 |
| Vincent Loy, MD, Accenture Singapore (moderator, left) at Cybertech Asia, with Ken Low, Director of Cybersecurity Industry Development, IMDA (centre), and Tung Meng Fai, Director, Infocomms & Media, Economic Development Board, Singapore (right). |
Cybersecurity is a global problem but also an opportunity for Singapore, said Ken Low, Director of Cybersecurity Industry Development, IMDA.
Some of the trends he sees include:
Ransomware-as-a-service (RaaS), where cybercriminals order a ransomware attack on a target instead of dealing with the attack themselves.
"Ransomware is going to continue into 2018 and beyond," said Low. "What we're seeing is they might say something like 'get two files free, and a 3rd file for 30 dollars, I'll remove the malware for 50 dollars and you can get immunity for 120 dollars. It is a global cybercriminal economy that is happening thru RaaS."
"Ransomware is going to continue into 2018 and beyond," said Low. "What we're seeing is they might say something like 'get two files free, and a 3rd file for 30 dollars, I'll remove the malware for 50 dollars and you can get immunity for 120 dollars. It is a global cybercriminal economy that is happening thru RaaS."
Supply chain attacks, where cybercriminals take advantage of the way software works. Victims receive a notice to download the next security update but receive malware instead, Low said.
Cryptocurrency. "Bitcoin and other forms of cryptocurrency are becoming a very lucrative opportunity for cybercriminals. They're going after cryptocurrency as that's where the money is," said Low. He also described the practice of cryptojacking, where malware is installed on victims' computers just to mine cryptocurrency for others.
The Internet of Targets (IoT), where things become targets.
The weaponisation of artificial intelligence (AI) and machine learning (ML). "As much as the good guys are harnessing the power of AI and ML the bad guys are also harnessing the power of AI and ML," he said.
"There are opportunities to develop countermeasures," he said, naming as high-growth areas managed security services, industrial control system security, operational technology, identity and access management, and cybereducation.
Low advised businesses to "get in early and seize the opportunities", and said IMDA has schemes to help early-stage companies and startups, from an accreditation scheme for Singapore companies to ease their way towards doing business with the government, to manpower development and internationalisation support.
"Advanced security services is a differentiator for companies," he pointed out. "Come talk to us."
 |
| Low suggests investing in managed security services (orange circle), which is estimated to grow at a CAGR of 21.1%, more than other market segments. |
Later asked to zero in on opportunities, Low suggested businesses consider offering managed security services and consulting as they are complementary. "Managed security services tends to be very high tech, it needs a very big investment to get started but is very scalable. Consulting is more labour intensive," he said.
Tung Meng Fai, Director, Infocomms & Media, Economic Development Board, Singapore, spoke about the vibrant cybersecurity ecosystem in Singapore, saying that there is more work to do. "Today we are already quite an established hub in the region for cybersecurity," he said. "But we cannot do this alone. We have to work together with companies."
There has been a lot of cybersecurity-related investment in Singapore in recent years, with over half of the top 100 cybersecurity companies already present in Singapore, Tung shared. "In Singapore, cybersecurity is seen as a key enabler of our Smart Nation vision," he said. "It cannot just be a smart nation, it must be a smart safe and secure nation. There is the opportunity to test bed solutions in Singapore and then export them to the region."
Big brands are also investing in Singapore as a global or regional base for the cybersecurity they need as they transform digitally, including DBS, Citibank, GSK, Merck and Chevron, Tung noted.
Recent activity includes:
- Honeywell opening a Cyber Security Innovation Centre for the Asia Pacific region last year
 |
| Tung discusses the state of the cybersecurity ecosystem in Singapore today. |
Recent activity includes:
- Palo Alto Networks opening a larger Asia Pacific headquarters in Singapore last year
- Joint labs between universities and companies, such as ST Electronics with the Singapore University of Technology and Design (SUTD), a S$44 million investment; and Singtel with NUS, a S$43 million investment
- S$16 million in grants awarded to nine cybersecurity projects between industry and institutes of higher learning in September 2017
- A S$8.4 million National CyberSecurity R&D Lab launched in February 2017
There is also work being done to ensure there is enough cybersecurity talent, Tung said. In 2016 StarHub opened a joint lab on the Nanyang Polytechnic campus for students of cybersecurity and forensics, for example, while Temasek Polytechnic began hosting the TP-IBM Security Operations Centre in 2015. Under this collaboration Temasek Polytechnic staff and students receive opportunities to work with IBM security professionals on security projects. They can also leverage IBM’s Global Academic Initiative to support cybersecurity-related subjects at the polytechnic.
In February 2018, Singapore's Ministry of Defence launched the Cyber NSF scheme, where the full-time national service (NSF) workforce - men doing compulsory military service - can be deployed in cyber roles in critical areas for Singapore’s defence.
That said, Tung said that Singapore "cannot rest on our laurels". "We have to keep doing everything we can," he said. "We have to keep working very hard to ensure that Singapore can keep working together with companies."
Low noted that Singapore is well positioned as a recipient of cybersecurity investment as it is already a hub for many things today, but it has to evolve towards offering more advanced cybersecurity.
"We need to harness the power of technology to automate the low value stuff," he said, noting that log analysis by humans can easily be done by technology. "As long as you are focusing on moving and moving ahead you don't have to worry about the low value stuff."
Low also agreed with Tung on the need for more cybersecurity skills in Singapore. "I think we need to have more practitioners, who know cybersecurity and do cybersecurity itself," he said. "It is no longer a domestic play but an international play."
Explore:
Read the TechTrade Asia blog posts about cryptojacking from Fortinet, and from Palo Alto Networks,
and on:
Cybertech Asia
Using AI for cyberattacks
Changing cybersecurity mindsets
Proactive cyberdefence
How Singapore is building a pipeline of cybersecurity talent
Japan's cybersecurity gap
Browse TechTrade Asia's cybersecurity predictions for 2018, which include the forecast that AI will be used by the bad guys
No comments:
Post a Comment