Fighting a hidden enemy: Singapore cybersecurity in this hyper-connected era
FYI, this story is more than a year old
Singapore has spent billions of dollars readying its infrastructure as part of its overall vision to become a hyper-connected smart nation. The lead-up to this goal includes ensuring seamless interconnectivity, political stability, and strategic forward thinking to prepare for the needs and demands of a dynamic, ‘always-on’, internet-savvy population.
To facilitate this digitally driven future, the government and its agencies have worked diligently to ensure that the requisite infrastructure has been put in place to attract data center and cloud companies to set up in Singapore. This move led to a surge in the number of data centers being built on the island over the past few years. As a result, today Singapore is dubbed the data center hub of Southeast Asia with over 60% of the region’s market based on its limited land mass.
With more companies opting to build or co-locate their data centers in Singapore, there is also an increased sense of risk and vulnerability. Over the past two years, the country has seen a spike in the number of high profile online breaches proving that cyber threats are becoming increasingly sophisticated and destructive.
The impact of these has also been heightened by the fact that hackers are collaborating with each other to pull off bigger and more complex breaches. Furthermore, new technologies like cloud and mobile computing, which provide organizations with great incentives to improve operational efficiency, product innovation, and cost savings, also opens up a myriad of new opportunities for threats and attacks.
Therefore, it’s worrying that despite knowing that the threats are growing, many corporations continue to be vulnerable by failing to plan for attacks or how to mitigate them.
Being hyper-connected: Pros & cons
As Singapore progresses towards becoming a smart nation, more extensive efforts are going into the collection of data on daily living. According to Gartner, the number of connected things will reach 20.8 billion by 2020. This means more personal information and business data will exist in cloud systems and be passed back and forth through numerous devices.
The intelligence and benefits that can be gleaned from device-to-device communications is tremendous. From governments being able to make data-driven decisions on how to improve infrastructure, to everyday citizens being able to make informed choices about which alternative routes to take to avoid traffic, the Internet of Everything (IoT) has already started to improve people’s quality of life and create new business models.
There is a flipside to the IoT utopia, a dark underbelly that is not as widely discussed as it should be. With the physical world morphing into one big information system, the attack surface that hackers have to work with also becomes exponentially larger.
Computers, smartphones, tablets, or data centers – one weak link in the security chain can open limitless doors for hackers to get access to private and sensitive data. This will only result in numerous avenues for hackers to disrupt, degrade, and destroy the economic prosperity and opportunities created through the IoT.
As the technology industry continues to innovate and build devices to function in an interconnected environment, data center providers need to evaluate security needs with a new mindset. They must consider that future security will be automatically managed by systems instead of physical users, and ensure that the right strategies are in place to overcome existing and new vulnerabilities.
Securing your data centers
The Singapore authorities have adopted a culture of risk management to smartly address risks between data centers and business operations. The Monetary Authority of Singapore and Ministry of Home Affairs have instituted regulations to ensure that locally-based data centers achieve and comply with international standards for both physical and cyber security. This is a good platform but there is always more that can be done to improve security measures.
Prevention is better than cure even within the IT stack. Data centers should be equipped with comprehensive infrastructure management solutions to help identify risks and anomalies before they become problems.
At IO, we employ a threat-based, defense-in-depth strategy to optimize security in our data centers, closing gaps across physical, personnel and logical security. Foundational to our layered security strategy is the use of standardized hardware as well as the use of software that help give us better visibility and security controls for our data centers.
At IO, we have modular hardware and a software defined data center approach that help establishes a baseline and framework for understanding and correlating information across the IT and the industrial control systems that support it.
With this implementation, there is a consistent and scalable framework that enables security leads to mitigate risks online which also provides a framework that allow C-level executives and IT teams, to understand and measure their investment in IT security.
In today’s increasingly complex technology landscape, we must be continually aware of the evolution of cyber threats, remediate corporate vulnerabilities with more agility, integrate new technologies with a risk mitigation mindset, and consider new regulations as both a challenge and opportunity to improve our security measures.
Experience has shown us that there will be a whole new category of issues to mitigate in the cyber security field in the IoT future. Every organization looking to leverage IoT capabilities should ensure they are addressing their current challenges in securing their infrastructure, in preparation for new threats that are yet to come.
Article by Darren Webb, IO managing director, Singapore and Southeast Asia.