Tech Wire Asia.

In the first half of 2023, a report from CyberSecurity Malaysia reveals a concerning trend: the government sector has experienced the highest number of data breaches, while the telecommunications sector has seen the largest volume of data leaked. This data underscores the pressing challenges in protecting sensitive information across different sectors.

National and global cybersecurity challenges

By October 2023, the National Cyber Coordination and Command Centre (NC4), under the auspices of the National Cyber Security Agency, had already registered close to 3,000 cyber incidents, highlighting the increasing focus on cybersecurity matters within the nation. Adding to the concern, cybersecurity firm Surfshark placed Malaysia as the eighth most breached country in the third quarter of 2023, with nearly half a million accounts compromised.

The frequency of cyber threats became even more pronounced, with statistics showing that there have been 74,000 attacks daily throughout the year. In a particularly alarming revelation by both Kaspersky and Surfshark, the rate at which Malaysian user accounts were compromised in Q3 2023 amounted to four leaks every minute.

This data not only underscores the urgency of the cybersecurity situation but also emphasizes the importance of understanding attackers’ tactics to safeguard our people, data, and infrastructure effectively.

Shifting the focus to a global perspective, IBM’s 2024 X-Force Threat Intelligence Index unveils a similar urgency in addressing cybersecurity threats. IBM has unveiled a growing global identity crisis caused by cybercriminals increasingly exploiting user identities to infiltrate enterprises worldwide. This report draws on observations from monitoring over 150 billion security events daily across more than 130 countries.

IBM: THE FIVE TRENDS IN AI FOR 2024

Aaron Raj | 20 December, 2023

The emerging crisis is stark: cybercriminals are shifting from hacking online accounts to using readily available internet and dark web data, with AI further simplifying these breaches. This shift allows for deeper incursions into personal lives, exposing everything from daily routines to hobbies and interests.

IBM X-Force, the offensive and defensive security services branch of IBM Consulting, noted a significant shift in 2023. Cybercriminals preferred using legitimate account credentials to breach corporate networks rather than hacking, making this strategy a favorite among threat actors.

Asia-Pacific cybersecurity landscape

The 2024 X-Force Study also provides a geographical breakdown of cyber incidents, with the Asia-Pacific region being the third most impacted in 2023, accounting for 23% of global incidents handled by X-Force. This marked a change from 2021 to 2022, when Asia-Pacific was most affected. In 2023, Europe rose to the top spot, with 32% of incidents, followed by North America at 26%, Asia-Pacific at 23%, Latin America at 12%, and the Middle East and Africa at 7%.

In the Asia-Pacific, manufacturing continued to be the industry most targeted by cyber attacks for the second consecutive year, comprising 46% of incidents. Finance, insurance, and transportation industries followed, each representing 12% of incidents, and education came in third at 8%.

Phishing remained the predominant method for gaining initial access, responsible for 36% of incidents, closely followed by attacks on public-facing applications at 35%.

Phishing in action (Source – IBM)

Once inside, malware was the leading action, with 45% of attacks involving this tactic, including ransomware (17%) and info stealers (10%).

The report suggests that the return on investment (ROI) from attacking generative AI platforms isn’t significant yet. However, X-Force anticipates large-scale attacks on these technologies once a single AI gains 50% market share or the market narrows down to three or fewer competitors.

Despite a 44% drop in phishing attack volume from the previous year, phishing remains a primary method of attack, particularly as AI can refine and accelerate these attacks by nearly two days, keeping it a preferred method among cybercriminals.

The role of AI in dealing with cyber threats

Amidst these cybersecurity challenges, AI emerges as a pivotal tool in both exacerbating and combating threats. AI is now widely recognized for its utility, especially in how it has revolutionized threat detection, response times, and the protection of user identities and data flow. According to the IBM Cost of Data Breach 2023 report, organizations worldwide have saved almost US$1.8 million on data breach costs by leveraging AI and automation, compared to those that haven’t embraced these technologies.

However, the advent of generative AI introduces new challenges and opportunities in both attacking and defending enterprise assets. As the AI capabilities of attackers evolve, we can expect their attacks to become faster, more precise, and scalable. Conversely, AI is also poised to boost the productivity of enterprise security, with its ability to quickly identify and prioritize threats like ransomware based on their signatures and behaviors—even if it’s a variant the system hasn’t encountered before.

Generative AI, with its capacity for self-learning, doesn’t require prior exposure to specific scenarios to detect new, sophisticated threats. This aspect makes it invaluable for cybersecurity, where it accelerates business processes by automating threat detection and investigation and adapts real-time organizational response strategies based on past incidents. It frees up security teams to tackle more complex and strategic security challenges.

The 2024 X-Force study suggests that as generative AI gains market dominance, it could also become a focal point for cybercriminals, encouraging further investment in tools designed for AI-engineered attacks. Despite the growing concern over such attacks, the primary security threat in the Asia Pacific region remains the exploitation of known, unpatched vulnerabilities.

Attention must also be directed towards protecting the region’s critical infrastructure and key sectors like manufacturing, finance, insurance, and transportation. This includes conducting stress tests and having a robust incident response plan ready.

With the increasing preference among global threat actors for exploiting user identities, there’s a pressing need for more effective user access control measures. This scenario underscores the importance of a comprehensive approach to security in the era of generative AI, highlighting the need for heightened vigilance and adaptation in cybersecurity strategies.

Strategic cybersecurity measures to prevent malicious cyber threats

Various strategies can mitigate cybersecurity threats, and it’s crucial to choose the one that best aligns with your specific needs or those of your business. While numerous AI solutions claim to offer protection against a wide array of cyber threats, the choice ultimately depends on what aligns best with your or your business’s specific needs. For instance, the IBM X-Force Threat Intelligence Index 2024 highlights insights and actionable recommendations for enhancing readiness and improving the speed and efficiency of response to cyberattacks.

One effective approach is to update identity management across multicloud environments. As cybercriminals increasingly exploit legitimate user accounts to gain access to networks—accounting for 30% of incidents responded to by X-Force in 2023—strengthening identity and access management (IAM) becomes crucial. Solutions like IBM Security Verify can bolster security in hybrid and multicloud setups by providing comprehensive IAM capabilities.

Beyond identity management, AI plays a critical role in optimizing cybersecurity resources. Tools such as IBM Security QRadar SIEM User Behavior Analytics (UBA) can aid in identifying compromised credentials and malicious activities, allowing teams to utilize their skills and time better. IBM Security QRadar EDR further enhances protection by securing endpoints and detecting unusual activities, such as data exfiltration or unauthorized account creation.

This pivot from ransomware to malware, particularly those targeting data theft, underscores the imperative of safeguarding data across hybrid cloud environments. This shift underscores the need for vigilant monitoring and robust data protection measures.

However, increasing security spending alone may not suffice. Embracing a zero-trust model and prioritizing trusted data can bolster your cybersecurity posture significantly. By fostering transparency and accountability, organizations can not only minimize risks but also actively prevent bias, making the zero-trust model and prioritization of trusted data essential strategies.

In light of these strategies, building trust and preparing for future threats become pivotal. A proactive security stance, grounded in careful partner selection and regular security reviews, complements the technical and strategic measures discussed. Building trust should be the foundation of every interaction, enhancing cyber-risk management and prioritizing cyber resilience to maintain and strengthen business relationships. This involves constantly monitoring and managing crucial points where trust is established or compromised.

Preparing for future threats requires a proactive security stance, including careful selection of partners and regular reviews of their security strategies and practices. This comprehensive approach to cybersecurity emphasizes the need for a balanced mix of technology, strategy, and a culture of trust and resilience.

As we prepare for future threats, a balanced mix of technology, strategy, and a culture of trust and resilience is crucial. The comprehensive approach discussed underscores the need for vigilance and adaptability in cybersecurity strategies to combat the evolving threat landscape effectively.

The post How vulnerable are we to cyber threats in the digital age? Here’s what IBM found appeared first on Tech Wire Asia.