Show News


25 Jul 2019

3 ways to secure your business against future cyber threats

James Orme

Ahead of his presentation at Cloud Expo Asia in Singapore, Steve Ng, Lead, digital platform operations at Mediacorp Singapore, explains how organisations can prime themselves for evolving cyber threats.

Cyber security is a challenging field with a broad spectrum of technologies, threats, processes and zero-day exploits, one where both good and bad actors are searching for vulnerabilities. Bad actors create exploits to compromise the system, while good actors try to confirm the vulnerabilities and create patches to fix or circumvent them.

Technology adoption, skill improvement and vendor partnerships and collaboration are critical if organisations are to manage these evolving challenges and maintain high-security posture and hygiene. If companies stand still, they will become easy targets for cyber criminals to scout, monitor, and plant malware sleeper cells that can be weaponised to conduct a pre-planned and coordinated cyberattack in their environment.

One example is the WannaCry ransomware that spread across the globe and weaponised in May 2017. WannaCry affected more than 200,000 computers across 150 countries. Through this incident, companies and cybersecurity professionals have accepted that there will likely be more advanced zero-day exploits in the future.


With the improvements in technology, including AI and machine learning (ML) and the availability of cheaper cloud resources, both good actors and bad actors can gain a significant advantage.

For instance, bot attacks are a popular cyber weapon which are cheap to use, easy to rent, modify and deploy, and can be quite effective in bringing down digital properties. For attackers, they are very cost-effective and offer a good return on investment.

However, cyber defences harnessing AI and behavioural pattern ML can effectively slow and neutralise a botnet attack. AI can quickly learn attack patterns and apply rules that challenge these botnet requests in the outer perimeter, rendering them ineffective in carrying their payload and penetrating environments.

Indeed, AI and ML are being adopted into many cyber security software solutions to improve continuous monitoring and early detection of potential cyber threats.

AI can survey the digital environment and perform abnormality scanning and detection of suspicious activities, collect data evidence and escalate it to cybersecurity professionals and investigators so they can review and prescribe appropriate actions. Robotic process automation (RPA) can also help automate this workflow and its processes, including data collection and data transfer.

While some of these technologies are quite recent, others like blockchain have been around much longer, popularised by Bitcoin, Ethereum and other crypto blockchains. Blockchain can help to secure logs and evidence for forensics, through validating transactions with consensus algorithms.

We have to look into new technologies and piece them together into a bespoke solution suitable for each use case like a puzzle.


Back in the day, developers had to learn new programming languages to code smart contracts for blockchain, with tools like Bitcoin Script, Simplicity, Solidity and Rholang, and they also had to learn how to instantiate new consensus nodes to join the main net to participate in various consensus algorithms. But, in the last few years, new tools to write, deploy and operate decentralised applications have emerged.

Many public cloud service providers also provide Blockchain-as-a-Service (BaaS) offerings that allow customers to leverage cloud-based solutions to build, host and use their own blockchain apps, smart contracts and functions on the blockchain, while the provider manages all the necessary tasks and activities to keep the infrastructure agile and operational. Both these improvements have made blockchain adoption for both startups and enterprises more feasible.

Likewise, all the major cloud service providers provide AI and ML services including image and video recognition, speech-to-text transcription and translation, text-to-speech, voice recognition and tagging, and so on, enabling startups and enterprises to jumpstart their AI journeys.


Forging the appropriate technology solution that addresses critical gaps is vital to ensuring threats and vulnerabilities are kept to a minimum. To establish a bespoke technology stack, organisations must understand the gaps in their security posture and identify the technology requirements needed to upgrade it.

The first gap to identify is which of these new technologies is a core competency for the organisation. For core competency requirements, the organisation must identify technology leadership and resources to acquire, develop, evangelise and manage the long-term roadmap.

The next gap is developing a technology transition program that leads the organisation into a change management process, one that plans the sunset of legacy technology stacks while developing capabilities and competencies in new processes and solutions.

The third gap is in human resource development by retraining and upskilling the existing workforce to take on new processes and solutions. Unfortunately, many organisations usually lack vision and execution in this area.

Skills, workforce and culture

People are the key ingredient in ensuring successful recovery from a cyberattack. Working in a community, sharing data and comparing various approaches to solving different problems are good practices for improving the security baseline.

Regular training and conferences are also critical to upkeep the skill sets and experience of cybersecurity professionals. As technology, platforms and systems evolve at a rapid pace, maintaining skill sets and sharing experiences among the community becomes an essential task.

It is important to acknowledge that cyber security field contains many knowledge domains and most people have some specialised skills in certain areas, whether cryptography and PKI, security architecture and models, or business continuity and disaster recovery planning.

To harness these skills, organisations should adopt both the generalist and specialist approaches and create a team of first responders with broad skill sets that are supported by teams of deeply skilled domain specialists. This allows the teams to cross develop critical skillsets like incident response, troubleshooting and investigations. Job rotation is also another option to move teams into different domains to expand their knowledge and skills.

Lastly, executive support is also vital for any large scale deployments to succeed, especially security-related initiatives with new leading-edge solutions, but ambassadors must also show and tell the value proposition of these solutions to all stakeholders to get their questions answered and gain acceptance. Having an organisation-wide growth mindset is critical to successfully implementation.

Vendor collaboration

Third-party partnership/collaboration with cybersecurity vendors is the final piece in the puzzle.

Not only can vendor partnerships help companies gain an all-in-one solution stack, but vendors generally have first-hand news and information from their threat intelligence and feeds. Partnering with them thus helps organisations prepare for possible zero-day attacks on their environments and further enhances their skills and experience in handling severe threats.

Get your free ticket to attend Steve Ng's speaking session now! 


View all Show News

Latest News

2019 Sponsors

Diamond Sponsor

  • Huawei Technologies

Theatre Sponsors

  • Netpoleon
  • McAfee
  • Senetas

VIP Lounge Sponsor

  • Cyfirma

Platinum Sponsors

  • Cloudfare
  • McAfee

Platinum Sponsors

  • Pacific Tech
  • Sophos

Gold Sponsors

  • Aversafe
  • Barracuda
  • BlackBerry Cylance
  • Cato Networks
  • CISCO Meraki

Gold Sponsors

  • Forcepoint
  • Forescout
  • Fortinet
  • IBM

Gold Sponsors

  • Retarus
  • Silver Peak
  • Singtel
  • Telstra
  • Zscaler

Silver Sponsors

  • Halodata
  • Tindo Group
  • Hillstone Networks
  • A10 Networks
  • 689 Cloud
  • Checkpoint
  • Nozomi Networks

Silver Sponsors

  • Alsid
  • Aqua
  • Aversafe
  • ICE71
  • Illumio
  • CyberArk

Silver Sponsors

  • Darktrace
  • Radware
  • Endpoint
  • NSFocus
  • Techfindr
  • Qulays
  • Centrify

Silver Sponsors

  • Git Lab
  • Jetico
  • Senetas
  • Sonic Wall
  • Terrabit Networks
  • BluePIsh
  • Keyless

Silver Sponsors

  • IntSights Cyber Intelligence
  • Kanguru
  • Thales
  • Tufin
  • Uniscon GmbH
  • Senhasegura
  • OneKIY

Silver Sponsors

  • WatchGuard
  • Groundlabs
  • Jiransoft
  • Horanji
  • ViewQuest
  • Zimperium
  • Seconize

Bronze Sponsors

  • ALC
  • AnqLave
  • Utimaco
  • Axway
  • Digital Shadows
  • KeyOptions
  • Zetaris Pty Ltd

Bronze Sponsors

  • AlgoSec
  • Cyberint
  • PT Sydeco
  • AppviewX
  • Netskope
  • Business Intelligence Technologies

Bronze Sponsors

  • HackEDU
  • HaltDos
  • Cyber Intelligence House
  • Tenable
  • Noviflow
  • M2M Connectivity

Bronze Sponsors

  • Hyperg Smart Technology
  • Iconz
  • Proficio
  • SecneurX
  • NSecured
  • Nexright

Bronze Sponsors

  • Icyberwise
  • Privasec
  • Ubiq Security
  • UCWare
  • PI Exchange
  • Bitglass
  • Exclusive Networks

Bronze Sponsors

  • ITEL Learnings Systems (S) Pte Ltd
  • NTUC LearningHub
  • TransWARE
  • Plott
  • Wilson A.I Pty Ltd
  • Wiredhands
  • Audacix

2019 Partners

Knowledge Partner


News Distribution Partner

  • ACN Newswire

Associate Content Partner

  • Uptime Institute

Strategic SEO Partner

  • AdVantage

Strategic Event Partner

  • ISC2

Event Partners

  • AiSP
  • ARC Advisory
  • Asia Cloud Computing Association (ACCA)
  • Asosiasi Cloud Computing Indonesia
  • Fintech Association of Hong Kong
  • Accelerating Asia

Event Partners

  • Best Practice of eCommerce
  • BigDataX
  • CMO Council
  • La French Tech
  • ASME

Event Partners

  • Practical DevSecOps
  • Digital Advertising Association Thailand (DAAT)
  • DevOps Institute
  • Forrester
  • Singapore Chamber of E-Commerce
  • Plug And Play
  • Co Creation Lab

Event Partners

  • IASA
  • IPI Singapore
  • itSMF
  • IFMA
  • European Data Centre Association
  • GS1

Event Partners

  • KinerjaBisa
  • Logistics & Supply Chain Management Society
  • Michael Page
  • NexChange
  • SG Tech

Event Partners

  • Singapore Cyber Security Consortium (SGCSC)
  • Structure Research
  • General Assembly
  • Open Connectivity Foundation
  • Smart Asia India

Media Partners

  • APSM
  • Asia Blockchain Review
  • Asia Research News

Media Partners

  • Australian Cybersecurity Magazine
  • Australian Security Magazine
  • BizClik Media
  • European Data Centre Association

Media Partners

  • Chief IT
  • CIO Advisor APAC
  • Cross Border Magazine
  • AI Time Journal

Media Partners

  • CryptoNewsZ
  • Cyber Security ASEAN
  • Asia Content News
  • Enterprise Security Magazine

Media Partners

  • Data Storage ASEAN
  • e27
  • Fintech Finance
  • CMO Asia
  • GovTech SEA

Media Partners

  • Jumpstart Media
  • My Security Media
  • Retail CIO Outlook
  • Cybersec Asia
  • Frontier Enterprise – Jicara Media

Media Partners

  • Telecom Era
  • Supply Chain Digital
  • Techwire Asia
  • Gigabit
  • Digicon Asia

Media Partners

  • FutureIoT
  • Marketing Ops
  • Payment & Cards Network
  • Techtarget
  • FutureCIO

Official Partner Hotel

  • MBS

Media Partners

  • Wire 19
  • 计算机网络世界
  • Supply Chain Brain
  • Disruptive Tech Asean
  • FutureCFO


  • As cyber security is the hot topic at the moment, there are many exhibitors with new product showcase and conference speakers sharing their expertise, I find it very informative and insightful. My job scope covers a broad spectrum, having other shows like Big Data and IoT in one room is very convenient. Look forward to coming back next year too!
    Deputy Manager, Land Transport Authority
  • I’m interested in a couple of topics (i.e. Internet of Things, eCommerce and cloud & cyber security), so that’s why I’m here. We’ve just finished a conversation with NETSCOUT and are quite interested in their products – we will keep in touch with them to see how we can further collaborate.
    IT Manager, BSH Home Applications Pte Ltd
  • The event was good and informative. I've attended this event to browse for more products and solutions which we can use in our organisation to improve operations efficiency. I'll definitely be back next year.
    Team Lead, FMIS ICT Strategy, Lead and Innovation, Ministry of Economy and Finance
  • I attend this show with no particular focus but the speaker line up is good, the topics covered are wide as well. The speakers provide insightful content that are relevant to my job – cloud, cyber security, networks and the co-location of different shows help to save time too!
    Regional IT Governance Manager, TP ICAP