Milestones for Q424 included:
October
BCG reported that 7.1 million people work in cybersecurity globally, leaving another 2.8 million jobs unfilled. The Asia-Pacific region accounts for more than half of the global shortage (56%).
"The introduction of AI copilots presents a huge opportunity for organisations to bridge the talent gap in two ways. Firstly, AI-powered copilots can automate routine work, freeing security professionals from manual, time-consuming tasks to deliver strategic impact," said Gareth Cox, VP, Asia Pacific & Japan, Exabeam.
"Secondly, AI-powered copilots can empower analysts with accessible insights to handle more complex tasks. Analysts can easily ask questions in natural language and receive step-by-step guidance from AI to mitigate cyberthreats. Not only does this minimise training time needed for new analysts, it can also make security roles that previously required significant on-the-job experience and training more accessible to the talent pool."
November
Australia approves social media ban for those aged 16 and under
"Australia’s approval of a social media ban for children under 16 introduces a complex new age verification process that raises important privacy and cybersecurity concerns. The law mandates that platforms like Meta, TikTok and others block minors or face significant fines, but the implementation will require each company to develop its own age-assurance systems. This introduces variability in how personal data is collected, stored and protected, complicating the security landscape," Darren Guccione, CEO and Co-Founder, Keeper Security pointed out.
"Centralised data collection for age verification inevitably creates an attractive target for cybercriminals. The larger the database of personal information, the greater the risk, if those systems are not properly secured. While penalties for data breaches are in place, the real challenge lies in ensuring that companies maintain secure systems and consistently follow privacy guidelines to mitigate risks of data breaches that can lead to customer identity theft or fraud.
"To safeguard sensitive data collected for age verification, companies must implement robust security measures, including privileged access management (PAM). PAM limits access to critical systems and data, ensuring that only authorised personnel can interact with sensitive information.
"Strong encryption protocols should be used to protect data at rest and in transit, reducing the risk of exposure during breaches. Companies should also enforce multifactor authentication (MFA) for system access, regularly audit access logs and implement real-time monitoring to promptly identify threats."
"As the law takes shape, it’s important for parents to also stay proactive in managing their children’s digital footprint. This includes deleting or deactivating any unused accounts, restricting data access for apps and services your children use, turning off geolocation and ensuring that accounts are set to private so access is restricted to only the people you know," Guccione added.
"Taking these basic steps can help families reduce their risk and better protect their personal information."
The Singapore Police Force reported a re-emergence of phishing scams perpetuated via emails purportedly from Netflix. Since 1 October 2024, at least 35 cases were reported, with total losses amounting to at least S$40,000.
Guccione said: "Phishing scams often rely on visual tricks to fool people, using familiar branding and design to create a sense of legitimacy. A recent example of this is the surge in Netflix phishing emails in Singapore, which claim there are issues with your account and warn of a temporary suspension.
"These emails look convincing, with recognisable logos and design elements, making it easy for users to click on malicious links and end up on fake websites. These phishing sites typically use small but significant changes to the destination URL, such as replacing an "o" with a "0" – for example Amaz0n.com instead of Amazon.com – or using a different domain extension like '.net' instead of '.com.' The goal is to trick users into entering sensitive information like numbers or bank details, which can then be used to steal from victims.
"To protect yourself from these scams, it’s vital to always follow cybersecurity best practices and use tools that help identify fake websites. For example, password managers can check that the URL of a site matches the one where your login details are stored, preventing you from accidentally entering your credentials on a dangerous, fraudulent page."
The English Premier League (EPL) obtained a Singapore court order to block 50 websites and apps that had been sharing matches illegally.
"The recent move by the EPL to block 50 additional websites streaming pirated content marks a significant step in the ongoing effort to combat online piracy. It also serves as an important reminder of the cybersecurity risks associated with illegal streaming sites," said Guccione."Pirate sites, which often host illegal streams of EPL matches, other sporting events and pirated movies, are a common entry point for cybercriminals. These sites can carry malware, ransomware and phishing scams that put personal and financial information at serious risk. Visitors may unknowingly download harmful software or fall victim to deceptive ads designed to steal sensitive data.
"To safeguard yourself, it’s wise to avoid these illegal sites and opt for trusted, licensed streaming services that prioritise security. Additionally, ensuring that your devices are equipped with the most recent software updates, and security protections such as antivirus, is critical to detect and block potential threats before they can cause any damage."
Foreigners are arrested in Singapore for credit card fraud. They are instructed to buy expensive items using contactless payments for later resale, and may not know that the payments are made with stolen card details.
.jpg "Source: Adyen. Ben Wong.") |
| Source: Adyen. Wong. |
"Risk management is not a zero-sum game and we recommend a nuanced approach that balances risk and conversion decisions to reduce costs and maximise revenue. When it comes to countering increasingly sophisticated fraud, adaptive detection measures that integrate machine learning models can help businesses address threats as they emerge. Moreover, with each piece of transaction data the system processes, the better it becomes at identifying and blocking fraudulent activities, while ensuring legitimate customers are not blocked from making their purchases.
"Ultimately, as the digital economy evolves, investing in these tools is more than just a defense against fraud – it’s a step toward reinforcing trust and enhancing long-term customer relationships."
The Accredited Standards Committee X9 published a cloud management and security standard, X9.125, for financial services.
"ASC X9 is poised to gain momentum as industries like finance and healthcare increasingly require customised security frameworks to meet stringent regulatory demands and unique operational needs. Unlike public PKI, ASC X9 offers greater flexibility by enabling tailored policies and trust models, addressing critical areas such as data integrity and authentication. This ability to foster secure, scalable, and interoperable frameworks will make ASC X9 a preferred standard for organisations prioritising trust and collaboration," noted DigiCert, a global digital trust provider.
December
Coursera saw a 240% surge in generative AI (gen AI) enrollments in Singapore, totalling nearly 50,000.
 |
| Source: Coursera. Gupta. |
"In 2024, Singapore ranks among the top 15 countries globally for gen AI course enrollments on Coursera, leading Southeast Asia. Someone in Singapore enrolled in gen AI content on Coursera every 14 minutes in 2024, cementing its position as a must-have skill for professionals across industries. While foundational gen AI courses remained popular, there is a notable shift to focusing on workplace applications, highlighting a growing interest in practical uses of the technology."
Explore
Milestones were also highlighted monthly for October, November, and December.
Hashtag: #2024milestones
No comments:
Post a Comment