The digital world is a wild place these days, with cyber threats lurking around every corner. Ransomware attacks are on the rise, data breaches are becoming more common, and businesses are scrambling to protect their precious digital assets. Synology is looking to help businesses navigate this minefield with its new offering: Active Protect Appliances. This isn’t just another backup solution; it’s a comprehensive data protection system designed with Synology’s extensive insights and experience to simplify backup and recovery while bolstering business resilience in dealing with cyberattacks.
Synology’s Active Protect Hardware Showcased beside the Online Management Dashboard at the Launch
Businesses Need to Deal with an Ever-evolving Threat Landscape
Before diving into Active Protect’s specifics, let’s paint a picture of the current cybersecurity landscape. Ransomware attacks are becoming increasingly sophisticated and damaging. In 2023 alone, Malaysia saw several high-profile incidents affecting both government agencies and large enterprises. Compliance requirements, like the Personal Data Protection Act (PDPA), are also becoming more stringent, adding another layer of complexity for businesses. Recent reports from industry experts like PwC and the Information Systems Audit and Control Association (ISACA) highlight the growing frequency and severity of cyberattacks. Phishing scams are evolving into more complex schemes like Ransomware-as-a-Service (RaaS), and businesses, especially small and medium-sized enterprises (SMEs), are often prime targets.
Synology Active Protect Provides A Multi-Faceted Approach to Data Security
Synology Active Protect Appliances aims to address these challenges head-on. They offer a comprehensive suite of features designed to protect your data and ensure business continuity in the face of cyber threats. Here’s a breakdown of what makes Active Protect stand out:
Unified Backup & Recovery: Forget juggling multiple software and hardware components. Active Protect integrates backup, recovery, and data management into a single appliance, simplifying your data protection strategy.
Broad Workload Support: Whether you’re dealing with PCs, Macs, file servers, databases, virtual machines, or even Microsoft 365 services, Active Protect has you covered. It provides centralized protection for a wide range of workloads, streamlining your data management.
Enterprise-Grade Management: The ActiveProtect Manager (APM) console gives you a bird’s-eye view of your data protection landscape. You can monitor up to 150,000 workloads or 2,500 sites from a single interface, providing comprehensive visibility and control.
Advanced Cybersecurity Features: Active Protect incorporates features like immutable backups, which can’t be altered or deleted by ransomware, ensuring data integrity. Air-gap security further enhances protection by isolating backup data from the network, creating an additional barrier against attacks. The system also adheres to regulatory compliance requirements, helping businesses meet their legal obligations.
Optimized Efficiency and Cost Savings: Active Protect utilizes global source-side deduplication, a fancy way of saying it eliminates redundant data. This reduces network load by up to 99% and storage needs by 50%, resulting in significant cost savings and improved efficiency.
Addressing Malaysia’s Specific Needs
(From left) Antoine Yang, Country Manager, Synology Singapore; Thachawan Chincanakarn, ASEAN Regional Manager, Synology APAC; and Jason Sin, Country Manager, Synology Singapore at the SEA launch of Synology ActiveProtect Appliance.
Synology recognizes the unique challenges faced by businesses in Malaysia, particularly SMEs. With reports highlighting the vulnerability of SMEs and national infrastructure to cyberattacks, the need for robust data protection solutions is more critical than ever. Active Protect is designed to be scalable, secure, and user-friendly, making it an attractive option for Malaysian businesses of all sizes.
Pricing & Availability
Active Protect is now available in Malaysia through Synology’s distributors and partner network. Businesses can request a live demo or learn more about the solution by visiting the official Synology website.
Accenture has announced an expansion of its cybersecurity services, incorporating generative AI, deepfake protection, and quantum-safe data security solutions. These enhancements are designed to help clients across various industries strengthen their cyber resilience and adapt to the evolving threat landscape.
Addressing the Rise of AI-Driven Cyberattacks
Accenture’s cyber intelligence (ACI) researchers have observed a significant increase in the use of AI by cybercriminals. Specifically, they reported a 223% surge in deepfake-related tool trading on dark web forums in the first quarter of 2024 compared to the same period in 2023. This trend underscores the need for organizations to implement advanced cybersecurity measures capable of detecting, responding to, predicting, and preventing AI-driven threats in real time.
New Cybersecurity Services to Counter Emerging Threats
To address these evolving challenges, Accenture is introducing several new services. Each of these are targeted services aiming to help deal with specific threats and address potential security vulnerabilities that may come as a result.
Foremost among them are Accenture’s Secure AI Solutions that focuses on building resilience throughout the entire AI program lifecycle. It includes best practices for developing secure AI frameworks, policies, and processes. It also provides capabilities to assess and protect access, data, models, and infrastructure, building trust in AI systems by design. Red-teaming and adversarial simulations are used to identify vulnerabilities in AI systems, including large language models (LLMs), and a Generative AI Security Diagnostic is available to detect and secure unauthorized AI deployments.
Together with this, Deepfake Protection will provide security testing, monitoring, and detection of deepfakes, leveraging partner technologies such as Reality Defender. This aims to protect organizations from the impact of deepfakes on customer contact centers, business video conferences, and other critical communication channels.
Accenture is also introducing a cloud-based solution called its Business Cyber Crisis Recovery. This cloud-based solution is designed to help organizations in sectors like healthcare, telecommunications, and oil & gas quickly restore essential infrastructure following a cyberattack. The goal is to significantly reduce downtime, enabling operations to resume in hours rather than weeks.
Rounding up its offerings, the Quantum Security Suite brings a bevvy of services that help organizations develop robust quantum security strategies. It includes identifying vulnerable encryption across the enterprise and replacing outdated technology with the latest quantum-safe algorithms recommended by the US National Institute of Standards and Technology (NIST).
Enhancing Core Cybersecurity Services with Generative AI
Accenture is also integrating generative AI into its core cybersecurity offerings through Accenture mySecurity, a centralized suite of assets. This integration aims to improve the speed and efficiency of cyber resilience services across various areas, including supply chain, cloud, applications, and identity and access management. This enhancement is intended to help clients better protect against AI-driven threats. An example of this in action is Accenture’s work with the Kuwait Government Central Agency for Information Technology to establish and manage a National Security Operations Center, leveraging gen AI to enhance threat detection and remediation.
Expanding Global Cybersecurity Capabilities
To support the delivery of these enhanced services, Accenture is expanding its global network of Cyber Future Centers. New locations include a gen AI Security studio in Brussels and Washington, D.C.; a Quantum Security Center and Lab and a Cyber Physical Security center in Bengaluru; and a Sovereignty Hub in Malaga. This expansion brings Accenture’s total number of cybersecurity facilities to more than 40 across 22 countries.
Investing in Cybersecurity Expertise
Accenture has significantly increased its cybersecurity workforce, growing by more than 30% in 2024 to over 25,000 professionals. The company has also made strategic acquisitions and investments in cybersecurity, space, and quantum security companies.
Maybank has taken a significant step towards boosting online banking security with the launch of Money Lock, a first-of-its-kind feature on the MAE app. This innovative tool empowers customers to take control of their finances by allowing them to “lock” specific amounts within their savings or current accounts, effectively preventing online access to those funds.
Peace of Mind with Secured Bank Balances
Money Lock addresses a growing concern for many: online scams and fraudulent activity. By adding this extra layer of protection, Maybank allows its customers to enjoy the convenience of online banking with a heightened sense of security.
The feature offers a high degree of user control. Customers can choose to lock any amount from RM10 upwards, right up to their entire account balance. This flexibility allows for tailored protection based on individual needs. Additionally, increasing locked amounts is a breeze through the MAE app, and there are no fees or restrictions on how often Money Lock can be activated.
Money Lock is the latest feature focused on creating a more secure banking environment for bankers. Malay The introduction of Money Lock in Malaysia follows the feature’s successful implementation in Singapore.
“Money Lock empowers customers with confidence,” states Syed Ahmad Taufik Albar, Group CEO of Community Financial Services at Maybank. He emphasizes that customers can conduct online transactions securely while still earning interest on their locked funds.
Unlocking Funds and Avoiding Disruptions
Unlocking requires a visit to a Maybank ATM or branch for verification, ensuring the locked funds remain secure. This step is crucial in preventing unauthorized access.
Maybank emphasizes the importance of careful financial planning before activating Money Lock. Customers should consider upcoming commitments and ensure sufficient funds are available for essential transactions to avoid disruptions.
A Multi-Layered Approach to Fraud Prevention & Security
Money Lock is one piece of a comprehensive security puzzle. Maybank highlights other measures taken to combat fraud, including replacing SMS OTP with the more secure Secure2u system, restricting online banking access to one device per customer, and implementing cooling-off periods for limit increases.
Alongside technological advancements, customer awareness remains vital in the fight against scams. Maybank encourages users to be cautious of calls and messages from unknown numbers, to only download apps from official stores, and to never share online banking credentials with anyone.
Security continues to top the list of concerns for organizations as we end 2024 and head into 2025. As cyberattacks grow in sophistication and scale, businesses are rethinking their strategies to protect critical systems and data. Open-source technology, often perceived as a double-edged sword in terms of security, is proving to be a powerful tool in building secure, resilient infrastructures.
Source: SUSE
“If you hide things, you may think you are safe, but once compromised, you might not even know it. Open-source projects leverage the power of a global community, with many eyes constantly reviewing the code. This collaborative scrutiny allows for faster identification and resolution of vulnerabilities…”
Vishal Ghariwala, Chief Technology Officer, SUSE Asia Pacific
SUSE, a global leader in enterprise-grade open-source solutions, is at the forefront of this revolution. According to Vishal Ghariwala, Chief Technology Officer at SUSE Asia Pacific, “SUSE provides solutions that are secure, interoperable, and empower enterprises to innovate, ultimately delivering value-added services to end consumers.” This ethos has driven SUSE’s success across industries, from finance to automotive, proving that open-source technologies aren’t just about openness—they are about building stronger, safer and more resilient systems.
Breaking the Myths Around Open Source Security
One of the most pervasive misconceptions about open-source technology is that its transparency makes it inherently insecure. The logic follows that, since anyone can view the source code, it becomes more vulnerable to exploitation. However, as Ghariwala explains, this openness is precisely what strengthens its security.
“If you hide things, you may think you are safe, but once compromised, you might not even know it. Open-source projects leverage the power of a global community, with many eyes constantly reviewing the code. This collaborative scrutiny allows for faster identification and resolution of vulnerabilities,” he says.
Open-source projects are frequently reviewed and analyzed by a broad community of developers, security experts, and organizations, making them inherently resilient against security vulnerabilities. Unlike proprietary systems, which rely on a limited internal team for updates, open-source systems benefit from the collective knowledge and efforts of a global network. This transparency accelerates the identification and resolution of security flaws and minimizes the risk of undetected vulnerabilities.
The Security Framework of Open-Source Technologies
SUSE has built its security framework around best practices in open-source governance and proactive risk management. One of the pillars of SUSE’s security is code auditing. Every update or change to SUSE’s open-source software goes through a rigorous code audit process. Developers and security experts in the community conduct continuous reviews to ensure that any potential vulnerabilities are quickly addressed before they can be exploited.
Additionally, vulnerability management within SUSE open-source platforms involves tracking and analyzing emerging threats. SUSE’s security teams regularly patch and update the software to address newly discovered vulnerabilities, ensuring that users are always operating with the most secure versions.
Incident response is another vital aspect of SUSE’s approach to open-source security. In the event of a cyberattack or security breach, SUSE’s dedicated security team is responsible for handling all SUSE product-related security incidents. This allows for rapid containment and recovery. This decentralized, transparent approach to security provides organizations with greater visibility and control over their systems compared to traditional proprietary solutions.
SUSE’s Commitment to Secure Open Source
SUSE has built its reputation on providing enterprise-grade open-source solutions that ensure organizations can innovate securely. SUSE’s solutions are designed to support highly available, secure, and scalable systems across a range of industries. Some of SUSE’s flagship offerings include:
SUSE Linux Solutions: Robust Linux operating system solutions tailored for enterprise needs, providing the foundation for secure, mission-critical workloads.
Cloud-Native Solutions: These include SUSE Rancher Prime, a leading enterprise container management platform, with centralized authentication, access control, observability, and built-in security across the entire stack.
Edge Computing Solutions: SUSE’s Edge solutions bring computing power to remote or edge locations, enabling secure operations even in challenging environments.
SUSE’s commitment to open-source transparency and support for its solutions ensures that its users benefit from the same features regardless of whether they choose the open-source or enterprise version of the software. “We don’t create paywalls or separate proprietary versions,” Ghariwala asserts. “The features you get in the open source version are the same as what you get with our enterprise-grade products. The major difference is that our enterprise products are backed by support, patches, and certifications.”
This unique approach gives organizations the flexibility to adopt cutting-edge open-source technologies without compromising on enterprise-level security and performance.
Comparative Analysis: Open Source vs. Proprietary Systems
One of the critical advantages of open-source technology over proprietary systems is the reduced vendor lock-in. Open-source solutions enable organizations to avoid being tethered to a single vendor, which can limit flexibility and innovation. By leveraging open-source tools like SUSE’s Linux Enterprise and Rancher, companies can seamlessly integrate various technologies into their infrastructure, creating a more agile, future-proof system.
Another advantage is the transparency of open-source systems. In proprietary systems, vulnerabilities may remain undetected for extended periods, leaving organizations exposed to cyber threats. With open-source, vulnerabilities are more quickly identified, allowing for faster patching and reducing the window of exposure.
In contrast, proprietary solutions often limit access to source code, making it challenging for security experts outside of the company to perform audits or contribute to improvements. Open-source solutions, by their nature, encourage collaboration, which strengthens the overall security and reliability of the system.
Enhancing Resilience Through Security Innovations
The rise of cloud-native architectures has transformed how applications are developed and deployed. However, this shift has also expanded the attack surface, requiring new approaches to security. SUSE has embraced this challenge with the SUSE Security (formerly NeuVector) platform.
Source: SUSE
“Modern threats like zero-day attacks and ransomware require solutions that are proactive, not just reactive…”
Vishal Ghariwala, Chief Technology Officer, SUSE Asia Pacific
SUSE Security provides comprehensive container security, scanning code for vulnerabilities, ensuring compliance with industry standards, and continuously monitoring for potential threats. “Modern threats like zero-day attacks and ransomware require solutions that are proactive, not just reactive,” Ghariwala explains. “NeuVector SUSE Security employs behavioral-based security to anticipate and mitigate potential vulnerabilities.”
In addition to scanning, SUSE Security’s zero-trust approach monitors application runtime behaviours, automatically identifying deviations that may indicate a threat. This ensures that even unknown vulnerabilities can be mitigated before they are exploited.
SUSE’s Rancher Prime platform enhances resilience by enabling secure deployment and management of containerized applications. Rancher Prime’s application catalog offers trusted software artifacts, ensuring that developers can build with confidence. Furthermore, its Software Bill of Materials (SBOM) provides a clear dependency chain, enabling rapid identification and resolution of vulnerabilities.
Case Study: Hyundai Motor Company
Hyundai Motor Company’s transition to becoming a leader in All-Connected Cars highlights the critical role of open-source technology in enabling innovation. By integrating SUSE Rancher Prime, Hyundai achieved a remarkable 99.95% service level agreement for its Kubernetes-based services. This reliability has empowered Hyundai to deliver over-the-air updates for its software-defined vehicles, enhancing features like safety, navigation, and performance.
The flexibility and scalability of Rancher Prime allowed Hyundai’s development team to focus on creating cutting-edge technologies for connected vehicles, rather than dealing with the complexity of infrastructure management. “Rancher Prime’s intuitive interface has revolutionized how we manage clusters, drastically reducing setup and management time,” said the Head of Hyundai’s Car Cloud Platform Development Team.
Case Study: IDC Frontier
IDC Frontier, a subsidiary of SoftBank Group, used SUSE NeuVector to secure its cloud platform, enabling its customers to confidently deploy containerized applications. NeuVector’s comprehensive security features—including real-time monitoring, vulnerability scanning, and compliance checks—have been crucial in safeguarding IDC Frontier’s services against emerging cyber threats.
As businesses increasingly rely on cloud-native applications, solutions like NeuVector provide the security and flexibility needed to meet the demands of modern, dynamic environments. IDC Frontier’s use of SUSE’s open-source tools demonstrates the strength of open-source solutions in securing cloud environments at scale.
Case Study: National Payments Corporation of India (NPCI)
Handling over 14 million transactions daily, the National Payments Corporation of India (NPCI) needed a secure, high-performance solution to meet the demands of India’s growing digital payments ecosystem. SUSE Linux Enterprise Server provided NPCI with the stability and security required to support its complex infrastructure. By leveraging SUSE’s enterprise-grade solutions, NPCI achieved high availability, reliability, and robust data protection, ensuring smooth transactions even under heavy load.
NPCI’s success story highlights how SUSE’s open-source solutions can support critical financial services, where uptime and security are paramount.
Emerging Threats and SUSE’s Forward-Thinking Approach
The cybersecurity landscape is constantly evolving, with new threats emerging regularly. Among the most concerning are AI-generated malware and ransomware-as-a-service, which are reshaping the threat landscape. “Tools like FraudGPT and WormGPT are now available on the dark web, enabling even non-technical users to create sophisticated malware,” Ghariwala warns. These tools make it easier for cybercriminals to launch targeted attacks at scale, bypassing traditional defense mechanisms.
SUSE’s proactive security measures, including its zero-trust architecture and behavioral-based monitoring, help organizations defend against these sophisticated threats. By embedding security at every layer of the infrastructure, from development to deployment, SUSE ensures that organizations are prepared for both known and unknown challenges.
Interoperability: The Cornerstone of Digital Resilience
Digital resilience is more than just surviving a cyberattack—it’s about ensuring continuity and minimizing disruption. Open-source technology plays a critical role in achieving this by promoting interoperability and reducing vendor lock-in.
“Interoperability is essential for building resilient infrastructures,” Ghariwala emphasizes. “SUSE solutions work seamlessly with other technologies, giving organizations the flexibility and choice to adopt diverse IT stacks. This diversity in choice is crucial for avoiding single points of failure.”
The recent CrowdStrike incident serves as a stark reminder of the risks associated with single-vendor dependency. Ghariwala points out that “a dual-vendor strategy, incorporating open-source solutions, can significantly enhance resilience by providing fallback options.”
Compliance and the Malaysian Cybersecurity Bill
The passage of Malaysia’s Cybersecurity Bill highlights the growing regulatory pressure on organizations to maintain secure, resilient systems. SUSE’s solutions help businesses comply with these evolving regulations, ensuring that critical infrastructure remains protected against cyber threats.
“Our philosophy emphasizes interoperability, technology choice and resilience, helping customers avoid the risks of software concentration,” Ghariwala explains. SUSE’s open-source solutions are designed to be flexible and adaptable, allowing organizations to meet compliance standards while maintaining operational agility.
The Future of Open Source and Cybersecurity
Looking ahead, SUSE envisions open-source technology playing an even greater role in cybersecurity and digital resilience. “We’ll continue to focus on security as a horizontal pillar across all our offerings,” Ghariwala says.
Open source is not just supporting some of the largest institutions in the world, it’s building security and resilience that most can benefit from. Companies like SUSE continue to prove this with by supporting innovative industries like automotive to safeguarding financial systems. They demonstrate how open-source technologies can drive resilience and security without compromising on innovation.
This article was based on an interview with Vishal Ghariwala, Chief Technology Officer at SUSE Asia Pacific.
Vishal Ghariwala Chief Technology Officer, SUSE Asia Pacific
Vishal Ghariwala is the Chief Technology Officer for SUSE for the APJ and Greater China regions. In this capacity, he engages with customer and partner executives across the region, and is responsible for growing SUSE’s mindshare by being the executive technical voice to the market, press, and analysts. He also supports the global Office of the CTO to assess relevant industry, market and technology trends and identify opportunities aligned with the company’s strategy.
Prior to joining SUSE, Vishal was the Director for Cloud Native Applications at Red Hat where he led a team of senior technologists responsible for driving the growth and adoption of the Red Hat OpenShift and Middleware portfolios across the Asia Pacific region.
Vishal has over 20 years of experience in the IT industry and holds a Bachelor’s Degree in Electrical and Electronic Engineering from the Nanyang Technological University in Singapore.
This article was based on an interview with Mr Ramon Pinero, General Manager of BlackBerry AtHoc, and Mr Jonathan Jackson, Senior Director of Strategic Accounts at BlackBerry.
As we increasingly depend on digital systems for everyday operations, the security of our critical infrastructure faces unprecedented challenges. Cybersecurity, once a consideration largely confined to the tech sector, now plays a central role in safeguarding industries like transportation, healthcare, energy, and smart cities. BlackBerry, a company once synonymous with mobile devices, has shifted focus to become a key player in cybersecurity, integrating emerging technologies such as artificial intelligence (AI), machine learning, and the Internet of Things (IoT) to bolster infrastructure resilience.
Pivoting Mobile Leader to Cybersecurity Powerhouse
BlackBerry’s journey from a hardware pioneer to a cybersecurity leader was driven by recognizing a shift in the global digital landscape. Cybersecurity has evolved into an essential growth market in an interconnected world with myriad endpoints—from smartphones to autonomous vehicles and IoT sensors.
BlackBerry recognized this early and made a strategic decision to focus on software and services. “We saw an opportunity to make a strategic decision to focus on software and services in cybersecurity as a growth market,” noted Jonathan Jackson, Senior Director of Strategic Accounts at BlackBerry. This shift positioned the company to lead in two critical areas: cybersecurity and embedded systems, which are crucial in protecting modern infrastructure.
AI and Machine Learning: BlackBerry’s New Arsenal
At the core of BlackBerry’s transformation is its acquisition of Cylance, an AI-driven cybersecurity firm. The integration of Cylance’s AI and machine learning capabilities has empowered BlackBerry to prevent and respond to emerging threats. The nature of AI allows for predictive security, meaning that BlackBerry’s systems can anticipate and stop attacks before they materialize.
“Cylance AI is embedded across the full security stack of BlackBerry’s portfolio today,” explained Jackson. This approach is crucial in a world where cyberattacks evolve constantly, with AI even being used by malicious actors to generate never-before-seen threats. By using AI to fight AI, BlackBerry ensures it remains a step ahead of cybercriminals, leveraging technologies like deep learning to predict and prevent threats to critical systems.
Emergence of Smart Cities and the Need to Build Cyber Resilience
As smart cities emerge worldwide, they bring with them a host of new security challenges. The interconnected nature of smart city infrastructure—where traffic systems, public services, and energy grids communicate in real time—expands the potential attack surface for cybercriminals. BlackBerry’s embedded systems, designed to secure IoT devices and smart city infrastructure, are vital in protecting these increasingly complex environments.
BlackBerry has already made significant strides in securing automotive systems, with their technology being used by 24 of the top 25 electric vehicle manufacturers. This same technology, paired with AI and machine learning, is essential in smart cities, where the attack surface is ever-growing. “As you have more connected systems, you increase the attack surface of that system,” the company pointed out. Ensuring that these systems are secure is vital to maintaining the resilience of smart cities.
As the attack surface increases, the question of cyber security incidences changes from an “if” to a “when”. This is where policies such as Zero Trust can help. However, smart cities will also benefit from the implementation of threat intelligence and managed detection and response (MDR) solutions.
Zero Trust and Critical Infrastructure
One of the cornerstones of BlackBerry’s approach to cybersecurity resilience is the zero-trust framework. As applied to critical infrastructure—whether it’s power grids, transportation systems, or hospitals—this model ensures that no entity within the system is inherently trusted. Instead, all systems, devices, and users must continuously authenticate their identity to access sensitive data or systems.
This level of scrutiny is essential in industries where the stakes are highest. Ramon Pinero, General Manager of Blackberry AtHoc emphasizes, “Zero trust is important especially for critical infrastructure because of the types of data and assets that are in critical infrastructure,”. In an era where cyberattacks can have catastrophic real-world consequences, securing every aspect of infrastructure is paramount.
Collaborating to Bridge the Skills Gap
The challenges of securing critical infrastructure are further compounded by a global skills shortage in cybersecurity. BlackBerry’s collaboration with the Malaysian government exemplifies how partnerships can help address this gap. Through the Cybersecurity Center of Excellence in Cyberjaya, BlackBerry is training the next generation of cybersecurity professionals, with a focus on AI, smart cities, and IoT security.
The initiative aims to develop local talent capable of addressing emerging cyber threats, ensuring Malaysia’s infrastructure is both secure and future-ready. As more countries invest in smart city technologies, this collaboration model could serve as a blueprint for other regions looking to build cybersecurity resilience into their infrastructure.
The Power of Prevention
While responding to cyberattacks is critical, BlackBerry strongly emphasizes prevention. Their Managed Detection and Response (MDR) services, powered by Cylance’s AI, help organizations that may not have in-house security teams by offering continuous threat monitoring and proactive security measures. With the ability to predict and prevent attacks, BlackBerry’s MDR solutions ensure that businesses and critical infrastructure providers can focus on operations without worrying about constant cybersecurity threats.
AI-Generated image by Copilot of a smart city that is secured digitally
In their approach, prevention is key. “If we can prevent attacks from happening, it means that organizations don’t have to spend time and resources recovering from incidents,” Ramon further emphasized. This proactive mindset is essential in today’s world, where the consequences of a successful cyberattack on critical infrastructure can be disastrous.
A Cyber-Resilient Future
As emerging technologies like AI, machine learning, and IoT continue to shape the future of infrastructure, ensuring that these systems are secure is more important than ever. BlackBerry’s strategic pivot from hardware to cybersecurity positions it as a leader in building resilient infrastructure, whether it’s in smart cities, healthcare, or automotive industries.
By focusing on prevention, embedding AI into their solutions, and addressing the cybersecurity skills gap, BlackBerry is helping organizations and governments alike secure the digital systems that power our world. In doing so, they ensure that critical infrastructure remains resilient in the face of an ever-evolving threat landscape.
This article was written based on an interview session with Mr Ramon Pinero, General Manager of BlackBerry AtHoc and Mr Jonathan Jackson Senior Director of Strategic Accounts at BlackBerry.
Ramon Pinero General Manager BlackBerry AtHoc
Ramon Pinero is the General Manager of BlackBerry AtHoc, where he oversees all aspects of the critical event management business. With more than 20 years of experience in crisis/emergency management (CEM) technologies, Ramon brings a deep understanding of both product development and customer success.
With a passion for technology and deep roots in emergency response, Ramon continues to advance BlackBerry AtHoc’s position as the market leader. He is focused on driving strategy, fostering innovation, and enabling AtHoc’s technology to make an even greater impact—helping more organizations increase their resiliency and save lives through fast, accurate communications before, during, and after critical situations.
Jonathan Jackson Senior Director, Strategic Technical Sales APAC at BlackBerry
Jonathan Jackson (JJ) is the a Senior Director, Strategic Technical Sales APAC for BlackBerry. With over 20 years’ of experience, he helps organisations manage their cyber risk, leveraging the best of breed solutions to stop cyber attacks. JJ is a staunch advocate of protecting data and privacy and is a frequent spokesperson on cyber threat intelligence in Australia and all across APAC.
Another day, another email from IT telling you to change or update your passwords. We’ve all been there, opening emails and sighing at that reminder. However, did you stop to think what could be at risk when you don’t update your passwords across the board? What could the harm with just one password not being updated?
Understanding Passwords, Password Hygiene and Multifactor Authentication
Well, like Julie Andrews once sang – Let’s start at the very beginning, a very good place to start. What exactly are passwords in our current, digital, always connected society? If your data and accounts were your home, your password would be your master key. The one thing giving you access to everything. Of course, we technically don’t need to talk about it in this anecdotal way cause, everyone knows what passwords are. But, humour me as we break down the issue.
Knowing that your password is a master key, how would you make sure that things are always secure? You would keep it physically near you. Maybe clean it or make sure the key’s groves are still properly functioning. Similarly, password hygiene is simply the basics of creating a secure master key. There are certain characteristics that make it secure and hard to duplicate.
Firstly, it must be unique. The same applies to passwords – your passwords should be unique. Something that only you can figure out. Secondly, it has to be complex, the grooves of the key must be hard to reproduce. When it comes to passwords, this is done in two ways: with the length of the password and the use of special characters. Experts recommend that passwords should be longer than 6 characters and contain a mix of upper-case characters, lower case characters, numbers and special characters. In addition, it should ideally not be birthdates, social security numbers or simple patterns.
Now that you’ve got a secure key for your main door. Maybe we should add another layer of security considering everything you own is within this home. Let’s include a way to confirm that it’s really you opening the door. Maybe, we’ll use a voice authenticator. The addition of this second layer of security is exactly what multifactor authentication is. Essentially, it is there to ensure that it is you that is accessing your home. This has become a mainstay now with services like Google, Amazon and even Facebook requiring you to activate MFA. These are arguably, the very basics of keeping your data and digital self-safe.
Bad Passwords Puts Everyone at Risk
Now that we’ve covered the basics, let’s scale this up. Now think of a neighbourhood of homes. This is – perhaps – your family home. Each of your homes are interconnected with a powerline, a water source and more. However, each of these accesses are protected by the same protections that protect your mansion. More importantly, your homes are located within a gated community. This gated community is your home network. Ideally, there should be two access points to this community, one which gives you access to everything in the gated community and one that limited access. These access points are your WiFi passwords. In most cases, we tend to have two: one for your home devices and your guest password. Since we’ve established what a good password is, it should come as no surprise that the same rules of password hygiene apply even to these.
However, let’s think for a second about what happens if one of our access point has a weak password. It is very common for us to setup good home network passwords, but keep our guest passwords simple – cause who needs the hassle of trying to communicate complex passwords. Well, that would be, in this anecdote’s case, like putting a security guard who is blind at the guardhouse that provides guests access to the neighbourhood. While it is still secure, it’s not secure enough. Similarly, when we use weak passwords or repeated passwords, we’re doing the same to our data. Imagine what could happen now to all the homes in the neighbourhood because of that ONE vulnerability. You can have malicious actors enter the neighbourhood and snoop around.
“… password hygiene is crucial for organizations, it is important to note that unauthorized access to sensitive data can result in financial losses, reputational damage, and legal consequences. To prevent this, organizations should take the necessary steps to implement MFA and conduct regular software updates to protect organizations from known vulnerabilities that attackers might exploit. Organizations should be proactive in using the available tools such as password managers paired with the right training for employees to protect their data..”
In the case of passwords, one weak password could put everyone at risk. Remember earlier, how we said that each home is connected with an electric line, water line and more? Well, similarly, each device on your network – be it at home or at work – is connected in some way. Having a weak password is like having a thin wooden door with a flimsy lock. These malicious actors would be able to just bring down the door and access everything in your house and potentially make their way to other homes.
Keeping Things Secure Beyond Your Password
Hopefully, the anecdote helps clarify how passwords are essentially the first step to creating a secure environment both at work and at home. However, sometimes, passwords are not enough. While they provide some security, we have had to build on the foundations that were provided by passwords. This is especially true in recent years with malicious actors using more sophisticated attacks that require us to be more vigilant.
One of the most common way that has emerged to help secure our data is multifactor authentication (MFA). A good example of this is Google’s implementation where we need to click a prompt on our smartphones to prove your identity when accessing your Google account. This extra level of security makes it even harder for malicious actors to access your data. Another common MFA method is the use of authenticators which generate a random number that is used to unlock your accounts in addition to your password.
In addition to this, we have to – unfortunately – be more vigilant with our online interactions. Like the popular phrase in Game of Thrones, the internet “is dark and full of terrors”. Password hygiene is only one step we can take to protect ourselves on the internet. Having proper cyber security solutions such as the solution that Trend Micro offers will offer even better protection. For organizations, this may include the adoption of Zero Trust security models that will provide even better protection against compromise.
Android users, your data could be exposed thanks to an implementation flaw in popular apps. Microsoft has recently published a bulletin exposing a critical flaw that could be present in a large amount of applications. Microsoft estimates that the flaw could be in over four billion apps.
The vulnerability, given the moniker “Dirty Stream”, lies in the ability of potentially malicious apps to exploit and abuse Android’s content provider system. This system is designed to enable secure data exchange between apps on Android devices. The data exchange typically employs security measures like permissions, uniform resource identifiers and file path validation to ensure data security. However, sloppy implementation has led to a backdoor ripe for exploitation.
In Microsoft’s research, the incorrect use of the communication layer that allows communication between Android apps, known as “custom intents, can lead to sensitive areas of the app being exposed. This will allow hackers and malicious actors to access and inject malicious code into the app. Attackers can potentially take over the app entirely, access sensitive user data and intercept private logins.
Microsoft is not just exposing the exploit. It has worked proactively with affected developers, alerting them of the potentially vulnerable apps. Some of the apps identified in the report include Xiaomi’s File Manager and WPS Office. Both apps have large user bases. The former boasts a user base of over a billion installations while WPS Office has about 500 million. The companies have deployed fixes to address the issue.
Google has also been alerted. The search behemoth has updated its app security guidelines. The changes highlight common implementation errors that could lead to the security bypass.
New technologies can take many forms. Often, they come from generally straightforward, incremental product advances over the course of years; think the Complementary Metal-Oxide-Semiconductor (CMOS) process shrinks that underpinned many of the advances in computing over the past decades. Not easy, but relatively predictable from a high-level enough view.
Other shifts are less straightforward to predict. Even if a technology is not completely novel, it may require the right conditions and advances to come together so it can flourish in the mainstream. Both server virtualization and containerization fall into this category.
What’s next? Someone once said that predictions are hard, especially about the future. But here are some areas that Red Hat has been keeping an eye on and that you should likely have on your radar as well. This is hardly a comprehensive list and it may include some surprises, but, it is a combination of both early stage and more fleshed-out developments on the horizon. The first few are macro trends that pervade many different aspects of computing. Others are more specific to hardware and software computing infrastructure.
Artificial intelligence/machine learning (AI/ML)
On the one hand, AI/ML belongs on any list about where computing is headed. Whether coding tools, self-tuning infrastructure, or improved observability of systems, AI/ML is clearly a critical part of the computing landscape going forward.
What’s harder to predict is exactly what forms and applications of AI will deliver compelling business value, many of which will be interesting in narrow domains, and will likely turn out to be almost good enough over a lengthy time horizon.
Much of the success of AI to date has rested on training deep neural networks (NNs) of increasing size (as measured by the number of weights and parameters) on increasingly large datasets using backpropagation, and supported by the right sort of fast hardware optimized for linear algebra operations—graphics processing units (GPUs) in particular. Large Language Models (LLMs) are one prominent, relatively recent example.
There have been many clear wins, but AI has struggled with more generalized systems that interface with an unconstrained physical world—as in the case of autonomous driving, for example. There are also regulatory and legal concerns relating to explainability, bias and even overall economic impact. Some experts also wonder if broad gaps in our collective understanding of the many areas covered by cognitive science that lay outside the direct focus of machine learning may (or may not) be needed for AI to handle many types of applications.
What’s certain is that we will be surprised.
Automation
In a sense, automation is a class of application to which AI brings more sophisticated capabilities. For example, Red Hat Ansible Lightspeed with IBM watsonx Code Assistant is one recent example of a generative AI service designed by and for Ansible automators, operators and developers.
Automation is increasingly necessary because hardware and software stacks are getting more complex. What’s less obvious is how improved observability tooling and AI-powered automation tools that make use of that more granular data plays out in detail.
At the least, it will lead us to think about questions such as: Where are the big wins in dynamic automated system tuning that will most improve IT infrastructure efficiency? What’s the scope of the automated environment? How much autonomy will we be prepared to give to the automation, and what circuit breakers and fallbacks will be considered best practice?
Over time, we’ve reduced manual human intervention in processes such as CI/CD pipelines. But we’ve done so in the context of evolving best practices in concert with the increased automation.
Security
Security is a broad and deep topic (and one of deep concern across the industry). It encompasses zero trust, software supply chains, digital sovereignty and yes, AI—both as a defensive tool and an offensive weapon. But one particular topic is worth highlighting here.
Confidential computing is a security technology that protects data in use, meaning that it is protected while it is being processed. This is in contrast to traditional encryption technologies, which protect data at rest (when it is stored) and data in transit (when it is being transmitted over a network).
Confidential computing works by using a variety of techniques to isolate data within a protected environment, such as a trusted execution environment (TEE) or a secure enclave. It’s of particular interest when running sensitive workloads in an environment over which you don’t have full control, such as a public cloud. It’s relatively new technology but is consistent with an overall trend towards more security controls, not fewer.
RISC-V
While there are examples of open hardware designs, such as the Open Compute Project, it would be hard to make the case for there having been a successful open processor relevant to server hardware.
However, major silicon vendors and cloud providers are exploring and adopting the RISC-V free-to-license and open processor instruction set architecture (ISA). It follows a different approach from past open processor efforts. For one thing, it was open source from the beginning and is not tied to any single vendor. For another, it was designed to be extensible and implementation-agnostic. It allows for the development of new embedded technologies implemented upon FPGAs as well as the manufacture of microcontrollers, microprocessors and specialized data processing units (DPUs).
Its impact is more nascent in the server space, but it has been gaining momentum. The architecture has also seen considerable standardization work to balance the flexibility of extensions with the fragmentation they can bring. RISC-V profiles are a set of standardized subsets of the RISC-V ISA. They are designed to make sure that hardware implementers and software developers can intersect with an interface built around a set of extensions with a bounded amount of flexibility designed to support well-defined categories of systems and applications.
Platform software
Perhaps one of the most intriguing questions is what happens at the lower levels of the server infrastructure software stack—roughly the operating system on a single shared memory server and the software that orchestrates workloads across many of these servers connected over a network.
It is probably easiest to start with what is unlikely to change in fundamental ways over the next decade. Linux has been around for more than 30 years; Unix more than 50, with many basic concepts dating to Multics about ten years prior.
That is a long time in the computer business. But it also argues for the overall soundness and adaptability of the basic approach taken by most modern operating systems—and the ability to evolve Linux when changes have been needed. That adaptation will continue by taking advantage of reducing overheads by selectively offloading workloads to FPGAs and other devices such as edge servers. There are also opportunities to reduce transition overheads for performance-critical applications; the Unikernel Linux project—a joint effort involving professors, PhD students and engineers at the Boston University-based Red Hat Collaboratory—demonstrates one direction such optimizations could take.
More speculative is the form that collections of computing resources might take and how they will be managed. Over the past few decades, these resources primarily took the form of masses of x86 servers. Some specialized hardware is used for networking, storage and other functions, but CMOS process shrinks meant that for the most part, it was easier, cheaper and faster to just wait for the next x86 generation than to buy some unproven specialized design.
However, with performance gains associated with general-purpose process shrinks decelerating—and maybe even petering out at some point—specialized hardware that more efficiently meets the needs of specific workload types starts to look more attractive. The use of GPUs for ML workloads is probably the most obvious example, but is not the only one.
The challenge is that developers are mostly not increasing in number or skill. Better development tools can help to some degree, but it will also become more important to abstract away the complexity of more specialized and more diverse hardware.
What might this look like? A new abstraction/virtualization layer? An evolution of Kubernetes to better understand hardware and cloud differences, the relationship between components and how to intelligently match relatively generic code to the most appropriate hardware or cloud? Or will we see something else that introduces completely new concepts?
Wrap up
What we can say about these predictions is that they’re probably a mixed bag. Some promising technologies may fizzle a bit. Others will bring major and generally unexpected changes in their wake, and something may pop onto the field at a time and from a place where we least expect it.
In the ever-challenging digital landscape, Malaysia’s MCMC (Malaysian Communications and Multimedia Commission) is pondering significant changes to address online issues and economic strain on local news media, drawing inspiration from international counterparts like Australia and Canada.
Curbing the spread of misinformation and cyber threats
With the exponential growth of the internet, Malaysia, like many nations, grapples with various online challenges. The MCMC met with representatives from Meta (formerly Facebook) and Google to discuss measures against child sexual abuse material, online gambling, scams promotion of prohibited substances, fake news and content inciting Race, Royalty and Religious (3R). Similar talks with TikTok have also been scheduled in the near future.
While digital platforms offer convenience and connectivity, they also bring about issues such as disinformation and data privacy concerns. Implementing frameworks that hold tech giants accountable can be a step in the right direction.
Fair compensation for media, inspired by Australia and Canada
Australia and Canada have recently taken steps to compel tech giants like Google and Meta to compensate local news outlets for using their content. Australia is using the world’s first Mandatory News Media Bargaining Code, which ensures fair compensation of media by Google and Meta for using their content. In Canada, the Bill C11 regulates streaming platforms and ensures these platforms support Canadian content.
Currently, there is an imbalance in income for traditional Advertising Expenditure (ADEX) between digital platforms and local media in Malaysia. The MCMC is now looking to adopt similar frameworks as Australia and Canada to address this imbalance. This move is significant because it acknowledges the importance of journalism in our digital age and aims to rectify the economic disparities within the media industry.
MCMC looks towards a fair and secure digital landscape in Malaysia
Should MCMC choose to follow in Australia and Canada’s footsteps, the repercussions for Malaysia’s digital landscape could be profound. Local news outlets may see a boost in revenue, ensuring the sustainability of quality journalism. As Malaysia navigates these uncharted waters, it’s crucial to strike a balance between protecting local media interests and promoting digital innovation.
Enterprises and businesses are well into their digitization journey. Many have adopted digital strategies and tools that align with their businesses and goals. However, in their swiftness to adopt software and tools that enable them to be agile, many may have overlooked one of the most crucial aspects of their data security – third-party access and control. The issue arises as a result of the adoption of multiple diverse tools and technologies needed for digitization, the acquisition of contract talent, consultants and third-party support. This rings true even for Financial Service Institutions (FSIs). In a recent report, Gartner stated that 59% of organizations experienced a data breach due to third parties and only 16% of them say they are equipped to manage these risks.
“Today, organizations can manage up to thousands of identities which means more access points that may present significant risks. In order to mitigate the risks of breach and protect digital identities, data and resources, enterprises need a comprehensive identity security solution for complete visibility into all user types and their related access, including all entitlements, roles, and attributes, to ensure employees receive the right access to the right resources to do their job.”
While it can seem like a daunting task for IT departments and CIOs to get a handle on the issue, the truth is that it’s a simple task of managing access on a “just-in-time” and/or “as-needed” basis. With an increasing number of such instances, it becomes a conundrum of how to dynamically manage these permissions. One emerging approach is to manage these permissions or instances as “identities”. Using this approach, it’s a matter of mapping these identities and the data they have access to. Essentially, a holistic view of who (identities) can access what data (what), is needed. While it can be a little complicated to administer this on a dynamic level, companies like SailPoint provide turn-key solutions fortified with artificial intelligence (AI) that allow just that.
An Increasing Concern for Financial Service Industries (FSIs)
As banks and other FSIs start embracing digitization and move towards becoming digital services, we’ve seen an increasing emphasis on data security and privacy particularly when it comes to user data. However, like many other enterprises, the digital infrastructure and tools that they have in place may pose a risk when it comes to data security. What’s more, when it comes to FSIs, the consequences of poor security can result in millions of dollars of loss for both the client and the institution itself.
In Malaysia alone, we’ve seen an increasing number of scams and data breaches in the past 5 years. This seems to have skyrocketed during the pandemic and is not showing any signs of slowing down. In fact, in the past year alone, we’ve had breaches of large service providers like Telekom Malaysia and Maxis. More worryingly, we’ve had breaches of FSIs like Maybank and iPay88. Of course, under the watchful eye of regulators, these issues are constantly being investigated and fines are dolled out for mismanagement.
“The reality is a large majority of cyber security breaches today occur as a result of non-employee identities. According to a research by Ponemon, 59% of respondents confirm that their organizations have experienced a data breach caused by one of their third parties and 54% of these respondents say it was as recent as the past 12 months”
That said, it’s important that these institutions move from a reactive approach to a more preventative and proactive one. This change has to happen with both policy and adoption of security technologies which give CIOs and data security experts a clear view of who is accessing what data and why.
Creating A Data Secure Environment for Business
FSIs like Maybank and iPay88 may point to their apps with features like SecureKey and their implementation of one-time pins (OTPs) as potent security measures. However, as Chern-Yue Boey, Senior Vice President at SailPoint puts it, “Authentication is like giving someone the keys to your front door, but identity security is where you can control whether this person can have access to your rooms and other aspects in your home.”
What’s needed is a system that can cross-check and verify if access to the information is allowed. Mr. Boey weighs in on this, “A complete identity security strategy involves understanding, controlling, and managing user identities and access to all resources holistically, in line with authentication methods. This means building an identity security foundation to enable authentication and comprehensive identity governance.”.
Identity governance will entail creating unique profiles to manage access to data. This also entails structuring data so that it can be accessed on an “as-needed” basis. While many systems for cybersecurity do include options for Zero Trust environments, the implementation of identity management ups the ante and creates an environment where small silos of data can be made available to external users and contractors. This will enable access to data on a restricted basis and allow CIOs and IT Departments to manage data based on job function, role and levels of access.
Mitigating Risk with Identity-based Security
This is where Identity Security can play a huge role for FSIs and even other corporations. The creation of these identities limits the potential exposure even if a breach occurs. That said, in order to mitigate the risk, it falls to the C-suite executives – particularly the CIO or CSO – to understand which job functions should have access to what data. Only with this understanding can they deploy solutions like SailPoint effectively.
Having this understanding – which can be fostered at every level of management – will help mitigate risks associated with third-party workforces. In fact, it helps with a key risk: unauthorized access to sensitive data. As access becomes limited, so too do the entry points for bad actors.
That said, understanding is only one part of the equation, FSIs and other organizations will need better oversight over the identities in their system and the data being accessed across the entire distributed IT ecosystem. This includes the ability to grant or restrict access as necessary. Doing this will create a perimeter of security when it comes to pertinent, sensitive data.
Maximizing Security with Informed Access
This transparency and oversight will allow for better-informed decisions as CSOs and CIOs have access to a central repository of all users – third-party or otherwise – and their relationship to the organization. This includes their job functions and the data they have access to. It helps with managing risk when it comes to third-party access. IT Departments are able to assign risk ratings to individual third-party users based on who they work for, location, access level and other parameters as set by the organization.
It also allows them to better manage the onboarding and offboarding of employees and non-employees as they enter and exit the organization. Essentially, the visibility, relationship data and governance will necessarily give rise to a lifecycle for each identity in the organization. While it may seem like a simple matter of managing the current access of users to the data, it goes further than that with identity management. It gives granular control and visibility to a CIO, CSO and IT Departments allowing them to react effectively and in a timely fashion. It also allows them to automate compliance audits with minimal manual intervention.
A Necessary Measure for Dynamism and Agility
As much as it may seem like an added layer of complications and headaches for IT departments, the shift from managing data based on access vs. through identities is the difference between being reactive and proactive. Managing data access with Identity security is a necessary measure for FSIs and organizations to remain agile in operations as well as respond dynamically to a landscape of uncertainties.
