Singtel and Starhub Evolve their 5G Roadmaps

5/5 (1)

5/5 (1)

In June, the Infocomm Media Development Authority (IMDA) awarded 5G licenses to Singtel and JVCo (formed by Starhub and M1), after they completed the required regulatory processes – including the selection of their preferred frequency spectrums, vendor partners and other technical matters such as performance, coverage, resilience, and cybersecurity. They will be required to provide coverage for at least half of Singapore by end-2022, scaling up to nationwide coverage by end 2025. While Singtel and JVCo were allocated radio frequency spectrum to deploy nationwide 5G networks, other mobile operators, including MVNOs, can access these network services through a wholesale arrangement. The networks will also be supplemented by TPG who has been allocated the remaining mmWave spectrum and will be allowed to roll out localised 5G networks.

Ecosystm Principal Advisor, Shamir Amanullah says, “Singapore, along with Thailand, leads 5G adoption in Southeast Asia and major telecom operators Singtel and StarHub launched trials which gives customers an opportunity to experience 5G speeds and potential new services.”

Singtel’s Journey Forward

Earlier this month Singtel launched its 5G NSA infrastructure on a 3-month trial promising speeds of 1Gbps by use of 3.5GHz frequency coupled with the existing 2100 MHz spectrum. It has made it free for the first 20,000 customers with 5G-compatible smartphones. While the 5G signals initially cover certain central and southern parts of Singapore, the coverage is expected to increase over the trial period. Singtel is also working on the development of other 5G services and integrating its network with technologies such as AI, IoT, Cloud, AR and data technologies, in line with the Government’s vision for 5G.  

Last week, Singtel unveiled a 24×7 unmanned 5G powered stall to transform and reshape the retail experience. Labelled as 5G NOW @ UNBOXED, the hyper-connected store is designed to provide a first-hand experience of 5G services and possibilities to retailers and consumers. The store aims to offer seamless service experience to visitors looking for services such as SIM card replacements, and device collection through self-service kiosks. To create a more personalised experience for visitors, a 5G virtual assistant Stella is deployed at the store, integrated with facial recognition and emotion reading capabilities which will work in tandem with UNBOXED’s 5G rover Stanley. The rover is connected with the kiosk’s security system and will manage the contactless experience for visitors through temperature checks and maintaining social distancing measures. The 5G service with wireless connectivity and high speeds makes the store movable in a sort of hybrid online and offline retail model.

Amanullah says, “Singtel has ramped up its digitalisation efforts and increased adoption of digital channels and services to improve their customer experience. The 5G NOW @ UNBOXED phygital experience is cutting edge and brings the physical and digital experience in a seamless fashion for its customers. Singtel will be able to integrate physical and digital marketing efforts which should increase sales opportunity. In a recent report, Singtel announced that more than 70% of customer service transactions are online while only 30% of sales are transacted online. The unmanned 5G powered phygital experience should see online sales rising.”

The 5G powered pop-up store follows the launch of Singtel’s 5G non-standalone (NSA) network in the 3.5 GHz frequency as well as existing 2.1 GHz spectrum integrating technologies such as dual connectivity. The trial based 5G network offers Singtel customers a sense of 5G services such as high-speed internet of more than 1Gbps, video streaming, cloud gaming, AR/VR and other consumer use-cases.

JVCo’s 5G Initiatives

JVCo has also launched its 5G connectivity services using the NSA 5G architecture in the country in partnership with Nokia. StarHub launched its trials in August 2020 which will end on 16 February 2021. The trial runs on an NSA 5G infrastructure on the 2100 MHz spectrum with the SA 5G infrastructure operating on the 3.5 GHz expected to be ready in mid-2021. The StarHub Mobile+ or Biz+ mobile plans, allows customers to automatically experience some early 5G benefits using compatible mobile devices. The 6-month, free trial is a lead up to the full commercial launch of 5G standalone services next year. The telecom operator has a planned investment of USD 146.4 million in 5G infrastructure over a five-year period.

Meanwhile, M1 is working closely with IMDA and is expected to roll out 5G trial services, soon.

Amanullah says, “In the challenging financial times due to the COVID-19 pandemic which has impacted roaming, prepaid segment, equipment sales among others, it is impressive that the leading operators in Singapore are bringing cutting-edge connectivity services which should drive digitalisation of consumers and enterprises.”


Access More Insights Here
3
Operating in the New Normal – Telecom Providers in Southeast Asia

5/5 (4)

5/5 (4)

Never before has the world experienced a shutdown in both supply and demand which has effectively slammed the brakes on economic activities and forced a complete rethink on how to continue doing business and maintain social interactions. The COVID-19 pandemic has accelerated digitalisation of consumers and enterprises and the telecommunications industry has been the pillar which has kept the world ticking over.

It is unthinkable just how the human race would have coped with such massive disruption, two decades ago in the absence of broadband internet. The technology and telecom sector has seen a rise in their visible importance in recent months. Various findings show that peak level traffic was about 20-30% higher than the levels before the pandemic. The rise in traffic coupled with the fervent growth of the digital economy augurs well for the technology and telecom sector in Southeast Asia.

Revenues Hit Despite Rise in Traffic

Unfortunately, the rise in network traffic has not translated to an increase in revenue for many operators in the region. The winners, that enjoyed YoY growth in Q1 2020 despite challenging circumstances were: Maxis (4.9%) and DiGi (3.4%) in Malaysia; dtac (3.3%) and True (5.7%) in Thailand; PDLT (7.5%) and Globe (1.4%) in the Philippines; and  Indosat Ooredoo (7.9%) and XL Axiata (8.8%) in Indonesia. The telecom operators that struggled include: Celcom (-6.1%) and TM (-8.0%) in Malaysia; Singapore’s trio of Singtel (-6.5%), StarHub (-15.2%) and M1 (-10.3%); and AIS (-1.0%) in Thailand.

Key market trends include a dip in prepaid subscribers due to fall in tourist numbers, roaming income losses due to travel restrictions, and a general decline in average revenue per user (ARPU) due to weaker customer spend. The postpaid customer segment was resilient while the fixed broadband revenue stream was stable due to the increase in work from home (WFH) practices. With fixed tariffs, there are no incremental gains with an increase in usage. Voice revenue has been hit with the increase in collaboration-based communication applications such as Zoom and Microsoft Teams.

Equipment sales fell as global supply chains were severely disrupted and impacted new sign-ups of the more premium customers. Most markets in Southeast Asia depend on retail outlets as a key channel to the market, which has been hampered.

With the job losses across the world, bad debts and weakened customer spend is inevitable and it is imperative that the operators provide for reflective pricing strategies, listen to new customer requirements to ensure customer retention and strengthening of their market position. In May, Verizon’s CEO Hans Vestberg said nearly 800,000 of their subscribers were unable to pay their monthly bills. Discussions with operators in Southeast Asia also highlighted this as a current concern.

Enterprise Segment Target for New Growth

Ecosystm research shows that enterprises in Southeast Asia are increasingly considering telecom operators as go-to-market partners (Figure 1). Enterprises are demanding more than just devices and connectivity and with the fervent digital transformation (DX) efforts underway, services such as managed services, business application services, cybersecurity and network services are in demand. Technology vendors have an opportunity to partner with the right telecom operator in each market to enhance their IT market offerings, ahead of the 5G rollouts.

Top Telecom Providers in Southeast Asia

The broad 5G ecosystem inculcates cross-sector innovation and greater collaboration leading to new business models and exciting new opportunities. Singtel is the leading operator in the region and has the enterprise segment contributing approximately 65% to its revenue in its domestic market. In the World Communications Award 2019, Singtel won both “Best Enterprise Service” and “The Broadband Pioneer” awards.  This places Singtel in a fine position to capitalise on the 5G enterprise services.

5G Needed Now More Than Ever

The pandemic has seen a rise in network traffic, onboarding of the digital customer and rapid DX of businesses which has whetted the appetite for faster broadband speeds and new services. Southeast Asia countries stand to profit from the trade war between the US and China and 5G features of low latency and higher security can boost adoption of IoT, Smart Manufacturing and broader Industry 4.0 goals to drive the economy.

Fixed Wireless in Southeast Asia is expected to be very popular considering the low penetration of fibre to the home (with the exception of Singapore) and will provide enterprises with a viable secondary connection to the internet. Popular applications – including video streaming and gaming – which are speed, latency and volume hungry will also be a target market for operators. Mobile operators that do not have a fixed broadband offering can enter this space and provide a serious “wireless fibre” alternative to homes and businesses.

Governments and telecom regulators ought to make spectrum available to the major telecom operators as soon as possible in order to ensure that the cutting edge 5G communications services are made available to consumers and businesses. Many experts believe 5G can raise the competitiveness of a nation.

Recent research from World Economic Forum (WEF) has found that significant economic and social value can be gained from the widespread deployment of 5G networks, with 5G facilitating industrial advances, productivity and improving the bottom line while enabling sustainable cities and communities. GSMA notes that mobile technologies and services in the wider Asia Pacific region generated USD 1.6 trillion of economic value while the mobile ecosystem supported 18 million jobs as well as contributing USD 180 billion of funding to the public sector through taxation.

US-China Trade War Threatens to Change Equipment Supplier Landscape

Despite severe pressures caused by the US-China trade war, Huawei posted an impressive 13.1% YoY growth in 1H 2020 registering revenue of USD 64.88 billion. Both Huawei and ZTE generate approximately 60% of their business from their domestic markets which is critical with the current unfavourable global sentiments. Huawei has diversified its business and built its consumer devices business which should withstand the disruptions caused by the political challenges.

Ericsson and Nokia stand to benefit from Huawei’s current global position and this was evident with the wins for the 5G contracts by Singtel and JVCo (Singtel and M1). The JVCo announced it selected Nokia to build the Radio Access Network (RAN) for the 5G standalone (SA) mmWave network infrastructure in the 3.5GHz radio frequency band. Singtel selected Ericsson to provide for the RAN on the same mmWave network.

However, while there is an opportunity for NEC and Samsung to join the party, Huawei is expected to do well in most other countries in Southeast Asia.

The Rise of the Digital Economy in Southeast Asia

A recent Google report valued the internet economy in Southeast Asia at USD 100 billion in 2019, more than tripling since 2015, and the sector is expected to hit USD 300 billion in 2025. With a population of approximately 570 million people, the region has some of the fastest-growing internet economies in the world.

The Indonesia market is the largest in the region and is expected to hit USD 133 billion from USD 40 billion in 2025. Indonesia’s lack of a world-class telecom infrastructure coupled with their slowness in 5G adoption has not impeded the country’s attractiveness for global technology investors who see the 270 million population as an immense opportunity. US tech giants, Facebook, Google, and PayPal have invested in Indonesia to reap the benefits from the growing digital economy powered by unicorns such as Gojek, Bukalapak, Tokopedia. In June 2020, Google Cloud launched in Jakarta, only the second in the region after Singapore with the four big unicorns being anchor customers.

In 2025, Google predicts Thailand to be the second-largest internet economy worth USD 50 billion. The internet economy for Singapore, Malaysia and the Philippines are estimated to be over USD 27 billion each. Shopee and Lazada are the top eCommerce apps in the region and have seen an increase in sales due to the disruption in the Retail industry. In-store shopping contributes to more than 50% of Retail in Singapore and Malaysia – this provides a tremendous opportunity for eCommerce players.

While movement restrictions are gradually being lifted, some things may never return where they were before COVID-19. Public debts have risen with numerous aids and handouts impacting economic growth forecast and rising unemployment is impacting customer spending power. On the plus side, DX of businesses and sharp onboarding of customers have redefined interactions, and sectors such as Education, are going online which will boost the digital economy. While the challenges are evident, exciting times are ahead for the technology and telecom sector in Southeast Asia.


Emerging Technology

1
Will Privacy Laws Deny Us A Better AI World?

5/5 (3)

5/5 (3) As we move towards a digital economy, governments and industries are adopting AI to improve operational efficiencies and user experience. To do so, conventional AI requires to collect data – lots of it! And a large proportion of this data is personal data such as names, telephone numbers, email and physical addresses, marital status, age, and so on.

But over the past decade, countries have been boosting up their privacy laws. Singapore’s Personal Data Protection Act 2012 (PDPA), the European General Data Protection Regulation (GDPR), China’s Cyber Security Law and the California Consumer Privacy Act (CCPA) are some of the regulations enacted to protect personal data. Not surprisingly, renowned companies such as Facebook, Capital One and even Google, have been fined due to these laws. In some cases, companies have lost data due to security breaches or hacks, creating embarrassment and concern for governments, corporations, and customers or citizens.

Citizen Concerns Around Data Privacy

Yet, despite the presence of these regulatory frameworks, there is a growing lack of trust among citizens and consumers regarding how governments and organisations handle personal data. A survey on data privacy was conducted by Pew Research Center in June 2019 indicated that 79% of American adults are concerned about how companies use their data while 64% are concerned about how the government use their data. A whopping 70% of the adults think that their personal data is less secure now as compared to five years ago.

Public awareness of data privacy rights has also been improving worldwide. Surveying respondents in 12 of the world’s largest economies in Europe, Asia Pacific and the Americas, the Cisco Consumer Privacy Study conducted in May 2019 showed that 84% of these respondents care about privacy – of these, 80% stated that ‘they are willing to act to protect it’.

While both surveys convey strong sentiments about data privacy, findings also imply that beyond mere awareness, there is an insufficient understanding of privacy regulations on a deeper level. The study by Pew Research Center showed that 63% of American adults disclosed that they have ‘very little or no understanding of the laws and regulations’ that are set to protect their privacy. 33% of them stated that ‘they have some understanding’, while only 3% stated that they have a good comprehension of these laws. In the Cisco Consumer Privacy Study, only approximately one-third of all respondents knew about the regulations.

The Importance of Building Trust

These findings illustrate that more needs to be done to gain consumer trust in the digital realm.  And if the majority of the consumers don’t trust how the government and organisations such as Google, Facebook, Microsoft, Amazon and the like, handle data, then will the doors shut on the large AI community that is focused on collecting data and helping create a better world for all citizens? How could government agencies and organisations drive operational efficiency and better user experience if they are unable to obtain value and insights from a collection of very limited dataset, with all the regulatory compliance requirements?

Lately, tech giants such as IBM, Google, Facebook and Microsoft have been researching and developing advancements towards a better AI world, while at the same time remaining compliant to any data privacy laws. Here in Singapore, institutions of higher learning such as the National University of Singapore (NUS), the Nanyang Technological University (NTU) and the Agency of Science, Technology and Research (A*STAR) are similarly researching and developing privacy preservation technologies (PP technologies).

At A*STAR, a programme team was formed and named the Trusted Data Vault (TDV) Programme, to research and develop a suite of PP technologies – be it as a standalone or in combination – to be commercialised by industry partners.

The Role of Privacy Preservation Technologies

Through intense research, technology development and industry collaborations, the TDV programme aims to advocate PP technologies towards applications that will unlock the potential of AI. This will create new value for digital services while ensuring compliance with privacy regulations and high ethical standards.

The heart of the TDV programme lies in the various PP technologies that have been garnering massive interest worldwide in resolving data privacy challenges, stemming from the rapid advancement of digital technology coupled with global privacy laws. The programme covers the research and development of federated learning (a technology coined by Google back in 2018), homomorphic encryption (a technology founded by Craig Gentry from IBM), secure multiparty computing, blockchain, and so on.  Progressively, PP technologies have been a subject of interest for organisations who are pursuing ways to relieve privacy concerns of consumers and fulfil the terms of privacy laws. In short, PP technologies aim to keep sensitive data secure and protected while it is being used, as well as enhance the privacy of data when it is being analysed.

The traditional method used to preserve the data privacy is anonymisation where personal identifying information is disassociated from an individual’s record in a dataset. A dataset is anonymised through a combination of pseudonymisation (the replacement of clear identifiers with fictitious information) and de-identification.

This technique may have worked in the past, but it is not sufficient for dealing with the complexities of present technological advancements. Research has proved that anonymisation does not promise privacy. In some cases, researchers were able to re-identify individuals by using statistical techniques or cross-referencing them with publicly available datasets.

As datasets become larger, more complex and diversified, PP technologies have emerged as the most feasible solution to privacy issues. A patent analytics study conducted by Intellectual Property Office of Singapore (IPOS) stated that homomorphic encryption (HE), secure multiparty computing (MPC), differential privacy (DP) and federated learning (FL) have emerged as promising solutions among various the PP technologies developed. These are the same technologies that institutions such as NUS, NTU and A*STAR are pursuing.

In summary:

  • Homomorphic encryption (HE) transforms data to a different dataset to protect sensitive information while allowing computation on its encrypted version, also known as cyphertext. This method, therefore, does not compromise any data integrity.
  • Secure multiparty computing (MPC) is a cryptographic protocol that distributes computation across multiple parties where no individual party can see the other party’s data.  MPC protocols can enable data scientists and analysts to compliantly, securely, and privately compute on distributed data without ever exposing or moving it.
  • Differential privacy (DP) is an easier process compared to MPC and HE, and it involves introducing noise such that the query result cannot be used to infer much about any single individual and therefore provides privacy.
  • Federated learning (FL) is an emerging PP technology, which is a machine learning technique that achieves computation and model training without exchanging data between data owners and data consumers. This prevents data leakage from the data owner’s premises.

Of these four PP technologies that were outlines, HE, MPC and FL are at the forefront of research and development in the A*STAR’s TDV programme.

On the whole, industrial implementation of these PP technologies are still at an early stage. It has been reflected in the patented inventions at IPOS that the financial sector is the top industry of interest, followed by healthcare, social media applications and logistics/supply chain.

On a global scale, patented inventions relating to PP technologies have been on the rise. From 2009 to 2018, over 23,000 PP-related inventions were being published worldwide, with high annual growth of 18% in the recent five years, according to IPOS. Due to strong market demands, innovations in these technologies are expected to grow even as more research and development works are needed to improve their capabilities and industrial applications.

The Role of Blockchain

A*STAR’s TDV programme also focuses on blockchain.  As the literature shows these days, blockchain has grown to varying types since it was first mooted by Satoshi Nakamoto.  Blockchain these days is classified into public blockchain, private blockchain, and consortium or sometimes known as a federated blockchain.

A*STAR’s TDV Programme is focussed on consortium/federated blockchain, which is deployed in a decentralised manner on multiple hardware managed by different owners and where authority is shared among members.  Consortium/federated blockchain usually involves a group of enterprises collaborating to use the blockchain technology to improve businesses.

Ms. Angela Wang, the Programme Manager of TDV at A*STAR, says, ”The big difference between public blockchain and consortium/federated blockchain is that anyone, even those you don’t trust, can join the public blockchain, while consortium/federated blockchain considers each member as a trusted partner to begin with.”

 

The future appears bright for the privacy landscape worldwide, as researchers and top tech companies continue to invest their resources in PP technologies to create secure digital platforms, products and services. This will give rise to a healthy ecosystem of digital trust between organisations and consumers.


For more insights from our ongoing AI research, please create your account on the Ecosystm platform.

Create an Account


2
Healthcare Fintech Alliance formed in Singapore

5/5 (2)

5/5 (2) In the report, Ecosystm Predicts: The Top Healthcare Trends for 2020, we had noted the similarities between the healthcare and the financial services industries and that Healthtech will take lessons from the Fintech industry.

In the report, Ecosystm Principal Analyst, Sash Mukherjee said, “Fintech plays a significant role in driving greater inclusion, especially to drive the induction of the unbanked into the mainstream economy, give the underbanked more options to leverage the broader financial services available, and reduce disparity in the adoption of financial services by bridging the gender gap and differences based on ethnicity and socio-economic status. It is not hard to imagine a similar fate for Healthtech. As the industry focuses on value-based outcomes, governments put in more regulations around accountability and transparency in the industry, and people expect the customer experience that they get out of their retail interactions, Healthtech start-ups will become as mainstream as Fintech start-ups.”

However, Mukherjee notes that there might be some pitfalls in this journey, especially when organisations focus more on the technology and less on the actual application and benefits of the technology. “Innovators and start-ups need to align themselves early, with corporates and technology providers to gain a better understanding of the market and regulatory landscape.”

Singapore bringing key industry stakeholders together

The MoU between Alibaba Cloud, Pfizer and Singapore’s Fintech Academy announced yesterday, is a move in the right direction that promises to give early and necessary guidance to Healthtech start-ups. Under the newly formed Healthcare Fintech Alliance (HFA), Alibaba will provide infrastructural support and technological mentorship to the Healthtech and Fintech start-ups to help them leverage cloud, AI and other technologies for their future requirements. The Fintech Academy will guide these start-ups through talent management and venture building programs. Pfizer will provide thought leadership through its network of healthcare experts and opinion leaders, including guidance on commercialisation of the products and services. The Healthcare Fintech Alliance initiative will begin with a pilot in Singapore, Indonesia, and Vietnam before expanding to other regions – Malaysia and the Philippines.

Mukherjee says, “The healthcare industry, for all the cutting-edge research, that it represents, has been remarkably slow to transform. But the COVID-19 crisis has forced the industry to transform, without the luxury or time to think about it. While the implications on the life sciences and provider organisations is clearer, there has simultaneously emerged a need for transformation in the healthcare payer industry. There will be greater demand from consumers for micro-financing to tide over sudden healthcare crises and greater transparency in how these funds are managed. Again, there is an immense potential here for the industry to learn from Fintech.”

Healthcare Fintech Alliance Focus Areas

The focus areas for Healthcare Fintech Alliance shows the deep connection between Healthtech and Fintech.

  • Healthcare Affordability. Micro-financing and other financial models involving patients, family members, payers, and other healthcare stakeholders
  • Value Based Healthcare. Linking payment schemes to a drug’s effectiveness, health outcomes or utilisation
  • Outcome Monitoring. Tracking and reporting of outcomes derived from patients, wearables, healthcare providers, R&D databases and real-world evidence.
  • Personalised Healthcare. Using digital technology to tailor healthcare to individual needs
  • Innovative Healthtech Devices. Driving adoption in digital tools, such as diagnostic tools linked to medicine access and reimbursement
  • Population Health Management. Leveraging patient and associated data in a compliant way to better understand population health characteristics, for effective wellness programs, treatment protocols and cost management.

“Alliances such as these have potential benefits for the industry stakeholders such as Alibaba and Pfizer. Alibaba has been focusing on the Southeast Asia market – earlier in the month the Alibaba Cloud Philippines Ecosystem Alliance was formed to support digital transformation in start-ups and small and medium enterprises. Initiatives such as this is an effective way to associate themselves with the evolving start-up community in the region,” says Mukherjee. “Life sciences companies operate in an extremely competitive global market where they have to work on new products against a backdrop of competition from generics and global concern over rising healthcare expenditure. Against that backdrop, this alliance is the right go-to-market messaging for Pfizer as well.”

“However, the deepest positive impact of alliances such as these will be on the Healthcare industry as a whole. It makes concepts such as value-based healthcare, remote care and personalised healthcare achievable in the near future.”

1
Preparing Your Organisation Against Cyber Attacks

5/5 (3)

5/5 (3) Last week, the Australia Government announced that they have been monitoring persistent and increasing volumes of cyber-attacks by a foreign state-based actor on both government and private sector businesses. The Australian Cyber Security Centre (ACSC) reported that most of the attacks make use of existing open-source tools and packages, which ACSC has dubbed as “copy-paste compromises”. The attackers are also using other methods to exploit such as spear phishing, sending malicious files and using various websites to harvest passwords and more, to exploit systems.
Cybercrime has been escalating in other parts of the world as well. The World Health Organisation (WHO) witnessed a dramatic increase in cyber-attacks directed with scammers impersonating WHO personnel’s official emails targeting the public. The National Cyber Security Centre (NCSC) in the UK alerted the country’s educational institutions and scientific facilities on increased cyber-attacks attempting to steal research associated with the coronavirus. Earlier this month, the Singapore Computer Emergency Response Team (SingCERT) issued an advisory on potential phishing campaigns targeting six countries, including Singapore that exploit government support initiatives for businesses and individuals in the wake of the COVID-19 crisis.
Such announcements are a timely reminder to government agencies and private organisations to implement the right cybersecurity measures against the backdrop of an increased attack surface. These cyber attacks can have business impacts such as theft of business data and destruction or impairment to financial data, creating extended business interruptions. The ramifications can be far-reaching including financial and reputational loss, compliance breaches and potentially even legal action.

A Rise in Spear-Phishing

In Australia, we’re seeing attackers targeting internet-facing infrastructure relating to vulnerabilities in Citrix, Windows IIS web server, Microsoft Sharepoint, and Telerik UI.
Where these attacks fail, they are moving to spear-phishing attacks. Spear phishing is most commonly an email or SMS scam targeted towards a specific individual or organisation but can be delivered to a target via any number of electronic communication mediums. In the spear-phishing emails, the attacker attaches files or includes links to a variety of destinations that include:

  • Credential harvesting sites. These genuine-looking but fake web sites prompt targets to enter username and password. Once the gullible target provides the credentials, these are then stored in the attackers’ database and are used to launch credential-based attacks against the organisation’s IT infrastructure and applications.
  • Malicious files. These file attachments to emails look legitimate but once downloaded, they execute a malicious malware on the target device. Common file types are .doc, .docx, .xls, .xlsx, .ppt, .pptx, .jpg, .jpeg, .gif, .mpg, .mp4, .wav
  • OAuth Token Theft. OAuth is commonly used on the internet to authenticate a user to a wide variety of other platforms. This attack technique uses OAuth tokens generated by a platform and shares with other platforms. An example of this is a website that asks users to authenticate using their Facebook or Google accounts in order to use its own services. Faulty implementation of OAuth renders such integration to cyber-attacks.
  • Link Shimming. The technique includes using email tracking services to launch an attack. The attackers send fake emails with valid looking links and images inside, using email tracking services. Once the user receives the email, it tracks the actions related to opening the email and clicking on the links. Such tracking services can reveal when the email was opened, location data, device used, links clicked, and IP addresses used. The links once clicked-on, can in- turn, lead to malicious software being stealthily downloaded on the target system and/or luring the user for credential harvesting.

How do you safeguard against Cyber-Attacks?

The most common vectors for such cyber-attacks are lack of user awareness AND/OR exploitable internet-facing systems and applications. Unpatched or out-of-support internet-facing systems, application or system misconfiguration, inadequate or poorly maintained device security controls and weak threat detection and response programs, compound the threat to your organisation.
Governments across the world are coming up with advisories and guidelines to spread cybersecurity awareness and prevent threats and attacks. ACSC’s Australian Signals Directorates ‘Essential 8’ are effective mitigations for a large majority of present-day attacks. There were also guidelines published earlier this year, specifically with the COVID-19 crisis in mind. The Cyber Security Agency in Singapore (CSA) promotes the ‘Go Safe Online’ campaign that provides regular guidance and best practices on cybersecurity measures.
Ecosystm’s ongoing “Digital Priorities in the New Normal” study evaluates the impact of the COVID-19 pandemic on organisations, and how digital priorities are being initiated or aligned to adapt to the New Normal that has emerged. 41% of organisations in Asia Pacific re-evaluated cybersecurity risks and measures, in the wake of the pandemic. Identity & Access Management (IDAM), Data Security and Threat Analytics & Intelligence saw increased investments in many organisations in the region (Figure 1).Investments in Cybersecurity
However, technology implementation has to be backed by a rigorous process that constantly evaluates the organisation’s risk positions. The following preventive measures will help you address the risks to your organisation:

  • Conduct regular user awareness training on common cyber threats
  • Conduct regular phishing tests to check user awareness level
  • Patch the internet-facing products as recommended by their vendors
  • Establish baseline security standards for applications and systems
  • Apply multi-factor authentication to access critical applications and systems – especially internet-facing and SaaS products widely used in the organisation like O365
  • Follow regular vulnerability scanning and remediation regimes
  • Conduct regular penetration testing on internet-facing applications and systems
  • Apply security settings on endpoints and internet gateways that disallow download and execution of files from unfamiliar sources
  • Maintain an active threat detection and response program that provides for intrusion detection, integrity checks, user and system behaviour monitoring and tools to maintain visibility of potential attacks and incidents – e.g Security Information & Event Monitoring (SIEM) tools
  • Consider managed services such as Managed Threat Detection and Response delivered via security operations (SOC)
  • Maintain a robust incident management program that is reviewed and tested at least annually
  • Maintain a comprehensive backup regime – especially for critical data – including offsite/offline backups, and regular testing of backups for data integrity
  • Restrict and monitor the usage of administrative credentials

 


Get more insights on the adoption of key Cybersecurity solutions and investments through our “Market Insights and Vendor Selection” research module which is live and ongoing on the Ecosystm platform.
Get Started


1
Tech Spotlight for May – Cybersecurity

5/5 (2)

5/5 (2) In his blog, The Cybercrime Pandemic, Ecosystm Principal Advisor, Andrew Milroy says, “Remote working has reached unprecedented levels as organisations try hard to keep going. This is massively expanding the attack surface for cybercriminals, weakening security and leading to a cybercrime pandemic. Hacking activity and phishing, inspired by the COVID-19 crisis, are growing rapidly.” Remote working has seen an increase in adoption of cloud applications and collaborative tools, and organisations and governments are having to re-think their risk management programs.

We are seeing the market respond to this need and May saw initiatives from governments and enterprises on strengthening risk management practices and standards. Tech vendors have also stepped up their game, strengthening their Cybersecurity offerings.

Market Consolidation through M&As Continues

The Cybersecurity market is extremely fragmented and is ripe for consolidation. The last couple of years has seen some consolidation of the market, especially through acquisitions by larger platform players (wishing to provide an end-to-end solution) and private equity firms (who have a better view of the Cybersecurity start-up ecosystem). Cybersecurity providers continue to acquire niche providers to strengthen their end-to-end offering and respond to market requirements.

As organisations cope with remote working, network security, threat identification and identity and access management are becoming important. CyberArk acquired Identity as a Service provider Idaptive to work on an AI-based identity solution. The acquisition expands its identity management offerings across hybrid and multi-cloud environments. Quick Heal invested in Singapore-based Ray, a start-up specialising in next-gen wireless and network technology. This would benefit Quick Heal in building a safe, secure, and seamless digital experience for users. This investment also shows Quick Heal’s strategy of investing in disruptive technologies to maintain its market presence and to develop a full-fledged integrated solution beneficial for its users.

Another interesting deal was Venafi acquiring Jetstack.  Jetstack’s open-source Kubernetes certificate manager controller – cert-manager – with a thriving developer community of over 200 contributors, has been used by many global organisations as the go-to tool for using certificates in the Kubernetes space. The community has provided feedback through design discussion, user experience reports, code and documentation contributions as well as serving as a source for free community support. The partnership will see Venafi’s Machine Identity Protection having cloud-native capabilities.   The deal came a day after VMware announced its intent to acquire Octarine to extend VMware’s Intrinsic Security Capabilities for Containers and Kubernetes and integrate Octarine’s technology to VMware’s Carbon Black, a security company which VMware bought last year.

Cybersecurity vendors are not the only ones that are acquiring niche Cybersecurity providers. In the wake of a rapid increase in user base and a surge in traffic, that exposed it to cyber-attacks (including the ‘zoombombing’ incidents), Zoom acquired secure messaging service Keybase, a secure messaging and file-sharing service to enhance their security and to build end-to-end encryption capability to strengthen their overall security posture.

Governments actively working on their Cyber Standards

Governments are forging ahead with digital transformation, providing better citizen services and better protection of citizen data.  This has been especially important in the way they have had to manage the COVID-19 crisis – introducing restrictions fast, keeping citizens in the loop and often accessing citizens’ health and location data to contain the disaster. Various security guidelines and initiatives were announced by governments across the globe, to ensure that citizen data was being managed and used securely and to instil trust in citizens so that they would be willing to share their data.

Singapore, following its Smart Nation initiative, introduced a set of enhanced data security measures for public sector. There have been a few high-profile data breaches (especially in the public healthcare sector) in the last couple of years and the Government rolled out a common security framework for public agencies and their officials making them all accountable to a common code of practice. Measures include clarifying the roles and responsibilities of public officers involved in managing data security, and mandating that top public sector leadership be accountable for creating a strong organisational data security regime. The Government has also empowered citizens to raise a flag against unauthorised data disclosures through a simple incident report form available on Singapore’s Smart Nation Website.

Australia is also ramping up measures to protect the public sector and the country’s data against threats and breaches by issuing guidelines to Australia’s critical infrastructure providers from cyber-attacks. The Australian Cyber Security Centre (ACSC) especially aims key employees working in services such as power and water distribution networks, and transport and communications grids. In the US agencies such as the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DOE) have issued guidelines on safeguarding the country’s critical infrastructure. Similarly, UK’s National Cyber Security Centre (NCSC) issued cybersecurity best practices for Industrial Control Systems (ICS).

Cyber Awareness emerges as the need of the hour

While governments will continue to strengthen their Cybersecurity standards, the truth is Cybersecurity breaches often happen because of employee actions – sometimes deliberate, but often out of unawareness of the risks. As remote working becomes a norm for more organisations, there is a need for greater awareness amongst employees and Cybersecurity caution should become part of the organisational culture.

Comtech received a US$8.4 million in additional orders from the US Federal Government for a Joint Cyber Analysis Course. The company has been providing cyber-training to government agencies in the communications sector. Another public-private partnership to raise awareness on Cybersecurity announced in May was the MoU between Europol’s European Cybercrime Centre (EC3) and Capgemini Netherlands. With this MoU, Capgemini and Europol are collaborating on activities such as the development of cyber simulation exercises, capacity building, and prevention and awareness campaigns. They are also partnered on a No More Ransomware project by National High Tech Crime Unit of the Netherlands’ Police, Kaspersky and McAfee to help victims fight against ransomware threats.

The Industry continues to gear up for the Future

Technology providers, including Cybersecurity vendors, continue to evolve their offerings and several innovations were reported in May. Futuristic initiatives such as these show that technology vendors are aware of the acute need to build AI-based cyber solutions to stay ahead of cybercriminals.

Samsung introduced a new secure element (SE) Cybersecurity chip to protect mobile devices against security threats. The chip received an Evaluation Assurance Level (EAL) 6+ certification from CC EAL – a technology security evaluation agency which certifies IT products security on a scale of EAL0 to EAL7. Further applications of the chip could include securing e-passports, crypto hardware wallets and mobile devices based on standalone hardware-level security. Samsung also introduced a new smartphone in which Samsung is using a chipset from SK Telecom with quantum-crypto technology. This involves Quantum Random Number Generator (QRNG) to enhance the security of applications and services instead of using normal random number generators. The technology uses LED and CMOS sensor to capture quantum randomness and produce unpredictable strings and patterns which are difficult to hack. This is in line with what we are seeing in the findings of an Ecosystm business pulse study to gauge how organisations are prioritising their IT investments to adapt to the New Normal. 36% of organisations in the Asia Pacific region invested significantly in Mobile Security is a response to the COVID-19 crisis.

The same study reveals that nearly 40% of organisations in the region have also increased investments in Threat Analysis & Intelligence. At the Southern Methodist University in Texas, engineers at Darwin Deason Institute for Cybersecurity have created a software to detect and prevent ransomware threats before they can occur. Their detection method known as sensor-based ransomware detection can even spot new ransomware attacks and terminates the encryption process without relying on the signature of past infections. The university has filed a patent for this technique with the US Patent and Trademark Office.

Microsoft and Intel are working on a project called STAMINA (static malware-as-image network analysis). The project involves a new deep learning approach that converts malware into grayscale images to scan the text and structural patterns specific to malware. This works by converting a file’s binary form into a stream of raw pixel data (1D) which is later converted into a photo (2D) to feed into image analysis algorithms based on a pre-trained deep neural network to scan and classify images as clean or infected.

 


Click below for more data on organisations’ Cybersecurity priorities and investments
Get Started


1
Singapore’s first 5G Industry 4.0 trial

5/5 (3)

5/5 (3)

Manufacturing is estimated to account for a fifth of Singapore’s GDP and is one of its growth pillars. Singapore has been talking about re-inventing the Manufacturing industry since 2017, when the Industry 4.0 initiatives to enable digitalisation and process automation of processes and to ensure global competitiveness were first launched. As part of the long-term strategy, the Government had spoken about investment into research and development (R&D) projects, developing transformation roadmaps and strengthening the skill sets of the workforce.

Singapore’s 5G Rollout

Last month, the Infocomm Media Development Authority (IMDA) announced that Singtel and JVCo (formed by Starhub and M1) has won the 5G Call for Proposal. They will be required to provide coverage for at least half of Singapore by end-2022, scaling up to nationwide coverage by end 2025. While Singtel and JVCo will be allocated radio frequency spectrum to deploy nationwide 5G networks, other mobile operators, including MVNOs, can access these network services through a wholesale arrangement. The networks will also be supplemented by localised mmWave deployments that will provide high capacity 5G hotspots.

In October 2019, IMDA and the National Research Foundation had set aside $40 million to support 5G trials in strategic sectors such as maritime, aviation, smart estates, consumer applications, Industry 4.0 and government applications. Ecosystm Principal Advisor, Jannat Maqbool says, “Reach, performance and robustness of connectivity and devices have long held back the ability to scale with the IoT as well as successful deployment of some solutions altogether. The integration of 5G with IoT has the potential to change that immensely. However, and possibly even more importantly, 5G will see the emergence of a true ‘Internet’, defined as ‘interconnected networks using standardised communication protocols’, made up of ‘things’ enabling never-before contemplated innovation – supporting economic development and community well-being.”

“While 5G offers enormous potential to produce economic and social benefits, to reach that potential we need to evaluate from a strategic perspective what it could mean for industries, employers and communities – then we need to invest in the infrastructure, innovation and associated development required to leverage the technology.”

Singapore’s Industry 4.0 Transformation

The Government is also focused on getting the industry ready for the transformation that 5G will bring. Last week, Singapore announced its first Industry 4.0 trial, where IMDA collaborates with IBM, M1 and Samsung to design, develop, test and benchmark 5G-enabled Industry 4.0 solutions that can be applied across various industries. The trials will begin at IBM’s facility in Singapore and involve open source infrastructure solutions from Red Hat to test Industry 4.0 use cases.

The project will test 5G-enabled use cases for Manufacturing, focusing on areas such as automated visual inspection using image recognition and video analytics, equipment monitoring and predictive maintenance, and the use of AR in increasing productivity and quality. The focus is also on leveraging 5G to reduce the cost of processing, by shifting the load from the edge device to centralised systems.

Ecosystm Principal Advisor, Kaushik Ghatak says, “For some time now, the Singapore Manufacturing industry has been in the quest for higher productivity in order to regain its foothold as a destination of choice for global manufacturing outsourcing. The 5G Industry 4.0 trial is a great initiative to fast-track identification and adoption of the right use cases in Manufacturing, in the areas of automation, visibility, analytics, as well as for opening new revenue streams through servitisation of smart products.”

5G will see increased collaboration in the Tech industry

With the advent of 5G, the market will see more collaboration between government agencies, telecom providers and cloud platform providers and network equipment providers. Governments globally have invested in 5G and so have the network and communications equipment providers. However, telecom providers are unsure of how to monetise 5G and cater to the shift in their customer profile from consumers to enterprises. IBM and Samsung had already announced the launch of a joint platform in late 2019. Collaborations such as these will be key to widespread 5G deployment and uptake.

Talking about the benefits of collaborative efforts such as this, Maqbool says, “Robustness and security built into 5G deployment from the outset is essential to enable the applications and innovation that many are promising the technology will deliver, including the ability to self-scale, automate fault management and support edge processing.”

It is interesting that the solutions developed will be featured at IBM’s Industry 4.0 Studio 5G Solutions Showcase, and that IBM and Samsung will evaluate successful solutions developed during the project for possible use in their operations in a broad range of markets and sectors. “Availability of proven use cases at IBM’s Solutions Showcase centre would benefit local manufactures greatly; in terms of easy access to right skills and proven technology architectures,” says Ghatak.  “This initiative is a huge step towards realising the promise of the cyber physical world. The collaboration between the leaders in communications, equipment and software will ensure that the use case development is truly cutting edge.”


Checkout insights from the Ecosystm IoT Study.Click on the link below to Access 👇
Ecosystm IoT Market Insights

1
Survive to Thrive: How the Right Technologies can keep you Engaged with your Employees

5/5 (2)

5/5 (2) As we get into the second month of Circuit Breaker here in Singapore and most people are working from home, we are hearing a lot more about the difficulties that organisations and individuals have faced when it comes to operating as a remote workforce – or what is commonly called working from home or “WFH”.

As the CEO of technology research and advisory platform, I am lucky to have some of the global experts and thought-leaders in remote working as part of our team. While it is not an easy ask of staff, and some find it harder than others, remote working is going to be an increasingly important component of our work lives in the future, and something we need to get right in order to “Survive to Thrive”.

People and Engagement

​Let’s face it – we are in a humanitarian crisis, foremost and the economic crisis is just a fallout of it. So impact on People has to be the number one consideration. Working from home can be a real culture shock. Gone is the ability to quickly speak to the colleague next to you, meet someone for lunch or even just have a discussion in the pantry. Taking away these social interactions can impact employee morale and therefore productivity. Putting an effort into team-building – as hard as it is to do remotely – is very important.

Groups on social messaging apps (outside of the work-related ones) can help rebuild that camaraderie and strengthen social bonds. Plan team-building exercises such as quizzes, virtual drinks, or even networking lunches that can be done remotely. Remember, the wellness of your teams is directly proportionate to the well-being of the business.

Process and Practice​

Working from home requires a different mindset to being in the office, and it is easy to get dragged into an endless cycle of emails and conference calls. This often means that the act of planning and discussing replaces the act of doing!

This is where good-practice from the pre-COVID-19 era becomes an essential practice right now. Note-taking, summarising discussions, and recapping roles and responsibilities for project execution becomes paramount. Documenting and tracking progress will have a positive impact on productivity and ensure that teams are focused on their collective and individual responsibilities.

While there are many applications that you may consider to manage and monitor projects, you may also want to explore appointing dedicated people whose role is to identify how processes have been affected by remote working, and how bottlenecks can be cleared with more effective use of collaboration software.

Technology to get Digital Ready

Teams need the applications to communicate and carry out their responsibilities diligently. Luckily, in the age of cloud computing, most organisations were able to quite easily transition to a work from home environment. Those that struggled were the companies that had not embraced digital and were not using any cloud-based software (for email, collaboration, bookkeeping, HR or CRM); or those that are mandated by strict compliance and cybersecurity measures that cannot be enforced in employees’ homes.

While many organisations were already using a variety of communication & collaboration solutions, in the new work from home setups, you may want to consider additional solutions to help you get through your current challenges. The good news is that many technology providers have made their offerings available for free trials during this period, so the financial outlay may be minimal or non-existent.

You should also not overlook the importance of cybersecurity at this time. Regulations around data privacy are still applicable, and home-networks are not as secure as enterprise networks. At the same time, social-engineering and phishing attacks are also on the rise. So be sure to provide regular updates to your teams with guidance on how they can help maintain the security of your data and networks.

 

In conclusion, as we come to terms with the current normal, and get a glimpse of what the future normal may look like; we continue to see the old adage that it’s people, process and technology – in that order – which will guide us through the current situation and set us up for continued success. While no one has a crystal ball, it is actions – how you interact with your colleagues and the processes you put in place – and not technology that will ultimately best position your organisation to thrive in the future.

 

As published in the tabla! (An SPH Publication)

0
How Will COVID-19 Change the Telecom Industry?

5/5 (1)

5/5 (1)

The COVID-19 pandemic has highlighted the importance of the telecommunications industry which has now become the backbone of the new normal, both in a social and business sense. The last few months have seen a number of changes including more video usage, location of traffic and time of traffic. Network usage is on the rise and telecom carriers are prioritising on the resilience of their networks and the quality of services offered to their customers.

What goes up must come down

According to Speedtest, global mobile and broadband speeds have suffered as a result of the increase in traffic with speeds dropping in March 2020 for mobile to 30.47 Mbps (from 31.62 Mbps in February) and fixed broadband to 74.64 Mbps (from 75.41 Mbps in February). In Southeast Asia, only Singapore and Vietnam averaged mobile speeds of 54.37 Mbps and 33.97 Mbps respectively, exceeding the global average speeds. As for fixed broadband, Singapore ranked highest globally achieving 197.26 Mbps while Thailand and Malaysia clocked 149.95 Mbps and 79.86 Mbps respectively, trumping the global average speeds.

Southeast Asian carriers increase network efficiency and quality

Singapore. The country’s ICT regulator, Infocomm Media Development Authority (IMDA), reported an increase in internet usage and its intentions to support telecom carriers in boosting network capacity to ensure essential services run smoothly. Priority will be given to high traffic and residential areas where a larger proportion of the population are working from home. The Ministry of Communications and Information (MCI) reported that Singapore has at least 30 percent buffer in network capacity even during peak periods. Major TV operators Mediacorp, Singtel and Starhub have made more content available for free during this period. This may further impact network speeds as customers are consuming more content over wifi (on mobile apps) or over the fibre networks.

Thailand. Part of the country’s public assistance measures during the pandemic, include offering about 30 million mobile subscribers 10GB free data. The National Broadcasting and Telecommunications Commission (NBTC) will also upgrade the speeds of fixed broadband to at least 100 Mbps which is expected to benefit 1.2 million household subscribers. Leading operator Advanced Info Service (AIS) recently announced that it has deployed 5G networks at hospitals to boost network capacity and speeds, and is deploying robots for telemedicine to empower the healthcare system to fight COVID-19.

Malaysia. Maxis and Telekom Malaysia (TM) reported a surge in traffic since the movement control order (MCO) was implemented by the Government on the 18th  March 2020. The MCO is expected to run at least until 28th April 2020. TM cited a 30 percent increase in usage attributed to the increase in traffic for streaming, online games and teleconferencing. Leading operators Maxis, Digi, Celcom and U Mobile have offered 1GB free data during the MCO period as part of the Government’s stimulus package. Maxis, TM, Digi and Celcom have also committed significant manpower to ensure that the networks are operating efficiently and to ensure customer support. Leading TV operator Astro has made all movie, news and cartoon networks available to all its customers until the 28th April 2020.

Social distancing fillip for video conferencing

The rise of social distancing has made us all seek new ways to connect, mainly through video chat. Video conferencing traffic is on the rise as it is the next best thing to face-to-face meetings. Microsoft Teams and Zoom have been big benefactors. The American Economic Institute (AEI) notes that Zoom hit some 200 million users daily from a daily average 10 million. Microsoft Teams added some 12 million registrations to a total of 44 million.

Many predict that the home working trend will continue in the recovery stage and beyond, due to improvements in the telecommunications infrastructure and impending rollout of 5G. It is also predicted that the commercial property sector is likely to suffer due to this trend. This period also highlights the critical importance of cybersecurity with increasing occurrences of hacking and fraud. Zoom is being forced to reinforce their privacy and security measures, as an example.

COVID-19 has changed the way we web

On the social front, many are also using video conferencing to communicate with friends and family. Operators relaxing and offering additional data has undoubtedly contributed to the increase in this usage too. Now that many are homebound, network traffic in residential areas are higher than ever. In the past, peak hours of traffic at homes were at night – this has changed with adults and children homebound. Adults are using video conferencing and more voice calls; while children are using elearning, playing games or streaming videos. The European Commission had asked Netflix and other streaming platforms to reduce streaming quality to standard definition (SD). Netflix has assured that it has the capability to manage levels of streaming quality in accordance with the networks quality requirement of individual countries.

Online gaming and video streaming have emerged as winners and have seen an increase in consumption in these times as they provide for entertainment for millions stuck at home. There is tremendous opportunity for both telecom operators and content providers to increase their number of services in this area. Netflix, YouTube, Microsoft Xbox and PlayStation are among the winners in this sector. YouTube provides for a primary news source and commentary on the epidemic for many. Netflix’s stocks are near an all-time high at present.

eCommerce boost for essentials goods and services

The eCommerce sector should see a major improvement in Southeast Asia as physical channels to market have reduced. Emerging economies such as Malaysia and Thailand should see an improvement in services and embrace eCommerce like their mature counterparts. Statista reports that the average Malaysian eCommerce shopper spent just US$159 and Thailand just US$100 on online consumer goods purchases in 2018, considerably lower than the global average of US$634. There is huge opportunity to provide for basic necessities such as online grocery, food and delivery of goods. As a consequence, contactless payment and the transport and logistics sector will be forced to adapt their business operations to ride this wave successfully. As eCommerce transactions diversify and increase in emerging markets, it will give telecom providers an opportunity to keep engaging with platform players.

Telecom carriers are likely to suffer financial losses due to the scale of the disruption COVID-19 has brought about. However, there are some positives takeaways from this period. The increase of network traffic and the changing patterns have driven carriers to better understand network traffic management. The sharp consumer and business onboarding as far as applications and digital services are concerned, has given the digital economy and 5G use cases a shot in the arm. This is likely to spur innovation in services including communications, eCommerce, payments, logistics and healthcare among others.


Access More Insights Here

1