Search

Fortifying resilience: Lumen Technologies’ Cheah Wai Kit on fostering a more proactive cybersecurity defence across businesses, governments

by

Azunta Gaviola

-

2 weeks ago

Are you ready to unlock the secrets to skyrocketing your e-commerce business in the hearts of Southeast Asia’s e-commerce hub? The ‘E-Commerce Marketing Series 2024’ conferences are coming to Malaysia and the Philippines starting this July! Click here to find out more!

In the current digital age, cybersecurity remains a pressing concern for businesses, regardless of location. Even nations known for their robust cyber defence also find themselves grappling with and not immune to cyberattacks. These persistent threats can target various infrastructures, institutions, and even sectors in the country, impacting the overall landscape on multiple fronts.

In Singapore, a significant rise in attacks and breaches in recent years has been reported by their cybersecurity agency. These threats are aimed at businesses both in the public and private sectors and include cases of cyberattacks, data breaches, and shortages of skilled cybersecurity talent.

Furthermore, SMEs making up the country’s backbone were also reported to lack robust cybersecurity measures, which stems from the misconception that they are unlikely to be targets for cyberattacks.

Recognising these threats as a systemic issue concerning a lack of knowledge, skill sets, or experiences across various organisations to implement the necessary cybersecurity controls underscores the necessity for greater technical measures to positively enhance the data security posture of many countries, including Singapore.

However, safeguarding their organisations involves more than just expanding the capabilities to detect and respond to cybersecurity breaches.

For UpTech Media’s latest exclusive interview, we sat down with Cheah Wai Kit, senior director of product management and security practice at Lumen Technologies, to understand the proactive approaches to cybersecurity and how organisations, in both the public and private sectors, will learn to adapt to them. He also discussed the traditional strategies needed in the present age, with topics also tackling security through policy recommendations and technical measures.

Mitigating data breaches and cyberattacks across public and private organisations

For Cheah Wai Kit, senior director of product management and security practice at Lumen Technologies, cybersecurity must move beyond responding only when a breach takes place. Instead, businesses must be equipped with the capabilities to proactively identify, protect, detect, respond, and recover from these threats.

He also said that they should engage in proactive threat hunting using advanced techniques and threat intelligence that will help minimise dwell time and prevent the risks of a cyberattack.

Understanding this challenge of vital importance, he further notes, “This is now more critical than ever, especially with the rise of sophisticated TTPs (Tactics, Techniques and Procedures), exploitation of zero-day vulnerabilities, and increased social engineering attacks, including increasingly AI or deep fake use cases.” 

With enterprises and organisations now using more cloud services alongside remote or hybrid workforces, protecting their digital assets has also become more challenging. According to him, preventing data breaches also requires more than just a firewall, antivirus, or EDR software.

In particular, he cited the company’s cybersecurity efforts to address this particular challenge. This includes their role in empowering organisations through customised advanced MDR to fit their respective needs.

It also involves proactive threat hunting while also continuously educating enterprises and organisations on security awareness, maintaining discipline in remediating critical vulnerabilities on key assets, and being vigilant.

Partnering with a trusted Advanced MDR provider to safeguard intellectual property (IP) and customer data, Cheah also said that organisations can maintain their competitive edge and focus on their core purpose by supporting growth and market leadership. This excludes whether, from a business standpoint or ensuring national interests.

He further adds, “From a business standpoint, it also instills confidence in their customers and partners, reassuring them that their data is secure and protected.”

“This enhanced trust then leads to stronger customer relationships, increased loyalty, positive brand association, and even business referrals, ultimately driving growth through customer acquisition and retention,” he expounded.

Strategies essential to combating contemporary cyber threats

In terms of dealing with contemporary cyber threats, Cheah explained that most enterprises in the traditional setup would begin with ingesting logs and monitoring them for anomalies by correlating these logs against a set of use cases. The said use cases define indicators of compromise or attacks.

Owing to this approach, he further encouraged organisations and enterprises to continue maintaining strong password management and updating software and patches. He also said to invest in employee training and whole-of-organisation awareness, as well as ensure regular data backups and recovery procedures.

Meanwhile, when asked about disregarding traditional strategies, Cheah believed that abandoning the use of anti-virus software entirely would not exactly address the threats in the current landscape.

Instead, he then cited three essential strategies to successfully combat an incident. This includes basic discipline in strengthening security systems, patching to remediate critical vulnerabilities, and applying the necessary access controls to restrict and prevent unauthorised access.

Ensuring security through policy recommendations and technical measures 

According to Cheah, the latest amendment to Singapore’s Cybersecurity Act introduces a new category for third party-owned critical information infrastructure. This approach reflects the increasing reliance of essential service providers on third-party systems.

As bad actors increasingly target systems, he also highlighted the need for heightened oversight of cyber incidents, given that digital services have become more prevalent in everyday life. These obligations extend beyond the CII to adjacent systems and supply chains. This new regime also accentuates the demand for organisations to adopt proactive approaches in terms of safeguarding their operations and enhancing the cybersecurity resilience of the country.

Cheah further states, “In the spirit of taking a proactive stance to cybersecurity, organisations (especially nation-critical ones) will need to anticipate how to and leverage the use of technologies including AI, machine learning, and quantum computing for end-to-end solutions to safeguard all aspects of their supply chain.”

He also advised regulated businesses to observe developments and remain adaptable in implementing required changes, given that codes of practice and subsidiary legislation on specific operational aspects are introduced.

Furthermore, it is also essential to integrate security solutions that are crucial in contributing to organisational success in today’s digital landscape.

Ensuring this security is fortified, he said that organisations also need to stay ahead of their adversaries, which involves advanced threat detection technology for their cloud estates, endpoints, and infrastructure level, combined with automation and human expertise to rapidly identify and limit the impact of threats by performing threat hunting, detection, and response.

“It’s important for organisations to stay updated with the latest cybersecurity threats and implement necessary measures to protect their digital assets,” added Cheah.

He further described using a proactive stance that extends beyond threat detection and threat hunting capabilities across attack surfaces and mere network infrastructure and endpoints. It thus includes cloud-native applications, IoT and OT devices, and user and entity behaviour analytics through their 24/7 security operations centres.

“This again reiterates the importance of going beyond the traditional notion of cybersecurity, where enterprises only react when a breach or attack happens,” he said.

More importantly, he asserted that organisations must have the essential capabilities to identify, protect, detect, respond, and recover as they enable complete visibility of assets across the attack surface, thereby reducing a scramble for protection only when a breach happens. This has proven to contribute commercially to businesses, which is critical in the current economic landscape.

Cheah concluded by stating, “This proactive stance also acts as a catalyst for greater protection with built-in integration, automation, and a proactive end-to-end security solution, which minimises dwell time and improves speed and efficiency of response, enabling quicker remediation.”

Discover the current trends in business communication based on over 473 billion interactions. Download the free report here to stay ahead of the curve in messaging trends!
Experience history at MARKETECH APAC’s ‘Marketing Technology Awards 2024! On November 28, live in Singapore, celebrate visionaries shaping Asia-Pacific’s marketing tech across 45 categories. Join us in honouring innovation and excellence! Click here to learn more.

 

Share

RECENT ARTICLES

Progress unveils new capabilities of LoadMaster 360 to help organisations secure web applications
NetApp to boost scalability, performance for strategic cloud workloads with expanded capabilities
NCS introduces suite of AI, digital resilience solutions to boost tech adoption
CelcomDigi’s new AI experience centre to drive digital transformation, accelerate development using emerging tech
Email security awareness in SEA soars the highest amongst developing regions at 43.2%: report
Ellipse 3

RELATED ARTICLES

Progress unveils new capabilities of LoadMaster 360 to help organisations secure web applications_11zon
NetApp to boost scalability, performance for strategic cloud workloads with expanded capabilities_11zon
NCS introduces suite of AI, digital resilience solutions to boost tech adoption_11zon
Ellipse 3

FEATURED ARTICLES

Progress unveils new capabilities of LoadMaster 360 to help organisations secure web applications_11zon
NetApp to boost scalability, performance for strategic cloud workloads with expanded capabilities_11zon
NCS introduces suite of AI, digital resilience solutions to boost tech adoption_11zon

Subscribe to UpTech Media Newsletter

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.