Tag Archives: F-Secure

WithSecure Signs Partnership Agreement With LGMS!

Finland’s WithSecure Corporation just signed a partnership agreement with LGMS Berhad to develop cybersecurity solutions for the SME market in Malaysia!

 

WithSecure Signs Partnership Agreement With LGMS

On Wednesday, 1 November 2023, Finland’s WithSecure Corporation (formerly known as F-Secure Business) signed a partnership agreement with LGMS Berhad (LGMS) to develop cybersecurity solutions for the SME market in Malaysia!

The partnership agreement was signed by LGMS Executive Chairman Fong Choong Fook and WithSecure Corporation CEO Juhani Hintikka, who flew in from Finland to emphasise its importance while demonstrating support for the progress of Malaysia’s Digital Economy.

The signing was witnessed by Malaysia Deputy Communications and Digital Minister Teo Nie Ching, together with His Excellency Sami Leino, Ambassador of Finland to Malaysia and Brunei.

Recommended : WithSecure Takes Offensive Security Approach To Cloud Threats!

The Deputy Minister said that the partnership was ‘timely’, and represents a ‘significant leap’ towards a secured Digital Economy, and more so ahead of the National Cybersecurity Bill the Unity Government is set to unveil in early-2024.

This partnership is also aligned with the government’s ‘Ekonomi Madani’ vision of attracting significant foreign direct investments and generating avenues for technological advancements and innovations.

It serves to demonstrate how collaborative efforts can facilitate a robust, secure and prosperous digital ecosystem, thereby solidifying Malaysia’s position as a preferred destination for global tech investments.

The partnership agreement today between LGMS and WithSecure embodies a philosophy of attracting significant foreign direct investments and generating avenues for technological advancements and innovations.

It serves to demonstrate how collaborative efforts can facilitate a robust, secure and prosperous digital ecosystem, thereby solidifying Malaysia’s position as a preferred destination for global tech investments.

– Malaysia Deputy Communications and Digital Minister Teo Nie Ching

WithSecure CEO Juhani Hintikka expressed his ‘deepest appreciation’ to the Deputy Minister for endorsing this partnership, stating, “Your presence significantly amplifies the resonance of this initiative, showcasing a unified front in our endeavour to foster a secure and prosperous Digital Economy for Malaysia and also the region.

Recommended : How WithSecure Offensive Security Drives Business Resilience!

 

WithSecure – LGMS Partnership Agreement Details

WithSecure is today a leading international cybersecurity group which had also invested significantly in Malaysia and in nurturing local talent. Besides its headquarters in Helsinki, Finland, WithSecure houses its intelligence, customer support, business operations and shared services in Kuala Lumpur for its Asia-Pacific operations.

LGMS Berhad, meanwhile, has been recognised as Cybersecurity Malaysia’s ‘Company of the Year’ with Fong himself being acknowledged as ‘Cybersecurity Professional of the Year’.

Fong said that, within today’s Digital Economy, cyberthreats and ransomware attacks have become more sophisticated and rampant and potential damages to SMEs, who often lack the necessary IT expertise and resources, can be catastrophic.

Most SMEs today are just one cyber attack away from a devastating setback or even closure. Recognising that most SMEs might not possess advanced IT know-how, our collaboration with WithSecure aims to deliver cybersecurity solutions that are not only robust but also intuitive and user-friendly.

The purpose is to empower our SME community to navigate the digital landscape confidently and securely.

– LGMS Executive Chairman Fong Choong Fook

This localised cybersecurity approach underscores WithSecure’s understanding of the region’s unique digital ecosystem and our commitment to crafting solutions that align with local business needs. It embodies WithSecure’s ethos of merging global cybersecurity expertise with local insights to foster a safer digital realm.

– WithSecure Corporation CEO Juhani Hintikka

One product of this partnership is the ‘Made in Malaysia’ StarSentry solution – a plug-and-play model that is more than just a ‘shield’ for SMEs but offers a proactive approach to threat prevention.

This solution is also aligned with broader sustainability goal and embraces the ESG framework of safeguarding critical infrastructures, nurturing a secure digital community and reinforcing stringent governance standards, demonstrating an unwavering commitment to responsible, transparent business operations.

Pre-orders for the solution can already be made.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Business | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

How WithSecure Offensive Security Drives Business Resilience!

Find out how WithSecure harnesses the power of offensive security to drive business resilience and enhance protection for its clients!

 

WithSecure Drives Business Resilience Through Offensive Security!

WithSecure (formerly known as ‘F-Secure Business’) is harnessing the power of offensive security in its co-security and co-monitoring products and services. This revolutionary approach is designed to anticipate and mitigate cyber threats by understanding them from an attacker’s perspective.

During the SPHERE security conference 2023, WithSecure’s Chief Product Officer, Antti Koskela, shed light on their game-changing offering called ‘attack surface management.’ This managed service offers a comprehensive view of vulnerabilities in a company’s cloud-based estate.

As a result, WithSecure’s focus on the digital perimeter empowers businesses to reduce their overall attack surface, enhancing their cybersecurity posture in the ever-evolving threat landscape.

Recommended : WithSecure Takes Offensive Security Approach To Cloud Threats!

 

How WithSecure Offensive Security Drives Business Resilience!

WithSecure also introduced three groundbreaking services that amplify their commitment to ‘outcome-based security’ and ‘co-security’. This groundbreaking development was revealed by WithSecure Executive Vice President (Solutions) Scott Reininga, also at the SPHERE security conference 2023.

Reininga underscored WithSecure’s unparalleled expertise in offensive security, revealing that they are the home of one of the world’s most proficient offensive security teams. This team, a fusion of penetration testers (pentesters), red, blue and purple teamers, has profound knowledge of adversary tactics, tradecraft, and techniques.

Penetration testing is a cybersecurity practice that aims to discover vulnerabilities in a system by simulating controlled attacks. Their goal is not to cause damage but to pinpoint weaknesses for rectification. This proactive method, which can involve exploiting software vulnerabilities or simulating social engineering tactics, is key in any comprehensive cybersecurity strategy, offering a practical evaluation of potential risks rather than a theoretical one.

Our relentless pursuit of research and system testing allows us to uncover system vulnerabilities proactively. This crucial data is the building block of our products that are proactive, minimally disruptive, and crafted from the perspective of an attacker.

– Scott Reininga, WithSecure Executive Vice President (Solutions)

These insights were unveiled by Reininga during his recent product launch event titled ‘Co-security and co-managed services for partners’. He was joined on stage by WithSecure Vice President (Offering and Customer Experience) Niko Isotalo.

Expanding on WithSecure’s strategic approach, Isotalo said that the company’s outcome-based security framework model “connects Chief Information Security Officers (CISOs) and board members, offering clarity about the interplay between security outcomes and business objectives.”

This alignment clarifies the indispensable role of security in the core business framework to board members.

– Niko Isotalo, WithSecure Vice President (Offering and Customer Experience)

Recommended : Avanade Launches New Generative AI Services!

Reininga and Isotalo unveiled the three new offerings during their joint session. The first, termed “co-monitoring,” is a partnership model. WithSecure validates the genuineness of security incidents before alerting the duty manager, effectively curbing false alarms.

WithSecure collaborates with clients to supervise their digital ecosystems, particularly during periods when they are stretched thin on resources. This service, providing support beyond standard working hours, can also deliver round-the-clock monitoring if necessary.

Isotalo further introduced the second service, incident readiness software, recognising that many organisations lack comprehensive incident readiness plans.

Our software simplifies the creation, testing, and updating of such plans, which serve as essential shields against cyber threats.

Recommended : 5 Strategies for Negotiating Airfare Discounts with SAP Concur!

Focusing on the urgency of immediate incident response, Reininga introduced the third service, an incident response retainer.

Our incident response retainer provides unlimited incident response within the critical initial 72 hours of an event. We eliminate the need for negotiation about budget and resource allocation.

We engage consultants rapidly, supported by our globally lauded 24/7 incident response team and top-tier threat intelligence unit, guaranteeing our customers industry-leading service level agreements (SLAs).

By integrating offensive security acumen, co-monitoring capabilities, incident readiness software, and swift incident response, WithSecure empowers organisations to effectively safeguard their digital assets and curtail the impact of potential breaches.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > BusinessCybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

WithSecure Takes Offensive Security Approach To Cloud Threats!

WithSecure is harnessing the power of the offensive security approach in tackling evolving cloud threats!

 

WithSecure Takes Offensive Security Approach For Cloud Threats!

In a shifting cybersecurity landscape, WithSecure (formerly known as ‘F-Secure Business’) is harnessing the power of offensive security in its co-security and co-monitoring products and services. This revolutionary approach is designed to anticipate and mitigate cyber threats by understanding them from an attacker’s perspective.

During the recent SPHERE security conference 2023 in Helsinki, Finland, WithSecure’s Chief Product Officer, Antti Koskela, shed light on this approach.

We’ve done identity assessments for many cloud-based companies, unveiling weaknesses in their cloud platforms.

Our offensive security approach is about understanding the attack surface of a cloud-based estate. We focus on the digital perimeter, which is crucial to reducing the overall attack surface.

Koskela went on to explain that WithSecure has distilled this insight into an innovative managed service offering called ‘attack surface management’. This service provides a comprehensive view of a company’s vulnerabilities, including IP addresses, port vulnerabilities, exposed APIs and web services, identity matters, patching levels and more.

With more open architecture, control over your attack surface becomes paramount. ‘Zero trust’ alone isn’t the answer as human errors happen. Our holistic approach helps mitigate this.

Recommended : Avanade + Accenture: 2023 Microsoft Global SI Partner of the Year!

WithSecure’s product suite integrates various cloud-native solutions to deliver protection based on specific client requirements. This collaborative process, termed ‘co-security’, is driven by the security and business outcomes defined by the clients. Koskela emphasised the tripartite focus of their solution:

It’s about process, people, and technology. We collaborate to secure the outcomes, letting company directors steer the course of business.

Our WithSecure Elements platform is the cornerstone of our technology, built collaboratively with our clients.

Koskela acknowledged the evolution of the IT industry, from client-server in the ‘90s to hosted services in the 2000s, cloud computing in the 2010s and cloud-native in the 2020s. He underscored the need for a new security approach to match the evolving business environments:

The cloud offers agility, speed, cost-efficiency. But with new technologies come new security considerations.

WithSecure has been proactive, creating solutions for every technological shift – be it firewalling and endpoint protection during the hosted services era, or data security and VPNs for the cloud computing era.

And now, with the rise of cloud-native tech, we’re helping clients to understand and secure their digital perimeter through our offensive security approach.

Recommended : 5 Strategies for Negotiating Airfare Discounts with SAP Concur!

WithSecure Chief Product Officer, Antti Koskela (left), and APAC Regional Director Yong Meng Hong (right)

 

WithSecure Elements Picking Up In APAC

Since its mid-2021 debut, WithSecure’s Elements platform has gained considerable momentum here in Malaysia and the broader Asia-Pacific region. This comprehensive cybersecurity platform has made its mark by providing organisations with a unified solution to their security needs.

Elements equips enterprises with the insight, adaptability, and technology to tackle evolving threats and changing business environments.

Offering unified endpoint protection across devices, clouds and servers, Elements consolidates everything from vulnerability management and collaboration protection to detection and response into one easy-to-navigate security console.

– WithSecure Asia-Pacific Regional Director Yong Meng Hong

Yong further emphasised that the cloud-based Elements platform provides real-time visibility across an entire IT infrastructure, simplifying how enterprises manage their cybersecurity.

Flexible licensing options, including fixed-term subscriptions and usage-based billing, ensure that organizations can tailor their cybersecurity services according to their specific needs.

Elements offers centralised management capabilities, giving IT managers a comprehensive overview of their enterprise’s IT infrastructure, enhancing their reassurance and control.

Today, WithSecure is globally recognised, trusted by a myriad of enterprises to safeguard against cyber threats, while also protecting tens of millions of consumers through over two hundred service providers and telecommunications partners.

For organisations looking to navigate the cloud’s security challenges, WithSecure’s offensive security approach could be just the safeguard they need.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > BusinessCybersecurity | Tech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Exclusive : Tech ARP Interviews Keith Martin Of F-Secure!

F-Secure Regional Director of APAC and Japan, Keith Martin, flew into Singapore to ink a major regional partnership agreement with ACE Pacific Group.

Timothy Shim from Tech Barrista and I had the opportunity to interview Mr. Martin about cybersecurity trends in Asia Pacific and worldwide.

 

Tech ARP Interviews Keith Martin

Keith Martin is the Head of Asia Pacific Corporate Business, F-Secure. Here was our exclusive interview with Mr. Martin after he officially signed the APAC partnership agreement with ACE Pacific Group.

The Cybersecurity Business

Tech ARP : How has your long experience in Japan helped you with F-Secure’s business in Japan?

Keith Martin : Japan is one of the largest market for F-Secure, and we are trying to replicate that (success) in the APAC region.

Tech ARP : Are you still based in Japan?

Keith Martin : Yes, but I have now racked up a lot of frequent flyer miles.

Tech ARP : What are your thoughts on the cybersecurity market in the APJ (Asia Pacific and Japan) region?

Keith Martin : Japan is a large market, but the growth rates are relatively stable. We look at the Asia Pacific region (which includes India, Australia and New Zealand), as the next source of growth for F-Secure.

Tech ARP : What are your plans, and areas of focus, for the APJ region?

Keith Martin : Without question, Singapore is going to be a major focus for F-Secure, as well as Australia and New Zealand. We just signed a major partnership agreement with ACE Pacific, which will be a cornerstone of our strategy in coming years.

Cybersecurity Backdoors

Tech ARP : Chinese and Russian companies have been hit by accusations of cyber espionage and hacking, loose security and/or inserting backdoors into their products. Do you see this as a good opportunity to promote F-Secure’s products, or is this a poison pill for the entire industry?

Keith Martin : I don’t think it’s a poison pill for the entire industry. I have never seen any direct evidence that these go beyond mere accusations, but I understand the need to be cautious. One of the things that F-Secure is proud of is our policy that we will never add a backdoor into our products.

We are willing to walk away from any business if it means adding a backdoor. This is just the way we operate, because Finland has extremely tough privacy laws.

I think it’s absolutely an opportunity for us to differentiate ourselves (from the other cybersecurity companies) with our public pledge never to add backdoors in our software.

Tech ARP : Some countries like China and Russia are demanding access to encryption keys, and in some cases, requiring registration of VPN services. How do those tightening laws affect F-Secure products like Freedome VPN?

Keith Martin : F-Secure is very focused on maintaining the security of our products, so if those are the requirements, we will decline and get out of those markets. We would rather walk away from the potential business, than compromise the security of our products.

Government Interest

Tech Barrista : On the geopolitical implications of malware, do you feel that governments are increasingly more focused on cybersecurity on a national scale?

Keith Martin : For sure. We now see nation states attacking each other. There’s no denying that fact. Look at Stuxnet, that malware (which was targeted at Iran) got released into the wild and suddenly, people have the technology to use it elsewhere for nefarious purposes. I think that any country that does not pay attention to cybersecurity is sticking their heads into the sand.

Tech Barrista : Do you feel that this presents a greater opportunity for F-Secure?

Keith Martin : It represents opportunity, of course, but our mission as a company is to stop the spread of malware and cybersecurity attacks, wherever they happen. It’s a kind of Catch-22 situation, where we wish that nation states would not attack each other, but yes, we have the opportunity to help them protect themselves against such attacks.

Transparency

Tech ARP : What is F-Secure doing to promote and enhance source code transparency? Like opening up transparency centers?

Keith Martin : At this point in time, there are no plans to do so. We have a very good reputation throughout our 30-year history of being straightforward and upfront. I have never seen any accusations against us of malicious activities.

Tech ARP : Does F-Secure allow corporations or countries with concerns to inspect their code?

Keith Martin : I don’t know of any specific situations in Asia Pacific where F-Secure has allowed this. It may have been allowed in other regions, where governments have specific concerns, but I’m not aware of those situations.

Malware Galore!

Tech ARP : Ransomware and phishing attacks are big problems these days. Can you detail how F-Secure can help users prevent or mitigate the risks of ransomware and/or phishing attacks.

Keith Martin : Third-party analysis of our software show that we are actually better at detecting these 0-day attacks than any other companies out there. We pride ourselves in detecting not just the malware we know about, but also the malware we don’t about, using technologies we have been developing over the last 20 years.

We have a multi-layered engine, where we use everything from the basic pattern matching technology, to heuristics, etc. so that if it doesn’t catch the malware on the first layer, it will catch the malware on the second or third or fourth layer.

Tech Barrista : Is malware-as-a-service now common?

Keith Martin : It is becoming more and more common. The entry barrier to launching a malware attack is now much lower due to the ability to outsource the creation of the malware.

Cybersecurity Risks Of IoT Devices

Tech Barrista : With cybercriminals leveraging the Internet of Things and Artificial Intelligence, how much more complex do you see the cybersecurity landscape becoming?

Keith Martin : It’s becoming incredibly complex. Our Chief Research Officer Mikko Hypponen said, “Once you connect something to the Internet, it’s vulnerable“. Billions of devices connected to the Internet become potential attack vectors for cybercriminals.

Most IoT devices don’t have good security. If you can get into one of those devices, you can get into the network through them.

Tech ARP : Does F-Secure have any products to mitigate the risks of poorly-secured IoT devices?

Keith Martin : On the consumer side, we have F-Secure Sense, which protects every device on your network.

 

Keith Martin’s Professional Bio

Keith Martin has been Country Manager for F-Secure Japan for 2 years, before being promoted in February 2018 to oversee the entire Asia Pacific region.

Prior to joining F-Secure in 2015, he spent a decade in the telephony and contact center space, first working for four years in Avaya Japan as Director of Multinational Account Sales, followed by six years serving as Japan Country Manager for Interactive Intelligence, a pioneer in cloud contact center technology.

Before that, Keith also spent three years at internet startup ValueCommerce helping build their web hosting platform business before the company was acquired by Yahoo Japan. He got his start at global IT services provider EDS (now HP), delivering IT services to numerous financial industry accounts.

Go Back To > Cybersecurity | BusinessTech ARP

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

ACE Pacific Group Boosts APAC Cybersecurity With F-Secure!

At the first showing of Avengers: Infinity War in Singapore, ACE Pacific Group and F-Secure signed a distribution agreement for the APAC region. We spoke to both ACE Pacific and F-Secure about this expansive new distribution agreement. Here is everything you need to know about ACE Pacific’s partnership with F-Secure.

 

F-Secure In Asia Pacific

The Asia Pacific region has been a hotbed of cybersecurity activity in recent years, with increased awareness and government initiatives spurring investment and expansion. It does not help that the region is increasingly becoming a very attractive target for cybercriminals of all types.

F-Secure itself is no stranger to the region, establishing its Security Lab operations in Kuala Lumpur, Malaysia, 12 years ago. In 2016, they expanded it into their cybersecurity hub for the entire Asia Pacific region, with more than 170 research and development engineers.

 

ACE Pacific Group To Offer F-Secure Cybersecurity Solutions

This region-wide agreement allows F-Secure to leverage ACE Pacific Group’s extensive distribution network for greater reach. ACE Pacific will be more than just a distributor of F-Secure’s products. They aim to focus on the enterprise market, where they can offer cybersecurity solutions using F-Secure products.

“We have always been on the look-out for new and interesting technologies to complement our current cybersecurity portfolio. F-Secure has some products that fit very nicely into our cybersecurity solutions. After getting to know each other and evaluating their products over the past few months, we both agreed to this partnership,” said Danny Tan, ACE Pacific Group APAC Director.

Although ACE Pacific will have free rein to distribute all F-Secure products, they will be focusing on the high-end, value-added services, which would allow them to demonstrate their expertise.

We are very interested in the F-Secure RADAR vulnerability scanner, RADAR vulnerability scanner and in particular, the F-Secure cloud protection plug-in for SalesForce, which is the only such solution in the world, added Tan.

The non-exclusive distribution agreement currently covers the entire ASEAN region. ACE Pacific will focus on the six countries they already have a footprint in – Hong Kong, Taiwan, Malaysia, Singapore, Indonesia and Thailand. ACE Pacific recently opened an office in Australia, but they are only looking to offer their F-Secure solutions in the second phase of the partnership.

“As our portfolio becomes more advanced, we need more partners like ACE Pacific that can offer the kind of upmarket expertise to complement F-Secure’s cybersecurity products,” said Keith Martin, F-Secure Regional Director for APAC and Japan.

Martin also emphasised that for F-Secure, the ASEAN and Indian markets have the most growth rates, with the most growth potential. In particular, the ASEAN region is a tremendous area of growth for F-Secure in the high-end spectrum of the market.

Go Back To > Enterprise | Home

[adrotate group=”1″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The F-Secure RADAR Advanced Security Scanner Revealed!

On 12 April 2017, F-Secure officially launched the F-Secure RADAR advanced security scanner in Malaysia. In their tech briefing, they revealed its key features and gave us a quick demo of the scanning it performs. Check it out!

 

The F-Secure Vision In Cyber Security

F-Secure President & CEO, Samu Konttinen, started with a presentation of the F-Secure vision in cybersecurity.

 

The F-Secure RADAR Presentation & Demo

F-Secure RADAR Services Director, Rune Kristensen, then gave a presentation and a short demo of F-Secure RADAR.

Here are the key takeaways from the presentation :

[adrotate banner=”4″]
  • It is a scalable enterprise-grade vulnerability scanning solution that allows for easier control and management of cybersecurity risks.
  • It consists of three scanning engines – a port scanner, a vulnerability scanner, and a web application scanner
  • Using those three scanning engines, it maps the security of all assets on the network, checks for vulnerabilities, and then provides customised reports.
  • The scanning can be scheduled on an automated basis, usually once a month.
  • The in-depth analysis from the scans allows for easier and better security management by the client.
  • It can be installed as an on-site solution before the corporate firewall, or run as a secure cloud-based SaaS.
  • It is automatically updated, improved and ready for third-party integration through the F-Secure RADAR API.

F-Secure also offers F-Secure RADAR Managed Services which combines the F-Secure RADAR scanning solution with vulnerability management by F-Secure consultants.

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Mikko Hypponen On The Death Of Antivirus @ AVAR 2016

Mikko Hypponen is the Chief Research Officer at F-Secure, where he has worked since 1991. He is one of the world’s foremost expert on computer security, serving on the advisory board of IMPACT (International Multilateral Partnership against Cyber Threats).

He is a sought-after speaker who has given keynotes and presentations at security events like Black Hat and DEF CON, as well as mainstream events like TED and SXSW. He even speaks at military events and writes for BetaNews and Wired.

It was therefore a great opportunity to hear him speak about the purported death of antivirus software and services at the 2016 AVAR Conference. Join us for his full talk on the latest security threats and the future of the antivirus industry!

 

The 2016 AVAR Conference

Malaysia was the host for the 2016 AVAR (Association of Anti-Virus Asia Researchers) Conference with delegates from all over the world. The hosts were F-Secure Malaysia, together with MDEC (Malaysia Digital Economy Corporation) and Cybersecurity Malaysia.

MDEC Vice President Norhizam Kadir kicked off the 2016 AVAR conference by explaining how MDEC aims to catalyse the Malaysian digital economy.

Every year, the AVAR Conference is held in one of its many members’ countries with focus on various aspects of the information security world or underworld. The mission of AVAR is to develop cooperative relationships among prominent experts on cyber security, with participation from countries such as Malaysia, Australia, China, Hong Kong, India, Japan, Korea, Philippines, Singapore, Taiwan, UK, and the USA. [adrotate banner=”5″]

 

Mikko Hypponen : Is Antivirus Dead?

Now, learn from Mikko Hypponen about the latest security threats and the future of the antivirus industry! Whether you are an antivirus researcher, a computer security professional, or just a tech geek, this talk will rivet you. No wonder he’s such a sought-after speaker!

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Malaysia Now F-Secure Cybersecurity Hub For Asia Pacific

F-Secure is making a big push into the Asia Pacific region, using Malaysia as their launch pad. The F-Secure Tower in Bangsar South, where more than 170 F-Secure research and development engineers are based, is now the F-Secure cybersecurity hub for the whole Asia Pacific region.

 

The Asia Pacific F-Secure Cybersecurity Hub

In the F-Secure Tower, security engineers work around the clock to actively track malware in real-time. There is also a Customer Care Centre that provides 24/7 global support in the native language of its customers, such as Japanese, Spanish and all English speaking countries.

The security engineers in the F-Secure Tower currently track and analyse hundreds of thousands of threats on a daily basis. When a new threat is detected, these engineers immediately craft and issue new patches which are deployed to F-Secure customers around the globe.

 

New F-Secure CEO Samu Konttinen

The importance of the Malaysian F-Secure cybersecurity hub cannot be understated. It is, after all, F-Secure’s only security lab outside of Finland.

Just over 2 months into his appointment as F-Secure CEO & President, Samu Konttinen, made a point to visit the Malaysian F-Secure cybersecurity hub. In a press conference held yesterday, he gave us talk on how “Data Breaches Eat CEOs For Breakfast“. Check it out!

 

F-Secure Hosts AVAR 2016 Conference

Ingvar Froiland, Director and GM of F-Secure Asia Pacific, announced the forthcoming Anti-virus Asia Researchers (AVAR) 2016 conference, together with Norhizam Abdul Kadir, Vice-President of Infotech Industry Development, MDEC.

The AVAR 2016 conference will run from November 30 until December 2, 2016 at the Grand Hyatt Kuala Lumpur. There will be 19 industry speakers, including Mikko Hypponen, F-Secure’s Chief Research Officer.

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

F-Secure Explains Security as a Service (SaaS)

Security as a Service offers business stronger cybersecurity profiles

The age of information technology has brought with it many business advantages. In fact, much of the world today is still constantly adapting to ongoing advances and innovation. Borderless trade and digital economies thrive and offer business large and small endless potential.

Yet the benefits of digital comes along with an ugly side – cyberthreats. Once merely the domain of bored young tech gurus, cyberthreats today have grown to become one of the largest dangers to businesses. From malware to ransomware, cybercriminals cost organizations billions of dollars in damages and lost revenue globally.

Gone are the days where simple anti-virus platforms could protect business systems. Yet with rapidly evolving and increasingly advanced cyberthreats on the horizon, how many organizations can create and maintain teams of cybersecurity experts to defend their systems?

 

Focus on innovating for business objectives

According to Amit Nath, Head of Asia Pacific – Corporate Business at F-Secure, Fundamentally, operational business issues and in-house technical limitations face uphill challenges compounded by malware, trojans, phishing, social engineering, ransomware and more. These threats occur at almost every single layer of all business verticals.

Even as technical departments struggle on increasingly limited budgets to innovate within the organization to support business functions, malicious hackers are spitting out variants of their harmful code on a daily basis.

“Even a few small tweaks to change a piece of malicious code needs to be recognized in order to be defended against. Chunks of code beings transferred to unknown destinations of the Internet through the dark web further escalates the problem,” said Nath.

The most frightful thought of all now is that ‘black hats’ are catering to the uninitiated and offering for sale destructive code in ready to use formats. Almost anyone who wants to cause trouble or mount advanced cyberattacks against any organization can do so; for a price.

 

Fight the war with Security as a Service

Knowing that cybercriminals are now offering what is essentially Cybercrime as a Service, organizations need to recognize that this is a fight they cannot win on their own.

“We are increasingly seeing that firms fail to protect themselves properly up to the extent that many don’t even realise when breaches occur. By the time they realise it, problems are often to the extent that they have no option but to outsource ‘cures’ to specialists for exorbitant fees,” said Nath.

This results in organizations paying to maintain their own technical teams, paying for outsourcing for problem clean-ups and yet still facing the potential financial and reputational damage from data loss!

“The situation is critical. So many backdoors are left poorly or totally unguarded. With increasing data privacy laws being enforced around the world the situation looks ire for many businesses,” he said.

Business today need to recognise that failing to protect themselves is no longer an option. However, they also need to realise that they don’t have to cope with these massive barriers on their own. Security companies today offers levels of protection that even malicious hackers find daunting, so the simplest solution would be to opt for Security as a Service as the most rational route of their predicaments.

 

How does Security as a Service work?

[adrotate banner=”4″]

“The companies that rely on themselves very often find themselves in extremely defensive positions. It likens to an infantryman in a battle, where he sits in a foxhole and has no scouting support, simply dealing with attacks that come in one after the other. Sooner or later, the enemy will get through,” said Nath.

“We have for so many years built on the security business, evolving ahead of the threats. Our business is security and we not only deal with what we see, but work ahead to predict what we cannot see. Thanks to this mindset and capability, we are able to offer unprecedented degrees of robustness and resilience to organization,” he explained.

The path towards a safer future is a tough and long one and security-aware businesses soul adopt the right level of strategic planning. Options such a Security as a Service can offer protection not only from current, but also future threats.

“As businesses work towards digital transformation goals, they need to know that they have the option to ensure painless high-levels of security at any time, thanks to Security as a Service,” he concluded.

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

F-Secure: NanHaiShu Malware Study Findings

F-Secure finds cyberattacks becoming increasingly targeted

The use of the NanHaiShu Remote Access Trojan coincides with events leading to the recent ruling in the Philippines vs. China case.

The world has been undergoing remarkable transformation due specifically to the advancement of the cyber-age. This is due to increasingly strong digital infrastructure as well as the explosion in use of digital devices and technologies. However, it is that very advancement that has opened corporates and even government around the world to heightened scrutiny from cyber criminals.

While some cyberattacks are no doubt being aimed at global supply chains, yet more are becoming very specifically targeted in purpose, being utilised by anyone ranging from hacktivists to hostile governments.

“These groups have learned the layout of the new playing field, and are getting more competent in the way they are bale to exploit the vulnerabilities that corporates and governments are exposed to, due to increasing reliance on automated and digital systems,” said Amit Nath, Head of Asia Pacific, Corporate Business, F-Secure.

Governments under seige by NanHaiShu

As a strong case example, F-Secure Labs very recently found a strain of malware that appears to be targeting parties involved in the recently decided Philippines vs. China case. This portion of the South China Sea dispute has recently been of high profile, given the favourable ruling towards the Philippines under arbitration provisions of the United Nations Convention on the Law of the Sea (UNCLOS).

The malware itself, dubbed NanHaiShu by F-Secure researchers, is a Remote Access Trojan that allows attackers to exfiltrate data from infected machines. More significantly is what the Malware represents; That geopolitics is just as relevant as ever in the face of threats related to cybersecurity.

According to Nath, the Malware associated with the incident appears to targeted organizations that are related to the case and is specifically designed to do so.

“NanHaiShu was spread using phishing emails and contained content-specific keywords that had the exact targets in mind. The objective of the Malware seemed to be to enable to designers to gain greater insight on status of the legal proceedings in the case,” said Nath.

An F-Secure study released regarding the NanHaiShu incident state that targets included the Department of Justice of the Philippines, the organizers of the Asia-Pacific Economic Cooperation (APEC) Summit and an international law firm representing one of the involved parties.

[adrotate banner=”5″]

 

Cybercriminals evolve, realise true value of information

Nath feels that wherever geopolitical rivalries occur today, so too are cyber exchanges increasingly prevalent. “This is especially true in cases where cyber criminals have the leverage of targeting countries that have cyberspace infrastructure but are weak on governance,” he Nath.

The technical analysis exposed the malware’s notable orientation toward code and infrastructure associated with developers in mainland China. Owing to that, and to the fact that the selection of organizations targeted for infiltration are directly relevant to topics that are considered to be of strategic national interest to the Chinese government, F-Secure researchers suspect the malware to be of Chinese origin.

Although the NanHaiSHu Malware was utilised mainly for intelligence gathering, other such Malware seldom are, and cybercriminals of today have been known to cause operational shutdowns, equipment damage, reputation damage and more.

“These criminals have advanced to the point that they are not only highly competent in terms of their technical ability, but they have even become very uch aware of the real value of their ill-gotten gains,” said Nath.

“They know exactly how to monetize what they steal, and in fact are not beyond even being able to use the information to influence business dynamics,” he said. As an example, Nath mentioned the case where market-sensitive information was stolen from more than 100 companies, to be traded or profits on the stock market.

With these examples, it is clear that cybercriminals of today have become a formidable force and it is only with the aid of highly experienced and skilled cybersecurity professionals such as F-Secure that a semblance of normalcy can be maintained.

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!

Samu Konttinen Appointed F-Secure President & CEO

Kuala Lumpur, 2 June 2016 – Christian Fredrikson, President and CEO of F-Secure Corporation, has resigned to pursue a leadership opportunity outside the company. The F-Secure Board of Directors has appointed Samu Konttinen as new President and CEO, effective 1 August 2016.

Konttinen joined F-Secure in 2005 and has held a wide range of senior management positions in the company, including Executive Vice President of Sales and Marketing, and Executive Vice President of F-Secure’s Consumer Business. Most recently he served as Executive Vice President Corporate Security Business. Since 2009 he has been a member of the Leadership team.

“The Board and I are pleased to announce the appointment of Samu as President and CEO of F-Secure. In his more than a decade with F-Secure he has proven his ability to drive innovation, and ensure a steady strategy execution that delivers growth. I’m confident that his winning attitude and relentless focus on execution will further speed up F-Secure’s transformation to the leading European cyber security company,” says Risto Siilasmaa, Chairman of the F-Secure Board of Directors.

“I’m excited to take the role as President and CEO of F-Secure,” says Samu Konttinen. “Thousands of companies and millions of people around the world already trust us to defend them against cyber attacks. With our strategy, we are well positioned for further growth. I’m proud that we employ some of the brightest minds in the security industry, and together with them, I’m looking forward to taking advantage of the new opportunities in the connected world.”

[adrotate banner=”5″]

F-Secure aims to capitalize on the opportunities driven by increasing digitization by increasing investments in the fastest growing corporate security markets, which include managed endpoint security services sold through the reseller channel as well as cyber security services. Investments in consumer security will continue at a level that targets profitable growth. To enable execution of the growth strategy, F-Secure is actively recruiting highly talented security professionals, rising cyber security talents and skilled sales personnel. The company also aims pursue growth through mergers and acquisitions.

Christian Fredrikson became the CEO of F-Secure in January 2012. He led F-Secure through a critical period of transition, during which the company has refocused on security, divested its personal cloud storage business, and acquired a Nordic security consultancy and services company to pave the way to becoming a cyber security leader.

“We thank Christian for his dedication and commitment to the company over the past four and a half years, and wish him the best in his future endeavors,” says Siilasmaa.

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

F-Secure Rapid Detection Service Launched

Kuala Lumpur, 19 May 2016 – you aren’t seeing security incidents, you’re probably missing something. That’s the message from F-Secure as it launches a unique new intrusion detection and incident response service to uncover threats in the corporate network. The managed service combines the best of human and machine intelligence with a promise to notify companies within just 30 minutes of a breach detection.

The average data breach can take weeks, months or even years to detect. According to Gartner, the greatest area of unmet need is effective targeted attack and breach detection. Organizations are failing at early breach detection, with more than 92% of breaches undetected by the breached organization.
Many companies rely solely on a defensive perimeter to protect them, which is crucial but only one part of a holistic cyber security strategy. With advanced threat actors who perform highly targeted attacks on organizations, an attack attempt will eventually bypass security controls and succeed in penetrating the network. The ability to quickly detect intrusions and immediately respond to them is critical – but that’s not easy to come by.

“Companies are finding that on their own, they really struggle with intrusion detection and incident response,” saysPekka Usva, VP of Advanced Threat Protection at F-Secure. “They need to find a staff of cyber security experts, build monitoring infrastructure, and source good threat intelligence data. Setting up a proper in-house system is extremely difficult and expensive and takes years to do. That’s why a managed service makes great sense – it provides an immediate, tangible return on investment.”

 

Man & machine: The best of both

F-Secure Rapid Detection Service leverages the strengths of both human and machine intelligence to provide an all-in-one intrusion detection and response service that’s ready to go immediately. The service consists of three major components: Endpoint and Network Decoy sensors that collect data about events and activities; F-Secure’s threat intelligence and behavioral analytics, which analyze the data to identify anomalies; and the Rapid Detection Center, which is staffed 24/7 by a team of cyber security experts who identify and handle incidents. When a breach is detected, an expert will contact the customer within just 30 minutes with incident response and to offer optional onsite investigative services if needed.

“The human component is an important factor,” says Erka Koivunen, Cyber Security Advisor at F-Secure. “Attackers are human, so to detect them you can’t rely on machines alone. Our experts know how attackers think, the very tactics they use to hide their presence from standard means of detection. The human factor also eliminates false positives, which are an extreme waste of resources.”

[adrotate banner=”5″]

 

Respond with actionable intelligence

Once a breach has been detected, Rapid Detection Service also provides actionable intelligence for the response phase. The customer’s security team will learn exactly how the breach happened, how to isolate it, and get advice on remediation. With quick detection, an accurate diagnosis and expert advice on remediation, companies can limit damage and get back to business as quickly as possible. Additionally, F-Secure provides optional onsite services for incident management and forensic investigations.

With the introduction of Rapid Detection Service, F-Secure further strengthens its status as the leading European cyber security company. Rapid Detection Service easily integrates with any existing ecosystem and provides an additional layer of security to enhance the organizational cyber security strategy.

And enhance it will, says Koivunen. “Any customer who joins us with this service is already better off in defending their systems than anyone else.”

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!

F-Secure Offers Journalists Free Freedome Privacy & Security App

May 3, 2016 – Today is World Press Freedom Day – an event designed to highlight the importance of free speech as a human right. Having free speech lets journalists investigate problems happening all over the globe, often at the expense of their own privacy, or even personal safety. So F-Secure, a Finnish cyber security company, is taking steps to help journalists safeguard their right to free speech by offering them free VPN subscriptions.

According to Reporters without Borders’ 2016 World Press Freedom Index, Finland has the freest media in the world, making it fitting that this year’s World Press Freedom Day event is being held in the Finnish capital of Helsinki. However, the report also noted the overall freedom of press is in a global decline, and dropped by 13.6 percent since 2013.

“Free speech is something nurtured by some governments, but many see it as a threat when mobilized in an institution like the media,” says F-Secure Cyber Security Advisor Erka Koivunen. “And even though technology has given governments unprecedented surveillance capabilities, it’s also given people ways to protect themselves. Encryption is probably the best tool available to journalists if they want to conduct investigatory work without suffering reprisals from oppressive governments and institutions.”

Journalists can use VPNs such as F-Secure Freedome to encrypt their communications, change their virtual location, and block malicious websites and online tracking attempts. And to help make using encryption more accessible for journalists, F-Secure is offering free 12-month subscriptions for Freedome to journalists until May 15.

[adrotate banner=”5″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!

F-Secure Named a Visionary by Gartner

Kuala Lumpur, Malaysia – February 24, 2016: F-Secure has been positioned as a Visionary in Gartner’s 2016 Magic Quadrant for Endpoint Protection Platforms report (published February 1, 2016). The recognition comes as F-Secure pursues its goal of becoming the leading European cyber security vendor.

“We believe Gartner appreciated our effectiveness against malware and our company focus,” said Christian Fredrikson, CEO of F-Secure. “We’ve already got hands down award-winning best protection, measured by independent tests. And with our eye on becoming the leading European cyber security vendor, we’ve invested in threat intelligence and advanced threat detection, response and forensics. We’ll continue to press toward our goal, now as a Visionary.”

 

Endpoint Protection: The Core Of A Security Strategy

Today, every business is a potential target of cyber-attacks, and it’s the endpoint that’s the weakest link. For an attacker it’s easiest to crack defense at the endpoint level, capitalizing on humans’ ability to err. One employee falling for a targeted phishing attack gives an attacker access to their device. Once in, the attacker can access the services the employee uses, namely cloud and on-premise servers where the most important data is stored. The attacker can then move laterally within the organization searching for valuable information. With the endpoint becoming an easy way for attackers to outflank cloud defenses, it’s imperative that endpoints are protected with layered technologies that can stop an attack using a range of capabilities.

“Protection from common malware, as well as more APTs, is the top critical consideration for EPP buyers,” according to the report. “There is significant variation in the quality of attack prevention, as illustrated by multiple malware testing organizations. Buyers should look for solutions that offer a broad portfolio of protection techniques and high efficacy, as determined by multiple public test results.”

[adrotate banner=”4″]F-Secure’s endpoint solution includes multiple layers of protection technology to efficiently and effectively block common threats, as well as zero day and APT attacks. It is powered by the F-Secure Security Cloud, which provides instant, real world threat intelligence that’s always up to date. Signature-based detection is complemented by behavioral and heuristic protection, sandboxing and other technologies, all adding up to next-generation business protection. With F-Secure receiving awards in independent tests multiple years, its technology’s effectiveness at stopping malware in its tracks has been proven time and time again.

Also cloud-enabled is F-Secure’s management system for endpoint security. Centralized management makes it easy for customers and partners to deploy, manage and monitor the security of all their endpoints from a single, intuitive console. It offers excellent visibility of all devices – whether at the office or on the go.

F-Secure’s complete lineup of business products cover all aspects of cyber security – predict, prevent, detect and respond, to keep customers safe. Exposure assessment and security advisory help businesses analyze and predict their existing and desired security status. With security, vulnerability and compliance assessment and respective solutions, F-Secure provides prevention and detection against common, but also advanced and unknown attacks. And to respond to customers who have been breached, F-Secure offers forensics and incident response services.

 

Support Tech ARP!

If you like our work, you can help support out work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!

F-Secure Says It’s Time For Safer Smart Toys

February 9, 2016: Today is Safer Internet Day, and parents still face challenges in helping their kids stay safe while using the Internet. In addition to helping kids learn to use mobile devices responsibly, stay safe on social media, and manage screen time, parents have to contend with a new challenge posed by the Internet of Things (IoT) – smart toys.

Smart toys are essentially toys that connect to the Internet, and are set to become a large product category for IoT devices. A 2015 study projected total revenues from smart toys to reach 2.8 billion USD before the end of last year. However, last year’s well-known VTech hack that saw data about 6.4 million children stolen caused a moral panic about the security and privacy risks these toys carry for kids.

“The thing that parents need to know about smart toys is that they’re new terrain for parents and kids, but also manufacturers,” said Sean Sullivan, F-Secure Security Advisor. “Smart toys and IoT devices in general are a competitive market, and we’ve already seen numerous examples where security is treated as an afterthought. Companies are more interested in growing their customer base than securing customer data, so we’ll probably continue to see these cracks in smart toy security.”

 

Parenting Still Key for Protecting Kids Using IoT, Mobile Devices

Whether parents are concerned about IoT devices, mobile phones, or other Internet safety issues, the best approach for protecting kids is for parents to become involved in how their kids learn to use devices or online services. And data from a recent F-Secure survey shows that there’s a lot more space for parents to do this.

[adrotate banner=”4″]Only 30 percent of survey respondents said they check what their kids are doing online or use parental controls more than once a week. Just 38 percent said they explain to their kids how to use the Internet safely more than once a week.

According to F-Secure Researcher Mikael Albrecht, this is problematic given how quickly technology, and how kids use it, is evolving. “Parents have resources they can use to protect kids on traditional PCs, but mobile devices and the IoT are a different story. They do not recognize children as a user group with distinctive needs, and this leaves parents with poor tools to manage their kids’ online safety. So while you have things like age restrictions, they’re so basic that kids can figure out how to get around them before parents know what’s happening.”

Sullivan and Albrecht agree that the best solution is for parents to engage with their kids and help them learn to use technology in healthy, positive ways. There are a few practical ways parents can approach helping their kids learn to use the Internet safely:

  • Teach your kids, and let them teach you – “The world kids are growing up in is new, always changing, and difficult for parents to understand,” said Albrecht. “Parents need to accept this rather than fight it. Learning should work both ways and be done together – parents can learn about issues facing the kids, and kids can learn things parents understand, like the dangers of interacting with strangers.”
  • Pay attention to what services they use – Parents should understand enough about the products and services kids are using to decide whether they are good or bad. “Educational apps typically strike a good balance between asking for information to help them improve their service, and respecting privacy,” said Sullivan. “They’ll ask for a year of birth to tailor content to the correct age group, but they won’t ask for the exact birthdate, or the kids’ full name. If you’re being asked to disclose exact birthdates, full names, or other things about your kid you’d rather keep private, move on to a better product.”
  • Be present, but not overbearing – Kids need some degree of privacy, especially as they grow older. “I think it’s ok for parents to use technical solutions to keep an eye on what kids are doing online, but parents should be open about this and prepared to ease off as kids age,” said Albrecht. “Chances are kids will figure out these technical controls anyway, so trying to hide it is likely to backfire and cause kids to see their parents as big brother type figures.”

 

Support Tech ARP!

If you like our work, you can help support out work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!