SOFTWARE SECURITY

HGC signs MoU to strengthen public telecoms network security with CyberSecurity Malaysia

prnewswire | October 28, 2020

HGC signs MoU to strengthen public telecoms network security with CyberSecurity Malaysia
HGC Global Communications Limited (HGC), a fully-fledged fixed-line operator and ICT service provider with extensive local and international network coverage, services and infrastructure, today announced the signing of a Memorandum of Understanding (MoU) with CyberSecurity Malaysia, the national cybersecurity specialist and technical agency under the Ministry of Communications and Multimedia Malaysia (KKMM).
The MoU provides a framework under which HGC will facilitate its portfolio of critical cybersecurity skillsets to the telecommunications industry whilst fostering increased cybersecurity innovation by enabling CyberSecurity Malaysia to achieve its purpose of overcoming national cyber security challenges and deliver greater ICT benefits to internet users.

The MoU will at first benefit large to medium enterprises, the financial services industry (FSI), government and semi-government bodies. The cooperation's impact will be felt beyond Malaysia's borders by reaching HGC's customers overseas, in particularly across the Asia community, and within a wide range of industry verticals such as e-health, e-commerce, e-education initiatives.
HGC provides broad range of connectivity and cybersecurity services to keep safe

Given the increase in the number of internet users has a direct implication on the increase in potential threat on information systems, it is essential to take necessary precautionary measures.

According to CyberSecurity Malaysia, between January and September 2020, Malaysia has recorded 8,366 cybersecurity incidents, including fraud, intrusion, and malicious code -- an increase of nearly 10% over compared to 2019.

Under the collaboration, HGC with its international exposure is tasked with provisioning its cybersecurity expertise including consulting, managed security services, engineering, risk management, cloud security and advisory services. This will in turn enable CyberSecurity Malaysia to boost its range of cyber security innovation-led services, programmes, and initiatives to reduce the vulnerability of digital systems, and at the same time strengthen Malaysia's self-reliance in cyberspace.

The MoU will cover cybersecurity cooperation in key areas including telecom security, IoT security and threats intelligence. The exchange of information on telecommunication networks, ICT solutions and cybersecurity can further improve cyberattack readiness and prevention measures.

Ravindran Mahalingam, HGC's SVP of International Business, said: "Cybersecurity is a paramount asset, key to HGC's vision of a connected world. As a global telecommunications service provider, we are committed to promoting sustainable development of technological innovations, keeping cybersecurity at the centre of business solutions. More, cybersecurity is important in a smart city as the infrastructure can be vulnerable and needs to avoid any breaches. HGC is dedicated to support cybersecurity for ICT and network initiatives, ensuring a secure and reliable digital business environment."

Dato' Ts. Dr. Haji Amirudin Bin Abdul Wahab, CyberSecurity Malaysia's Chief Executive Officer, said: "Today, cyber security is a major concern for most industries and the vulnerabilities are rising at an alarming rate; hence IT professionals are in high demand to analyse and overcome these threats. Moreover, these attacks could have been dealt with if those businesses have better cyber resilience. Organizations today are beginning to complement their cybersecurity strategies with cyber resilience. CyberSecurity Malaysia, a national cyber security specialist and technical center under the purview of the Ministry of Communications and Multimedia Malaysia, identifies collaboration as one way to strengthen the cybersecurity ecosystem in Malaysia. CyberSecurity Malaysia is pleased with the collaboration between global companies such as HGC to develop sustainable relationships between government and industry as well as raising the level of readiness and resilience of national cyber security and its contribution to national economic growth."
About HGC Global Communications Limited

HGC Global Communications Limited (HGC) is a leading Hong Kong and international fixed-line operator. The company owns an extensive network and infrastructure in Hong Kong and overseas and provides various kinds of services. HGC has 23 overseas offices, with business over 5 continents. It provides telecom infrastructure service to other operators and serves as a service provider to corporate and households. The company provides full-fledged telecom, data centre services, ICT solutions and broadband services for local, overseas, corporate and mass markets. HGC owns and operates an extensive fibre-optic network, five cross-border telecom routes integrated into tier-one telecom operators in mainland China and connects with hundreds of world-class international telecom operators. HGC is one of Hong Kong's largest Wi-Fi service providers, running over 29,000 Wi-Fi hotspots in Hong Kong. The company is committed to further investing and enriching its current infrastructure and, in parallel, adding on top the latest technologies and developing its infrastructure services and solutions. HGC is a portfolio company of I Squared Capital, an independent global infrastructure investment manager focusing on energy, utilities and transport in North America, Europe and selected fast-growing economies.


About CyberSecurity Malaysia

CyberSecurity Malaysia is the national cybersecurity specialist and technical agency under the purview of the Ministry of Communications and Multimedia Malaysia (KKMM). In essence, CyberSecurity Malaysia is committed to provide a broad range of cybersecurity innovation-led services, programmes and initiatives to help reduce the vulnerability of digital systems, and at the same time strengthen Malaysia's self-reliance in cyberspace. Among specialized cyber security services provided are Cyber Security Responsive Services; Cyber Security Proactive Services; Outreach and Capacity Building; Strategic Study and Engagement, and Industry and Research Development.

Spotlight

Official: organizations can no longer compete effectively while keeping Information Technology (IT) and Operational Technology (OT) separate. Although IT-OT converged ICS networks deliver many business benefits, they also challenge OT managers with new complexities, including the rise of cyber and operational risks, increasing w

Related News

DATA SECURITY

Brane Capital, a Crypto Custody Company, Recently Earned Cyber Security Recertifications as well as Smart Contract Validation

Brane Inc. | April 05, 2021

Brane Inc., a major cryptocurrency custody provider, has earned important cyber-security recertifications that validate the company's rigorous security and risk management procedures. Brane completed third-party validation of its Ethereum smart contract code, the technology that drives non-fungible tokens (NFTs), by auditor Solidified, in addition to recertification at ISO 27001 and 27017 and NIST level 4 standards by audit and certification firm BSI. "We are fully committed to security as our top priority, and these third-party certifications validate Brane as a world-class pioneer in secure cryptocurrency custody," said Chris Desjardins, Vice President, Product. "As cryptocurrencies grow more prevalent in the global economy, our clients and partners are certain that Brane is one of the most accredited, verified, and security-focused companies in the sector." "Brane's key benefit is the blend of bank-grade security and cutting-edge technology, both built on a fundamental view of blockchain's unique opportunities and challenges," said Dave Revell, a Brane board member, and former EVP and Global Chief Information Officer for CIBC. "Brane has created a custody solution that satisfies the needs of banks and other financial institutions as cryptocurrency acceptance grows." "Obtaining ISO and NIST certifications will take several years and millions of dollars for major businesses. Brane's fast completion of these certifications demonstrates the power of our blockchain-native technology and information security management systems "Brane's founder and Chief Innovation Officer, Patrick McLaughlin, made the announcement. "With this primary strategic advantage, Brane is the perfect partner for financial institutions looking for a truly safe, user-friendly solution for digital asset custody." "As Brane becomes a bank for the world's newest asset class, security and accountability are woven into our company's DNA," said Brane President Jerome Dwight, who previously led Bank of New York Mellon's Canadian operations. "By combining an exceptional internal team with partnerships with other business players, Brane is committed to retaining its place of Canadian and global supremacy in crypto custody services." About Brane Brane is a blockchain innovation company that was established in 2017. Brane assists companies in understanding and utilizing the potential of blockchain and digital assets. Brane Vault, the digital asset custody facility, is ISO 27001 certified – the first in the world with cryptocurrency in scope – ISO 27017 certified, and NIST Tier 4 certified – the first company in any industry in Canada to achieve such certification. Brane Vault provides advanced proprietary technology and processes for over 20 preliminary patents, as well as being fully insured from fraud and crime.

Read More

DATA SECURITY

With $15 Million Series A Funding, Symmetry Systems to Ramp Up Hybrid-Cloud Data Security

Symmetry Systems | June 24, 2021

A well-known provider of cutting-edge Data Store and Object Security (DSOS), Symmetry Systems, has announced a $15 million Series A funding round. ForgePoint Capital and Prefix Capital lead it. They are two premier venture funds, who are investing in transformative and foundational technologies. The investment will back the rapid growth of the company in customers, revenue, and employees. This newest funding round also highlighted participation from Symmetry Systems and Accenture Ventures is now part of their Project Spotlight, its engagement, and investment program that attaches developing technology software startups with the Global 2000 to fill planned modernization gaps. Moreover, this round comprises leading practitioners, such as Omkhar Arasarathnam, Engineering Director at Google Cloud; Sameer Sait, Chief Information Security Officer at Amazon-Whole Foods; David Tsao, VP of Security Engineering at Marqeta; Tom Gonser, Founder of DocuSign; and Bob Gleichauf, EVP at InQTel and ex-CTO at Cisco. Today, data spans across object stores, databases, and data lakes in today's hybrid cloud environment. As a result, developers, users, contractors, and supply-chain vendors all get information via a web of applications and roles. Flagship solution, DataGuard, of Symmetry Systems provides combined discernibility into data objects across all data stores, About Symmetry Systems Symmetry Systems delivers purpose-built Object Security (DSOS) and Data Store to provide complete visibility and combined access control. Born from the award-winning Spark Lab at UT Austin, Symmetry Systems DataGuard upholds power over data when all else fails, be it exploited insider identifications, malicious applications, or false positives in safety operations tools. Backed by foremost security investors Prefix Capital, DataGuard, and ForgePoint Capital was built with and for the most challenging security teams in healthcare, finance, and the US government.

Read More

Cyberattacks on Critical Infrastructures Witness Sharp Rise During the Pandemic

CISA | June 05, 2020

The coronavirus pandemic has spawned a huge increase in cyberthreats and attacks. While much of this is aimed at consumers, a lot has also targeted companies whose employees must now access critical infrastructure. CISA published a set of cybersecurity best practices for ICS, which the agency acknowledges are important for supporting critical infrastructure and maintaining national security. IT security professionals are much more worried about cyberattacks on critical infrastructure than they are about data breaches in the enterprise. The coronavirus pandemic has spawned a huge increase in cyberthreats and attacks. While much of this is aimed at consumers, a lot has also targeted companies whose employees must now access critical infrastructure, such as industrial control systems (ICS) and operational technology (OT) networks, from home.But that critical infrastructure, which keeps modern society going even during a pandemic, is seriously under-protected against cyberattacks, say recent reports from cybersecurity companies.“Critical infrastructure” means more than the obvious utility companies, water systems, and transportation networks. In defining essential workers during Covid-19-related lockdowns, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) lists 16 categories of critical infrastructure. Last month, CISA published a set of cybersecurity best practices for ICS, which the agency acknowledges are important for supporting critical infrastructure and maintaining national security. These attacks have been building for some time. A Siemens/Ponemon Institute study last October found that 56% of gas, wind, water and solar utilities around the world had experienced at least one cyberattack within the previous year that caused a shutdown or loss of operation data. Only 42% of respondents — those responsible for OT cybersecurity — said their cyber readiness was high, and only 31% said their readiness to respond to or to contain a breach was high. Smaller organizations were much less confident about their ability to take action. Read more: CISCO'S 6 UNPATCHED INTERNAL SERVERS COMPROMISED Our survey found the more integrated IT, OT, IoT and physical systems are, the greater the degree of security, but because they are so integrated, these systems are more vulnerable to attack. ~ said Carcano Since last year, a growing number of known threat groups have been specifically targeting electric utilities in North America, according to a January report from ICS/OT cybersecurity firm Dragos. In February, IT/OT cybersecurity firm Claroty discovered a new vulnerability related to the notorious Industroyer malware, used in the 2016 attack on the Ukraine power grid. Especially disturbing, the new vulnerability allows a DOS (denial of service) attack against protection relays used in electrical substations. A report Claroty published in March found that a clear majority of IT security professionals are much more worried about cyberattacks on critical infrastructure than they are about data breaches in the enterprise. That’s consistent among respondents in the U.S., the UK, Germany, France and Australia. CISA published a set of cybersecurity best practices for ICS, which the agency acknowledges are important for supporting critical infrastructure and maintaining national security. What’s less consistent is the gloomier outlook U.S. respondents have compared to their international counterparts about how much protection is still needed: more than half say U.S. critical infrastructure is vulnerable to attacks, versus 40% of international respondents. But all respondents agreed that electric power is by far the most vulnerable sector. Although some responses vary between domestic and international cybersecurity pros, “They’re more alike than they are different,” Claroty’s co-founder and chief business development officer Galina Antova, told EE Times. “There are some differences based on the vertical sectors, but even within them, a lot depends on the maturity of the security team. At the end of the day, what counts is the maturity of the security systems that team is implementing. On average, U.S. companies are ahead in the security curve when it comes to awareness and starting the implementation steps.” In the last three years, more companies have become actively engaged in implementing OT cybersecurity, said Antova. Organizational changes that give responsibility for OT security to the chief information security officer will mean that necessary alignments between IT and OT teams happen faster, and these are happening faster in the U.S. than in Europe. However, local legal structures also play a part. For example, in some verticals in Europe, the head of production for certain types of facilities has legal responsibility for the cybersecurity of those facilities, so there are some stricter regulations in Europe compared to the US. The joint survey by OT and IoT cybersecurity company Nozomi Networks and Newsweek Vantage interviewed C-level executives at critical infrastructure companies in North America, Europe, and the Asia/Pacific region. It found that 85% of respondents had experienced security incursions into OT networks. Of those, 36% began as incursions in IT or data systems and 32% were physical incursions into OT systems. Read more: GOOGLE TOP CHOICE FOR CYBERCRIMINALS FOR BRAND-IMPERSONATION SPEAR-PHISHING CAMPAIGNS

Read More

Spotlight

Official: organizations can no longer compete effectively while keeping Information Technology (IT) and Operational Technology (OT) separate. Although IT-OT converged ICS networks deliver many business benefits, they also challenge OT managers with new complexities, including the rise of cyber and operational risks, increasing w