Connect with us

Tech & Innovation

Boxes to tick when choosing a threat intelligence provider

For any chief information security officer (CISO) or IT lead, operating in today’s highly digitalized environment, not only are they tasked with establishing and maintaining the digital transformation efforts of their companies on a tight budget, they must also ensure that the company’s IT policy is compliant with the data protection regimes in the markets that they operate in.

Published

on

Photo by Igor Miske from Unsplash.com

By Yeo Siang Tiong
General Manager for Southeast Asia, Kaspersky

A long time ago in the cybersecurity space far far away, the choice of a threat intelligence service was often restricted to a handful of providers. Today, the cybersecurity industry in APAC is worth at least USD 30.45 billion and expected to grow at an annual rate of 18.3% from 2020 to 2025, with multiple cybersecurity vendors seeking a bigger slice of the proverbial pie. 

For any chief information security officer (CISO) or IT lead, operating in today’s highly digitalized environment, not only are they tasked with establishing and maintaining the digital transformation efforts of their companies on a tight budget, they must also ensure that the company’s IT policy is compliant with the data protection regimes in the markets that they operate in. 

Clearly, it is not an easy task to take, but little things like having the right threat intelligence service can make life easier. We have been hearing a lot about this for several years now. But what is it threat intelligence exactly and what you should be looking for in a threat intelligence service provider?

Turning intelligence into action

Let’s have a quick refresher. Threat intelligence is data collected and analyzed by an organization in order to understand a threat actor’s motives, targets, and attack behavior. It empowers organizations of all shapes and sizes to make faster, more informed security decisions and shifts their cybersecurity posture from reactive to proactive in the fight against breaches and targeted attacks. 

I am aware that there are a lot of free threat intelligence if one has a knack on researching. However, let me put it this way. A premium threat intelligence report or feed is like a special block screening of an amazing movie. You get the first dibs of the plot and perhaps get to know the characters even. Eventually, the film will be shown in major cinemas. Then after say, six months or more, it will land on several streaming services.

With us at Kaspersky, we provide comprehensive, real-time, organic, and actionable information on our premium threat reports and data feed which is why they are exclusive to the enterprises and organizations which have subscribed to our services. We see to it that we share such with the law enforcement agencies as well, because cooperation is key to fighting cybercriminals.

After a few months, we will then make such data available in public. Why is it not ideal to wait until the mass release of a threat report? Because it will allow you to act fast, to assess your risks, check your endpoints, fix the loopholes which they may exploit. Because knowing first-hand such critical information can save you money, reputation, and headache. Because proactive security is necessary at this time and age.

You may wonder why don’t we make our findings public to begin with? Let us remember here that public here means anyone – including them, cybercriminals. The last thing we want is to tip them off.

Aside from these, what else should you be looking for in a threat intelligence service provider?

  1. Check their sources

Threat intelligence should make your systems smarter through data feeds. To get the feeds you need sensors scattered all across the globe to ensure that your data is reflective of the real-time, global threat landscape. 

For example, our very own Threat Intelligence portfolio is powered by millions of Kaspersky’s global users who agreed to share their anonymized data. This huge network builds our Kaspersky Security Network (KSN) which collects more than 340,000 malicious files per day, allowing us to get rich information compared with firms with limited sensors and workforce.

  1. The data collection strategy needs to be GReAT

Speaking of human force, a threat intelligence service’s data collection strategy should be the most important factor to consider in your evaluation of their capabilities because they can only provide intelligence as far as the parameters of their data sources. Given that cybersecurity attacks are often transnational in nature, it is important that a vendor can source information globally and put pieces of the puzzle together in a way that makes sense for your IT staff. It should not be aggregated, it should be organic. It should also be critically monitored and studied by the brightest minds who can understand tactics, techniques, and procedures (TTPs).

To assess whether a threat intelligence service has such a capability, look at their research team and see what kind of campaigns that they have uncovered. For example, Kaspersky’s Global Research & Analysis Team (GReAT) found that the Lazarus APT group shifted their modus operandi to launch targeted ransomware attacks against businesses in Asia, extending as far as France in Q2 this year. 

  1. Check the visibility

I have already mentioned the borderless nature of cyberthreats. Hence the visibility of your provider should be another box you have to tick. Look into their Advanced Persistent Threat (APT) logbook and their database. Are they monitoring cyberthreats only from a particular country or region? Or do they have a global reach? Are there researchers only based in one country? Or do they have a network of experts scattered around the world? The answers for these questions are essential.

  1. The provider should understand the difference between intelligence and data 

At the heart of the debate between intelligence and data lies the concept of context. Assuming now you’ve got your data sources setup and information is feeding in from all corners of the globe, but you’re asking yourself the million dollar question: how do I know what is important and why is it important?

Things such as threat names, timestamps, resolved IPs addresses of infected web resources are useless on their own if they are not enriched with actionable context. When a relationship context is established, the data can be used more readily to answer the questions of “who”, “what”, “where”, “questions”. It is only at this point that data becomes the finished article – intelligence – and you now receive a boost to incident investigation, as well as uncover new Indicators of Compromise (IoC) in your IT network. 

  1. The ability to integrate is key

Integration can be a dirty word of the IT industry. With constant technological upgrades and the evolution of standards happening all the time, the ability to integrate new processes into existing IT operations is a never-ending challenge. 

Similarly, for threat intelligence, it is important that your service provider can provide delivery methods, integration mechanisms and formats that support smooth integration of threat intelligence into your existing security controls. 

The endgame 

The above-mentioned tips are just a few of the many other aspects you should consider when looking for a threat intelligence service, but they serve as a good stepping stone in bolstering your cybersecurity posture for now. With threats becoming increasingly complex and malicious, having the latest enterprise security programs are no longer sufficient. Adding threat intelligence to your arsenal of cybersecurity countermeasures will allow you to bring the fight to them. 

Tech & Innovation

4 Ways to create a website for a small business

Here are four different ways to consider for creating or updating a business website, along some pros and cons of each approach.

Published

on

Being online in today’s digital world is crucial to help a business get noticed.  Whether starting a new business, getting an existing business online or launching an updated website, building the right website is important to help drive success for online business growth.

But if you are just getting started, or do not consider yourself as “technically minded”, the choices of online tools and solutions available today may seem overwhelming.

Here are four different ways to consider for creating or updating a business website, along some pros and cons of each approach.

1. Use a website builder tool

If you would like to build a website yourself, there are many tools and solutions available on the market today that are designed as easy to use and affordable online solution tools. If you are looking to create a website focused on providing customers with information about your business and offerings or how to find your retail business, then this can be a great option.

An advantage of using a website builder is that it allows you to create your own website without having to learn to code. By using templates and an interface that is mobile optimized, you can create a website that suits your unique business, which can be easily updated to keep the content fresh and interesting.  

GoDaddy Website Builder tool also includes an ecommerce builder to create a beautiful online store to sell products and services. With this tool, up to 1,500 products can be uploaded to an online store, and have flexibility to choose payment and shipping methods that work for your customers.

2. Use WordPress with thousands of unique plug-ins

WordPress is a content management system (CMS), which offers thousands of unique themes and plug-ins to customize a robust website with unique presentations for your business and its products and services.

Using WordPress can be more complex than using a website builder tool, so having some technical skills can be helpful if deciding to use WordPress to create your website. It is possible to reduce the amount of technical know-how needed to create and maintain a WordPress site with WooCommerce by opting for a managed WordPress hosting package, like the one offered by GoDaddy.  If you choose this, things like updates to the WordPress CMS will be handled automatically, as well as security protections like daily backups and SSL Certificates for your website.

3. Build your own website from scratch

If you feel comfortable designing and coding your own business website from scratch, this choice might work for you. If you choose to build your own website from scratch, it is important to be realistic about what you can achieve and how quickly you can achieve it.

Web designers spend years learning their craft, so don’t expect that you’ll be able to build a large, complex website with just a few weeks of taking an online course under your belt. That said, with persistence and dedication, this choice might be right for you and your business. And, if you have been considering web design, this way might be an opportunity to learn how to code a website, along with creating a website for your business.

4. Choose a web designer to build your small business website

If you are looking to create a large, powerful website packed with unique features, and feel that you do not have the skills nor the time to create a website for your business, then this might be the way to go.

To help determine you are choosing the right web designer for your needs, look at examples of a designer’s previous work, and reputable designers should be happy to put you in touch with past clients so you can get a true idea of their ability. Choosing this way to build your business website may be more costly than some of the other ways, yet it can allow you to focus on your business, while a professional builds your website. 

GoDaddy offers an integrated suite of online products ranging from domain names, hosting, website builder, digital marketing, professional email, security protections and an online store. GoDaddy offers 24/7 customer support to help guide customers in the growth of their business online, and to find the tools that best meet their needs.

See how GoDaddy can help your small business build a professional website on ph.GoDaddy.com.

Continue Reading

Strategies

4 Tips on doing business in a digital world

Doing business in a digital world requires end-to-end approach.

Published

on

By Lesley Salmon
Kellogg Company SVP, Global Chief Information Officer

It’s no secret that technological advances will continue to improve consumers’ experiences. While CIOs will always be responsible for keeping their organizations safe, secure, and sustained, successful businesses must harness the power of new digital solutions to drive better business decisions, and outcomes and ultimately grow the business.   

Depending on who you ask, doing business in a digital world can mean different things. To some, it means adopting consumer-facing digital offerings like e-commerce, mobile apps, and digital marketing; to others, it means digitizing operations and processes internally. To continuously evolve and adapt to forever-changing consumer expectations, CIOs must take an end-to-end approach to digital – focusing on four areas:  People, Process, Technology, and Data & Analytics. If you do this, you will realize the value it can add to your organization. 

1. Focus on your people.

For me, it’s all about people – having the right people delivering through great partnerships with the key stakeholders across the business, understanding their needs, pre-empting, and then responding to them. A recent Gartner poll stated that talent is a top challenge for CIOs in 2022. To attract and retain the right people, we need to satisfy their hunger to experiment, fail fast and learn.

When our Kellogg IT team told us they didn’t see enough growth opportunities, we knew we needed to take a new approach to learning and development. We built our Year of Development Always (YODA) initiative with a vision to cultivate our childhood curiosity and an eagerness to learn. We created several tracks in the program for technical training, career strategies, and shadow programs to help our colleagues learn and explore new facets of the overall IT function.  The program has seen great results, team engagement is at an all-time high.

2. Don’t frown on the word process; embrace it.

When we think of ‘process,’ many people immediately imagine a rigid and inflexible approach. I challenge this perspective – we sometimes have to slow down, to speed up. Processes can be flexible while still providing structure for business growth – they’re what drive progress every day!

Part of doing this is closely linked with People because Process can be about engaging business colleagues at the right time with the right solutions. Being a trusted partner means bringing the company along the digital journey with us, which is essential for our future success.

3. Integrate technologies that delight consumers and drive better business outcomes.

We know that building scale and leveraging our platforms will deliver value for the business, but what about delighting our consumers?

In 2020 a team member attended an event and learned that more than 2 million people in the UK live with sight loss and cannot simply read the information on packaging. It sparked an idea to add NaviLens technology to our packaging, allowing visually impaired people to access all of the information on our packaging via their smartphones – either by having it played aloud or by using accessibility tools.

We partnered with our Packaging and Design team and launched a successful pilot making Kellogg the first ‘food’ company in the world to include NaviLens technology on our packaging.

Our company’s purpose is for everyone to have a place at the table, and we want all consumers to be able to access important information about the foods we sell.

4. Making better business decisions with data and insights.

Data has always been available but never in the abundance that it is today. While CIOs may not manage every corporate data program, the IT function is critical in ensuring commercial and functional teams understand what data is available and use it to fuel insight-driven actions.  

At Kellogg, we’ve re-imagined our data & analytics approach and focus on data ownership, quality, ethics, and governance. This is the recipe for making better business decisions.  

The real magic happens when you join forces with other business areas, like Marketing, to combine our insights and analytics capabilities with innovation, e-commerce, and more. This has allowed us to create a rich omnichannel experience that ensures we have the right foods, attractive pricing, and tailoring the right message to our diverse consumers.  

Freeing data from silos is critical to meet consumer needs and preparing for the future consumer experience. We recently commissioned research that looks at what consumer shopping trends we can anticipate by 2035; we are making investments to prepare for those consumer expectations.

For example, in 2035 and beyond, the retail environment will fit the needs of each shopper. Shoppers will see the personalization of products and shopper journeys as a baseline expectation to fit their unique attitudes and needs. Traditional online and offline environments will become increasingly integrated, supplemented with AI and innovative technologies to offer data-driven capabilities. 

Final thought…

Digital is the driving force behind any business, and IT is in the driver’s seat. Commercial business leaders can and should partner with their IT teams to help prepare for digital shifts to create more personalized experiences that create brand affinity.

Continue Reading

Tech & Innovation

5 Tech trends that will shape businesses in 2022

Here are the tech trends that businesses need to look out for this 2022 as listed by SAP SE. 

Published

on

Over the last two years, organizations of different sizes and industries have realized, even more, the critical role technology and innovation play in business and society. The latest developments in technology provided more ways to ensure more connected enterprises, enabling them to survive and thrive amid the ‘never normal.’

However, these advancements in technology have just begun. As organizations prepare for the post-pandemic world, technologies that have been introduced in recent years are expected to continue evolving. The latest advances will also further transform how people interact and work. 

Here are the tech trends that businesses need to look out for this 2022 as listed by SAP SE

Embracing Digital Transformation

Since the pandemic started, the speed at which digital transformation is fundamentally changing the business landscape has dramatically increased. The developments that could have happened in a decade or so were made possible overnight in many industries.

In the Philippines, the digital sector contributes significantly to its economy. This reality indicates that organizations in the private and public sectors will continue strengthening their digital transformation initiatives. Backed by strong government support, these transformations can unlock PhP5 trillion worth of economic value by 2030, according to a recent AlphaBeta and Google report.

Nurturing Sustainability

Nowadays, embracing sustainability has become an integral part of organizations, with business leaders considering it a strategic priority. Aside from top and bottom-line, forward-looking organizations add sustainability and even purpose as dimensions to driving business success. 

Among these organizations is Metro Pacific Investments Corporation (MPIC). As a leading infrastructure investment company, MPIC commits to contribute to the achievement of the 17 United Nations Sustainable Development Goals (SDGs), particularly SDG 9, which seeks to ‘build resilient infrastructure, promote inclusive and sustainable industrialization, and foster innovation.’

Recently, MPIC strengthened its digital core as it embraced cloud solutions that can help consolidate, modernize, and standardize its enterprise resource (ERP) systems on a single platform. The integration into the cloud is part of the group’s sustainability philosophy of integrating business and environmental stewardship into their investment strategies. It helps improve its operations and augment sustainability initiatives, especially since SAP, MPIC’s technology partner, embeds sustainability into its core business processes.

Meanwhile, consumers are making apparent shifts to more sustainable products and services. According to a Kantar report, 75 percent of Filipino consumers seek out brands that offer ways to alleviate impacts to the environment. Even employees now make career choices based on their employer’s responsibility towards the planet. Thus, it is now even more integral to invest in innovation that considers environmental welfare while fostering economic and social development.

Integrating Decision Intelligence, Hyper-automation

In the Philippines, the Department of Trade and Industry noted that Artificial Intelligence (AI) adoption can increase the country’s gross domestic product (GDP) by 12 percent or equivalent to $92 billion by 2030.

Digital tools like AI, including augmented analytics and simulations, make “Decision Intelligence” a realistic approach to improve organizational decision-making. Each choice or decision in such a system result from multiple process iterations, refined with the help of analytics and data intelligence. With these digital tools, decision intelligence may support and enhance human decision-making and potentially automate it, hence augmenting organizational processes to be more efficient.

Meanwhile, scalability, remote operation, and business model disruption are also becoming possible with the use of Hyper-automation. Before the pandemic, businesses have been automating many processes through technologies like Robotic Process Automation (RPA). This trend will continue to grow for automating business and IT activities using a disciplined, business-driven approach. 

Rising Low-Code, No-Code Tech 

As content creation becomes even more relevant, graphic and website designs have been streamlined so users can simply “drag” and “drop” elements to create engaging content. This trend will extend to no-code AI, where users can create systems by simply “dragging” and “dropping” ready-made modules, removing the “programming language” barrier through simple interfaces. Consequently, it will allow users to create complex and robust AI systems.

Ensuring Total Experience (TX) 

Due to the pandemic, organizations needed to have an excellent Total Experience (TX) strategy or a holistic program that combines customer, user, and employee experiences. With this strategy in place, organizations can help enhance customer satisfaction and employee productivity. 

Organizations need to focus on weaving in these experiences instead of working on them individually to help ensure that they will be more satisfied as teams that work as an integrated unit. This trend is expected to continue as businesses eliminate communication and process silos and emphasize providing unified experiences to their employees remotely working while interacting with customers.

Collaborating with a Technology Partner

As these trends arise, organizations need a technology partner to help them achieve their business goals this year and beyond. For SAP, embracing technology means ensuring that the organization becomes an intelligent enterprise. 

As a technology partner for businesses in the country, SAP helps make it easier by offering solutions like Rise with SAP, an intelligent enterprise framework to help kickstart businesses’ digital transformation journey. In the Philippines, MPIC is the first organization to adopt this cloud technology through this Business Transformation as a Service (BTaaS), offering consolidated solutions and services needed for business transformation in one package.

Rise with SAP also includes SAP and its whole ecosystem of partners assisting organizations in changing at their own terms and pace to be an intelligent and sustainable enterprise by simplifying engagement and providing a guided journey.

Continue Reading
Advertisement
Advertisement

Like us on Facebook

Trending