Connect with us

Tech & Innovation

Boxes to tick when choosing a threat intelligence provider

For any chief information security officer (CISO) or IT lead, operating in today’s highly digitalized environment, not only are they tasked with establishing and maintaining the digital transformation efforts of their companies on a tight budget, they must also ensure that the company’s IT policy is compliant with the data protection regimes in the markets that they operate in.

Published

on

Photo by Igor Miske from Unsplash.com

By Yeo Siang Tiong
General Manager for Southeast Asia, Kaspersky

A long time ago in the cybersecurity space far far away, the choice of a threat intelligence service was often restricted to a handful of providers. Today, the cybersecurity industry in APAC is worth at least USD 30.45 billion and expected to grow at an annual rate of 18.3% from 2020 to 2025, with multiple cybersecurity vendors seeking a bigger slice of the proverbial pie. 

For any chief information security officer (CISO) or IT lead, operating in today’s highly digitalized environment, not only are they tasked with establishing and maintaining the digital transformation efforts of their companies on a tight budget, they must also ensure that the company’s IT policy is compliant with the data protection regimes in the markets that they operate in. 

Clearly, it is not an easy task to take, but little things like having the right threat intelligence service can make life easier. We have been hearing a lot about this for several years now. But what is it threat intelligence exactly and what you should be looking for in a threat intelligence service provider?

Turning intelligence into action

Let’s have a quick refresher. Threat intelligence is data collected and analyzed by an organization in order to understand a threat actor’s motives, targets, and attack behavior. It empowers organizations of all shapes and sizes to make faster, more informed security decisions and shifts their cybersecurity posture from reactive to proactive in the fight against breaches and targeted attacks. 

I am aware that there are a lot of free threat intelligence if one has a knack on researching. However, let me put it this way. A premium threat intelligence report or feed is like a special block screening of an amazing movie. You get the first dibs of the plot and perhaps get to know the characters even. Eventually, the film will be shown in major cinemas. Then after say, six months or more, it will land on several streaming services.

With us at Kaspersky, we provide comprehensive, real-time, organic, and actionable information on our premium threat reports and data feed which is why they are exclusive to the enterprises and organizations which have subscribed to our services. We see to it that we share such with the law enforcement agencies as well, because cooperation is key to fighting cybercriminals.

After a few months, we will then make such data available in public. Why is it not ideal to wait until the mass release of a threat report? Because it will allow you to act fast, to assess your risks, check your endpoints, fix the loopholes which they may exploit. Because knowing first-hand such critical information can save you money, reputation, and headache. Because proactive security is necessary at this time and age.

You may wonder why don’t we make our findings public to begin with? Let us remember here that public here means anyone – including them, cybercriminals. The last thing we want is to tip them off.

Aside from these, what else should you be looking for in a threat intelligence service provider?

  1. Check their sources

Threat intelligence should make your systems smarter through data feeds. To get the feeds you need sensors scattered all across the globe to ensure that your data is reflective of the real-time, global threat landscape. 

For example, our very own Threat Intelligence portfolio is powered by millions of Kaspersky’s global users who agreed to share their anonymized data. This huge network builds our Kaspersky Security Network (KSN) which collects more than 340,000 malicious files per day, allowing us to get rich information compared with firms with limited sensors and workforce.

  1. The data collection strategy needs to be GReAT

Speaking of human force, a threat intelligence service’s data collection strategy should be the most important factor to consider in your evaluation of their capabilities because they can only provide intelligence as far as the parameters of their data sources. Given that cybersecurity attacks are often transnational in nature, it is important that a vendor can source information globally and put pieces of the puzzle together in a way that makes sense for your IT staff. It should not be aggregated, it should be organic. It should also be critically monitored and studied by the brightest minds who can understand tactics, techniques, and procedures (TTPs).

To assess whether a threat intelligence service has such a capability, look at their research team and see what kind of campaigns that they have uncovered. For example, Kaspersky’s Global Research & Analysis Team (GReAT) found that the Lazarus APT group shifted their modus operandi to launch targeted ransomware attacks against businesses in Asia, extending as far as France in Q2 this year. 

  1. Check the visibility

I have already mentioned the borderless nature of cyberthreats. Hence the visibility of your provider should be another box you have to tick. Look into their Advanced Persistent Threat (APT) logbook and their database. Are they monitoring cyberthreats only from a particular country or region? Or do they have a global reach? Are there researchers only based in one country? Or do they have a network of experts scattered around the world? The answers for these questions are essential.

  1. The provider should understand the difference between intelligence and data 

At the heart of the debate between intelligence and data lies the concept of context. Assuming now you’ve got your data sources setup and information is feeding in from all corners of the globe, but you’re asking yourself the million dollar question: how do I know what is important and why is it important?

Things such as threat names, timestamps, resolved IPs addresses of infected web resources are useless on their own if they are not enriched with actionable context. When a relationship context is established, the data can be used more readily to answer the questions of “who”, “what”, “where”, “questions”. It is only at this point that data becomes the finished article – intelligence – and you now receive a boost to incident investigation, as well as uncover new Indicators of Compromise (IoC) in your IT network. 

  1. The ability to integrate is key

Integration can be a dirty word of the IT industry. With constant technological upgrades and the evolution of standards happening all the time, the ability to integrate new processes into existing IT operations is a never-ending challenge. 

Similarly, for threat intelligence, it is important that your service provider can provide delivery methods, integration mechanisms and formats that support smooth integration of threat intelligence into your existing security controls. 

The endgame 

The above-mentioned tips are just a few of the many other aspects you should consider when looking for a threat intelligence service, but they serve as a good stepping stone in bolstering your cybersecurity posture for now. With threats becoming increasingly complex and malicious, having the latest enterprise security programs are no longer sufficient. Adding threat intelligence to your arsenal of cybersecurity countermeasures will allow you to bring the fight to them. 

Tech & Innovation

Filipino-founded audio company finds growth globally amid a pandemic

H-Audio Technologies is an audio tech company founded in 2017 by a Filipino American whose primary purpose was to sell sports headsets to raise money for the troubled, underprivileged Filipino youth.

Published

on

The coronavirus pandemic has been a nightmare for millions of businesses in every sector; most especially with the audio industry. There has been nothing but losses for huge companies such as Danish brand Bang & Olufsen who saw over one year’s worth of losses every single quarter, and Bose closing over a hundred stores this past 2020. With millions of loyal customers jobless, manufacturing services and shipping costs at ridiculous prices, and cashflow drying up, many wonder how they will survive.

But amid all the unfortunate circumstances, some companies were lucky enough to strategically build their business model canvas to survive an economic crisis.

H-Audio Technologies is an audio tech company founded in 2017 by a Filipino American whose primary purpose was to sell sports headsets to raise money for the troubled, underprivileged Filipino youth.

“I was a troubled kid and a nutcase growing up, so I pretty much know what these kids are going through on a day-to-day basis, and why they make the bad choices that they choose,” says founder Marcelle Marcelino, a veteran radio broadcaster and music industry veteran in the Philippines.

“I tried the white labeling route where I would ask get an already made product and stamp my logo on it, but unfortunately being a DJ and studio sound engineer for over two decades, I was never satisfied with the outcome. So I did what most would not do, fly around various cities, meet with manufacturing plants, and source every part that I needed to create a pretty solid product in terms of sound and durability.”

Going on its fourth year this June, H-Audio has already collaborated with major brands and companies such as Coca-Cola, Huawei, Philippine Airlines, and even the likes of Kobe Bryant who needed their own audio components and products manufactured for them.

On the other side of the spectrum, H-Audio currently has their own products in major retail stores such as Urban Gadgets, Power Mac Center, The Listening Room, and many others nationwide, such as the PH3, a Filipino designed active noise cancelling headphone whose majority proceeds (60%) goes towards animal welfare & programs to help the troubled Filipino youth.

They also are not stopping there with growth and expansion as their primary driver, H-Audio has been very busy the past year forming a solid partnership with a US-based company, The Four Pillars Company; a service supplier for multi-family, hospitality, and healthcare buildings. Some of their biggest current projects together this 2021 is innovating student housing projects and hotels with their customized audio mirrors, multimedia tables, and other products specifically made for their current on-going projects in Florida, Utah, and Alabama.

“The Four Pillars Company is proud to partner with H- Audio. The most valuable part of our partnership with H-Audio is their vision of infusing technology and audiophile-quality sound into everyday products. H-Audio has an eye for detail and design that creates excellent user interfaces for our clients.  Lastly, their vision to produce products that aren’t available from other manufacturers keeps us several steps ahead of our competition,” says J. Ryan Barrett, President and CEO of The Four Pillars Company.

Taking more giant leaps, H-Audio has also been in negotiations with a certain Brazilian company to open H-Audio Brazil by the end of 2021, along with its current trajectory to expand operations in Australia; all for the goal of having more people worldwide experience high quality audio products at a very fair price.

Definitely something a lot of us who have to stick to budgeting our expenses during what seems to be a never ending pandemic, really need.

For more information on H-Audio Technologies, head to the company’s Facebook page; Instagram account; and YouTube channel.

Continue Reading

Tech & Innovation

4 Things that make people feel good about using chatbots

A recent study identified four factors that predict user satisfaction with customer service chatbots. The study also found that a positive chatbot experience was associated with customer loyalty, highlighting the potential importance of the findings to corporate brands.

Published

on

Photo by @cottonbro from Pexels.com

A recent study identified four factors that predict user satisfaction with customer service chatbots. The study also found that a positive chatbot experience was associated with customer loyalty, highlighting the potential importance of the findings to corporate brands.

“Chatbots that use artificial intelligence to address customer needs are already in widespread use, and are expected to become even more common over the next few years,” says Yang Cheng, corresponding author of the study and an assistant professor of communication at North Carolina State University. “We wanted to know how these chatbots are affecting the user experience and how they affect the way consumers feel about brands.”

For this study, researchers conducted a survey of 1,064 consumers in the US who had used a chatbot from at least one of the 30 US brands with the most highly regarded chatbot services. These brands represent industries ranging from fashion to food to software.

The researchers found there were four attributes that positively predicted user satisfaction with a chatbot.

1. The most powerful predictor was convenience.

Cheng says: “If people thought chatbots were fast and efficient, they were more likely to be satisfied. I can sympathize with those people – I hate talking to customer service and being transferred from one person to another.”

2. Focus on iInformation.

It matters if the chatbot provided information that was useful and relevant to the user.

3. Entertainment counts.

It also matters if interacting with the chatbot was pleasant or fun.

4. Social presence.

Lastly, if the chatbot made users feel like they were interacting with an intelligent being, they are more prone to using chatbots.

But one factor was associated with reduced customer satisfaction: perceived privacy risk.

Specifically, if users felt that the information they were sharing with the chatbot could be misused, they were more likely to report being dissatisfied with the chatbot service.

“Companies need to pay attention to these results as they invest in AI-driven chatbot services,” Cheng says. “Because we also found that a customer’s satisfaction with their chatbot experience was associated with the customer’s loyalty toward the relevant brand. This really highlights the importance of taking steps to protect consumer data – and ensuring that chatbot services are convenient, fun and helpful.”

The paper, “How Do AI-driven Chatbots Impact User Experience? Examining Gratifications, Perceived Privacy Risk, Satisfaction, Loyalty, and Continued Use,” appears in the Journal of Broadcasting & Electronic Media. The paper was co-authored by Hua Jiang of Syracuse University.

Continue Reading

Tech & Innovation

Dell Hybrid Client delivers increased flexibility to employees and IT

As the world’s first client computing software with hybrid cloud management, enabling easy access to applications and data regardless of where they live – in the public cloud, private cloud or on the user’s device.

Published

on

Dell Technologies unveiled Dell Hybrid Client to meet the changing needs of businesses, end users and IT. Dell Hybrid Client is a centrally managed client software solution that is ready to deploy with select Dell mobile and desktop devices, helping employees get to work quickly with a consistent experience. As the world’s first client computing software with hybrid cloud management, enabling easy access to applications and data regardless of where they live – in the public cloud, private cloud or on the user’s device. 

In an increasingly cloud connected world, organizations need to easily deploy and maintain data and applications from a variety of locations without burdening IT teams or hindering employee productivity. Dell Hybrid Client simplifies and personalizes the user and IT experience while still providing security and flexibility across devices and work environments. Features like built-in everyday productivity applications, browser security, and others are available out-of-the-box and managed through the cloud empowering employees to work how and where is best for them. 

“At the core of Dell Hybrid Client sits an elevated experience for both employees and IT teams,” said Brooke Huling, vice president, Modern Computing Solutions Group, Dell Technologies. “For employees, Dell Hybrid Client delivers the same, personalized experience regardless of the device you chose to work on. Everything you need is at your fingertips. For IT, we’ve opened access to multiple clouds enabling experiences to be scaled and customized for workforces at rapid pace.” 

“Our recent study on remote work readiness revealed that employees across APJ had difficulties accessing internal company resources while working from home,” said Jean-Guillaume Pons, vice president, Client Solutions Group, Asia Pacific, Japan and Greater China, Dell Technologies. “Today, as APJ organizations continue scaling their technologies to help employees remain engaged and productive, it is important to ensure employees can easily access the applications and data they need, without compromising security. Dell Hybrid Client can help both organizations and employees, regardless of working locations and the devices they use.“

“Dell Hybrid Client has the potential to be a game-changing offering,” said Rob Enderle, President and Principal Analyst, Enderle Group. “The new work from anywhere environment coupled with the need to support virtual, local and cloud apps means we’re approaching a window of opportunity for a new client computing solution. Dell has the breadth and reach to drive such a shift in the industry.” 

How it works

Dell Hybrid Client begins with single sign-on where users will find their personalized desktop interface and all their applications, whether in the cloud or virtual. This first-of-its-kind solution provides: 

  • Security at every touchpoint: Securely scale to thousands of users while still protecting employee and company data through built-in features including system lockdown, secure boot, user file encryption and more. 
  • Simplified Workflow: Your workday doesn’t need to be interrupted as users have secure access to web and virtual applications from Citrix, VMware and Microsoft and various storage locations.
  • Optimized Productivity: Zoom or Microsoft Teams clients run locally, enabling faster collaboration while helping reduce strain on IT infrastructures. 
  • Consistent Experience: With an enhanced “Follow-me” feature, users will find their applications and data on any supported desktop interface – even after changing devices. 
  • Flexibility in Cloud Providers: Organizations can embrace a more flexible mindset by supporting and seamlessly integrating from Wyse Management Suite’s multiple cloud vendors including, Google Cloud and Microsoft Azure.
  • Comprehensive Software Support: With ProSupport, Dell Hybrid Client users receive proactive resolution. With automatic alerts and case creation, remote diagnosis and access to ProSupport engineers, employees can experience little to no downtime and IT can proactively support business needs. 

Dell Hybrid Client is currently available across a variety of desktop, VDI and mobile form factors – including the OptiPlex 7090 Ultra, OptiPlex 3090 Ultra, Wyse 5070 and the new Latitude 3320.  

The latest Dell Hybrid Client is available on 3/26. 

Continue Reading
Advertisement
Advertisement

Like us on Facebook

Trending