Ramesh Umashankar, CEO – International Business, iValue InfoSolutions In recent years, the Asia-Pacific (APAC) region has become increasingly attractive to cybercriminals. According to IBM X-Force Threat Intelligence Index 2022, Asia was the most attacked region in 2021, receiving 26 percent of the global attacks. India tops the list of the most attacked country in Asia. Various reports highlight a significant shift in cyberattacks from North America and Europe to Asia. The rise in cyberattacks in APAC is credited to the region’s rapid digitalization coupled with low cybersecurity awareness, training, and regulations. This regional focus marks an emerging opportunity for business leaders in the APAC to consider how they can improve their cybersecurity postures and be aware of the latest cybersecurity trends. Here are the top 4 cybersecurity trends for APAC companies in 2022: 1. A renewed focus on data privacy and security The impact of GDPR laws on data protection has inspired APAC governments to introduce cybersecurity bills on data protection. Bangladesh is well on its path to introducing the first of its kind draft cybersecurity strategy that aims at creating safer cyberspace. While India is inching toward the final approval for its Personal Data Protection (PDP) bill. But the biggest impact for companies in APAC is the widespread introduction of mandatory data breach notification laws. For instance, Singapore’s new Cybersecurity Act requires organizations from 11 key industry sectors to report any breach of critical information infrastructures to the Singapore Cyber Security Agency. Under its Personal Data Protection Commission (PDPC), organizations are to notify of any cyber incident within three days of the event. The shift from voluntary to mandatory reporting, in a time-limited setting, would require companies to focus on improving their privacy compliance and security strategies or risk paying hefty fines. iValue Recommends: Set up an incident response team and create a template data breach notification. Your team would be responsible for planning a response to a breach and notifying employees, partners, vendors, regulatory bodies, and other stakeholders. 2. Combating Ransomware-as-aService According to the 2022 Thales Data Threat Report, 1 in 5 businesses have paid or would pay a ransom for their data. Organizations in APAC are attacked 51 times per week on average. Indian companies are prime targets for ransomware, with 1 in 4 companies reporting a ransomware attack in 2021. Adding to the alarming statistics are reports that APAC organizations are more likely to pay the ransom sometimes as high as $USD 1 million. APAC’s vulnerability to ransomware, fuelled by Ransomware-as-a-Service (RaaS), is a push for leaders to devise ransomware defense plans. The aim is to prioritize building cyber resilience by implementing new technologies and providing cybersecurity training to employees. iValue recommends: The biggest element for cyberattacks is human error. Invest in training your staff in best practices of cybersecurity and maintaining basic security hygiene. Have advanced threat hunting solutions in place to weed out trojans (Trickbot, Emotet, Dridex, CobaltStrik) and ransomware infections from your network. 3. Rise in collaborative cybersecurity efforts Given that threat actors target companies with multiple locations, there is a need for an increased collaborative effort between governments, companies, vendors to strengthen the cybersecurity landscape. In light of the increasing threats and challenges, many companies and governments are working together to share information and best practices and develop new cybersecurity solutions. Through initiatives such as information sharing platforms and incident response exercises, organizations in the Asia Pacific region are working together to address cyber threats and accelerate public-private partnerships in cybersecurity. For example, Philippine bankers are learning cybersecurity best practices from the United Kingdom. According to FIT Country Director Richard Colley, the initiative aims to help forge relationships and build connections between the UK and the Philippines and work together in addressing cyber security risks. Meanwhile, Microsoft is on a mission to unite APAC governments and state agencies with the cybersecurity council. The Asia-pacific Public Sector Cyber Security Executive Council is a growing group of government leaders, policymakers, regulators, and industry stakeholders from Singapore, Indonesia, South Korea, Malaysia, Thailand, Brunei, and the Philippines. The council meets every quarter to maintain a continuous exchange of information on cyber threats and cybersecurity solutions. iValue recommends: Look for security management platforms that offer automation at scale, customized threat intelligence, and leverage AI. 4. Cybersecurity Education A dearth of cybersecurity experts and skillsets is the bane of the cybersecurity industry. Despite reskilling and up skilling efforts, organizations are finding it increasingly difficult to find and retain qualified talent. According to the 2021 World Economic Forum (WEF) report, the APAC region accounts for 66 percent or 2.045 million of the global cybersecurity talent shortage. To address the cybersecurity workforce gap, organizations, institutions, and governments are working on specialized cybersecurity training programs. For instance, The Asia Pacific University of Technology and Innovation (APU) in Malaysia offers specialized graduate courses in collaboration with industry experts, a state-of-the-art infrastructure learning space (CyberSecurity Talent Zone), a full-fledged Cyber Threats Simulation and Response Center (or Cyber Range), and a Security Operations Center (SOC) with military-grade real-time cybersecurity monitoring systems, research centers, and simulation infrastructure. Whereas, giant tech corporations like IBM and Microsoft are investing in cybersecurity hubs in APAC regions to deliver immersive training programs. iValue recommends: Cybersecurity is a necessity for every company. Organizations must recognize that investing in skilled cybersecurity professionals and building a team is essential for long-term success. Expand your team’s capabilities, skillsets, and geographies by hiring remote workers across the globe.  

Satish Kumar V, CEO, EverestIMS Technologies Losing credibility is equivalent to losing your standing in the increasingly competitive market, and it will directly impact your business. Therefore, it is essential to adopt a robust security strategy to maintain its sterling reputation as a reliable and trustworthy enterprise. Enterprises that adopt a Zero Trust philosophy can confidently offer new business models and enhanced and secure user experience to their customers. Evolved business models and satisfying customer experience impact the bottom line empowering businesses to be future-ready without fear of security threats. From an enterprises standpoint a Zero Trust Network Access (ZTNA) perspective has to be embedded within the access and security layers that they adopt. What is Zero Trust? At its core, Zero Trust is about verifying every user, validating every device, and limiting access intelligently. Instead of relying on Single-Sign-on (SSO) and multi-factor authentication alone, AI/ ML helps enterprises with behaviour-based access i.e. tracking user behaviour patterns and detecting any deviation from that baseline. It enables the verify-first practice. Almost all our devices are linked. Therefore, we need to employ device management solutions with the context and policies to ensure safer access. Access to the workforce in any enterprise is based on their roles and tasks. Unfortunately, changes in roles do not always change access rights soon enough. Therefore, privileges need to change as quickly as changing roles or employees leave the enterprise. It can only be done through integrated real-time applications that cause zero delays on access-based decisions. Zero Trust Network Access (ZTNA) offers a model where trust is never implicit and enforces policies that are granular, adaptive, and context-aware. A ZTNA strategy for enterprises Enterprises committed to adopting Zero Trust must keep in mind the following key factors: Micro-segmentation: Enterprise security will use granular controls to handle user controls over networks, data usage, SaaS applications, and endpoint applications. Enforced policies everywhere: Security must be persistent and not limited to a file-access approach. It must involve uncompromising security at all times from everywhere – across different applications and file types. Greater visibility through automation: Log all behaviour, suspicious or not. Enterprises can detect potential threats while ensuring compliance through frequent audits. Benefits of ZTNA implementation Enterprises en route to digital transformation aim to be future-ready. But, as businesses grow, so do cyber threats. The ZTNA (zero trust network access) ensures controlled access to the network. And the Zero Trust advantage for network security is that it reduces surface area from cyber-attacks. This control prevents direct exposure of your applications to the internet. With the advent of ZTNA, enterprises can phase out their previous dependence on VPNs for remote access. While access to applications was through intermediaries such as VPNs before, it is a cloud service now, either self-hosted or from a third party. ZTNA technologies enable application access without going through the network. It starts with Zero Trust, even before allowing connectivity, and is purely based on identities and devices, with authorization coming first and foremost. Typically, enterprises are challenged by certain limitations i.e., they have not been able to limit the incident to one identity without compromising others or contain the incident before it turns into a data breach. The Zero Trust model offers intelligent responses with more authentication methods and controls to ward off cyber threats. Moreover, zero trust enables risk-adaptive security control and customizes enforcement based on user actions. Working from anywhere on any device has altered the way businesses operate irrevocably. It is estimated that over 50% of the workforce will continue to work remotely in the next few years. The new working model means vast amounts of data flow through various devices and out of a secure office facility. Moreover, employees log in and out between office laptops and personal devices or use a public Wi-Fi network or a shared family system. Hackers find enterprises in these circumstances an easy target. Clearly defined policies and stipulations of the devices, data access, and data encryption in a Zero Trust model alone can ensure total compliance. A word to the wise It is vital that enterprises, small, medium, or large, understand the evolving cyber landscape, risk perceptions, and the connection between them to prioritize risk mitigation based on threat analysis. With ZTNA, enterprises control data usage, with unified data security policies across the board – cloud, networks, endpoints, and SaaS applications. Therefore, the time to implement ZTNA is now.  

Fire is a massive safety concern, especially in large areas with combustible ‘elements’ such as charging units, waste and battery storage areas. Often these areas are unmanned at all times, and traditional monitoring methods do not always see a fire in time. The speed at which a fire can take hold is frightening, and so the earlier a warning is given, the better the outcome. Thermal technology is coming down in price and is being used increasingly to detect abnormal heat rises, effectively offering a fire prevention solution, rather than a fire reaction one. A serious problem smoulders According to the U.S. Fire Administration (USFA) the US suffers an annual average of 1.3 million fires resulting in 3,190 civilian deaths, 16,225 civilian injuries, $14.7 billion in direct property loss. It is a great concern to industry too, especially in large buildings with combustible or electronic con tents, like warehouses, fulfillment centers, dispatch centers, and datacenters. Even battery charging stations are higher risk, with Lithium-ion batteries being a particular concern. Existing methods of detection can prove useful, but have limitations with regard to verification and warning time. Smoke detectors will give an alarm when they detect smoke in the air. However, this is only after the fire has already started. The same applies to air sampling devices, which tests the particulates in the air, although these can usually detect smoke before a smoke detector. Optical cameras are also used, but they can only give a warning when flames are visible – in other words, when the fire has already started. Monitoring temperature before flame Thermal imagery can give warnings at an earlier stage of a fire. Because this technology monitors the temperature, rather than the output of a fire (smoke, flame etc.), it can flag a potential issue before it happens. If thermal sensors detect abnormal temperatures, operators can investigate further and take action to avert the fire itself. Cameras can be positioned at certain points around a site to monitor it all, or used to focus on particular risk points, like a waste dump, or an electric charging station. Solution designers use thermal technology successfully in a number of scenarios, including recycling centers, forests, and warehouses.  Verification avoids false alarms Many fire systems use different types of sensor in combination, and thermal technology adds extra value by verifying other alerts. For example, it can double-check the temperature of an area where a smoke alarm has sounded. Thermal cameras can also provide support for those checking the alert location. With the use of a bi-spectrum camera, operators in the control center can see if the person checking the alert is in the same place as that alert, reducing the chance of error and missing a potential fire risk. The technology also comes in useful for planning and risk assessment. It can show potential ‘hot spots’ in a building by monitoring it over time. These can then form part of risk mitigation – to pay particular attention to those areas for fire prevention activities and evacuation plans, for example. When there are people in an area, preventing fire becomes even more important. Injuries can be averted, even lives saved, if they get the proper warning in time to act – whether to put out a fire or evacuate. Thermal camera ranges (e.g., Hikvision’s HeatPro series) have models linked directly to sirens or strobe lights. These can give a general warning in the area of the camera, as well as an alert to the system operator. Installation design flexibility Lower cost thermal cameras, like HeatPro, can also provide great flexibility in building a bespoke system for a site. A number of different detection distance options in the cameras provide different fields of view. This means that installers can find the right combination to meet the needs of the space they need to protect. Hikvision also has a Thermal Design Tool – software to guide installers on the best way to place the cameras in an area. Franck Carette, Product Manager Europe Security & Safety Thermal Products at Hikvision, said, “The fact the thermal technology has come down in price means that it’s now a much more sensible fire prevention option from an economic perspective. With the introduction of our latest model, this makes even more sense, since this has a much larger field of view. This means installers need to put in fewer cameras to cover the same area as before.” The maxim ‘prevention is better than cure’ resonates well in the world of fire safety. Fires cause massive damage, and can even be responsible for grave injury or death. However, if a fire risk can be identified early enough, a fire can be successfully managed, or avoided altogether. Thermal technology can provide that extra bit of time that makes the difference between containment and disaster.