In his blog, The Cybercrime Pandemic, Ecosystm Principal Advisor, Andrew Milroy says, “Remote working has reached unprecedented levels as organisations try hard to keep going. This is massively expanding the attack surface for cybercriminals, weakening security and leading to a cybercrime pandemic. Hacking activity and phishing, inspired by the COVID-19 crisis, are growing rapidly.” Remote working has seen an increase in adoption of cloud applications and collaborative tools, and organisations and governments are having to re-think their risk management programs.
We are seeing the market respond to this need and May saw initiatives from governments and enterprises on strengthening risk management practices and standards. Tech vendors have also stepped up their game, strengthening their Cybersecurity offerings.
Market Consolidation through M&As Continues
The Cybersecurity market is extremely fragmented and is ripe for consolidation. The last couple of years has seen some consolidation of the market, especially through acquisitions by larger platform players (wishing to provide an end-to-end solution) and private equity firms (who have a better view of the Cybersecurity start-up ecosystem). Cybersecurity providers continue to acquire niche providers to strengthen their end-to-end offering and respond to market requirements.
As organisations cope with remote working, network security, threat identification and identity and access management are becoming important. CyberArk acquired Identity as a Service provider Idaptive to work on an AI-based identity solution. The acquisition expands its identity management offerings across hybrid and multi-cloud environments. Quick Heal invested in Singapore-based Ray, a start-up specialising in next-gen wireless and network technology. This would benefit Quick Heal in building a safe, secure, and seamless digital experience for users. This investment also shows Quick Heal’s strategy of investing in disruptive technologies to maintain its market presence and to develop a full-fledged integrated solution beneficial for its users.
Another interesting deal was Venafi acquiring Jetstack. Jetstack’s open-source Kubernetes certificate manager controller – cert-manager – with a thriving developer community of over 200 contributors, has been used by many global organisations as the go-to tool for using certificates in the Kubernetes space. The community has provided feedback through design discussion, user experience reports, code and documentation contributions as well as serving as a source for free community support. The partnership will see Venafi’s Machine Identity Protection having cloud-native capabilities. The deal came a day after VMware announced its intent to acquire Octarine to extend VMware’s Intrinsic Security Capabilities for Containers and Kubernetes and integrate Octarine’s technology to VMware’s Carbon Black, a security company which VMware bought last year.
Cybersecurity vendors are not the only ones that are acquiring niche Cybersecurity providers. In the wake of a rapid increase in user base and a surge in traffic, that exposed it to cyber-attacks (including the ‘zoombombing’ incidents), Zoom acquired secure messaging service Keybase, a secure messaging and file-sharing service to enhance their security and to build end-to-end encryption capability to strengthen their overall security posture.
Governments actively working on their Cyber Standards
Governments are forging ahead with digital transformation, providing better citizen services and better protection of citizen data. This has been especially important in the way they have had to manage the COVID-19 crisis – introducing restrictions fast, keeping citizens in the loop and often accessing citizens’ health and location data to contain the disaster. Various security guidelines and initiatives were announced by governments across the globe, to ensure that citizen data was being managed and used securely and to instil trust in citizens so that they would be willing to share their data.
Singapore, following its Smart Nation initiative, introduced a set of enhanced data security measures for public sector. There have been a few high-profile data breaches (especially in the public healthcare sector) in the last couple of years and the Government rolled out a common security framework for public agencies and their officials making them all accountable to a common code of practice. Measures include clarifying the roles and responsibilities of public officers involved in managing data security, and mandating that top public sector leadership be accountable for creating a strong organisational data security regime. The Government has also empowered citizens to raise a flag against unauthorised data disclosures through a simple incident report form available on Singapore’s Smart Nation Website.
Australia is also ramping up measures to protect the public sector and the country’s data against threats and breaches by issuing guidelines to Australia’s critical infrastructure providers from cyber-attacks. The Australian Cyber Security Centre (ACSC) especially aims key employees working in services such as power and water distribution networks, and transport and communications grids. In the US agencies such as the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DOE) have issued guidelines on safeguarding the country’s critical infrastructure. Similarly, UK’s National Cyber Security Centre (NCSC) issued cybersecurity best practices for Industrial Control Systems (ICS).
Cyber Awareness emerges as the need of the hour
While governments will continue to strengthen their Cybersecurity standards, the truth is Cybersecurity breaches often happen because of employee actions – sometimes deliberate, but often out of unawareness of the risks. As remote working becomes a norm for more organisations, there is a need for greater awareness amongst employees and Cybersecurity caution should become part of the organisational culture.
Comtech received a US$8.4 million in additional orders from the US Federal Government for a Joint Cyber Analysis Course. The company has been providing cyber-training to government agencies in the communications sector. Another public-private partnership to raise awareness on Cybersecurity announced in May was the MoU between Europol’s European Cybercrime Centre (EC3) and Capgemini Netherlands. With this MoU, Capgemini and Europol are collaborating on activities such as the development of cyber simulation exercises, capacity building, and prevention and awareness campaigns. They are also partnered on a No More Ransomware project by National High Tech Crime Unit of the Netherlands’ Police, Kaspersky and McAfee to help victims fight against ransomware threats.
The Industry continues to gear up for the Future
Technology providers, including Cybersecurity vendors, continue to evolve their offerings and several innovations were reported in May. Futuristic initiatives such as these show that technology vendors are aware of the acute need to build AI-based cyber solutions to stay ahead of cybercriminals.
Samsung introduced a new secure element (SE) Cybersecurity chip to protect mobile devices against security threats. The chip received an Evaluation Assurance Level (EAL) 6+ certification from CC EAL – a technology security evaluation agency which certifies IT products security on a scale of EAL0 to EAL7. Further applications of the chip could include securing e-passports, crypto hardware wallets and mobile devices based on standalone hardware-level security. Samsung also introduced a new smartphone in which Samsung is using a chipset from SK Telecom with quantum-crypto technology. This involves Quantum Random Number Generator (QRNG) to enhance the security of applications and services instead of using normal random number generators. The technology uses LED and CMOS sensor to capture quantum randomness and produce unpredictable strings and patterns which are difficult to hack. This is in line with what we are seeing in the findings of an Ecosystm business pulse study to gauge how organisations are prioritising their IT investments to adapt to the New Normal. 36% of organisations in the Asia Pacific region invested significantly in Mobile Security is a response to the COVID-19 crisis.
The same study reveals that nearly 40% of organisations in the region have also increased investments in Threat Analysis & Intelligence. At the Southern Methodist University in Texas, engineers at Darwin Deason Institute for Cybersecurity have created a software to detect and prevent ransomware threats before they can occur. Their detection method known as sensor-based ransomware detection can even spot new ransomware attacks and terminates the encryption process without relying on the signature of past infections. The university has filed a patent for this technique with the US Patent and Trademark Office.
Microsoft and Intel are working on a project called STAMINA (static malware-as-image network analysis). The project involves a new deep learning approach that converts malware into grayscale images to scan the text and structural patterns specific to malware. This works by converting a file’s binary form into a stream of raw pixel data (1D) which is later converted into a photo (2D) to feed into image analysis algorithms based on a pre-trained deep neural network to scan and classify images as clean or infected.
Authored by attending Ecosystm analysts, Sash Mukherjee (Principal Analyst, Government & Healthcare) and Sid Bhandari (Director, Consulting & Advisory Services)
The recently held AWS Public Sector Summit in Singapore showcased some of the regional AWS implementations, and how organisations are leveraging the Public Cloud differently.
In her keynote address, Teresa Carlson, Vice President, Worldwide Public Sector set the tone for the industry show cases by saying that a successful Digital Transformation (DX) starts from a radical rethinking of how an organisation uses cloud computing technology, people, and processes to fundamentally change business performance.
AWS Empowering the Public Sector
Carlson is clear on what Public Sector organisations must do and where AWS can help them:
- Define what Cloud refers to in the organisation. The first step in bringing about a Cloud First transformation is to be clear on the true definition of cloud computing.
- Create a “Cloud First” policy. To adopt a Cloud First policy, it is imperative to have leaders with a clear vision who really drive technology initiatives forward for all the right reasons like security, cost reduction, scalability, privacy and rapid acceleration of citizen services.
- Focus on Security & Compliance. AWS has global compliance certifications with 200+ services and key features focused on security, compliance and governance. New services such as the use of AI for threat detection have been implemented and are quickly evolving into a mainstream feature.
- Modify your Procurement vehicle. A formal cloud procurement model must be adopted instead of creating ad-hoc processes and a rush to adopt cloud to meet the specific needs of individual departments. AWS has the expertise to assist government IT leaders in selecting the right acquisition approach for their agency.
- Do not ignore Skills Development. Investing in cloud skills development – whether at the central IT level or in the individual business units in the Public Sector – is imperative, as roles evolve and new roles emerge. AWS has over the years offered free courses and industry certifications to Public Sector employees interested in learning the foundations of cloud computing, storage, and networking on AWS to advanced skills courses in emerging technologies such as AI.
Ecosystm Comment:
While cloud may have started off as a means of offsetting CapEx, its role has since evolved into being a major vehicle for DX. Several governments across the world have adopted Cloud First policies to spearhead innovation, increase agility, and improve citizen services. Cloud is increasingly seen as a foundation for many emerging technologies that governments are experimenting with and implementing such as AI, automation, Big Data analytics and Smart Nation initiatives.
The skepticism around Public Cloud security seems to have diminished over the years, with the perception that cloud providers use state-of-the-art technologies to protect their environment and continue to upgrade their security features in the face of new and evolving threats. However, the Ecosystm Cybersecurity study finds that nearly 53% of Public Sector and allied organisations that use Public Cloud feel that the security measures offered are sufficient. Leading cloud providers such as AWS should make it clear that essentially it is a shared responsibility and impress on organisations that the responsibility to secure their own applications and the interface with the Public Cloud ultimately lies with the deploying organisations.
Industry Use Cases
There were several industry use cases presented over the 2 days and it was heartening to see so many Asia Pacific examples of transformation. Tan Kok Yam, Deputy Secretary, Smart Nation & Digital Government Office shared that the key to a successful Smart Nation initiative is to build user-centric services rather than having an agency-centric approach, in his presentation on Singapore’s “The Moments of Life” app. Edwin H. Chaidir, IT Manager at WWF Indonesia presented on how AWS’s machine learning capabilities has helped the organisation to automate identification of specific orangutans in the wild, freeing up resources (money and time) to reinvest in other wildlife protection initiatives.
One of the implementation stories that impressed the Ecosystm analysts was the one shared by Rookie Nagtalon, Consultant for Digital Transformation at the Chinese General Hospital and Medical Center (CGHMC) in the Philippines, where he spoke about how they were able to bring about transformation in their patient life-cycle management. Healthcare in Asia Pacific is a diverse and disparate market with organisations at different levels of IT and business maturity – against a backdrop of different country-level goals and healthcare policies. It was encouraging to hear about a transformation project in a not-for-profit organisation from an emerging economy.
The challenges that healthcare organisations face are unique in many ways:
- Legacy systems that still work and hence there is no business case for replacing them
- Approximately 2/3rd of the IT budget going into running the basics, leaving limited resources for emerging technology adoption and transformation projects
- The shift to value-based healthcare and the need for data-driven insights to support it
- The unpredictability of the workload and the need for an agile IT infrastructure
- Security and compliance mandates that protect patient data and require storage of records over extended periods
Working with these challenges, how does a healthcare organisation bring about Digital Transformation?
Nagtalon’s team was assigned the task to bring about this transformation within a 10-month timeframe.
- The key challenge. An awareness that no one vendor can provide the entire gamut of functionalities required for patient lifecycle management. In spite of recent trends of multi-capability vendors, hospitals need multiple vendors for the hospital information system (HIS), ERP, HR system, document management systems, auxiliary department systems and so on. Each of these vendors have their own development team and infrastructure requirement, which stresses the internal IT resources. DX involving multiple legacy systems requires a step-by-step approach. The challenge is to identify the right systems to start the journey with.
- Vendor selection criteria. The need to find one solution that would enable seamless data sharing across the disparate systems. The vendor selection criteria that were used focused on ease of use and speed especially when working with multiple data sources. In keeping with the industry, the ability of the vendor to support mission-critical applications was put through the filter of what was referred to as ‘Code Blue’.
- The solution choice. A cloud solution that can empower teams and remove worries about the infrastructure. The hospital chose AWS as their transformation partner, who used a system interface blueprint to integrate data from their SAP ERP system, Medcurial’s MeRx HIS, 128 HR system, Canon’s documentation system and multiple diagnostics systems.
- The future roadmap. Enabling the organisation to be a Digital Hospital. The solution was implemented in 7 months and hit the right ROI requirements, reducing billing time and impacting the bottom line in terms of both recovery and revenue. It has created the base foundation for future plans such as device integration and the provider is well set on its journey of Cloud, IoT and Robotics.
Ecosystm Comment:
Nagtalon raised an important point when he was asked the key reason for the success of the project – executive buy-in. Transformation projects work best when it is enterprise-wide and senior management sponsorship is a must to enable that. However, he also mentioned humorously that he had become extremely unpopular during the implementation. This is where a centre-of-excellence with ‘champions to the cause’ from each key department helps. Organisations should look to engaging with the stakeholders early and to get their buy-in as well as the executive’s.
AWS’s marketing message to healthcare providers includes allowing them to focus on their mission and create their differentiation, and enabling them to incorporate new and emerging technologies. This implementation certainly ticked those boxes. What was particularly positive was the big thumbs up the AWS implementation team received. Organisations will increasingly partner with platform providers in their transformation journeys and implementation capabilities and best practice guidance will be the key differentiators for vendors.