Tag Archives: CyberSecurity Malaysia

Kaspersky Selects Malaysia For APAC Transparency Center!

Kaspersky Selects Malaysia For APAC Transparency Center!

Kaspersky just announced that they have selected Malaysia as the site for their APAC Transparency Center!

Here is everything you need to know about the third Kaspersky Transparency Center, and why they chose Malaysia.

 

The Kaspersky Global Transparency Initiative

The Kaspersky Global Transparency Initiative began in October 2017, as a way to allay fears that Kaspersky Lab products and services had backdoors built-in.

It was really an extension of Eugene Kaspersky’s offer to show Kaspersky Lab source codes to the US government.

For a more detailed take on the Kaspersky Global Transparency Initiative, we recommend :

 

Kaspersky Global Transparency Initiative APAC Update

The Managing Director for Asia Pacific at Kaspersky, Stephan Neumeier, kicked off the launch with an update on the Kaspersky Global Transparency Initiative, with a focus on the APAC region.

  • Started relocating customer data storage and processing infrastructure for European users from Russia to Zurich, Switzerland, to be completed by the end of 2019.
  • Opened two Transparency Centers in Europe – in Zurich (November 2018) and Madrid (June 2019). The Spanish Center also serves as a briefing center for key company stakeholders.
  • Successfully completed the Service Organization Control for Service Organizations (SOC 2) Type 1 audit. The final report, issued by one of the Big Four accounting firms, confirms that the development and release of Kaspersky’s threat detection rules databases (AV databases) are protected from unauthorised changes by strong security controls.
  • Since announcing the Bug Bounty program’s extension, Kaspersky resolved 66 bugs reported by security researchers and awarded almost $45,000 in bounty rewards.
  • Kaspersky also supports the io framework which provides Safe Harbor for vulnerability researchers concerned about potential negative legal consequences of their discoveries.
[adrotate group=”1″]

 

Why Kaspersky Selected Malaysia For The APAC Transparency Center

Kaspersky revealed that their APAC Transparency Center will be located in Cyberjaya, in partnership with CyberSecurity Malaysia.

Cyberjaya was selected because of its central location and close proximity to many key Kaspersky clients in APAC, as well as other security- and infrastructure-related reasons.

 

What Is The Kaspersky APAC Transparency Center For?

The new Kaspersky APAC Transparency Center in Malaysia will serve as the third trusted code review facility, after Zurich and Madrid.

Government regulators and Kaspersky enterprise clients can request to come to the Kaspersky APAC Transparency Center to examine or review :

  • source code of Kaspersky consumer and enterprise solutions, like Kaspersky Internet Security (KIS), Kaspersky Endpoint Security (KES) and Kaspersky Security Center (KSC)
  • Kaspersky’s threat analysis, secure review and application security testing process
  • all versions of Kaspersky software builds, and AV database updates
  • data feeds that are sent by Kaspersky products to the cloud-based Kaspersky Security Network (KSN)

It will also function as a briefing centre, where guests will be able to learn about Kaspersky’s engineering and data processing practises.

This new Kaspersky Transparency Center is slated to open for its first visitors in early 2020. Like the other Transparency Centers, access is available only upon request.

 

Suggested Reading

Go Back To > Cybersecurity | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Dimension Data Expert Panels On Cyberattack Mitigation + Cloud Security

Dimension Data organised two expert panels on cyberattacks and cloud security, as part of their coverage of the 2019 NTT Security Global Threat Intelligence Report.

Find out what cybersecurity experts from Dimension Data, Cisco and more think about cloud security, cyberattacks and mitigating them.

 

Dimension Data Expert Panels On Cyberattack Mitigation + Cloud Security

Freda Liu hosted the two expert panels with Cisco, Recorded Future, F5 and Cybersecurity Malaysia and Mark Thomas, Dimension Data’s VP of Cybersecurity.

The two expert panels addressed the chief concerns of their clients, namely on cloud security, and the mitigation of cyberattacks.

 

Dimension Data Panel #1 : Top Cyberattacks + Mitigation Tips

Enterprises are continuously experiencing cyberattack survey in today’s digital world. Challenges like compliance management, coin mining, web-based attacks, and credential theft have been seen over the past year.

In this session, the Dimension Data panel of experts will provide insights about top cyberattacks and shifting threat landscape. They also discussed best practices and practical measures you can take to bolster your cybersecurity defences.

 

Dimension Data Panel #2 : Security In The Cloud

Today, cybersecurity leaders’ jobs are made more difficult as the number of areas and ‘things’ that need to be secured is constantly increasing.

Your infrastructure is no longer just physical, it’s cloud, and hybrid too.

What are the people, process and tools you need in place to help improve your organisation’s resilience and embark on the journey to world-class cybersecurity?

 

Recommended Reading

[adrotate group=”2″]

Go Back To > CybersecurityEnterprise + Business | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


The Trend Micro Red Code 2017 Key Takeaway Points

At the side of Trend Micro Red Code 2017, Trend Micro and Cyber Security Malaysia gave us a briefing on the key takeaway points from the cybersecurity conference.

The Trend Micro team comprised of Goh Chee Hoh (Trend Micro Malaysia Managing Director). Ryan Flores (Senior Manager, Future Threat Research, Trend Micro AP) and Law Chee Wan (Technical Sales, Trend Micro Malaysia). Cyber Security Malaysia was represented by Dr. Aswami Ariffin (Senior VP, CyberDEF@CSRS).

 

The Trend Micro Red Code 2017 Key Takeaway Points

Cybersecurity Best Practices

  • Keep legacy systems and current secure: There are organizations still using Windows XP, Vista, or 7, for all of which Microsoft has ended support. This means there will no longer be security patches or updates anymore, leaving these systems vulnerable to cyberattacks. The recommendation is to quickly move to a new system or keep the current ones secure with third-party security software.
  • Protect data storage systems: Wherever data is – on-premise, cloud, or in virtualized or hybrid environments – it has to be protected.
  • Detect/prevent breaches: Targeted attacks can breach your organization without ever alerting traditional early warning and defense systems. Fail to spot an incursion, and you could be hit with industry fines, reputation damage and legal costs.
  • Protect information on endpoints: Your organization could have information residing on mobile devices, laptops, and multiple virtual and physical endpoints. The more endpoints, the greater the risk surface.
  • Data encryption: Encrypted data are “useless” to a hacker without the decryption key. It is imperative to encrypt sensitive data for both those in transit and those at rest.
  • Backup of data: It is extremely important to have backups of consumer data. In an event where a breach happens and all information is stolen or encrypted by the hacker, at the very least an organization would still have the backups to carry on daily service, while trying to resolve the issue.
  • Frequent assessments: Regular “checkups” on the capabilities of the system as well as the knowledge and education of employees is important. Trend Micro offers server assessments and also recommends that the people within the organization also be assessed via methods such as sending out test “phishing” emails.

 

Cybersecurity Awareness

  • Cybersecurity awareness programs help get employees up to speed with the latest attacks, safe internet practices, security policies, and how to spot a security threat.
  • Within an organization, there must be security policies governing the use of data and access to certain systems and programs.

 

Multi-Layered Security

To mitigate the risk of infection as effectively as possible, organizations to take a layered approach to security – from the gateway to the network, server and endpoint.

  1. Email and Web Gateway Protection
    This will give a good chance of preventing most ransomware from reaching your users – whether that’s via a phishing email or a malicious website.[adrotate group=”2″]
  1. Endpoint Security
    For a small percentage of ransomware threats that might make it through the web/email gateway protection, endpoint security will monitor for suspicious behavior, enforces application whitelists and features vulnerability shielding to protect against unpatched vulnerabilities that ransomware often takes advantage of.
  1. Network Defense
    This layer guards against ransomware that spreads into the organization via network protocols.
  1. Server Protection
    This is where most of the organization’s critical enterprise data will reside. It is essential to ensure any unpatched vulnerabilities are protected from ransomware via virtual patching, through a security solution which can monitor for lateral movement and file integrity.

Go Back To > Events | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Kaspersky Lab Launches The Goondus Awards!

Petaling Jaya, 18 August 2017Kaspersky Lab just launched a campaign in Asia Pacific to educate the public and spread awareness on Internet safety. Known as the Goondus Awards, the campaign is inviting submissions from the public on Internet mistakes and faux pas that have led to reputational, financial or property damage or loss for individuals.

 

The Goodus Awards

The Goondus Awards website which features the submissions anonymously, highlights real life incidents where a naïve or ill-informed Internet practice led to some form of misfortune.

“We want to educate people about safer Internet behaviours and to showcase real world examples of missteps leading to some form of loss or damage. While some stories may be humorous and even incredulous, the repercussions and damage were real and in some cases severe,” explained Sylvia Ng, General Manager, South East Asia. “As our entries are entirely anonymous, we’re encouraging a community led campaign to drive home the message that only safe practices will make the Internet safer for users.”

The Goondus Awards showcases a wide array of stories ranging from humorous occurrences to unintelligent acts and sad episodes involving monetary or reputational loss. The campaign acts as an initiative to raise cyber security awareness in an engaging form through the sharing of personal stories. It also serves to help web visitors foster positive and pleasant online experiences.

With the ease of access to the Internet, users have developed a sense of complacency or even a mild form of naivety in their daily digital lives, potentially lending themselves to becoming victims of cybercrime.

The Goondus Awards aim to remind users that they are not completely safe from cybercriminals and that they need to be vigilant, practice and maintain Internet etiquette to protect themselves.

Malaysians, including millennials and Gen Y professionals have also been burnt by the infamous love scams. According to a report by the Federal Commercial Crime Investigation Department (CCID) in 2016, a total of 2,497 love scam cases were reported with losses close to RM100 million. It proves that Goondus are fools for love.

The fact that identity theft can happen so close to home and lead to financial loss was very disturbing and shocking to the individuals in this example.

 

Goondus Awards Submission & Contest Details

The criteria for the story entries are that they must be based on actual events leading to tangible or intangible losses concerning Internet use. The winning stories will be selected by a panel of judges where participants stand a chance of winning an iPad Mini or a Tablet and even monthly prizes like a Kaspersky Lab premiums hamper.

The website also includes tips and advice from cyber security experts and elaborations on the different types of scams such as Internet love sex scams, credit for sex scams and phishing scams, to further inform users.

To submit a story, fill in the requested information such as your name, email address and contact number, along with the type of scam, story title and the full story in the website. The “Tips” section of the website features articles from the Kaspersky Lab blog and are categorised based on the various issues and forms of scams highlighted in the website. This educational content serves to advise users on how to prevent such incidents from occurring.

 

Cybersecurity Incidents In Malaysia

[adrotate group=”2″]

In 2016 alone, CyberSecurity Malaysia received 8,334 reports related to cyber security incidents. Between 2012 to 2016, CyberSecurity Malaysia received a total of 50,789 cyber security incidents. Of the figure, fraud contributes to almost 40 per cent or 20,141 followed by hacktivism (9,918), spam (9,210) and cyber threats (2,333).

More than 70 per cent of the incidents reported involved financial implications, including phishing, online banking fraud, credit card fraud and online scams among others. Statistics from The Royal Malaysian Police recorded 113 phishing cases resulting in total losses of RM1.91.

Comparing last year’s May and 2017’s May result in terms of cybercrime rate, is it evident that the figure has grown and especially cyber harassment case has rose over 50% according to CyberSecurity Malaysia. It is also evident that, statistics in May shows cases such as frauds, spams and malicious codes rose compared to last year.

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Mikko Hypponen On The Death Of Antivirus @ AVAR 2016

Mikko Hypponen is the Chief Research Officer at F-Secure, where he has worked since 1991. He is one of the world’s foremost expert on computer security, serving on the advisory board of IMPACT (International Multilateral Partnership against Cyber Threats).

He is a sought-after speaker who has given keynotes and presentations at security events like Black Hat and DEF CON, as well as mainstream events like TED and SXSW. He even speaks at military events and writes for BetaNews and Wired.

It was therefore a great opportunity to hear him speak about the purported death of antivirus software and services at the 2016 AVAR Conference. Join us for his full talk on the latest security threats and the future of the antivirus industry!

 

The 2016 AVAR Conference

Malaysia was the host for the 2016 AVAR (Association of Anti-Virus Asia Researchers) Conference with delegates from all over the world. The hosts were F-Secure Malaysia, together with MDEC (Malaysia Digital Economy Corporation) and Cybersecurity Malaysia.

MDEC Vice President Norhizam Kadir kicked off the 2016 AVAR conference by explaining how MDEC aims to catalyse the Malaysian digital economy.

Every year, the AVAR Conference is held in one of its many members’ countries with focus on various aspects of the information security world or underworld. The mission of AVAR is to develop cooperative relationships among prominent experts on cyber security, with participation from countries such as Malaysia, Australia, China, Hong Kong, India, Japan, Korea, Philippines, Singapore, Taiwan, UK, and the USA. [adrotate banner=”5″]

 

Mikko Hypponen : Is Antivirus Dead?

Now, learn from Mikko Hypponen about the latest security threats and the future of the antivirus industry! Whether you are an antivirus researcher, a computer security professional, or just a tech geek, this talk will rivet you. No wonder he’s such a sought-after speaker!

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Dimension Data and AIG Offer End-To-End Cyber Security Protection

September 20, 2016 – In a first-of-its-kind partnership, Dimension Data (Malaysia) Sdn Bhd and AIG Malaysia Insurance Berhad signed a Memorandum of Understanding (MOU) to offer their clients more extensive end-to-end cyber security protection tailored to their risk profiles.

This pilot partnership to provide end-to-end cyber security protection combines the cyber security capabilities of Dimension Data, and AIG’s CyberEdge insurance. Dimension Data will assess the risk level of an organisation’s IT systems, while AIG provides the insurance coverage, access to tools, and best practices to increase their security posture.

 

How Will The Dimension Data – AIG Cyber Security Protection Work?

In this video, Guido Crucq, General Manager (Security Solutions Business Unit) of Dimension Data Asia Pacific, gives a short presentation on cyber security protection, and how Dimension Data can help AIG’s clients reduce risk and cost of insurance.

Next, Jason Kelly, Head of Liabilities & Financial Lines of AIG Asia Pacific, explains the rationale behind the AIG CyberEdge insurance, and how Dimension Data can help reduce its cost for companies.

Finally, Dr. Amirudin from CyberSecurity Malaysia gave a presentation on the Malaysian perspective of cybersecurity.

This joint effort is a response to requests from AIG clients for a more comprehensive risk management approach that includes the assessment of risks. With Dimension Data’s assessment in hand, AIG can better customise the right protection plan to meet the requirements of their clients. AIG clients can also use Dimension Data’s assessment to effect necessary cybersecurity changes to reduce their insurance premiums.

Recent statistics from CyberSecurity Malaysia, the national cyber security specialist agency under the Ministry of Science, Technology and Innovation (MOSTI), showed that in 2015, Malaysia reported a total of 27 million cases involving Botnets. Botnets are a number of computers that have been set up to forward transmissions, which include spam or viruses, to other computers on the internet.

[adrotate banner=”5″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!