Recent attacks on two major companies in Singapore – real estate group OY Group and Starhub, a telecom provider – were instances of an alarming surge of cyber-attacks around the globe. A mid-year 2021 global report from UK based cybersecurity specialist Acronis highlights that the average cost of a data breach was around US$3.56 million. The average ransomware payment increased by 33 per cent to more than USD100,000.
Covid-19 has further exposed multiple unauthorised excursions into an organisation’s information and processes. It is commonly asserted by experts that a cyber-attack is now a question of when and not if. Despite their best intentions, every organisation is continually at risk and is susceptible to such attacks, warned cybersecurity experts from TM ONE, the enterprise and public sector arm of Telekom Malaysia Berhad (TM), during the CYDES 2021 summit.
With the focus on diving deep into how public and private sectors can strengthen their cybersecurity preparedness, experts from a variety of fields gathered to openly share various insights, tools, tricks and approaches. A common consensus is that complexity is one of the real challenges to effective cybersecurity implementations in today’s hybrid Cloud era. Here are three critical keys to counter cyber security threats.
Securing faster ID authentication
Combining blockchain and biometric recognition offers a more robust and secure method of authenticating a user’s identity, said Rahmah Isahak, Assistant General Manager, Digital Identity Cluster, Innovative Solutions at TM ONE during the summit.
The Covid-19 pandemic has forced more organisations to find ways to complete transactions remotely and enable remote access to systems. As this trend is expected to continue, identity authentication of users is of vital importance to an organisation’s security and to drive seamless operations.
“A blockchain system allows data to be held collectively, which prevents any malicious tampering. Users can register their identity details into this system, and a cybersecurity organisation or service provider such as TM ONE will then ensure that it is impenetrable to hackers,” she explained.
TM ONE offers Blockchain Secure Authentication (BSA) as part of its Cyber Defence Centre’s (CYDEC) Digital Identity pillar, focusing on digital identity protection. It is a password-less authentication technology to avoid credential attacks, a condition when cybercriminals bypass organisational security measures and steal important data. This solution has its use cases in various verticals, such as in banking, financial services and insurance (BFSI), healthcare, social media services and retail sectors.
“Not only blockchain verification is secure, it is also fast. It is able to authenticate users in less than three seconds,” she said. “Combining a system with biometrics will enable the authentication process to be entirely password-less for employees.”
“Biometric technology, such as facial recognition systems, do not require users to memorise passwords. There are many cases in the media that show hackers accessing passwords, whereas biometric authentication helps organisations to sidestep password theft,” she added.
The future of security is automation
The second key highlight was automated cybersecurity systems. “Automation allows IT teams to optimise resources while reducing human error in security responses,” explained Dr Azman Ali, Head of Information Security Services, Professional Services at TM ONE, when he spoke at CYDES.
Automation and increasing digitisation are features that both include and go beyond cybersecurity systems, Dr Azman shared. “Mobile apps, Internet of Things (IoT), Artificial Intelligence (AI ) and automation can be used to replace the repetitive manual tasks as part of the government’s digital transformation efforts.”
“One example of this is data collection in the healthcare industry sector. A vast amount of new personal information is being generated that could potentially help to enhance pandemic handling,” said Dr Azman. He pointed out that: “Digital transformation initiatives will help better manage this huge stream of data and assist in extrapolating actionable insights, but let’s not forget, that this need to be done securely while making privacy a top priority.”
Partnering with cybersecurity experts
Many businesses do not have the required tools and skills to protect themselves in today’s highly complex and rapidly changing threat landscape. In light of this, the option of working with a security partner is rapidly becoming another key solution. TM ONE offers a subscription service that includes world-class tools to uncover vulnerabilities in organisations and, additionally, helps to upskill an organisation’s internal security team.
The cyber squad at TM ONE comprises architects, consultants and analysts. Architects focus on designing security systems, which the consultants help to enhance. Meanwhile, analysts will provide critical security information by continually assessing upcoming threats, explained Dr Azman.
As part of its world-class cybersecurity portfolio, TM ONE provides 16 products, which include identity access, IoT, Cloud, and others, to secure systems from today’s threats and breaches. Global communications firm Telefonica, which works directly with TM ONE as its global Security Operations Centre partner, helps to actively consult and also advises on cybersecurity matters. Leveraging on the expertise of both companies, Malaysian organisations can be assured of fortified cybersecurity solutions to build their cyber resiliency and trust in the digital era.
As experts in Cloud services, TM ONE was appointed as one of the cloud service providers for the Malaysian government in April 2021, said Dr Azman. “TM has played a huge part during the pandemic with its work with healthcare organisations and in creating internet infrastructure.”
Moving forward, connecting the digital dots requires a holistic stance in today’s highly challenging environment, with cybersecurity as a foundational part of the mix, said TM ONE’s experts during the summit. Their positioning of three keys — authentication, automation and assistance – will help organisations to greatly strengthen their cybersecurity preparedness.