Tag Archives: Enterprise security

Synology World Backup Day 2024 Briefing + Demo!

Ahead of World Backup Day on March 31, Synology held an exclusive briefing and demo of its cutting-edge data management, and security features! Watch the video, and find out what Synology demonstrated!

 

Synology World Backup Day 2024 Briefing + Demo!

On 21 March 2024, Jason Sin, Country Manager at Synology Malaysia, gave an exclusive briefing and demo of its latest data management, and security features, in Kuala Lumpur.

The live session showcased Synology’s exclusive backup features like Active Backup Suite, and Snapshot Replication; highlighting practical use cases against malicious access, accidental deletion, and ransomware threats.

Jason Sin also emphasised the importance of data integrity, and data recovery in the face of virus or ransomware attacks.

Recommended : Synology DiskStation DS223j 2-Bay NAS Review!

During his presentation, he showcased three critical phases of a robust data protection process using Synology solutions:

Prevention of Ransomware Attacks

Synology demonstrated Secure SignIn, a secure login framework designed to enhance account security of Synology DiskStation Manager (DSM), the operating system that powers every Synology NAS.

This feature verifies sign-ins using multiple methods, including approved sign-ins, verification codes (OTP), and hardware security keys. This allows users and businesses to significantly reduce the risk of unauthorised access and potential ransomware attacks.

Centralised Data Protection

Active Backup for Business is Synology’s all-in-one data protection solution. Synology highlighted its ability to centralise protection across diverse IT environments, including virtualised environments, physical servers, file servers, and personal computers.

In the demo session, Synology showcased how administrators can efficiently deploy and manage data protection strategies through a centralised admin console, ensuring comprehensive backup coverage and seamless continuity of operations.

Recommended : 4TB Synology Plus (HAT3300-4T) Hard Disk Drive Review!

Comprehensive, Streamline Data Recovery

Synology demonstrated how Snapshot Replication efficiently streamlined data recovery, providing backup capabilities against threats like accidental deletion and viruses. Synology also simulated a ransomware attack by encrypting a file, followed by a swift data recovery conducted through Snapshot Replication.

This showcased its effectiveness in restoring systems to a previous state and emphasized that only a rapid, comprehensive data solution is effective for both end users and enterprises. Administrators can configure scheduled snapshots and retention settings, ensuring efficient data management and recovery, even in scenarios where ransomware attacks occur.

 

Selected Synology NAS Drives

If you are interested in purchasing Synology NAS drives, here are some highly-rated options you can buy online.

Please note that Tech ARP may receive a referral fee through these and other purchase links.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Computer | Enterprise | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

WithSecure Signs Partnership Agreement With LGMS!

Finland’s WithSecure Corporation just signed a partnership agreement with LGMS Berhad to develop cybersecurity solutions for the SME market in Malaysia!

 

WithSecure Signs Partnership Agreement With LGMS

On Wednesday, 1 November 2023, Finland’s WithSecure Corporation (formerly known as F-Secure Business) signed a partnership agreement with LGMS Berhad (LGMS) to develop cybersecurity solutions for the SME market in Malaysia!

The partnership agreement was signed by LGMS Executive Chairman Fong Choong Fook and WithSecure Corporation CEO Juhani Hintikka, who flew in from Finland to emphasise its importance while demonstrating support for the progress of Malaysia’s Digital Economy.

The signing was witnessed by Malaysia Deputy Communications and Digital Minister Teo Nie Ching, together with His Excellency Sami Leino, Ambassador of Finland to Malaysia and Brunei.

Recommended : WithSecure Takes Offensive Security Approach To Cloud Threats!

The Deputy Minister said that the partnership was ‘timely’, and represents a ‘significant leap’ towards a secured Digital Economy, and more so ahead of the National Cybersecurity Bill the Unity Government is set to unveil in early-2024.

This partnership is also aligned with the government’s ‘Ekonomi Madani’ vision of attracting significant foreign direct investments and generating avenues for technological advancements and innovations.

It serves to demonstrate how collaborative efforts can facilitate a robust, secure and prosperous digital ecosystem, thereby solidifying Malaysia’s position as a preferred destination for global tech investments.

The partnership agreement today between LGMS and WithSecure embodies a philosophy of attracting significant foreign direct investments and generating avenues for technological advancements and innovations.

It serves to demonstrate how collaborative efforts can facilitate a robust, secure and prosperous digital ecosystem, thereby solidifying Malaysia’s position as a preferred destination for global tech investments.

– Malaysia Deputy Communications and Digital Minister Teo Nie Ching

WithSecure CEO Juhani Hintikka expressed his ‘deepest appreciation’ to the Deputy Minister for endorsing this partnership, stating, “Your presence significantly amplifies the resonance of this initiative, showcasing a unified front in our endeavour to foster a secure and prosperous Digital Economy for Malaysia and also the region.

Recommended : How WithSecure Offensive Security Drives Business Resilience!

 

WithSecure – LGMS Partnership Agreement Details

WithSecure is today a leading international cybersecurity group which had also invested significantly in Malaysia and in nurturing local talent. Besides its headquarters in Helsinki, Finland, WithSecure houses its intelligence, customer support, business operations and shared services in Kuala Lumpur for its Asia-Pacific operations.

LGMS Berhad, meanwhile, has been recognised as Cybersecurity Malaysia’s ‘Company of the Year’ with Fong himself being acknowledged as ‘Cybersecurity Professional of the Year’.

Fong said that, within today’s Digital Economy, cyberthreats and ransomware attacks have become more sophisticated and rampant and potential damages to SMEs, who often lack the necessary IT expertise and resources, can be catastrophic.

Most SMEs today are just one cyber attack away from a devastating setback or even closure. Recognising that most SMEs might not possess advanced IT know-how, our collaboration with WithSecure aims to deliver cybersecurity solutions that are not only robust but also intuitive and user-friendly.

The purpose is to empower our SME community to navigate the digital landscape confidently and securely.

– LGMS Executive Chairman Fong Choong Fook

This localised cybersecurity approach underscores WithSecure’s understanding of the region’s unique digital ecosystem and our commitment to crafting solutions that align with local business needs. It embodies WithSecure’s ethos of merging global cybersecurity expertise with local insights to foster a safer digital realm.

– WithSecure Corporation CEO Juhani Hintikka

One product of this partnership is the ‘Made in Malaysia’ StarSentry solution – a plug-and-play model that is more than just a ‘shield’ for SMEs but offers a proactive approach to threat prevention.

This solution is also aligned with broader sustainability goal and embraces the ESG framework of safeguarding critical infrastructures, nurturing a secure digital community and reinforcing stringent governance standards, demonstrating an unwavering commitment to responsible, transparent business operations.

Pre-orders for the solution can already be made.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

How WithSecure Offensive Security Drives Business Resilience!

Find out how WithSecure harnesses the power of offensive security to drive business resilience and enhance protection for its clients!

 

WithSecure Drives Business Resilience Through Offensive Security!

WithSecure (formerly known as ‘F-Secure Business’) is harnessing the power of offensive security in its co-security and co-monitoring products and services. This revolutionary approach is designed to anticipate and mitigate cyber threats by understanding them from an attacker’s perspective.

During the SPHERE security conference 2023, WithSecure’s Chief Product Officer, Antti Koskela, shed light on their game-changing offering called ‘attack surface management.’ This managed service offers a comprehensive view of vulnerabilities in a company’s cloud-based estate.

As a result, WithSecure’s focus on the digital perimeter empowers businesses to reduce their overall attack surface, enhancing their cybersecurity posture in the ever-evolving threat landscape.

Recommended : WithSecure Takes Offensive Security Approach To Cloud Threats!

 

How WithSecure Offensive Security Drives Business Resilience!

WithSecure also introduced three groundbreaking services that amplify their commitment to ‘outcome-based security’ and ‘co-security’. This groundbreaking development was revealed by WithSecure Executive Vice President (Solutions) Scott Reininga, also at the SPHERE security conference 2023.

Reininga underscored WithSecure’s unparalleled expertise in offensive security, revealing that they are the home of one of the world’s most proficient offensive security teams. This team, a fusion of penetration testers (pentesters), red, blue and purple teamers, has profound knowledge of adversary tactics, tradecraft, and techniques.

Penetration testing is a cybersecurity practice that aims to discover vulnerabilities in a system by simulating controlled attacks. Their goal is not to cause damage but to pinpoint weaknesses for rectification. This proactive method, which can involve exploiting software vulnerabilities or simulating social engineering tactics, is key in any comprehensive cybersecurity strategy, offering a practical evaluation of potential risks rather than a theoretical one.

Our relentless pursuit of research and system testing allows us to uncover system vulnerabilities proactively. This crucial data is the building block of our products that are proactive, minimally disruptive, and crafted from the perspective of an attacker.

– Scott Reininga, WithSecure Executive Vice President (Solutions)

These insights were unveiled by Reininga during his recent product launch event titled ‘Co-security and co-managed services for partners’. He was joined on stage by WithSecure Vice President (Offering and Customer Experience) Niko Isotalo.

Expanding on WithSecure’s strategic approach, Isotalo said that the company’s outcome-based security framework model “connects Chief Information Security Officers (CISOs) and board members, offering clarity about the interplay between security outcomes and business objectives.”

This alignment clarifies the indispensable role of security in the core business framework to board members.

– Niko Isotalo, WithSecure Vice President (Offering and Customer Experience)

Recommended : Avanade Launches New Generative AI Services!

Reininga and Isotalo unveiled the three new offerings during their joint session. The first, termed “co-monitoring,” is a partnership model. WithSecure validates the genuineness of security incidents before alerting the duty manager, effectively curbing false alarms.

WithSecure collaborates with clients to supervise their digital ecosystems, particularly during periods when they are stretched thin on resources. This service, providing support beyond standard working hours, can also deliver round-the-clock monitoring if necessary.

Isotalo further introduced the second service, incident readiness software, recognising that many organisations lack comprehensive incident readiness plans.

Our software simplifies the creation, testing, and updating of such plans, which serve as essential shields against cyber threats.

Recommended : 5 Strategies for Negotiating Airfare Discounts with SAP Concur!

Focusing on the urgency of immediate incident response, Reininga introduced the third service, an incident response retainer.

Our incident response retainer provides unlimited incident response within the critical initial 72 hours of an event. We eliminate the need for negotiation about budget and resource allocation.

We engage consultants rapidly, supported by our globally lauded 24/7 incident response team and top-tier threat intelligence unit, guaranteeing our customers industry-leading service level agreements (SLAs).

By integrating offensive security acumen, co-monitoring capabilities, incident readiness software, and swift incident response, WithSecure empowers organisations to effectively safeguard their digital assets and curtail the impact of potential breaches.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > BusinessCybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

MSI Hit By $4 Million Ransomware Attack + Data Theft!

MSI just got hit by a massive ransomware attack, but even worse – it lost a ton of critical data to the hackers!

 

MSI Hit By Ransomware Attack + Data Theft!

On 7 April 2023, MSI (Micro-Star International) was hit by a ransomware attack, in which the hackers allegedly exfiltrated 1.5 terabytes of source codes, BIOS firmware, private keys and other data from its servers.

In its terse regulatory filing with the Taiwan Stock Exchange (TWSE), MSI admitted that it was hacked, but did not detail the circumstances or nature of the attack.

After detecting some information systems being attacked by hackers,MSI’s IT department has initiated information security defense mechanism and recovery procedures. The Company also has been reported the anomaly to the relevant government authorities.

MSI claimed that the attack had “[no] significant impact our business in terms of financial and operational currently“, but said that it was “enhancing the information security control measures of its network and infrastructure to ensure data security.

In a public statement, MSI also urged users to only obtain firmware / BIOS updates from its official website, and refrain from using other sources.

Read more : MSI Users At Risk Of Rogue BIOS / Firmware Updates!

 

Hackers Demand $4 Million From MSI To Not Release Stolen Data

The MSI ransomware attack and data theft appear to be committed by the Money Message ransomware gang.

While MSI has apparently restored files encrypted by Money Message’s ransomware, the gang now has access to about 1.5 terabytes of critical MSI data.

According to BleepingComputer, chats between Money Message and an MSI representative show the gang demanding a ransom payment of $4 million. Otherwise, Money Message will release the stolen files.

To show that they did indeed steal those MSI files, Money Message posted screenshots of what they describe was MSI’s Enterprise Resource Planning (ERP) databases and files containing software source code, private keys, and BIOS firmware.

Recommended : Can Approve New Participant block WhatsApp hackers?!

If Money Message releases MSI confidential data, it may not just be embarrassing for the Taiwanese company, it could allow other threat actors to use the source code and private keys to create malware targeting their customers.

In light of that, MSI users should only download and install software or BIOS firmware from the official MSI website.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | SoftwareTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

2020 Dell EMC PowerProtect DP Series IDPA : What’s New?

Dell Technologies just announced the 2020 Dell EMC PowerProtect DP Series appliances!

Here is what you need to know about the next-generation integrated data protection appliances!

 

2020 Dell EMC PowerProtect DP Series : What Is It?

The 2020 PowerProtect DP series is the next-generation family of integrated data protection appliances (IDPA) from Dell Technologies.

They offer a complete solution for backup, recovery, replication, deduplication, cloud readiness with disaster recovery, and long-term rotation to the public cloud!

The 2020 Dell EMC DataProtect DP series are all-in-one data protection solutions that offer :

  • Storage capacities from 8 terabytes to 1 petabyte
  • Greater efficiency, with up to 65:1 data reduction
  • Up to 38% faster backups, and up to 45% faster restores, compared to previous generation.
  • Instant access and restore of up to 50% greater IOPS, compared to previous generation.
  • Consumes up to 23% less power than the previous generation
  • Cloud long-term retention, and cloud DR-ready
  • VMware integration

The 2020 Dell EMC DataProtect DP series is also guaranteed under the Future-Proof Program, and is part of the Dell Technologies on Demand program.

 

2020 Dell EMC PowerProtect DP Series : Models + Key Specifications

The 2020 Dell EMC PowerProtect DP series consists of four models – DP4400, DP5900, DP8400 and DP8900. Here are their key specifications.

Specifications DP4400 DP5900 DP8400 DP8900
Physical Capacity 8 TB to 96 TB 96 TB to 288 TB 192 TB to 768 TB 576 TB to 1 PB
Physical Capacity
with Cloud Tier
Up to 288 TB Up to 864 TB Up to 2.3 PB Up to 3 PB
Logical Capacity Up to 4.8 PB Up to 18.7 PB Up to 49.9 PB Up to 65 PB
Logical Capacity
with Cloud Tier
Up to 14.4 PB Up to 56.1 PB Up to 149.7 PB Up to 195 PB
Max Throughput Up to 9 TB/hr Up to 33 TB/hr Up to 57 TB/hr Up to 94 TB/hr
Drive Type SAS 12 TB SAS 4 TB SAS 8 TB SAS 8 TB
Networking 8 x RJ45, or
8 x SFP
4 x 40 GbE uplinks
Each Quad SFP port can be split into 4 x 10 GbE
Max. Power 475 VA 2,830 VA 5,480 VA 7,250 VA
Thermal Rating 1,620 BTU/hr 9,300 BTU/hr 17,800 BTU/hr 23,400 BTU/hr

 

2020 Dell EMC PowerProtect DP Series : Availability

The 2020 Dell EMC PowerProtect series appliances – DP4400, DP5900, DP8400 and DP8900 – will be available globally in December 2020.

 

Recommended Reading

Go Back To > Enterprise IT  | Cybersecurity | Home

Support Tech ARP!

If you like this review, please support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


VMware vSphere 7 Now Supports AMD SEV-ES Encryption!

VMware just announced that vSphere 7 Update 1 will add support for AMD SEV-ES encryption!

Find out what this means for enterprise security, and the future of AMD EPYC processors!

 

AMD SEV-ES Encryption : What Is It?

SEV-ES, short for Secure Encrypted Virtualization-Encrypted State, is a hardware-accelerated encryption capability in AMD EPYC processors.

Leveraging both the AMD Secure Processor and the AES-128 encryption engine built into every AMD EPYC processor, SEV-ES encrypts all CPU register contents when a virtual machine stops running.

This prevents the leakage of information from the CPU registers to components like the hypervisor. It can even detect malicious modifications to a CPU register state.

 

VMware vSphere 7 Now Supports AMD SEV-ES Encryption!

VMware vSphere 7 Update 1 adds support for both AMD SEV-ES and AMD EPYC processors.

The AMD Secure Processor in the first-generation EPYC processors can handle up to 15 encryption keys.

That increases to more than 500 encryption keys with the second-generation EPYC processors.

ESXi has many layers of isolation within its virtualised infrastructure, but all of that is implemented in software. They still require a level of trust in the hardware, which is where AMD SEV-ES comes in.

A guest operating system that supports SEV can ask the AMD Secure Processor to issue it an encryption key, for full in-memory, in-hardware encryption.

SEV-ES extends that protection to CPU registers, so that the data inside the CPU itself is encrypted. This protects the data from being read or modified when the virtual machine stops running.

Even a compromised hypervisor that accesses the register data cannot make use of it, because it is now encrypted.

Needless to say, adding support for AMD SEV-ES in vSphere 7 will spur the uptake of AMD EPYC processors in the datacenter.

 

Recommended Reading

Go Back To > Enterprise IT | CybersecurityHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


HUAWEI 5G Aces GSMA NESAS Security Audit : The Impact?

In a bit of good news after months of bad news, HUAWEI announced that their 5G wireless and core network equipment passed the GSMA NESAS cybersecurity audit!

While that is great news for them, what exactly is the impact on the deployment of HUAWEI 5G equipment globally?

 

HUAWEI 5G Passes GSMA Network Security Assurance Audit!

In a bit of good news after months of bad news, HUAWEI announced that their 5G wireless and core network equipment passed the GSMA Network Equipment Security Assurance Scheme (NESAS) audit!

  • 5G RAN gNodeB
  • 5G Core UDG, UDM, UNC, UPCF
  • LTE eNodeB

Here is a summary of the twenty NESAS assessment categories and the compliance levels of the HUAWEI 5G equipment that were tested :

Prior to passing the GSMA NESAS audit, these HUAWEI 5G equipment also passed the 5G cybersecurity test by China’s IMT-2020 (5G) Promotion Group, using test specifications based on 3GPP International standards for 5G security assurance.

 

HUAWEI 5G Faces Political, Not Technical, Pressures

Passing the GSMA NESAS audit will help assuage the cybersecurity concerns of nations planning, or already implementing HUAWEI 5G network equipment.

However, HUAWEI faces political, not technical, pressures with their 5G network equipment.

The 100% compliance score in the NESAS audit will not change minds in the US, and their Five Eyes partners are unlikely to consider HUAWEI 5G equipment.

That said, passing this audit will nevertheless strengthen HUAWEI’s shield against claims that their 5G equipment pose much greater cybersecurity risks than competing platforms.

It will help them win additional contracts in smaller countries whose concerns are far less about cybersecurity and privacy, and more with costs.

 

GSMA Network Security Assurance Scheme (NESAS)

The GSMA Network Equipment Security Assurance Scheme (NESAS) audit is a standardised cybersecurity assessment mechanism, jointly defined by GSMA (GSM Association) and 3GPP, together with regulators, industry partners, major global operators, and vendors.

This is a voluntary program which network equipment vendors can subject their product development and lifecycle processes to a comprehensive and independent security audit.

The GSMA NESAS covers 20 assessment categories, defining security requirements with an assessment framework for 5G product development and product lifecycle processes. It also uses security test cases by 3GPP to assess the security of network equipment.

 

Recommended Reading

Go Back To > Business | Cybersecurity | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Exclusive : Tanduay Distillers Factory Visit + Rum Tasting Tips!

Famed Filipino rum company, Tanduay, invited us to their main distillery in Manila to showcase their latest digital transformation initiative with SAP S/4HANA. We were also given an exclusive tour of their plant, and privileged to learn how to taste rum from mixologist and Tanduay brand ambassador Lee Watson.

 

Tanduay Makes The World’s Best-Selling Rum

A 164-year old brand, Tanduay rose from humble beginnings to establish itself as the world’s top-selling rum brand in 2018, taking over the crown long held by Bacardi.

After its acquisition by the Lucio Tan group 30 years ago, the brand underwent plant modernisation and expansions, which greatly increased their production capacity. Today, they have three separate facilities – all ISO-compliant, with the Cabuyao plant recently completing its ISO-9001:2015 certification.

In 2014, Tanduay Distillers Inc. President and CEO, Lucio “Bong” K. Tan Jr, took over the reins of the company. He kickstarted the global expansion of the brand. that ultimately led to Tanduay wresting the crown from Bacardi in just 4 years.

Recently, Tanduay opted to begin their digital transformation by adopting SAP S/4HANA, with seven modules – Materials Management, Production Planning, Warehouse Maintenance, Sales and Distribution, Enterprise Asset Management, Finance and Controlling.

Adopting S/4HANA would allow them to greatly automate their current processes, and cut the number of steps from procurement to the delivery of the final product. It will also allow them to greatly reduce paperwork, and the workload of their staff.

 

Lee Watson Teaches How To Taste Rum!

Tanduay also took the opportunity to showcase their famous Gold and Silver Asian Rum. They brought in mixologist and Tanduay brand ambassador Lee Watson to teach us how to taste rum. Now you can learn from him, and give it a try too!

 

The Tanduay Distillery Tour

We were given a tour of their main distillery just outside of metro Manila. If you want to see how they make the world’s most popular rum, you must check out this video!

 

Recommended Reading

[adrotate group=”2″]

Go Back To > Enterprise & Business | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Exclusive : Tech ARP Interviews Keith Martin Of F-Secure!

F-Secure Regional Director of APAC and Japan, Keith Martin, flew into Singapore to ink a major regional partnership agreement with ACE Pacific Group.

Timothy Shim from Tech Barrista and I had the opportunity to interview Mr. Martin about cybersecurity trends in Asia Pacific and worldwide.

 

Tech ARP Interviews Keith Martin

Keith Martin is the Head of Asia Pacific Corporate Business, F-Secure. Here was our exclusive interview with Mr. Martin after he officially signed the APAC partnership agreement with ACE Pacific Group.

The Cybersecurity Business

Tech ARP : How has your long experience in Japan helped you with F-Secure’s business in Japan?

Keith Martin : Japan is one of the largest market for F-Secure, and we are trying to replicate that (success) in the APAC region.

Tech ARP : Are you still based in Japan?

Keith Martin : Yes, but I have now racked up a lot of frequent flyer miles.

Tech ARP : What are your thoughts on the cybersecurity market in the APJ (Asia Pacific and Japan) region?

Keith Martin : Japan is a large market, but the growth rates are relatively stable. We look at the Asia Pacific region (which includes India, Australia and New Zealand), as the next source of growth for F-Secure.

Tech ARP : What are your plans, and areas of focus, for the APJ region?

Keith Martin : Without question, Singapore is going to be a major focus for F-Secure, as well as Australia and New Zealand. We just signed a major partnership agreement with ACE Pacific, which will be a cornerstone of our strategy in coming years.

Cybersecurity Backdoors

Tech ARP : Chinese and Russian companies have been hit by accusations of cyber espionage and hacking, loose security and/or inserting backdoors into their products. Do you see this as a good opportunity to promote F-Secure’s products, or is this a poison pill for the entire industry?

Keith Martin : I don’t think it’s a poison pill for the entire industry. I have never seen any direct evidence that these go beyond mere accusations, but I understand the need to be cautious. One of the things that F-Secure is proud of is our policy that we will never add a backdoor into our products.

We are willing to walk away from any business if it means adding a backdoor. This is just the way we operate, because Finland has extremely tough privacy laws.

I think it’s absolutely an opportunity for us to differentiate ourselves (from the other cybersecurity companies) with our public pledge never to add backdoors in our software.

Tech ARP : Some countries like China and Russia are demanding access to encryption keys, and in some cases, requiring registration of VPN services. How do those tightening laws affect F-Secure products like Freedome VPN?

Keith Martin : F-Secure is very focused on maintaining the security of our products, so if those are the requirements, we will decline and get out of those markets. We would rather walk away from the potential business, than compromise the security of our products.

Government Interest

Tech Barrista : On the geopolitical implications of malware, do you feel that governments are increasingly more focused on cybersecurity on a national scale?

Keith Martin : For sure. We now see nation states attacking each other. There’s no denying that fact. Look at Stuxnet, that malware (which was targeted at Iran) got released into the wild and suddenly, people have the technology to use it elsewhere for nefarious purposes. I think that any country that does not pay attention to cybersecurity is sticking their heads into the sand.

Tech Barrista : Do you feel that this presents a greater opportunity for F-Secure?

Keith Martin : It represents opportunity, of course, but our mission as a company is to stop the spread of malware and cybersecurity attacks, wherever they happen. It’s a kind of Catch-22 situation, where we wish that nation states would not attack each other, but yes, we have the opportunity to help them protect themselves against such attacks.

Transparency

Tech ARP : What is F-Secure doing to promote and enhance source code transparency? Like opening up transparency centers?

Keith Martin : At this point in time, there are no plans to do so. We have a very good reputation throughout our 30-year history of being straightforward and upfront. I have never seen any accusations against us of malicious activities.

Tech ARP : Does F-Secure allow corporations or countries with concerns to inspect their code?

Keith Martin : I don’t know of any specific situations in Asia Pacific where F-Secure has allowed this. It may have been allowed in other regions, where governments have specific concerns, but I’m not aware of those situations.

Malware Galore!

Tech ARP : Ransomware and phishing attacks are big problems these days. Can you detail how F-Secure can help users prevent or mitigate the risks of ransomware and/or phishing attacks.

Keith Martin : Third-party analysis of our software show that we are actually better at detecting these 0-day attacks than any other companies out there. We pride ourselves in detecting not just the malware we know about, but also the malware we don’t about, using technologies we have been developing over the last 20 years.

We have a multi-layered engine, where we use everything from the basic pattern matching technology, to heuristics, etc. so that if it doesn’t catch the malware on the first layer, it will catch the malware on the second or third or fourth layer.

Tech Barrista : Is malware-as-a-service now common?

Keith Martin : It is becoming more and more common. The entry barrier to launching a malware attack is now much lower due to the ability to outsource the creation of the malware.

Cybersecurity Risks Of IoT Devices

Tech Barrista : With cybercriminals leveraging the Internet of Things and Artificial Intelligence, how much more complex do you see the cybersecurity landscape becoming?

Keith Martin : It’s becoming incredibly complex. Our Chief Research Officer Mikko Hypponen said, “Once you connect something to the Internet, it’s vulnerable“. Billions of devices connected to the Internet become potential attack vectors for cybercriminals.

Most IoT devices don’t have good security. If you can get into one of those devices, you can get into the network through them.

Tech ARP : Does F-Secure have any products to mitigate the risks of poorly-secured IoT devices?

Keith Martin : On the consumer side, we have F-Secure Sense, which protects every device on your network.

 

Keith Martin’s Professional Bio

Keith Martin has been Country Manager for F-Secure Japan for 2 years, before being promoted in February 2018 to oversee the entire Asia Pacific region.

Prior to joining F-Secure in 2015, he spent a decade in the telephony and contact center space, first working for four years in Avaya Japan as Director of Multinational Account Sales, followed by six years serving as Japan Country Manager for Interactive Intelligence, a pioneer in cloud contact center technology.

Before that, Keith also spent three years at internet startup ValueCommerce helping build their web hosting platform business before the company was acquired by Yahoo Japan. He got his start at global IT services provider EDS (now HP), delivering IT services to numerous financial industry accounts.

Go Back To > Cybersecurity | BusinessTech ARP

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The Asia Cybersecurity Exchange Initiative Launched!

The Asia Cybersecurity Exchange is designed to nurture the development of new cybersecurity professionals, as well as encourage and support cybersecurity entrepreneurship. Find out how the Asia Cybersecurity Exchange is going to transform Malaysia into one of the world’s major cybersecurity hubs!

 

The Asia Cybersecurity Exchange Initiative

Asia Cybersecurity Exchange is the brainchild of LE Global Services Sdn Bhd (LGMS), formed in partnership with the ACE Group. Its mission is to identify and nurture cybersecurity talents and entrepreneurs in Malaysia. Their ultimate aim – elevate Malaysia as a cybersecurity hub in Asia.

US$ 50 Million Startup Fund

To help nurture cybersecurity entrepreneurs, the ACE Group has also set aside a fund of US$ 50 million / RM 200 million to invest in cybersecurity startups with high growth potential. The Asia Cybersecurity Exchange will help select qualified candidates and mentor their efforts.

MDEC Cybersecurity Development Program

The Malaysia Digital Economy Corporation (MDEC) is also supporting the Asia Cybersecurity Exchange initiative with a 12-month MDEC Cybersecurity Development Program.

[adrotate group=”2″]

This will consist of a series of cybersecurity conferences, hackathons, CISO roundtables, as well as industry collaboration workshops.

Cybersecurity Training & Internships

LGMS, with the help of MDEC and the eight premier tech universities in Malaysia, aim to train as many as 240 cybersecurity specialists in the next 12 months, with the aim of expanding the program in the subsequent years.

The top students selected by their universities will be interviewed and selected by LGMS for training by top cybersecurity experts, with industry mentors to help them nurture those who want to startup their own cybersecurity endeavours.

Go Back To > Events | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

TUV Rheinland : Cyber Risk Management for Industry 4.0

On 19 March 2018, TUV Rheinland invited us to an exclusive Industry 4.0 cybersecurity seminar. Entitled Cyber Risk Management for Industry 4.0, it looks at the role of cybersecurity in securing critical infrastructure and heavy industries, and paving the way for Industry 4.0.

Join us for the presentations by TUV Rheinland cybersecurity experts on how you can secure your company against the latest cyberthreats.

 

Industry 4.0

Industry 4.0 refers to the new industrial trend of creating “smart factories” with highly-networked manufacturing technologies.

Also referred to as the 4th Industrial Revolution, it makes use of cyber-physical systems, Internet of Things, cloud computing and cognitive computing, to automate almost every aspect of the manufacturing process.

Fun Fact : The name Industry 4.0 comes from the German “Industrie 4.0” from the high-tech strategy of the German government to promote the computerisation of manufacturing.

 

TUV Rheinland : Cyber Risk Management for Industry 4.0

The Cyber Risk Management for Industry 4.0 seminar is a platform for TUV Rheinland to share their insights on developing cybersecurity measures to manage operational cyber risk, be it for smart factories, smart devices or smart vehicles.

According to TUV Rheinland, the discipline of Cyber Risk Management can be effectively implemented if cybersecurity and privacy are addressed by design – both in strategy as well as operations. Let’s hear from their experts…

Operational Technology Protected

by Nigel Stanley, Chief Technology Officer of TUV Rheinland Industrial

Automotive Cyber Security

by Rajeev Sukumaran, Director of TUV Rheinland Consulting Services

Critical Infrastructure Protection – Railways & Utilities

by Tarun Gupta, Principal Consultant of TUV Rheinland Industrial Security

Privacy & Security In The IOT World

by Urmez Daver, Vice President of TUV Rheinland Consulting Services

Go Back To > Events | Home

[adrotate group=”1″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The Samsung Galaxy Note7 Knox Security Features Explained

On August 25, 2016, Samsung Malaysia hosted an exclusive Samsung Galaxy Note7 Enterprise Business Showcase at the Marriott Putrajaya. At this event, Samsung focused on the enterprise and business aspects of the Samsung Galaxy Note7, focusing on the new Samsung Knox 2.7 security features.  

Samsung Galaxy Note7 Knox Security Explained

Mr. Young Kim, Vice President of Samsung’s Global B2B Service Group, flew in to give a detailed explanation of the new Galaxy Note7 Knox security features. Check it out :

 

Five New Security Solutions

Thanks to its Samsung Knox security features, iris scanning capability, S-Pen and IP68 water-resistance, the Samsung Galaxy Note7 is designed to address the business and security needs of enterprise users in the field. They help enable the five new security solutions introduced by Samsung at the same event. [adrotate banner=”4″] The new Samsung Cloud Document Solution will benefit corporate professionals and government officials by providing them secured access to classified documents stored in the cloud. Knox Customization allows for software customization on the Galaxy Note7 where corporate IT administrators can add corporate boot image and wallpaper, preload certain applications, and pre-set the device settings. For officers on the field, Incident Report Solution allows them to report incidents and document cases to the system and track progress. Konnected Patrol, on the other hand, authenticates the security officers actual check-in to the sites assigned by the headquarters and identifies the right personnel at the premises. Finally, Secure Document Delivery works specifically to ensure that important parcels are delivered and signed by authorised personnel. These include military delivery of goods and food, weapons real-time monitoring, and security firms’ delivery of cash.  

Samsung Galaxy Note7 Key Features Revealed

For those who have not read up on the cool features introduced in the Samsung Galaxy Note7, don’t worry. In this video, Mr. Julian Thean, Senior Product Manager, Samsung Malaysia, goes through the new features in the Samsung Galaxy Note7.

[adrotate banner=”5″]  

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!

CommunicAsia2016 : Enterprise Security for Mobile & Cloud

by CommunicAsia2016 Summit speaker, Pierre Noel, Chief Security Officer and Advisor, Microsoft Asia

By 2020, four billion people will be online, 50 billion devices will be connected to the internet and data volumes will be an astounding 50 times greater than what we are seeing today.

This enormous explosion of connected devices and data flows and the complexity that comes with it, will make it more challenging than ever before for individuals, organizations and nations to protect themselves against cyberattacks – with greater complexity comes greater risk of malicious attacks and security exposure.

While there will always be new threats, new attacks and new technologies to keep an eye on, here are some security trends businesses in Asia Pacific ought to watch for this year:

 

1. Mobile Malware

As security threats continue to dominate news cycles, this year will be one where we see cybercriminals focus on targeting mobile devices by attacking underlying operating systems and releasing more malware-infected apps.

China leads the world in the number of mobile users, and malware on these devices will surface as a huge problem. A study by Tsinghua University, Microsoft Research, and China’s Ministry of Science and Technology found that only a quarter of apps in the country’s local app stores are safe.

The adoption of mobile payment systems will also lead to a surge in hack activity related to stealing information from new payment processing technologies like EMV credit cards, contactless RFID smart cards, and mobile wallets.

 

2. Online extortion and hacktivism

According to TrendMicro, a Microsoft Partner, rapid growth in online extortion and hacktivism is expected this year, with more sophisticated ways of stealing information and gaining control of webenabled devices being realized.

Malware programs like ransomware, are potentially one of the most dangerous types of computer malware and might be used more frequently by hacktivists in order to encrypt the victim’s personal information like photos or conversations and extort money online to regain control of online accounts and devices

 

3. Password recovery scams, including spear phishing and smishing

Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. Spear phishing attempts are not typically initiated by “random hackers” but are more likely to be conducted by perpetrators out for financial gain, trade secrets, or military information.

Since phishing attacks are no longer limited to email, SMS phishing (smishing) is becoming more common, especially by hackers creating password recovery scams. A criminal hacker only needs a victim’s email address and a mobile phone number to start a password recovery process and compromise their account.

[adrotate banner=”5″]

 

A New Approach To Cyber Security

Ultimately, as Microsoft CEO Satya Nadella, highlighted just last November, the digital world we live in today requires a new approach to how we protect, detect and respond to security threats. Companies must evolve from a simple, “protect and recover” model to a more holistic protect, detect and respond posture that utilizes real-time insights and predictive intelligence across networks to stay ahead of threats.

The current wave of cybersecurity evolution is centered around collecting actionable intelligence, to remain ahead of threats. Attacks such as Ransomware are targeted and follow certain patterns, Malware for example, tends to morph rapidly. To stay ahead of these threats, we need to make full use of the cloud to collect and analyze such information that will tell us what to expect, and where to expect it.

At the same time, it is also critical for companies to strengthen their core security hygiene; adopt modern platforms and comprehensive identity, security and management solutions; and leverage features offered within cloud services. It is just as important to create education and awareness across employee populations in order to build and sustain a pervasive security culture.

While organizations across the region are in various states of readiness with regards to cybersecurity, I remain optimistic as we see more organizations, government and non-governmental companies alike, making cybersecurity a priority and cooperating closely to ensure cyber threats are identified and dealt with quickly.

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!

Trend Micro Leads Server Security Market For 6th Year

DALLAS, 21 January 2016 – Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in security software solutions, today announced it has once again affirmed its leadership in the global server security market, according to industry analyst firm IDC.

In a market sized at over $800M in 2014, Trend Micro has grown its revenue share for server security to 30.3%, outpacing both the market and competitors. For the sixth year in a row, the company has occupied the top spot for server security globally.

“IDC predicts the server security market to continue growing in importance, with virtualization, cloud and hybrid deployments driving the need for a modern approach to security,” says Bill McGee, senior vice president cloud and data center, Trend Micro. “Our leadership position in this market is a reflection of our focus on addressing hybrid cloud needs for our customers, delivering a comprehensive set of controls that can be centrally managed and automated for reduced operational impact across leading environments like VMware, Amazon Web Services and Microsoft Azure.”

Trend Micro’s market-leading Deep Security platform protects virtual desktops and servers, cloud, and hybrid architectures against zero-day malware and other threats while minimizing operational impact from resource inefficiencies and emergency patching.

[adrotate group=”2″]

“When choosing a security solution, today’s enterprises are looking for comprehensive security capabilities that address all of their critical issues,” says Chris Christiansen, program vice president, security products and services, IDC. “Working with a trusted leader in server security is always a good choice – and Trend Micro has led the server security market for six years in a row.”

Trend Micro offers the Deep Security platform as both software and as a service, enabling customers to align their purchasing with their data center and cloud strategy. Representative of Trend Micro’s commitment to the cloud market, Trend Micro Deep Security is also available on the AWS and Azure marketplaces, providing customers with additional purchasing flexibility.

“Almost all information security shops are outgunned every single day. We need a partner like Trend Micro to give us the firepower to fight back,” says Todd Forgie, vice president of IT and managed services, MEDHOST. “Trend Micro picks up outbreaks that other solutions miss. That’s why we decided to go pure-play with Trend Micro and we have not looked back.”

Go Back To > Cybersecurity | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!