“Cyber AI can be a force multiplier that enables organizations not only to respond faster than attackers can move, but also to anticipate these moves and react to them in advance,”

– Deloitte Insights, ‘Cyber AI: Real defense’ (Dec 2021)

With growing complexities in cybersecurity, companies are looking to cybersecurity tools powered by Artificial Intelligence (AI) and Machine-Learning (ML) as the future.

Apart from applications in threat detection and user behaviour analytics, AI/ML may be used in other innovative ways to help security teams.

Here are ways that ICE71 start-ups are leveraging AI/ML to make better cybersecurity tools for businesses and organisations:

To explore more cybersecurity solutions, check out the ICE71 Solutions Catalogue.

Last update: 2022-05-05

First presented at the inaugural ICE71 CISO-Investor Roundtable in Feb 2022, here’s a round up of our start-ups’ key investment and innovation highlights!

Presenting… the 2022 ICE71 Singapore Cybersecurity Startup Map!

Launched at our inaugural CISO-Investor Roundtable event, the map offers the most updated overview of Singapore’s cybersecurity demand. This comprehensive directory also serves as a useful tool for security leaders, investors, start-ups and SMEs looking for opportunities for growth and collaboration.

With this update, there are now 150 unique start-ups active in Singapore’s cybersecurity ecosystem up from 136 in 2020. 2 new categories, ‘OT Security’ and ‘Awareness and Training’, have also been added in this version as cybersecurity companies in Singapore continue diversify and reinvent themselves. You can also find or browse ICE71 start-ups and solutions by focus area using the ICE71’s new Start-up Catalogue and Solutions Catalogue.

Feel free to share this map but please drop us a message, and make sure to link back to this page and attribute ICE71.

2021 was an eventful year for the cybersecurity world. According to SonicWall, 470 million ransomware attacks in the first three quarters of the year alone constituted a 148% increase from the same period the year before, making 2021 the worst year on record. From double extortion ransomware attacks and Ransomware-as-a-Service (RaaS) to supply chain risks like the Apache Log4j Vulnerability, threat actors have diligently kept businesses on their toes with an ever-evolving medley of novel tactics. In fact, ‘cybersecurity failure’ was ranked a top 10 global risk alongside ‘climate action failure’ and ‘infectious diseases’ among others in the recent World Economic Forum Global Risks Report.

Infographic by Visual Capitalist

Like Greentech and Healthtech, cybersecurity innovation is a never-ending economic opportunity because threats are always evolving. In 2021, an unprecedented $21.8 billion in venture capital was invested into cybersecurity companies – a nine fold increase over the past decade. By mid-2021, cybersecurity funding had already surpassed the total funding of 2020. ICE71 start-ups that have benefitted from the boom include Keyless, SecurityAdvisor and Build38.

Singapore’s cybersecurity start-up scene also made considerable progress with 6 cybersecurity deals worth US$408.2 million closed in 2021, 10 times of what was raised the previous year. While funding activity in the region has not quite matched up with the bustle in other cybersecurity hubs of the world, it is likely to intensify as more movers and shakers like Snyk set foot on our shores. (You can hear more about Snyk’s story in this ICE71 webcast on how to raise funding amid the pandemic.)

With increasingly competitive funding rounds, winning pitches will need to show their ability to address biggest threats and challenges looming ahead. We got together ICE71 start-ups to contribute their cybersecurity predictions for 2022.

2022 Cybersecurity Predictions by ICE71

1. Ransomware Causing Life-Threatening Consequences

Put the proliferation of inadequately regulated payment methods and the mounting pressure to pay ransom together and we get the winning formula used by successful threat actors. More actual physical damages (think fires, power shutdowns, human casualties, etc.) should be expected as ransomware targets expand to Internet of Things (IoT) and Industrial Control Systems (ICS). Not only are hackers finding new vectors to hold organizations at ransom, but techniques will also continuously evolve “creatively” to evade detections and decryption. Venkat Ramshet, Founder of FlexibleIR foresees that social engineering attacks will be prominent and adversaries may move from encrypting data to distributed denial-of-service (DDOS) attacks or defacement of websites. Adversarial attacks are unpredictable, and organizations must practice cyber resilience.

2. More Cybersecurity Regulation

Dr Magda Chelly, CEO of Responsible Cyber, believes there will be more regulations in place to tackle the ever-increasing threat of ransomware and payments for ransomware. In fact, the United States Department of the Treasury’s Office of Foreign Assets Control (OFAC) has declared ransomware payment illegal. 

Beenu Arora, Founder and CEO of Cyble, sees that the staggering record of breaches are getting regulators’ attention to impose penalties on organisations to do their due diligence. He believes that we will continue to see law enforcement in the private and public sectors crackdown on organised cybercrime rings. However, he likened the relationship between law enforcers and bad actors to a “whack-a-mole” game – when one adversary is taken down, others will take its place.

3. More Focus on Cyber Risk Quantification

With more organisations willing to invest in cybersecurity, there will be more focus on measuring the financial risks of cyber threats and solutions. Cyber Risk Quantification helps leaders to demystify cybersecurity and make more informed decisions. 

As the Greek philosopher, Heraclitus once said: “change is the only constant”. The world of cybersecurity is increasingly filled with more uncertainty, and it is expected that the attacks will continue to evolve, with the approaches becoming more sophisticated. Beenu concludes that even with the everchanging landscape, the basics still hold true: Practising cyber hygiene, keeping awareness programs, having strong governance, and treating cybersecurity as a technical problem are the basic attributes to being cyber resilient.

What used to be exclusively left to the organisation’s savviest individuals (aka the IT department) to deal with is now everyone’s collective responsibility as organisations brace themselves for greater threats and disruptions ahead.

Did someone share this with you? Get the latest cybersecurity start-up news and opportunities directly by joining our mailing list.

Thanks to everyone who has played an invaluable role in the ICE71 Community, we get to end the year yet again on a fantastic note! Here’s a short montage capturing the best moments from this year. Enjoy!

In the wise words of Solo Kombani, COO of ICE71 start-up Aiculus, “the more powerful a tool is, the more robust our security measures have to be“. While Blockchain has opened up a wealth of opportunities for the FinTech industry, it has also become a high-value target for cyber criminals. Just as DeFi made headlines as the newest $100B sector earlier this year, bigger news was made when the industry saw a slew of high-profile attacks on DeFi platforms such as Cream Finance and Poly Network, highlighting very huge and present security threats.

In this joint Tech Showcase and Panel Discussion with the Singapore Fintech Association, we invited experts to discuss what Blockchain’s biggest cyber threats are and how companies can mediate these challenges with innovative tech offerings.

Key takeaways from the panel discussion:

• Although smart contract technology has proved to be a revolutionary development with seamless transactions, equally debilitating vulnerabilities remain a top concern. Nevertheless, Veronica Tan, Director for Safer Cyberspace at the Cyber Security Agency of Singapore, believes that there will be more cybersecurity companies innovating to tackle challenges in this area.
• 4 key areas of smart contract vulnerabilities have been identified by Ant Group – code security, logic vulnerability, business logic vulnerability and cross chain security. To address these, Derrick Loi, General Manager at Ant Group (International Business), shared that a multi-angle contract security analysis may be employed through static scanning, fuzzy test and formal business logic analysis.
• Cybersecurity risks faced by traditional finance and DeFi are similar. As demonstrated by the recent spate of high profile hacks, Veronica pointed out that blockchain companies are also not spared from hacking incidents, hence traditional cyber hygiene measures must continue to be practiced in all organisations to ensure a safer cyberspace environment.
• Gene Yu, Co-Founder and CEO, Blackpanda, also added that blockchain and cypto-affiliated companies may actually be considered higher risk than traditional finance as seen from the absence of cyber insurance companies that offer related coverage.
• The Blockchain industry cannot simply mimic traditional bug bounty practices to raise it cybersecurity protection. Unlike traditional bug bounties, DeFi’s ‘bugs’ are associated with actual monetary value, said Anson Zeall, Chairman of Association of Crypto Currency Enterprises and Start-ups Singapore (ACCESS) and Co-Founder & Chairman of the International Digital Asset Exchange Association (IDAXA). Therefore, hackers have more incentive to who exploit DeFi bug and take off with rewards more handsome than typically offered by traditional bug bounties.

→ Watch the full session on ICE71’s YouTube channel or Facebook page.

Here’s the latest news roundup on our ICE71 start-ups:

• SecurityAdvisor will be acquired by KnowBe4 for US $80M
• Privasec merges with Naviro, Solista & CXO Security to form security provider Sekuro
• Forcepoint acquires Bitglass to become the only company delivering all of the strategic components of SSE and SASE
• CYFIRMA and Datakrew are among SLINGSHOT 2021’s Top 100 deep tech start-ups to compete at the finals during SWITCH 2021
• Strobes by WeSecureApp raises growth capital from SucSEED Indovation Fund as part of pre-Series A round

More news on ICE71 and our start-ups here.

PSA: The Cybersecurity Industry Call For Innovation 2021 closes 31^st October 2021, 2359HRS (GMT +8)!

Send in your proposals to https://cybercall.sg/ by 31 October 2021 to stand a chance to

• Receive up to $1M in funding from CSA
• Work with key end-users to develop your innovative solutions
• Address pressing challenges within technology areas including #AI, #IoT, #OT, #Cloud and #Privacy

See the challenges launched this year and highlights from key events below! ??

Don’t miss this opportunity!

Find out how to send in your proposals following the proposal submission template, and remember to complete all required sections before submitting. More instructions are available here.

For more information, visit https://cybercall.sg/. You may also direct submission enquiries to info@cybercall.sg.

ICE71 is a supporting partner for the Cybersecurity Industry Call for Innovation 2021.

The 3rd run of the GovWare x ICE71 Start-up Pitch Pit was held on 7 October, 10AM as part of the GovWare Conference and Singapore International Cybersecurity Week 2021. For this special edition, promising cybersecurity start-ups and SMEs from the ICE71 Community pit against each other as they pitched their solutions to a panel of infosecurity industry veterans, showcasing how AI is the next frontier of cybersecurity.

Missed it? Watch it below and stay tuned to find out who the winner was!

Judges
Benson Lau – Customer Success Director, Zencode (Hong Kong), Commitee Member, Hong Kong Startup Support Group
Claudia Marcusson – Strategy & Innovation Lead at SC Ventures, VC Investment advisor in Europe & SIngapore
Tony Jarvis – Security Principal at Citrix, CISO Advisor, vCISO
Guy Marong – Managing Partner, Cubic Consulting, Cybersecurity Consultancy in Luxembourg, Europe

Participating companies
TAU Express – Incorporated in 2018, TAU Express started as a spin-off from the SPIRIT Smart Nation Research Centre at Nanyang Technological University (NTU). TAU Express helps organisations unlock value and insights from massive amounts of documents using advanced AI techniques. Its document analytics platform is capable of parsing, extracting and categorizing unstructured documents to enable intelligent search and analytics, resolving complex productivity issues and help companies achieve digital transformation.
SecureAge Technology – Headquartered in Singapore, SecureAge Technology’s AIpowered Asset-based Cyber Defence (ABCD) serves as a Endpoint Protection Platform (EPP) solution, bringing together application control, cloud malware scans, vulnerability assessment, and seamless encryption of all files in one enterprise solution.
Flexxon – Founded in 2007, Flexxon Pte Ltd is a leading industrial NAND flash storage solutions provider that delivers a range of versatile advanced memory storage solutions, most notably its X-PHY AI embedded Cyber Secure SSD which leverages on its patented firmware to analyze the data access patterns to detect any anomalous attempts through AI and machine learning. With a key focus to serve Cybersecurity, Industrial, Medical, and Automation (CIMA) applications, Flexxon is dedicated to delivering robust data security solutions.
InsiderSecurity – Established in 2015, InsiderSecurity is an award winning, cybersecurity deeptech company based in Singapore. It develops specialized cybersecurity products that discover the internal cyber threat early, before there is any serious data loss. InsiderSecurity’s technology is especially useful to detect sophisticated threats such as SolarWinds.
Amaris.AI – Amaris.AI strives to advance humanity with trustworthy cutting edge Artificial Intelligence (AI) and Cybersecurity products, which determines AI model robustness against adversarial attacks and explain predictions. Amaris.AI offers a range of intelligent automation, AI cybersecurity and embedded AI hardware products for its clients.

ICE71 x RSAC 365 Innovation Showcase: Frontier Technologies of Adaptive Security

ICE71 is proud to bring our start-ups to the global stage!

On 19 August, ICE71 partnered with RSA to host the August RSAC 365 Innovation Showcase. This session brought together an expert panel to discuss the Frontier Technologies of Adaptive Security, with a focus on API Threat Intel sharing, Graph Neural Networks and methods for securing legacy applications in DevSecOps. This was followed by two pitches by ICE71 start-ups – Aiculus and Scantist – who presented their groundbreaking ideas in the adaptive security space.

The panellists were:

• (Moderator) Rajiv Menon – Managing Director at Cisco Investments and M&A for Asia Pacific and Japan
• Dr Ong Chen Hui – Cluster Director for Technology Development, Infocomm and Media Development Authority
• Mark Kraynak – Founding Partner at Acrew Capital

Breaking through the Complexities of Cybersecurity

As an expert in Graph Neural Networks (GNN), Dr Ong shared that GNNs are a method of machine learning designed to perform inference on data described by graphs. Graph processing has gained popularity and its usage is expected to double every year from 2019 to 2022. GNNs can be used to solve a variety of cybersecurity problems due to its pattern recognition. For instance, automating detection of botnet attacks and cybersecurity vulnerabilities.

Mr Menon also talked about the problem on the lack of application security experts as compared to developers. Mr Kraynak added that , this problem is due to the fundamental disparity between the two roles. Application security experts face a fundamental problem: the sheer number of alerts and connections to deal with are overwhelming. He believes that the best way to tackle the problem is to automate the process of meaningfully integrating threat intelligence into the right parts of vulnerability management – and this is an area where novel solutions and technologies are much needed.

Following this, Dr Omaru Maruatona, founder of Aiculus and Prof Liu Yang, founder of Scantist, took the stage to share how each of their solutions reduce organisations’ reliance on the expertise of security teams through automation and machine learning, thereby bringing much-needed value to the adaptive security space.

Watch their pitches below, or find it on the RSAC Innovation Showcase page!

Aiculus is an ICE71 Scale start-up which leverages artificial intelligence to provide adaptive and intelligent cybersecurity capabilities for businesses that use application program interfaces, or APIs. Their solution defends the organisation’s API stack without having to access users’ data, offering an additional layer of privacy to customers.

Scantist is a member of ICE71 Accelerate’s fourth cohort. The start-up has developed an application security tool that manages open source vulnerabilities and helps enterprise clients improve compliance on the application level.

On 14-16 July, ICE71 took part in InnovFest x Elevating Founders, the official start-up event of Asia Tech x Singapore (ATxSG). Industry experts were invited to participate in a panel discussion hosted by ICE71 on the rise of cyberattacks making headlines.

Moderated by Linda Nguyen Schindler, ICE71 Programme Head, the panel session provided critical insights into recent incidents that put cybersecurity in jeopardy.

The participating panelists were:

• Abbas Kudrati – APC Chief Cybersecurity Officer at Microsoft Asia
• Doug Witschi – Assistant Director, Cyber Crime Treat Response at INTERPOL
• Magda Chelly – Head of Cyber Advisory at Marsh Asia
• Selwyn Scharnhorst – Director, Ecosystem Development at Cyber Security Agency (CSA)

To begin the discussion in a fun and interactive manner, the panelists were tested on their knowledge of recent cyberattacks in a refreshing format, inspired by the classic American game show, Jeopardy!. Incidents named included the Colonial Pipeline Ransomware attack, JBS Meat Plant Ransomware attack, SolarWinds breach and a classified malicious attack on a national healthcare system.

ICE71’s first-ever game show. Up for challenge? Give this a try.

Here are some key points made during the panel discussion:

Firms are still lacking the basic hygiene and fundamentals of cybersecurity: Cyberattacks that crippled organisations did not involve sophisticated methods of attack, said Mr Kudrati. It was a laissez-faire attitude to cybersecurity that had left organisations vulnerable to simple and common methods of attacks (such as SQL injections and brute force attacks).

The stark reality is that companies are still putting cybersecurity on the back burner. “History doesn’t exactly repeat itself, but it rhymes a lot,” Mr Scharnhorst said. The main cause of such incidents can often be attributed to the lack of proper cybersecurity hygiene and awareness. Companies with these basics in place would have eliminated their risks at the most fundamental level. On raising awareness, he added that conversations on cybersecurity should not stop at the top, but continue at all levels to empower every employee in the organization.

Dr Chelly further pointed out that the quantifiable impacts of ransomware attacks are not limited to just the ransom amount, but also the damage caused by business downtime (loss of profit, and accumulating operational costs), legal liabilities and more. To put things into perspective, it would be more expensive to remediate losses than to implement cybersecurity protection. Prevention is definitely better than cure.

Common misconceptions about unaffordable cybersecurity costs: Cybersecurity could be expensive – but not always. It was raised in discussion that many economical cybersecurity solutions are readily available on the market. Furthermore, the Singapore government has made it more accessible for SMEs by providing grants for a list of pre-approved solutions. Organisations should look for solutions that fit their cybersecurity budget by weighing their risk appetite and quantifying the potential financial loss of an attack.

To pay or not to pay: This is the conundrum faced by many ransomware victims. There is no silver bullet for reversing a ransomware attack. “Paying a ransom would be equivalent to financing the criminals,” said Mr Kudrati. Ethics aside, paying the ransom would not guarantee hackers to hold up their side of the bargain. In addition, hackers would typically try to maximize profit through a multi-pronged approach. Hackers would first demand ransom from affected organisations. Then, they may seek ransom from individuals involved to exclude their personal data or IP from further exposure. Finally, hackers might even sell the stolen data to the organisation’s competitors!

How should organisations respond to a ransomware attack? Mr Witschi advised organisations to come forward and share the incident with a trusted cybersecurity community, as there could be solutions available to remediate the attack. Threat intelligence sharing would also help experts identify how the organisation has been impacted and take aggressive steps to contain the attack.

ICE71 is proud to be a part of InnovFest 2021. Miss the panel discussion? Watch the recording below ??

Here’s the latest news roundup on our ICE71 start-ups:

• ICE71 Scale start-up CYFIRMA has uncovered attempts to hack Indian vaccine makers by Chinese hackers
• ICE71 Scale company Attivo Networks named one of 20 Coolest Network Security Companies of 2021 on CRN Security 100 List, and bags six awards at 2021 Cybersecurity Excellence Awards
• CNA ‘Asia First’ interviews Lee Heng Yu, CEO and Co-founder of Polaris Infosec, an ICE71 Scale start-up
• ICE71 Scale start-up Polaris Infosec and ICE71 Accelerate alum Cylynx are featured in CNA programme ‘On The Red Dot’

More news on ICE71 and our start-ups here.

Here’s the latest news roundup on our ICE71 start-ups:

• Avi Bar-tov, CEO of ICE71 Accelerate start-up GamaSec, provides insight into cyber insurance for SMEs in an interview with Insurance Business Magazine
• CEOCFO Magazine publishes interview with Sudesh Kumar, Founder and CEO of ICE71 Accelerate start-up Kapalya.
• ICE71 Accelerate alum Seconize gets featured in The Times of India about AI-based cybersecurity start-ups.
• SecurityAdvisor, an ICE71 Scale startup, has raised $7.3M in Series A Funding
• ICE71 Scale, Build38, has raised $3M euros funding in Pre-Series A round
• Maria Mastakas from ICE71 Scale start-up Digital Shadows been named one of “The Top 25 Women Leaders in Cybersecurity IT Services of 2021” by IT Services Report

More news on ICE71 and our start-ups here.

Here’s the latest news roundup on our ICE71 start-ups:

• Kapalya, an ICE71 Accelerate alum, closes seed funding round led by Caltrop Holdings
• ICE71 Scale start-up, Bitglass has received seven honours for cloud security excellence and two industry recognitions + listed in ‘Top 20 cybersecurity start-ups to watch in 2021’ by Forbes
• Attivo Networks, an ICE71 Scale company, has been honored with four 2020 ‘ASTORS’ Homeland Security Awards and named by Cybercrime Magazine as a ‘Hot Cybersecurity Company to Watch in 2021’.
• ICE71 Accelerate start-up Keyless Technologies among Startup Pill’s top picks for biometrics solutions in 2020
• ICE71 Accelerate alum, Cylynx was named “One to Watch” in the ‘Blockchain Transaction Monitoring’ category at the recent Regulation Asia Awards for Excellence 2020

More news on ICE71 and our start-ups here.

Here’s the latest news roundup on our ICE71 start-ups:

• ICE71 Scale start-up Build38 wins “Cybersecurity Solution of the Year 2020” award by PwC
• Aiculus, ICE71 Accelerate alum has been featured among Australian start-ups that have raised overseas capital amid pandemic
• ICE71 Scale company Attivo Networks launch solutions on McAfee marketplace
• GamaSec, an ICE71 Accelerate company, has partnered with ETHOS Technologies for Web Cybersecurity distribution in UAE and Middle East
• ICE71 Accelerate start-up Keyless Technologies, has been selected from over 70 applicants to pitch at Milan Fintech Summit

More news on ICE71 and our start-ups here.

Here’s the latest news roundup on our ICE71 start-ups:

• ICE71 Scale start-up CYFIRMA partners with NTT DATA INTELLILINK Corporation to deliver predictive and personalised cyber threat intelligence
• Digital Shadows, an ICE71 Scale company, has announced a new functionality within it’s SearchLight platform which can detect exposed access keys and offer customers near real-time alerts
• ICE71 Scale start-up Red Piranha has launched the Crystal Eye Security Operation Centre (CESOC), its second major product this year
• Polaris InfoSec, an ICE71 Scale start-up, has been named among 12 finalists of the Kaspersky Open Innovation Program

More news on ICE71 and our start-ups here.

GovWare Focus 2020 Virtual Conference and Exhibition, themed “Partnerships in Resilience and Advancement”, took place on 7-8 Oct. ICE71 was proud to be a Supporting Association for this major cybersecurity event and be a part of the first virtual GovWare-ICE71 Startup Pitch Pit.

Of all the virtual platforms we have been on so far, we must say that this conference had the best aesthetics, and we could sense the organisers putting a lot of effort in providing a unique experience. Moreover, we had many exciting things going on for us across the two-day conference!

First, there were the virtual booths at exhibition halls. ICE71 had our booth in Hall 3, and our start-ups 689Cloud, Cylynx, Digify, Red Piranha, Uniken, and WeSecureApp had their booths in Hall 4. It was a one-of-a-kind experience staying behind the screens while manning booths with avatar-like “representatives”. Through the booth chat function, we had fun interacting with visitors.

And on 1st Oct, at the Auditorium, we had the first virtual—albeit second—GovWare-ICE71 Startup Pitch Pit. Its first run was at SICW last year and the winner was Cyble.

Hosted by Linda Nguyen Schindler, ICE71 Programme Head, the 2020 Startup Pitch Pit featured four up-coming start-ups from the ICE71 community – each of the founders got onto the virtual stage to pitch their solutions:

1. Val Bercovici of Chainkit, a cybersecurity start-up pioneering extended integrity monitoring for security, forensics and compliance. Customers report 39% of cyber attacks are undetected. Stealth technology heavily used by professional attackers, uses techniques invisible to leading cyber security tools today. Chainkit’s first to market SaaS solution lets customers wrap unbreakable digital Chains-of-Custody around all key systems and data, on premises and in the Cloud.
2. Mitali Rakhit of Guardara, a technology company focused on building scalable, automated, smart software testing solutions to improve quality and security. Our first product, FuzzLabs, is a modern, powerful, and flexible smart fuzzer that utilizes “black-box,” dynamic testing to identify code defects, including vulnerabilities. We are a seasoned team with over 15 years of experience working for Fortune 500 companies and government organisations.
3. Fabian Eberle of Keyless, a deeptech cybersecurity company founded by renowned security experts, experienced technologists and business leaders, bringing more than 10 years of research to life. Keyless is pioneering the world’s first privacy-preserving biometric authentication and personal identity management platform, combining multi-modal biometrics with advanced cryptography in a distributed cloud architecture.
   
4. Sujeesh Krishnan of Kinnami, a cybersecurity start-up that provides a hyper-resilient data platform, AmiShare, that integrates data security, data protection, and data availability to help organizations combat growing cyberattacks and other disruptions. AmiShare secures data so that they can be accessed securely, efficiently, and with confidence about their integrity, on any storage device or platform. AmiShare also provides audits and alerts that enable proactive threat management.

The goal of the Pitch Pit is for start-ups to get real-world feedback and gauge potential interest in their cybersecurity solutions, from its distinguished panel of judges including:

• Huang Shaofei, CISO at Land Tansport Authority of Singapore (LTA)
• Tan Wee Yeh, Manager, Security Architecture – Customer Success at Microsoft
• Steve Ng, Vice president, Digital Platform Operations at Mediacorp

After the start-ups went through 5-minute pitches and gruelling Q&A from judges (and the audience!), it was time to decide the winner. While the judges deliberated, pitch pit host Linda engaged the audience with an interactive cybersecurity trivia.

Judges had a challenging time deciding the winning start-up, as all of the pitches were good. But after considering various factors, including how innovative the start-up solution was and performance at Q&A, they decided that the winner of this year’s GovWare-ICE71 Startup Pitch Pit (drumrolls): Keyless! Congratulations to Fabian and the Keyless team!

If you are an organisation looking for innovative cybersecurity solutions or an aspiring cybersecurity start-up searching for insights on how your product will fit the market, please reach out to ICE71 and don’t miss catching the next pitch pit.

“In these dynamic times, it is becoming increasingly important for our cybersecurity community to come together in collaborative endeavours. We need to mobilise our strengths to propel cybersecurity resilience forward, especially in a COVID-19 world. Being the region’s first cybersecurity entrepreneur hub, at ICE71 we continue to carry the torch for cybersecurity entrepreneurship, seeking out great partnerships that can create impactful platforms for our start-ups to succeed and thrive.”

Through GovWare Focus 2020, our goal is to generate more awareness on cybersecurity entrepreneurship and on how start-ups are uniquely positioned to meet the rapidly changing demands of cybersecurity.  From ICE71 and our start-ups having an online presence at this premier event, to the first-ever virtual GovWare-ICE71 Start-up Pitch Pit, we are proud to be a Supporting Association of GovWare Focus 2020, and look forward to future partnerships together.” – Linda Nguyen Schindler, ICE71 Programme Head

See you next year!

ICE71 was a proud Association Partner of Black Hat Asia 2020, a signature technical cybersecurity conference that had happened in virtual format for the very first time.

On 1st Oct, founders and leaders across four ICE71 Scale start-ups were featured in the exclusive ICE71 x Black Hat Asia panel, “Hunting Cheese in Pandemic Pandemonium”. Joseph Gan, successful entrepreneur of homegrown cybersecurity start-up V-Key, moderated the panel. It discussed how agile cybersecurity start-ups can add value and reposition themselves during these dynamic times. The expert panel comprised:

• Hrishikesh Dewan, CEO and co-founder of Ziroh Labs, a start-up providing advanced privacy preserving technologies without requiring data decryption,
• Prof Yu Chien Siang, a veteran in the Singapore cybersecurity space and Chief Innovation and Trust Officer of Amaris.AI, a start-up that deals with the latest AI tech including adversarial AI, 
• Kumar Ritesh, CEO and Founder of Cyfirma, a threat discovery and intelligence start-up funded by Goldman Sachs, and
• Pedro Hernandez, Managing Director and Co-founder of Build38, a start-up that protects the mobile channel for their customers—mainly banks and service providers who use mobile applications.

Key panel takeaways include:

Accelerated business transformation encourages cybersecurity uptake. Start-ups like Ziroh Labs and Cyfirma, which have solutions catered to or can be adapted for cloud security, have experienced customer interest. Ritesh from Cyfirma quipped, “Cybersecurity all of a sudden became an urgency,” and later adds, “As soon as the lockdown has started to happen, they (clients and prospects) started to come back to us asking and worried about their data.”

Changes to business approach. Build38, for example, is taking a more tactical approach to their business messaging when it comes to helping their clients continue to thrive. Co-founder Pedro said they have shifted the client communication from achieving strategic goals (like preserving brand reputation and avoiding long term risks), to more tactical and short-term goals (like quicker time to market, reduced investment, and optimised resources).

Start-ups have also seen a shift in their target customer segments during COVID-19, as smaller businesses and end user demand for cybersecurity increase with the shift to remote working. According to Hrishikesh, co-founder of Ziroh Labs, “In most of the earlier part of 2019, we were mainly concentrating on the Fortune 100 to Fortune 1000 companies. But now we have pivoted a little towards SMEs as well. So that we can cater to all the different markets, and at a more faster pace.”

Educate, not sell your customers. Traditional methods like trade shows and meeting for a cuppa to grow business no longer apply—something the panelists agreed across the board. Digital marketing and content building is becoming prevalent when it comes to the need to engage customers during this time. “From Cyfirma’s perspective, at least, we have started to push a lot of educational, I would say, awareness programs to our potential clients and customers, as well as to the wider cybersecurity community,” Ritesh said.

“Hunt in the pack”. The panelists also agreed with the notion that cybersecurity businesses should work hand in hand together towards cyber resilience. Prof Yu of Amaris.AI urged local cybersecurity companies to join forces and leverage on their respective strengths: “We don’t have to just win as a party, we should win together. We have to be (hunting) in the pack. I took this story from Mr. David Koh who’s leading CSA—he said that we have many small companies, and unlike other companies like those in Taiwan and (elsewhere), where they all work together, Singaporean companies are fiercely competitive. They don’t have this idea that we will work with each other. We must change that.”

In addition to the live panel, ICE71’s half-day digital conference, “Cybersecurity in the light of COVID-19” which comprised three back-to-back webcasts, was open for on demand viewing by the Black Hat community. The webcasts touched across different cybersecurity topics such as 5G / IoT security, Cloud Security as well as the human factor of cybersecurity.

ICE71 had a virtual booth over the four-day Black Hat Asia conference, where attendees could drop by, chat and interact with the ICE71 team to learn more about the region’s first cybersecurity entrepreneur hub (interestingly, Cyber N’US was on 2 Oct, which coincided with the last day of Black Hat Asia—ICE71 also had a virtual booth there). Having a virtual conference presence was overall an interesting, albeit new experience for most of us—definitely different from a physical conference experience, but with possibilities to know who’s who at the event, and connect with people whom we may never have brushed shoulders against otherwise. We could spark off meaningful “chats” and set up virtual meetings on the digital platform itself.

Looking forward to the next event!

This month, ICE71 celebrates amazing women in cybersecurity across the world and in our community!

In support of International Women in Cyber Day on September 1st, ICE71 was proud to have collaborated with Cyber Security Agency of Singapore’s “SG Cyber Women X Series”. We had a live panel session on 17th September featuring 4 very inspiring women who have taken the leap of faith into the cybersecurity start-up world:

• • Magda Chelly, Founder of Responsible Cyber;
  • Kopal Agarwal, VP Business Development at Uniken;
  • Andrea Thniah, a recent Responsible Cyber intern;
  • and Mitali Rakhit, CEO and co-founder of Guardara,

together with moderator Sharon Ko, security expert from Microsoft.

Each panelist shared what it takes to thrive in the cybersecurity start-up world and valuable lessons learnt along way.

Only about 25% of the world’s cybersecurity workforce are women, according to a recent ISC survey. More can be done to tip the scale of diversity, and ICE71 will continue to support a diverse cybersecurity workforce.

Angie Huang, VP Global Business at ICE71 Scale start-up ArcRan, shares her thoughts on winning First Place in “Young Award” for the Smart Application category, IoT and 5G security, why cybersecurity is like water, and more.

Q: Tell us about yourself and what you do at ArcRan.

I am the VP of Global Business at ArcRan. ArcRan is a company focusing on cybersecurity operation automation, IoT cybersecurity, and 5G cybersecurity products. We concentrate on constructing comprehensive and next generation cybersecurity solutions based on unique machine learning algorithms to help governments and enterprises conduct quick response to a variety of advanced cybersecurity threats and attacks.

Q: Can you share some examples of customer use cases?

The embracing of IoT by businesses has opened up enormous opportunities, but at the same time created new significant security risks as more devices get connected.

A smart manufacturing customer adopted our iSecMaster IoT Threat Detection solution to detect suspicious behavior and cyberattacks within their factory premises. The solution leverages and monitors wireless signals transmitted between devices and utilizes signal detection, machine learning and network behavior analysis methods to determine anomalies.

The growth of autonomous vehicles and Vehicle-to-Everything (V2X) applications also means more attack vectors and possibilities for hackers. With everything being connected, an attacker could tamper with the signal regarding traffic conditions, or fake messages being transmitted between vehicles. Autonomous vehicles makers have applied our V2X Threat Detection solution to detect security threats and protect their systems.

Q: Congrats on your recent win of “First Place in Young Award (Smart Application Category)”! Can you share more about this achievement?

Thank you. The “Young Award” is an annual award presented by the National Development Council and the Industry Development Bureau (Ministry of Economic Affairs) in Taiwan to recognize achievements in the digital industry, based on creativity, market strategy, functionality, market demand, and future development and growth. The award is divided into four categories: Smart Applications, Smart Health, FinTech, and Innovative Business Models. 

Our company has rolled out a complete portfolio of products to meet the growing demand of cybersecurity in the Smart Manufacturing industry, and we are honored and grateful that the judges could recognize the importance of the role our company is playing.

Q: What are emerging cybersecurity trends and opportunities?

New opportunities will begin to accelerate this year as 5G mobile networks start to roll out. We are noticing an emerging trend in IoT devices connected to 5G network, private 5G networks and Edge Computing.

Q: What are your thoughts around the impact of COVID-19 for organisations?

COVID-19 has drastically changed the business world and accelerated digitalization of business processes and the expansion of cloud computing. It has also refocused cyber security teams on Cloud Platform security, Data Privacy, Connection and Remote access, Security operational tools, and Policies. 

I believe this is a common challenge for organisations across the globe.

In Taiwan, we are also continuing to adapt cybersecurity strategies to account for increased threats to the new normal. Since Taiwan’s economy is driven by technology and manufacturing hubs, cyber security in hardware devices, IoT, supply chain and smart manufacturing will still be one the key areas of focus.

Q: Describe cybersecurity in 30 words.

Cybersecurity is one of the essential factors that determines whether an enterprise will be able to survive. However, cybersecurity is like water. Everyone ignores it until they actually need it.

By: Kumar Ritesh, Chairman and CEO of CYFIRMA

Pundits across the world have set their sights on a post-pandemic future, arguing that a new normal is about to descend upon us. While I recognise much of what the future holds is ambiguous, there is an area which will become our inevitable reality – cyberthreats that come with rapid digitisation.

According to a report by the Australian Cybersecurity Growth Network, global cybersecurity spending is set to increase by 86 per cent to US$270 billion by 2026. This signals the priority boardrooms have placed on cyber risk management even as digital transformation takes place en masse.

To wrap their minds around post-pandemic realities, business leaders and CISOs would need to understand the cybersecurity impact of these strategic digital shifts. COVID-19 has become the catalyst to trigger change in the ways of managing and operating technology. Let me outline a few here.

Telecommuting is the only way of working for many

1. Adoption of virtual desktop will finally see an upswing:

With tele-working likely to become the norm, virtual desktops could become the security baseline for IT teams to enforce data management standards. Virtual desktops emulate a computer system so that IT can control access such as adding input/output devices as well as software and applications. This could become an important control point when remote workers are operating outside the safety of a corporate network.

To meet the stringent criteria of regulatory and corporate compliance regarding data security, many companies will see the adoption of virtual desktops as the go-to solution.

2. We will notice surge in adoption of decentralised cybersecurity:

Traditional cybersecurity controls dictate a centralised approach where data is consolidated from different sources to perform analysis and investigation. With swift digitisation, security controls will shift to data sources, similar to the trend witnessed in IoT. We could start seeing a new wave of anti-virus, data loss protection, digital rights management and endpoint-based firewalls and other security controls gaining traction.

With millions of employees working from home, hackers’ focus has shifted from enterprise to remote working individuals. To handle the menace that exists in cyberspace, decentralised cybersecurity will rise where greater emphasis will be placed on data sources such as actual remote employees themselves.

3. Rise in biometric way of authentication:

User access controls have largely revolved around one or two-factor authentication. These methods rely on ‘something you know (username)’ and ‘something you have (password)’ and given hackers’ interest in employees as the weak link to start a technical exploit, we will see cyberattacks directed towards individuals.

This means identity protection will be of priority and the best defence should focus on building authentication systems which focus on ‘who you are.’ This would require advanced biometric solutions such as fingerprint/thumbprint/handprint, retina, iris, voice, and facial recognition technologies.

With biometrics, hackers’ attempt at impersonating you just got a lot harder than trying to break into passwords.

New processes will govern our way of work

1. Global privacy regulation and policies will require a re-look:

The current state of privacy regulations is designed around the enterprise network and building the proverbial wall to keep sensitive data out of prying eyes. With remote working taking centre stage, re-evaluation of these policies is needed to address the new cyberthreats.

From a risk management perspective, global privacy policies will need to encapsulate standard operating procedures regarding BYOD, GDPR compliance and state privacy laws.

Governance around companies and employees’ social media profiles would also have to be included as these platforms are frequently trolled by hackers as they carry out reconnaissance before launching a cyberattack.

2. Cloud will become more important than ever before:

The shift to cloud services offers employees, customers, suppliers, and everyone else across the ecosystem a seamless and friction-less access to data and applications. Remote access by various users would compound security challenges and presents many new potential attack vectors.

In the post-pandemic world, IT resources would shift towards data, particularly keeping data secure across cloud platforms.

3. Containerisation technology will be extended beyond enterprise network to include endpoints:

IT architectures will extend containerisation and zoning concepts to include not just systems, but also people, roles, and the level of sensitive data they possess. Containerisation, thus, will be extended beyond enterprise networks to include endpoints such as remote worker machines and mobile devices.

This will facilitate cybersecurity teams to apply varied access controls and demarcate data storage to minimise risk of cyber intrusion and data breach.

Technology and tools are taking over

Innovative technologies such as ML/AI, AR/VR will see greater adoption. As we have already witnessed, video conferencing applications will continue to rise as non-contact interactions surge.

Sectors such as retail, hospitality and manufacturing will layer their adoption of robotics with added AR/VR capabilities. By digitising the previously labour-intensive processes, factory operators will enjoy improved efficiencies, but at stake will be cybersecurity, if it was not integrated during the early stage of transformation.

Cybersecurity teams who are saddled with events-based approach will be overly burdened with triages when a cyber breach occurs. By embracing an intelligence-driven approach, business can digitise confidently with external threat intelligence as the guiding beacon.

And let’s not forget people as critical cyber defenders.

Hackers’ technical exploits will flourish in level of creativity and ingenuity, and a digital ecosystem is the perfect playground for malevolent agendas. Social engineering techniques to trick untrained and unsuspecting employees, third parties and contractors into releasing confidential information or letting an intruder into the corporate network will also intensify accordingly.

Instead of seeing people as the weakest link, view them as your frontline defenders. Cybersecurity awareness training for people across the entire supply chain and ecosystem will prevail.

Hacker groups will rattle the cages of government and businesses as digitisation efforts escalate. Cybersecurity strategies would have to shift downline towards the remote worker, decentralised controls, and enhanced policy measures. Digital transformation and cybersecurity are twin engines for sustained success, and this has just risen to the top of the boardroom agenda as economies awaken to the new realities of a post-pandemic world.

About the author

CYFIRMA Chairman and CEO, Kumar Ritesh, has 2+ decades of global cybersecurity
leadership experience across all facets of the cybersecurity industry. He spent the first half of his career as the head of cyber of a national secret intelligence service agency, gaining first-hand cyber threats and risks insights on a global scale before transiting into the commercial arena as a senior executive for multi-national corporations IBM and PwC. Ritesh was also the global cybersecurity leader for one of the world’s largest mining companies, BHP Billiton. Through his blogs and public speaking engagements, Kumar educates companies on cybersecurity risks, solutions and trends.

Headquartered in Singapore and Tokyo, CYFIRMA is a leading threat discovery and cybersecurity platform company.

CYFIRMA is also an ICE71 Scale company. 

ICE71 is proud to be a supporting partner of the second and virtual edition of CSA Cybersecurity Innovation Day on 30th July. The event saw highlights including exciting pitches by 2019 Cybersecurity Call for Innovation Awardees, with two ICE71-affiliated start-ups Scantist and Amaris.AI participating. It also provided opportunities for real-time, 1-1 business meetings with awardees, on top of enriching sessions featuring a keynote by security and AI expert Prof Dawn Song.

An initiative by the Cyber Security Agency of Singapore (CSA), powered by TNB Ventures, the online half-day event started off with a warm welcome by Guest-of-Honour Mr David Koh, CSA Chief Executive. Mr Michael Yap, Managing Partner, TNB Ventures then shared the journey and insights from the 2019 Cybersecurity Call for Innovation.

The main highlight of the day was the pitching session by 9 innovative cybersecurity companies who won the Call for Innovation award. Scantist, an ICE71 Accelerate alum, and Amaris.AI, an ICE71 Scale start-up, pitched their solutions together with other awardees. The innovations pitched were diverse, covering advanced malware forensics, adversarial attack on AI, OT protection, threat intelligence, data access security, application security, endpoint protection, and autonomous vehicle security.

Scantist is a local start-up spun off from years of R&D, with a focus on application security. In the presentation about their awarded project on AI enabled application security testing framework, Prof Liu Yang, CEO and co-founder of Scantist, spoke about the significance of application security: ”With the trend of digitisation, software is everywhere from websites, mobile apps to IoT applications. Software applications are critical means for delivering value of products and services. But the reliance on applications also means that they need to be secure.” Prof Liu shared that application security remains to be challenging amid a fast-paced, ever-evolving attack landscape, coupled with the lack of deep security expertise. “Infamous incidences around Panama Papers, Equifax, and Heartbleed arising from application-level breaches have led to substantial financial and reputational loss,” he said.

Amaris.AI, a full-stack AI start-up, provides a solution for adversarial attack on artificial intelligence. Prof Yu Chien Siang, Chief Innovation Officer of Amaris.AI, gave interesting examples on how AI can be fooled, including one that talks pandas and gibbons: “See the panda. You will see that if we add a little bit of unperceivable perturbation, the AI will be fooled and upended, and the panda ‘becomes’ a gibbon.” He cautioned on the security risks of current AI systems: “Almost all AI systems deployed now are without defences, if aggressively targeted, they will all be badly subverted, and these AI will also be automating such attacks.” Prof Yu urged the audience to think about potential impact in areas using AI, like autonomous cars and immigration biometrics.

It was great to see homegrown cybersecurity start-ups in the line-up of awardees, such as Amaris.AI and Scantist which are in the ICE71 inner circle, as well as Insider Security, a start-up that provides detection of unauthorised access to patient data – a relevant cybersecurity solution for healthcare IT systems.

Keynote speaker Prof Dawn Song, who also has her own start-up Oasis Labs, spoke passionately about the importance of privacy preserving data access in the age of machine learning, in her session on challenges and future direction for AI. She said, “Data needs to be protected not only at rest and in transit, but also when in use and in compute.”

There was also a fireside chat with students featuring Prof Song, a presentation by AiSP on security by design, and an IMDA sharing on opportunities for cybersecurity start-ups in the SME market.

The virtual event was a truly insightful experience. We look forward to more of such cybersecurity entrepreneurship initiatives in the future!

Watch highlights:

Catch up on the full event programme content here.

Omaru Maruatona, founder and CEO of ICE71 Scale start-up Aiculus shares about the increasing need for API security post COVID-19, the start-up’s recent fund raise circa SGD1 million, and more.

Q: Tell us more about yourself.
I was born in Botswana Africa and moved to Australia in 2015 on a scholarship to study Software Engineering. Since then I’ve worked in Botswana in a diamond mine, then moved back to Australia where I completed an industry PhD in applied Artificial Intelligence. I’ve also worked for a global financial services company and a big four consultancy firm before I founded Aiculus in 2017. I am currently CEO of Aiculus and am responsible for the overall strategy of the company.   

Q: What inspired you to start Aiculus?
I started Aiculus mainly because I saw a growing trend in the wide application and adoption of APIs and a gap in the way they were being secured. Globally, there’s been a massive uptake in connecting different systems and enabling digital service provision using APIs. Most countries have also moved to legislate the sharing of consumer data through open platforms such as Open Banking. Consequently, organisations have set up digital platforms to comply with these regulations and also to enhance customer experience. Given my background in software development, AI and Cybersecurity, I had a good idea of what it would take to develop a prototype to test the market so I took the leap of faith and went for it.  

Q: Could you share with us some real-world client use cases of your technology?
Most organisations with APIs have one or two layers of defence or security. These security controls are mostly at the perimeter and typically check for authentication and authorisation in incoming API traffic. We are currently working with a large corporate organisation to provide a behaviour-based API screening capability to detect the use of stolen credentials and account takeover attempts. With the increasing number of successful authentication bypass attacks and attacks using stolen credentials, a proven way to stop these is to inspect authenticated API requests using some form of Behavioural Analysis. This is the value proposition of Aiculus.

Q: Congrats on your recent milestone securing close to SGD1mil in seed funding round led by Cocoon Capital! What were learnings from the fundraising? What did it take to get there?
I think every start-up has its own context and therefore things that apply to them may be different. For us, what really took us over the line in terms of securing the investment was that we had a host of people who could speak on our credibility. In addition, we did our research and made sure we had defendable facts on market size, competition, growth drivers and product differentiation, to mention a few. 

Q: What are your thoughts about API security in the light of COVID-19? How relevant is this now – has the need increased or remains as important as ever, and why?
COVID-19 has compelled many companies to roll out massive work from home arrangements for employees. In addition, physical distancing measures have resulted in many people using digital services rather than the traditional in-person purchases for services. Because of this, the digital channel widened significantly and may never go back to pre-COVID-19 volume again. All this means that APIs, which power the communication between systems, are busier than ever and must be appropriately secured to sustain this new normal.    

Q: You recently set up a Singapore office. It’s a progression that we see since your days in ICE71 Accelerate to being a member with ICE71 Scale at present, and we are proud to have been part of your journey. What are your thoughts about business prospects in Singapore?
Thanks, ICE71 has been pivotal in Aiculus establishing in Singapore. From the beginning, Aiculus was founded as a global company because the problem we are solving is global. Although we can technically serve any customer wherever they are in the world, our expansion has to be incremental in order to be sustainable. SEA is a fast-growing region in the world, so it made a lot of sense to be in Singapore since this is the financial hub of SEA. In Singapore, Aiculus wants to be a critical part of the cybersecurity ecosystem, offering a product that provides great value to organisations who are using APIs.

Cybersecurity is a set of attitudes, technical and administrative controls methodically deployed to help ensure a digital service is resilient from deliberate or accidental disruption.

– Omaru Maruatona

Omaru is a valuable member of the ICE71 community. His start-up Aiculus was in cohort 3 of ICE71 Accelerate and is currently an ICE71 Scale company.

Kopal Agarwal, who helms ICE71 Scale startup Uniken’s APAC business, shares about mobile security in a post COVID-19 world and more.

1) Tell us more about yourself. How did you get to your role at Uniken and what do you do in this role?

I joined Uniken about 6 months ago to spearhead its growth plans in APAC. Prior to joining Uniken I worked in the financial services industry for 19 years. Most recently, I was with the Bank of Singapore, and prior to that I worked with Barclays and JP Morgan in Singapore.

I first got to know about Uniken when they pitched to me at one of my previous employers. I was so impressed with their security solution; I decided I had to be a part of this company’s growth journey.

2) What’s the Uniken story, ie. how did Uniken come about?

Uniken was founded in India 7 years ago. A fresh team came in three years ago and has built the Uniken of today – with the simple aim to make connections secure and easy. Adding security layers to your digital channels means adding friction to the customer experience. For an organization embarking on a digital transformation journey, this poses a big dilemma. Our patented security solution REL-ID was built with the key focus on driving customer engagement and eliminating every major vector of fraud and breach.

We have since expanded into Latin America, the US, APAC, Europe, Middle East, and Africa — with global headquarters in the US and regional APAC headquarters in Singapore.

3) Could you share with us real-world client use cases of your technology – for us to better understand what your technology is about, and why this is important?

Our product is industry agnostic, hence we work with various sectors such as financial services, education, airlines, and retail.  I can share two use cases clients consistently deploy our solution for. The first is around protecting mobile apps and all transactions conducted with them. The second use case is about 100% transaction verification in business banking. Both examples take fraud to zero for our clients and drive a tremendous amount of engagement given the ease of use.   Making security invisible and frictionless has its advantages across the board.

4) You’re very much in the news recently, from news about Bank of India using your REL-ID technology to REL-ID gaining FIDO2 recognition. Congratulations on these milestones! Could you tell us more about these achievements?

Thanks, and yes, we have been in the news a lot lately. Bank of India (BOI) was all about delivering for a customer.  They are our oldest customer and as they have grown so have we. For us it was about listening to them and their customers along the way and continuing to strengthen our product set to meet their changing needs.  As BOI saw the threat landscape change, they realized that deploying REL-ID across the board was the obvious choice, we had what they needed because we listened along the way.

Our recent FIDO2 certification is another example of listening to the market, i.e. in providing a password-less solution that meets an industry standard and in having a continual push for innovation. With FIDO2 our solution can allow our clients to use an industry standard for password-less cryptographic authentication and combine it with our other award-winning features, allowing customers to lower their cost of ownership while offering the range of client authentication techniques.

5) What are your thoughts about mobile security of the future? Will COVID-19 change anything in this space?

In the new normal post COVID-19, the way people conduct their lives will change and digital interaction will be the norm rather than an option. We now have to ensure security and convenience to meet the needs of the new normal. Just look at Zoom and why they have succeeded recently. They are simple, easy and consistent, but they forgot to focus on security and privacy.

The emergence of mobile as the dominant channel creates the opportunity for businesses to rethink their security paradigm, allowing them to pivot to a customer-centric model that delivers a better customer experience and unlocks the true power of digital transformation.

6) Describe cybersecurity in 30 words.

Cybersecurity is about protecting one’s systems, information, assets and dollars. But above these, it is also about respecting individual privacy and protecting the brand.

Cybercriminals are taking advantage of the emergencies caused by COVID-19 to run more frequent ransomware attacks. Criminals aim these attacks mostly at hospitals and corporates, locking these organisations out of their critical systems, to extort payments.
Sudesh Kumar from Kapalya, an ICE71 Accelerate startup, shares more.

Ransomware are often spread through phishing emails containing malicious attachments, or through drive-by downloading. Over the last month, the number of phishing ransomware emails and attacks increased respectively by 4,000% and 350% with COVID-19 themed cyberattacks. There are about 13,000 malicious website domains using names related to COVID-19¹. Business networks are more exposed to potential attacks because of the high number of people working from home using corporate-issued laptops, smartphones and tablets, all of which may contain confidential, proprietary, classified and sensitive data. When cybercriminals compromise these files, they also extract the contents of these files and expose them on public-facing websites to further extort companies, if the victim companies deny ransom payment.

After a ransomware enters the system, it encrypts accessible files present on the computer and spreading through the network. These files become unusable unless decrypted with a special key owned only by the cybercriminal and released in exchange for a payment with an untraceable/pseudonymous methods (e.g. Bitcoin, Ethereum).

4 more concerns arising from an attack on top of a financial loss

Besides the loss in dollars and cents, 4 other key concerns arise from a ransomware attack:

1) There is no assurance that cybercriminals will release the decryption key after the payment, entailing a risk of permanent data loss;

2) During the time elapsed from the attack to the release of the decryption key (if at all), data and network are unusable, heavily disrupting time-critical applications such as hospitals;

3) After a first ransomware attack has been successful, there is no assurance that the victim will not face a cyberattack again, exploiting the same weakness used the first time;

4) During an attack, ransomware can transmit data from the computer to the Internet, causing potential leaks of sensitive or classified data (e.g. attacks by Maze, Sodinokibi, Nemty, Clop)

Conventional ransomware attack routes

Ransomware are often spread through phishing emails that contain malicious attachments or through unintentional download (i.e. drive-by downloading) when a user visits an infected website.

During ransomware attacks, attackers will compromise an individual host through phishing, malware, or exposed remote desktop services. Once they gain access to a machine, they spread laterally throughout the network until they gain access to administrator credentials and the domain controller. Crypto ransomware, a malware variant that encrypts files, is spread through similar methods and has also been spread through social media, such as Web-based instant messaging applications. Additionally, newer methods of ransomware infection have been observed. In particular, the latest advancement involves “file-less” infection, where malicious code is either embedded in a native scripting language or written straight into memory using legitimate administrative tools, without being written to disk.

File-less ransomware

In file-based attacks, a binary payload is downloaded onto the target machine and executed to carry out malicious actions. Legacy antivirus can prevent these known attacks by identifying the signature. If the signature is found, the antivirus prevents it. File-less malware avoid this countermeasure by presenting no indicators of malicious executables on the target machine. Instead, attackers use legitimate tools built into the system like PowerShell, WMI, Microsoft Office Macros, and .NET for malicious purposes (Figure 1)². This technique is called Living-Off-the-Land and the exploited legitimate tools are known as LOLBins). Many LOLBins are incorporated into the daily workflow of IT professionals, which makes blocklisting them impractical given how it would reduce IT’s efficiency and reach. The attackers have a set of tools they can leverage that are pre-installed on every Windows machine they want to target.

File-less ransomware are:

1) Stealthy: They exploit legitimate tools and are thus almost impossible to blacklist.

2) Living-off-the-land: Tools used are installed by default on most machines. The attacker does not need to create or install any custom tools to use them.

3) Trusted and Frequented: Tools used are frequently used and trusted. It is not unusual to see such tools operating in an enterprise environment for a legitimate purpose. A list of most recent file-less attacks is shown in Table 1.

File-less attacks can be a powerful tool for attackers, since they are able to bypass the majority of antivirus and next-generation antivirus products.

Final thoughts

Protecting files and folders on desktops, laptops, file-servers, smartphones, tablets and other user devices during this COVID-19 pandemic has become a necessity. In doing so, both private and public organizations must understand and mitigate the risk by encrypting files and folders on all devices, either inside or outside the organizational perimeter.

Using just perimeter defense and anti-malware or regular backup is no longer sufficient. A comprehensive organization-wide encryption must be developed and implemented.

References

1. 4,000% increase in ransomware emails during COVID-19 | National Observer. Available here. (Accessed: 28th April 2020)
2. Securely Support the Remote Workforce Surge | Unisys. Available here. (Accessed: 16th June 2020)

Author profile

Sudesh Kumar is CEO and co-founder of Kapalya, an ICE71 Accelerate 4 startup providing a comprehensive encryption management solution. Sudesh has more than 25 years of IT, mobility, security, networking, cloud computing and Project Management experience. Kumar has successfully delivered global multi-million dollar heterogeneous networking and transformational cloud services projects.

You may also be interested in:

In conversation with Sudesh Kumar of Kapalya, an ICE71 Accelerate 4 startup

25th June marked the Virtual Demo Day for our fourth and latest ICE71 Accelerate cohort, featuring nine startups from Singapore, Australia, Israel, the UK, the US and Poland.

To date, ICE71 Accelerate, ICE71’s accelerator programme has supported 34 cybersecurity startups and helped to strengthen Singapore’s growing cybersecurity ecosystem. And 16 of these companies from the programme have collectively raised SGD$18M.

In the Demo Day welcome address, Rebecca Floyd, Managing Director for CyLon Singapore described the exhilarating journey of making a wholly virtual accelerator programme a reality. “Necessity really is the mother of adventure,” she said, revealing the need for running a different kind of accelerator, and having an entrepreneur’s mindset to make things happen amid the challenges of the current pandemic.

Edwin Low, Director, Innovation & Tech Ecosystem at Infocomm Media and Development Authority (IMDA), said that ICE71 was formed to develop the cybersecurity ecosystem and provide support in terms of funding, go-to-market, facilities as well as community building.

In the two years since ICE71’s inception, we have made progress. Among the many milestones we had, we have trained over 80 cybersecurity entrepreneurs, accelerated more than 30 startups, and played a part in connecting our past cohort startups to potential customers and investors. Some notable results of connections made include funding raised from Cocoon Capital by Aiculus and Guardrails.

Our progress is driven by our co-founders Singtel Innov8 and NUS Enterprise, but certainly not without being in synergy with supportive partners giving us the uplift we needed. Edgar Hardless, CEO of Singtel Innov8, expressed, “Thank you to our partners who have supported us in this journey. Without the support of partners like IMDA, Cyber Security Agency of Singapore (CSA), and Cisco, we probably wouldn’t have reached where we are today.” Edgar was optimistic about existing capabilities to take ICE71 to the next level.

Prof Chee Yeow Meng, AVP for Innovation & Enterprise at the National University of Singapore (NUS) spoke about new cybersecurity challenges emerging from a remote work setting: “With COVID-19 forcing most of us to work remotely or study from home, new challenges have emerged for cybersecurity, driving a greater demand for cybersecurity solutions and creating opportunities for cybersecurity entrepreneurs.”

On the success of ICE71 Accelerate, CyLon has been an important programme partner for us. Grace Cassy, co-founder of CyLon shared about the proud partnership with ICE71 and how wonderful the journey was for them to be a part of helping to grow Singapore cybersecurity ecosystem.

The future is bright for cybersecurity entrepreneurs, but one of the key challenges remains to be how startups can rise above the noise and legacy in enterprises, and demonstrate immediate value in their solutions. They need to know how to convey their value proposition with key decision makers, particularly CISOs, to make headways. Keynote speaker Alan Jenkins, CyLon CISO-in-Residence had much to share on how startups can best engage with CISOs in today’s challenging environment.

While we look forward to many more milestones by ICE71 Accelerate alums, for now, congratulations to cohort 4 startups for completing this incredible journey and kickstarting another. It is great to see the new connections formed through ICE71 Accelerate between the cohort and our partners from the likes of CSA, Singtel Trustwave, NUS, and others. We can’t wait to hear of more exciting developments from our fourth cohort in the coming months!

Watch the pitches of each startup and connect with them directly by clicking on the links below:

• Assimil8
• Chainkit
• GamaSec
• Guardara
• Kapalya
• Kinnami
• Olympus Sky
• neoEYED
• Scantist

Read about Demo Day in the news:

• e27
• AsiaOne
• SBR Daily Briefing
• Telecompaper
• and more here.

Download the Lookbook here.

See the full Demo Day recording here.

Check out “In conversation” interviews with startup founders here.

ICE71 proudly presents our 2020 Singapore Cybersecurity Startup Map, the latest (and greatest yet) version of it!

We’ve been continuously working hard to scour our island nation for cybersecurity startups – in this year’s updated map, there are 136 unique startups within the cybersecurity and associated fields, including endpoint security, cloud security, network security and IoT security.

Out of these 136 startups, half of the cybersecurity startup community are in our “ICE71 Inner Circle” of startups who come from our ICE71 programmes! 

You can check out our latest ICE71 Accelerate Cohort 4 startups on this map as well.

With more tech-savvy and nimble cybersecurity startups entering the space, launching new products and offering superior solutions, we look forward to continue supporting and strengthening the cybersecurity community in the region.

For the next version, do reach out and let us know if you would like to be listed on the startup map!

We caught up with Sujeesh Krishnan of Kinnami, a member of ICE71 Accelerate’s fourth cohort.

Q: Tell us more about yourself.

I am Sujeesh Krishnan, CEO of Kinnami Software Corporation. We are a data security and privacy startup based in Boston, U.S., with teammates in Washington D.C., London, and Singapore.

Q: What inspired you to start your startup? What is your goal or dream for your startup?

The original inspiration for the technology that Kinnami is providing comes from the realization back in 2006 – that it was so hard and too slow to share large files (pictures, videos, etc.) with non-techie family members around the world while also retaining privacy. Even today, that problem is not served well. Over decades in the data protection and security segments of the IT industry, we have become frustrated with the industry’s patchwork of solutions that have led to ever- greater disasters in the form of data leaks and most recently fake news – information that cannot be trusted.

Consequently, we have become determined to provide a better platform that prevents a number of essential problems in data security and protection. “Data without security is worthless. Security without data is pointless,” so separating the 2 topics, which has happened as a result of the evolution of IT over the last 30 years, is really just not a good idea. These need to be fixed together. Properly.

Kinnami’s vision is to completely alter the way organisations think of data security and storage and eliminate the current patchwork of solutions that serves as IT security today. Data security now keeps IT admins up and night and is a hot topic in corporate boardrooms. The ability to play a key part in addressing this big challenge is a huge motivation for us as a company.

Q: What is the problem you want to solve with your product or solution? Tell us more about your solution.

Kinnami enables organisations to protect sensitive data everywhere. Our innovative distributed data storage and security platform, AmiShare avoids the classic data security and protection patchwork. Instead it provides organisations with an easy way to secure the creation, storage, and sharing of data both within organisations and externally. AmiShare separates administrators and end-users’ responsibilities, aligning them more precisely with their goals. All this is verified by AmiShare’s auditing.

AmiShare enables organisations to manage the security of data by defining policies to control who may access them and where they are stored, providing protection wherever they are stored or shared. This includes data centers, cloud stores, laptops, mobiles, removable drives, and IoT devices. Security of stored data is enhanced by breaking data into fragments, individually encrypting fragments with individual encryption keys and storing them across multiple devices/servers.

Q: Who might find use for your solution?

Any organization that needs a more secure way to store, collaborate and audit the access of confidential information will find value in AmiShare. Some of our early markets of interest include regulated industries such as financial services, healthcare, supply chain, as well as academia, and military.

In today’s remote work from home environment caused by COVID-19, SMEs as well as enterprises will find AmiShare to be a better way to manage sensitive data that is being accessed on potentially unsecure devices and networks.

Q: What have you enjoyed the most being a part of the ICE71 Accelerate programme?

We have found the programme to be of high quality, with extremely relevant topics for our company at its current stage of evolution. The ability to interact directly and build relationships with CISOs, subject matter experts, and successful founders, as well as peers has been invaluable. We have also appreciated the opportunity to connect with parties at Singtel, NUS, IMDA, and CSA among others, on a one-one basis and in exploring collaborative projects.

Learn more about Kinnami at kinnami.com

We caught up with Alessio Mauro of neoEYED, a member of ICE71 Accelerate’s fourth cohort.

Q: Tell us more about yourself.

I’m Alessio Mauro, from Italy, CEO at neoEYED, a US based company.

Q: What inspired you to start your startup? What is your goal or dream for your startup?

I hate security and especially “passwords”! They are just stressful and a nuisance and… why are we using them yet, despite all the advancement in biometrics? My dream since I started this company was to simplify security and get rid of passwords once for all.

Q: What is the problem you want to solve with your product/ solution? Tell us more about your solution.

neoEYED reduces up to 99% of digital identity frauds by using an invisible technology: behavioral recognition. We built a Behavioral AI, an AI trained to recognize the users just by the way they interact with their web/mobile applications.

It’s an invisible security layer that protects the users, without making any change in the user experience. More security, less stress.

Q: Who might find use for your solution?

Banks and fintech applications are the one who would really need these solutions to protect their users’ accounts, besides, any enterprises (including banks), regardless of the verticals, always need this solution to protect frauds inside coming from the employees or hitting them.

Q: What have you enjoyed the most being a part of the ICE71 Accelerate programme?

Being us in the virtual program we haven’t got the chance to live Singapore and all ICE71 events, but the team at ICE71 have always connected with relevant people and events to be in the startup scene.

Watch neoEYED pitch at ICE71 Accelerate 4 Virtual Demo Day on 25th June! 

Learn more about neoEYED at neoEYED.com

We caught up with Barton Shields of Olympus Sky, a member of ICE71 Accelerate’s fourth cohort.

Q: Tell us more about yourself.
I’m Bart Shields, CEO and CTO of Olympus Sky Technologies, S.A. , also known as Olympus Sky, and we originate from Łódź, Poland.

Q: What inspired you to start your startup?
Back then, I wanted to solve the number one problem within the automotive industry –  providing security inside of the vehicle.

Q: What fires you up every morning?
Knowing that this technology completely changes how security is done, in that it simplifies and automates communication security, while also simultaneously providing a solution that is more secure than the current, traditional means for providing communication security (i.e. PKI + TLS/SSL).

Q: What is your goal or dream for your startup?
This are two parts to this goal: 1) to make our core technology an RFC specification and communication-layer standard, and 2) to change how the world does security.

Q: What is the problem you want to solve with your product/ solution?
Traditional security is human intensive and utilizes a centralized approach for the creation and management of security credentials, making it costly to implement, costly to maintain, and difficult to scale. IoT is expanding at a pace that is difficult to keep up with. This is especially true for trying to provide security at IoT scale in a cost and time efficient manner.

Because traditional security was never meant to operate within the complexity and additional requirements introduced by the proliferation of devices that IoT brings. Only those with sufficient resources have the capabilities of addressing the security gaps, which because of the complexity more than often fall short.  It is no secret that traditional security is becoming more complex each and every year.  Thus, increasing the threat surface and costs of maintaining security.

To put it simply, traditional security is meant for point-to-point, static links.  IoT is by definition dynamic and multi-point.  Thus, traditional security is the square peg and IoT is the round hole.

Q: Tell us more about your solution and who might find use for it.

Our security solution, Autonomous Key Management (AKM) makes security not only affordable, but significantly decreases the threat surface because of its simplicity.  AKM is easy to deploy, easy to maintain, and easy to expand at IoT scale. AKM solves the high costs and difficulties of providing security at IoT scale. It is completely automated with one-time provisioning, removing the human factor and any requirement to connect to a centralized server.  Last, our security naturally provides multi-point, end-to-end encryption, something that traditional security is incapable of (ex. the Zoom video acknowledgement from April in which they stated that PKI and TLS/SSL are incapable of multi-point end-to-end encryption).

The primary customer case for our solution would be Industrial IoT companies.

Q: What have you enjoyed the most being a part of the ICE71 Accelerate programme?
Meeting the mentors and other teams in the programme.

Watch Olympus Sky pitch at ICE71 Accelerate 4 Virtual Demo Day on 25th June! 

Learn more about Olympus Sky at olympusssky.com

Our first 100% virtual ICE71 Accelerate programme had kicked off! The fourth cohort of the programme took place from 7 April – 25 June.  Here’s a quick look at each of the startups in cohort 4!

Assimil8

Origin: Australia
Co-founders: Simon Robinson, Stephanie Robinson

The Assimil8 tool, IDRIS provides decision makers with easy to read visual representations of large complex data sets. ASSIMIL8 makes data analysis more accessible by reducing the reliance on specialist expertise. The product we have developed, known as the Intuitive Data Relationship Inference System (IDRIS) can be used to quickly evaluate the risk context and threat of an individual cyber event or can be used continuously to review a complex network to identify threats.

www.assimil8.com.au

In conversation with Stephanie Robinson, CEO

Chainkit

Origin: USA
CEO: Valentin Bercovici

Chainkit is a cutting-edge technology that detects invisible threats, dramatically reduces dwell time from months to minutes, and delivers absolute system attestation.

Anti-forensic techniques are silently tampering with indicators of compromise, extending dwell times into months. Forensic artifacts lack attestation of integrity for investigators to use in determining attribution. These conditions put organizations at unacceptable risk of undetected cyber attacks, as well as out of regulatory compliance. Chainkit for Splunk and Elastic is the first solution to focus exclusively on the previously invisible 39% of undetected cyber security attacks. Results include less cyber damage and stronger regulatory compliance, supporting lower insurance premiums, in an era of universally increasing cyber risk.

www.chainkit.com

In conversation with Val Bercovici, Founder & CEO

GamaSec

Origin: Israel
CEO & Co-founder: Avi Bartov

Gamasec utilizes the newest and most advanced technologies to stop cyber-attacks via websites reducing cyber insurance exposure GamaSec is a pre-breach tool which enables small and mid-sized businesses to combat and recover from cyber attacks. By using cutting edge virtual hacker technology to identify and eradicate dangerous malware threats and website application vulnerabilies reducing cyber insurance risk and exposure.

www.gamasec.com

In conversation with Avi Bartov, Founder and CEO

Guardara

Origin: United Kingdom
CEO: Mitali Rakhit

FuzzLabs, their first product, can be used to identify a wide range of issues, not only native software flaws, such as memory corruption. It is possible to test web applications and web services, find problems such as unhandled exceptions, issues related to performance, and a lot more.

www.guardara.com

In conversation with Mitali Rakhit, Co-founder and CEO

Kapalya

Origin: USA
CEO & Founder: Sudesh Kumar

Kapalya empowers businesses and their employees to securely store sensitive files at-rest and in-transit across multiple platforms through a user-friendly desktop and mobile application. This ubiquitous encryption solution protects all your corporate data by seamlessly encrypting files on end-points (computers/mobile devices), corporate servers and public cloud providers. With Kapalya, users have the ability to share encrypted files across multiple cloud platforms.

www.kapalya.com

In conversation with Sudesh Kumar, Founder and CEO

Kinnami

Origin: USA
CEO: Sujeesh Krishnan

Kinnami is an end-to-end data security firm that equips organizations to secure, proof and audit sensitive information at rest and in-transit in data-sharing applications Kinnami is an end-to-end data security firm that equips organizations to secure, proof and audit sensitive information at rest and in-transit in data-sharing applications. It’s core product, AmiShare, uses distributed and encrypted storage to secure and protect confidential data across devices and users everywhere. Data is broken into fragments, encrypted, and distributed across a network of servers, devices and the Cloud. AmiShare strictly audits access to data and secures data right where it is created or stored ensuring that data is protected even as it moves.

www.kinnami.com

In conversation with Sujeesh Krishnan, CEO

neoEYED

Origin: USA
CEO: Alessio Mauro

neoEYED helps banks and enterprises to reduce frauds just by looking at the way users interact with application and devices neoEYED is a Behavioural AI. A fraud detection/prevention solution that recognise the users just by looking at “how” they interact with the applications and type their passwords. The result is a secure, frictionless, layer that continuously monitors the behaviour of the users and protects them from any unforeseen frauds without asking for any additional permissions or personal information. Invisible, simple, secure!

www.neoeyed.com

In conversation with Alessio Mauro, CEO

Scantist

Origin: Singapore
Head of Ops: Rohan Sood

Scantist is a local cybersecurity startup focused on managing open source vulnerabilities and improving compliance on the application level Scantist is a cyber-security spin-off from Nanyang Technological University (Singapore) which leverages its deep research and expertise to provide vulnerability management solutions to enterprise clients.

www.scantist.com

In conversation with Rohan Sood, Head of Operations

Olympus Sky

Origin: Poland
CEO & CTO: Bart Shields

Olympus Sky Technologies (OST) has developed a new way to think about cybersecurity, up-ending 30 years of static, heavy certificate-based solutions such as PKI. We have implemented this technology into a product suite that we call Zeus. Zeus is used to secure complex supply chains, from cradle to grave, as well as providing secure communication, including authentication of both hardware and virtual (electronic images/software) assets. Best of all, the product is simple to understand and simple to use, requiring no skilled administration or IT security experts.

www.olympussky.com

In conversation with Bart Shields, Co-founder, CEO and CTO

Watch cohort 4 startups pitch at ICE71 Accelerate 4 Virtual Demo Day

We recently had our ICE71 Distinguished Speaker Series with Chris Roberts who shared his journey in cybersecurity, what he feels about the current state of the industry, and more.

How he got started with cybersecurity and his first hacking experience

Chris attributed this to his ATARI game days around the time he was 13. He mused, “I hated losing the games, so I would load the programs up, arrow them out, drop them into the command line and see how they actually worked. And then I loaded up a basic shell and just really started to figure the code out from there. At the time my father was still around, he would play a game, sometimes winning and sometimes losing, while I could play a game and become a trillionaire after like 20 minutes because I’ve hacked the system. That got me started with hacking.”

Getting a foot in the door 

His advice for aspiring youth who want to venture into cybersecurity? They need to have a good attitude, and know how to reverse engineer solutions. He said, “If I’m looking at somebody who’s new, I don’t care about the qualifications. What I care about are what they think, how they feel and how they can demonstrate it.”

For those who want to get into the red or blue teams, he’d ask: “Have they built their own machine at home? Have they figured out how things work? Do they know how to reverse engineer? Have they broken things to be able to then figure out how to repair them?” 

Someone new to the industry doesn’t only learn cybersecurity skills. Newbies should  take a proactive step in connecting with the cybersecurity community, for example, through a platform like LinkedIn. To succeed, It’s important to have good communication skills, both verbal and written, together with a collaborative mindset.

Need for effective communication

Chris lamented about one of his biggest frustrations in cybersecurity, the lack of effective communication within the industry.

He spoke about acronyms and jargons in cybersecurity.

“People outside our industry go: “How can you explain security in the language I need to understand?” This is where you talk about risk, and where you basically put your point in human terms,” Chris said.

It doesn’t matter whether it’s a CEO or CIO who’s trying to explain to leadership about risk.  He said, “Risk reduction is about mitigation controls and compliance regulations.” And if it’s a technical person trying to educate the end user about passwords, it’s ultimately about “how it’s meant to keep the end user safe”, and how the end user can “teach his family to be safe” too.

What deception technology is about

Chris explained this as “using technology to effectively lie to someone who’s trying to break into a system”. In the case of hackers, the better the system lies to them, the more interaction they would have with the system, ultimately triggering alerts.

“Or look at it as building an architecture that camouflages itself effectively,” he said. If there is a request from an attacker, the deceptive system is like a “butler”, serving the attacker deceptive credentials and setting off an alarm.

On hacking cows and other things

Chris has hacked everything from cow pedometers to milking machines to ships.

Once, he overrode GPS tracking data from a cow pedometer database, and at one point he tracked 0.25 million herd of cows virtually lurking around a friend’s house! He’s also made milking machines stop and “line dance” every 12 hours. 

About two years ago in Turkey, he hacked into a ballast control system of a ship at a harbour. Ballast control systems give stability to ships. Hacking into these systems could potentially make ships roll in the middle of a harbour. Chris has approached a few shipping companies to caution about these insecure systems but to no avail. It’s challenging to responsibly disclose the security loopholes to the company, and most of the time it falls on deaf ears. He said, “They just want to focus on getting the ships from point A to B.” 

How startups can get a foot into the door despite legacy issues

Startups need to learn who can they can work with or have access to a particular company in a particular industry.

“It isn’t all about doing it yourself, you need to make friends, talk to people and present your ideas.” 

He suggested startups to ask for advice, and even form partnerships, stating Attivo Networks as a good example. Startups need to think about how they can help make an existing process more effective and reduce risk. He said, “Don’t go out and solve the world. Think about how to help others become effective.”

Top challenges CISO are facing and what keeps him up at night

Chris’ take on the top challenges of CISOs are:

1) Visibility: CISOs need to have visibility of all their network endpoints to know the location of their risks.

2) Too many tools, too much inefficiency: Particularly in big organisations, CISOs can have too many security technologies in place. These could just be at 30 to 40 percent capacity.

3) Regulatory and compliance: This includes data privacy, which continues to be a huge concern for CISOs.

So for startups, offering to add another security tech to the mix might not be ideal. Instead, offer something that could give CISOs the visibility they need and could make make existing systems more effective, while ensuring regulatory needs are met.

“As security people, we have one job and one job only, and that is to protect the people around us.”

Rather than throwing in and relying on more technology to secure systems, he feels there is a need to take a step back: “We’re so focused on tech, we forget about the humans and processes,” and added that we should instead ask this: “What can I do to help?”

Watch the video of the whole conversation including the interactive Q&A at the end:

We spoke to Sai Venkataraman of SecurityAdvisor, an ICE71 Scale startup, on how the startup came about, the gaps seen in human firewalls, and more.

1) Tell us more about yourself and your role at Security Advisor. 

I am one of the co-founders and CEO of SecurityAdvisor. Previously I was a VP at Fortscale, a pioneering UEBA firm acquired by RSA, and I was a director for product management at Intel Security/McAfee. I also spent several years at Bain and Company as a management consultant.  

2) How did the idea for Security Advisor come about?

My co-founders and I who were in senior product roles at McAfee started this company together. As colleagues, we would discuss how each of our products were producing hundreds of thousands of cybersecurity incident alerts, a scale impossible for most enterprises and mid-market companies to handle. And human actions caused most of these incidents, as it’s the human who falls victim to phishing, clicks on different links, and shares the data. 

Back then, the only choice a CISO had to reduce the number of incidents and improve cybersecurity was to conduct user training, and users hate this. So we wanted to come up with something more intelligent that could be a personalised cybersecurity advisor to the human, a “Siri” for cybersecurity. We wanted to provide micro-messages to users to help them avoid common cybersecurity errors.

That’s how SecurityAdvisor came about.   

3) There’s been a lot of talk around building human firewalls. And yet there are still cyber breaches happening due to lack of employee cyber awareness. What is the greatest gap you see here and what is the one thing organisations need to know to narrow this gap?

We looked at this problem we faced in our own work life. We used to take training modules, and found that we never paid attention. Today, building human firewalls mean cybersecurity training. But people can find such training a chore and administrators cannot properly measure training ROI. This is the biggest weakness around most human firewall initiatives, the reliance on training and the time required to train users. Is it possible to engage users without having to train them, for example, through personalized tips that are relevant, AI-based and take less than 30 seconds? Can we save time for both the employee and the organization?

4) Can you share a use case or two with your solution?

We provide quantifiable security outcomes. For example, with one of our first customers, we reduced monthly detected infections by 99%. Our technology integrated with their endpoint security solution, Palo Alto Traps, and identified certain high risk users who kept getting infected every month. We found the root causes of these infections to be human actions around clicking on risky emails, or certain online behaviors. We then rolled out a contextual and almost real-time security awareness training program for users who kept getting infected. Over the next 3 months, 50% of the users who were getting infected became secure and 99% of the infections went away. 

The above example is just one use case. We can drive secure human behavior in positive ways too, like turning on two-factor authentication, using rights management tools or sharing data safely with the right permissions. We can also reduce data leakage, malware and phishing click rate, among other things.

5) Describe cybersecurity in 30 words.

Cybersecurity is about technology (AV, Firewall, SIEM etc.), processes and most importantly, people. The carbon-based parts of your network are as important as its technology.   

Security Advisor is an ICE71 Scale startup. Learn more about SecurityAdvisor at securityadvisor.io and more about ICE71 Scale at ranosys.net/client/ice_71/scale

Watch the 2-minute ICE71 feature from 34:59 onwards!

Featured ICE71 leaders:
Edgar Hardless, CEO of Singtel Innov8
Prof Chee Yeow Meng, Associate VP, Innovation & Enterprise, National University of Singapore

Featured ICE71 Inspire 4 participants:
Terrence Tan, Jennie Duong

Episode summary:
Cyber & physical worlds collide as cyber attacks damage nuclear facilities and kinetic attacks provoke cyber attacks. As cyber warfare lacks rules, blurs war & peace and endangers civilians, the world needs new international laws, alliances, and enterprises to grapple with state-led cyber attacks. Singapore is marshalling its youth and innovation to grow a cyber defence ecosystem.

Watch this Secret Wars episode on CNA’s YouTube channel.

About the Secret Wars series: Cyberspace is a hidden battlefield where nations wage secret wars. Nations use cyber operations to steal information, spread falsehoods, puppeteer societies into conflict and disrupt the infrastructure, businesses and services we rely on. In today’s interconnected society, no one is safe from cyber warfare. This series explores the ways countries can be held hostage in the face of cyber terrorism.

Source: CNA

As countries around the world undergo semi- to complete lockdowns, employees are increasingly working from home to adhere to national health measures. However, this shift has presented several security challenges.

Zoombombing

Use of Zoom video conferencing has surged since the dawn of COVID-19 as organisations scramble to continue business-as-usual meetings online. The platform recently drew a lot of flak for its security issues, with the most recent being Zoombombing where uninvited people break into and disrupt business meetings.

Closer to home, the Ministry of Education recently banned the use of Zoom when obscene images appeared during home-based learning through the video conferencing platform.

Home network security isn’t as robust

Accessing work files or emails through a home WiFi adds another security variable – these networks aren’t typically as sophisticated or secure as office networks. They don’t have firewalls or threat detection systems in place, for example.

“Many organizations would kick in their Business Continuity Plans (BCP) where ‘work from home’ and telecommuting would form the cornerstone of their response. This, however, presents a whole new set of risks associated with unsecured and untrusted remote networks, giving hackers opportunities to access organizations’ data and assets. Hackers can leverage rogue wireless access points, deploy malware to harvest credentials and other sensitive data. Even with VPN access, hackers could exploit vulnerabilities and breach poorly secured client devices. Perimeter defence with network protection is just one aspect of cybersecurity. We recommend businesses take a proactive approach: know the risks and threats before a cyberattack takes place. Businesses should have the ‘hacker’s view’, and join the dots between threat actors, motive and campaign,” says Ritesh Kumar, Chairman and CEO of Cyfirma.

Large corporations have security measures such as VPN tools in place, but that may not be the case for smaller businesses. That said, even leading corporate VPNs have vulnerabilities. And it takes pure diligence on the IT teams’ end to promptly patch these security flaws.

Cloud security challenges

Cloud computing is taking center stage for many organisations during this period, but accessing business resources conveniently from the cloud comes with a price – an even greater need for a secure cloud infrastructure, and the right process controls that go with it.

Unfortunately, many companies aren’t there yet when it comes to cloud adoption.  There are security considerations in terms of proper workforce training, identity and access management, cloud data loss, cloud misconfiguration and others.

Some companies, however, are ahead of the pack. Steve Ng, VP of Digital Operations at Mediacorp, shares: “Fortunately for our Digital Group, we have adopted and have been operating on Cloud technologies for many years. We have security best practices in place, continuous monitoring and alerting, and people trained to operate from anywhere. Accessing corporate services is also a breeze. We have security best practices and solutions in place to ensure safety and ease of use for all employees.”

Need for remote incident handling

Remote working doesn’t mean IT and risk teams should lose their grip on handling cybersecurity breaches or incidents.

Having an incident response playbook may help here. “You should be able to easily manage a cyber incident sitting at home and using a mobile. Quickly come up with tasks needed to handle an incident and assign it to your team. Use a playbook which gives step-by-step instructions to handle the attack,” says Venkat Ramshet, founder of FlexibleIR.

In the final part of our 4-part “The CISO Conundrums” series, we explore success metrics challenges that CISOs face.

Measuring success

Peter Drucker said, “if you can’t measure it, you can’t improve it.” And you also wouldn’t be able to tell how well you did either. In the CISOs’ case, it’s often difficult to find appropriate metrics and measure business alignment.

According to thycotic’s report that touches on how CISOs set key metrics and manage business alignment – 52% of survey respondents are struggling to align security initiatives to business goals, and 28% don’t have a clear understanding on the success metrics used by rest of the business departments.

CISOs would be seen as effective and could be successful in their cybersecurity initiatives if they can clearly demonstrate how these initiatives contribute to business success. Part of doing this well includes being great listeners and understanding what it takes for the broader part of the business to succeed.

Justifying costs

When it comes to justifying costs to purchase or improve an existing security solution before any incident happens, CISOs face an uphill battle. It’s usually when a real attack or incident happens that all eyes turn to a CISO – then in a blink of an eye, he or she becomes empowered to spend what is needed to mitigate the breach. 

Lenny Zeltser, CISO at Axonius suggests risk, cost and context to be areas a CISO should cover when trying to build up a proactive business case for justifying spending that can enhance the organisation’s security posture.

It’s challenging to get mindshare at the board level when reporting on a technical area like cybersecurity. What comes across as everyday language to CISOs – like “TLS”, “DNS”, “malware” and “ransomware” – may be foreign to CEOs and other C-level executives. And when people don’t understand what you are trying to do, you lose your chance to influence decisions.

Business people talk risk, numbers, and charts. In view of this, CISOs need to be able to translate their security efforts into digestible information that their colleagues and bosses can relate to. A Gartner report reveals 100% of CISOs at large enterprises are responsible for board-level reporting of cybersecurity and technology risk at least once a year.

Therefore CISOs need to get a better handle on how to clearly communicate their cybersecurity efforts in the context of potential business impact. Because should any security incident happen, CISOs need to be able to answer the question: “How badly will that impact our business, and how badly will it impact you?”

Related articles:

The CISO Conundrums, Part 1: People and Culture

The CISO Conundrums, Part 2: Digitalisation – Cloud Migration & Data Security

The CISO Conundrums. Part 3: Third-party Ecosystem & Risks

—

For more content like this, follow us on web and our social channels.

Tons of trade shows around the world are impacted due to the coronavirus outbreak. Security trade shows aren’t spared – more of them are cancelled, postponed or going virtual.

Here’s a list of upcoming security events and their respective statuses that ZDNet has nicely put together (some information may have changed at time of posting):

FIRST CTI – March 9 to March 11, Zurich – Current status: Canceled.
Wild West Hacking Fest – March 10 to March 13, San Diego – Current status: Virtual.
Red Team Summit – March 11 to March 12, Menlo Park – Current status: Postponed to June 11-12.
Women in Cybersecurity – March 12 to March 14, Aurora (Colorado) – Current status: Canceled.
CiderSecurityCon – March 14 to March 15, Manheim (Germany) – Current status: Canceled.
Troopers – March 16 to March 20, Heidelberg (Germany) – Current status: Canceled.
ICS West (trade show) – March 17 to March 20, Las Vegas – Current status: Postponed to July, new date to be announced.
Cyber Security & Cloud Expo (trade show) – March 17 to March 18, London – Current status: Postponed, new date to be announced.
SecureWorld Philadelphia – March 18 to March 19, Philadelphia – Current status: Postponed, new date to be announced.
Pwn2Own CanSecWest (hacking contest) – March 18 to March 20, Vancouver – Current status: Optional remote-participation. Hackers participating in the Pwn2Own hacker contest can attend, but they can also ask content organizers to execute exploits on their behalf.
InfoSecurity Belgium – March 18 to March 19, Brussels – Current status: Postponed to May 27 – 28.
InsomniHack – March 19 to March 20, Geneva – Current status: Postponed to June 4 – June 5.
BSides Vancouver – March 22 to March 24, Vancouver – Current status: Postponed. New date to be announced later.
Fast Software Encryption – March 22 to March 26, Athens- Current status: Postponed. New date to be announced later.
Kernelcon – March 25 to March 28, Omaha – Current status: Virtual.
SecureWorld Boston – March 25 to March 26, Boston – Current status: Postponed, new date to be announced.
BSides Budapest – March 26, Budapest – Current status: Postponed to May 28.
WORP Summit – March 27 to March 29, Fort Washington, PA – Current status: Postponed to September 18-20.
Black Hat Asia – March 31 to April 3, Singapore – Current status: Postponed for September 29 – October 2.
BSidesCharm – April 4 to April 5, Baltimore – Current status: Proceeding as normal, but on adjusted rules. Remote speakers will be given the option to use video conferencing and avoid traveling to the conference.
BountyCon – April 4 to April 5, Singapore – Current status: Postponed to August 31.
FIRST TC – April 6 to April 8, Amsterdam – Current status: Postponed to next year.
GISEC – April 6 to April 8, Dubai – Current status: Postponed to September 1 – 3.
Kaspersky’s Security Analyst Summit – April 6 to April 9, Barcelona – Current status: Postponed for September. Exact date to be announced later.
BSides Austin – April 9 to April 10, Austin – Current status: Postponed to December 8 – 11.
DEF CON China – April 17 to April 19, Beijing – Current status: Postponed, new date to be announced.
Mediterranehack – April 18, Salerno – Current status: Postponed, to September 5.
Malware Analyst Conference – April 18, Padua – Current status: Postponed, to a later date.
Hack in the Box – April 20 to April 24, Amsterdam – Current status: Canceled.
InfiltrateCon – April 23 to April 24, Miami – Current status: Postponed to October.
Internet Freedom Festival – April 20 to April 24, Valencia – Current status: Canceled.
HardWear USA – April 27 to April 29, Santa Clara- Current status: Canceled.
Wallmart’s Sp4rkCon – May 2, Bentonville, Arizona – Current status: Postponed to October 3.
ISSA Summit – May 5 to May 8, Los Angeles – Current status: Postponed. New date to be announced at a later time.
THOTCON – May 8 to May 9, Chicago – Current status: Postponed to September 11-12.
Fortinet Accelerate – May 16 to May 21, New York – Current status: Canceled.
IEEE S&P – May 18 to May 20,San Francisco – Current status: Virtual.
NoName Con – May 21 to May 22, Kiev – Current status: Postponed to a date in the fall, to be announced.
CyCon – May 26 to May 29, Tallinn – Current status: Canceled.
Kids SecuriDay – May 30, Sydney – Current status: Postponed for later this year. New date to be announced.
Area41 – June 11 to June 12, Zurich – Current status: Postponed to June 2021, next year.
OWASP Global AppSec – June 15 to June 19, Dublin – Current status: Postponed to February 15-19, 2021.
BSides Liverpool – June 29, Liverpool – Current status: Postponed to later this year.

Source: ZDNet

ICE71 Scale startup Attivo Networks has racked up a slew of new accolades.

They include:

• Being listed as one of the “12 Best Network Detection and Response Solutions for 2020” by Network Monitoring Solutions Review
• Winning six 2020 Cybersecurity Excellence Awards
• Receiving five 2020 Infosec Awards from Cyber Defense magazine
• Being named a recipient of the 2020 Cybersecurity Marketers of the Year award from The Cybersecurity Go To Market Dojo
• Being included in CRN’s 2020 Security 100 List
• Receiving the Trust Award for Best Deception Technology at the 2020 SC Awards (also, fellow ICE71 Scale Bitglass received the Trust Award for Best Cloud Computing Solution at the same awards)

The cybersecurity startup provides the ThreatDefend Platform, a network detection and response solution that provides deception technology for post-compromise threat detection and accelerated incident response.

COVID-19: It’s here. It’s real. And it’s threatening the survival of startups. In this ICE71 Mentor Series webcast, Thibaut Briere, founder of Growth Marketing Studio, shares 3 actionable tips for cybersecurity startups to survive the coronavirus pandemic.

The novel coronavirus outbreak started since December 2019 and is causing chaos in the events world. According to Reuters, over two dozen trade fairs and conferences in Asia have been postponed due to coronavirus fears.

How about cybersecurity conferences in particular?

We look into some high-profile cybersecurity conferences from now until July 2020, including those in Singapore:

Black Hat Asia 2020 (BHA 2020)

The Asia edition of the Black Hat event series, originally slated to happen from 31 Mar-3 Apr in Singapore this year, has been postponed to the fall of the year due to concerns around the coronavirus outbreak.

Black Hat prides itself to be the most technical and relevant information security event series in the world.

Website: https://www.blackhat.com/asia-20/

Update as of 21 Feb 2020: Black Hat announces that BHA2020 will take place from 29 Sep – 2 Oct 2020.

RSA Conference 2020 (RSAC 2020)

RSAC is one of the biggest and most reputable security-focused series of conferences in the world. The US edition of RSAC (RSAC 2020 US)  is still going ahead from 24-28 Feb despite the coronavirus situation. Big-name exhibitors including IBM, AT&T and Verizon have pulled out from the event at the last minute. According to RSAC’s website, as of 14 Feb 2020, 0.79% of total number of expected attendees have cancelled their registration.

The Asia-Pacific & Japan edition (RSAC 2020 APJ) will happen in Singapore from 14-16 July 2020. Let’s cross fingers the health crisis gets resolved by then. The outbreak of COVID-19’s sibling SARS took around 8 months to die out.

Website (RSAC 2020 US): https://www.rsaconference.com/usa/
Website (RSAC 2020 APJ): https://www.rsaconference.com/apj

Gartner Security Risk & Conference Summit 2020

Gartner Security Risk & Conference Summit another highly-regarded series of events which brings together a community of thought leaders and industry experts in security and risk management.

The US edition will be happening from 1-4 June 2020 in National Harbor MD.

The Australia edition is slated to happen from 16-17 June 2020 in Sydney. It’ll be interesting to see how things develop with the Australia edition. There are more than 10 cases of COVID-19 infections in Australia as of Feb 2020.

Website (US edition): https://www.gartner.com/en/conferences/na/security-risk-management-us
Website (Australia edition): https://www.gartner.com/en/conferences/na/security-risk-management-us

SINCON 2020

SINCON 2020, Singapore’s premier techno-centric cybersecurity conference, is the conference feature of Infosec In the City, a well-curated cybersecurity event series that brings top cybersecurity thought leadership from around the world.

It is slated to happen from 14-15 May 2020. There are no announcements around the coronavirus outbreak so far, but given that the conference is going to happen in Singapore, it’ll be interesting to watch this space.

Website: https://www.infosec-city.com/sin20-1

Update as of 22 Feb 2020: SINCON announces that new dates are “to be announced”.

Related:

What COVID-19 is doing to cybersecurity conferences

—

For more content like this, follow us on web and our social channels.

We recently caught up with Emilie Philippe, APAC Managing Director of Webdrone, an ICE71 Scale startup that provides anti-cybercrime solution, monitoring platform and investigation services. Emilie shared insights including how she got into cybersecurity, and how Webdrone uncovered hidden information for a digital piracy case.

We heard you have a background in law. What was the turning point that got you started with cybersecurity?

Yes, I studied law in France as my first aim was to become a Police Commissioner. I wanted to do investigations and contribute in fighting organised crime. That was my driver. At the end of my Masters, I had great opportunities for three internships at the Police of Monaco, the Court of Nice and BNP Paribas. After these meaningful experiences, I eventually chose to join the Security IT team of BNP Paribas in 2003. My experience there was really vibrant, it became the pull factor for me to be part of this whole cybersecurity adventure.

At BNP Paribas, my colleagues and I worked around cyber-attack intrusions, as well as internal confidential inspections and missions. I also worked in different places, namely Paris, Guadeloupe in the Caribbean, Marseille, and Singapore, as well as in different branches and scopes like Legal, Litigation, Risk Credit and Compliance. All these experiences have the same key focuses, that is to investigate on matters to solve issues, mitigate risks, and help organisations protect their reputation and integrity. 

What brought you to Webdrone?

After 15 years within the banking industry, I wanted to tap on my experiences together with my positive and pragmatic mindset to start a bold and new challenge. I wanted to join the vibrant startup ecosystem in Singapore and to work in a lean mode as an entrepreneur. Just at this tipping point, I met Webdrone founders, conversations happened, and I was drawn into joining their adventure to build an Asian hub in Singapore. I jumped right in!

Can you share with us 1-2 interesting client use cases of Webdrone’s solutions?

My family and me have been living here for 7 years, and we know the local culture well. We are French, as you can hear with my pure French accent, but we mix a lot with the community here. We do our best to participate in activities with Singaporean friends and set up events with attendees from everywhere. For example, I am co-founder of the French Tech Cyber & Security community and we organise events to share good practices and build a strong culture. 

Our experience with the community tells us this: What is amazing here is all the positive stamina you can find when there is an innovative project to advocate for and roll out. There is a true desire for top-notched technologies like cyber solutions. Singapore is not only the place to be, but the place to do. This is one of the biggest reasons why we are here.

Cybersecurity protects our data from what we know and also from the unknown. It also protects business value and reputation.

– Emilie Philippe

Learn more about ICE71 Scale and how to join the programme here.

—

For more content like this, follow us on web and our social channels.

The spate of data breach incidents around the world involving third-party vendors has been threatening businesses beyond cost damages.

In Part 3 of our 4-part “The CISO Conundrums” series, we explore third-party ecosystem and risks, one of the greatest challenges a CISO can have as part of their business role within an organisation.

Access management

There’s a paradox to access management when it comes to third-party vendors. On one hand, companies give vendors privileged access to corporate resources so that vendors can do what they do best with lesser restrictions, increasing efficiency. On the other hand, if the right balance isn’t struck, relinquishing too much access impacts security and increases likelihood for a breach.

Inappropriate or lax third-party privileges have been a cause for hackers to wreak havoc. A case study example is the massive Target breach in 2013. Hackers had managed to access the retailer’s point-of-sale terminals through its HVAC contractor, despite the contractor’s limited access to Target’s IT infrastructure to begin with.

Target had paid settlements that cost hundreds of millions, but damages were more than that. A study by YouGov, which measures brand perception, showed that customer perception of Target sank below its competitors like Walmart and Kmart during the holiday shopping season. The Wall Street Journal also reported Target’s shopper traffic dropped during that period while its competitors still had a healthy level of business.

Security of data handled by third parties

When it comes to ensuring shared data security with third party vendors, it pays to be always cautious. Businesses should constantly monitor and evaluate vendors that are onboard and that are onboarding.

Dealing with sensitive customer data requires a whole new level of service quality by third parties. Measuring criteria for a good third party vendor dealing with customer data would include, for instance, robust security controls and proactive approaches to dealing with outdated endpoints on their networks. Their systems, including web browsers and operating systems, should always be up-to-date.

Bitsight found, through a study of 35,000 companies from over 20 industries across the world, that thousands of companies are running outdated systems which increases their likelihood of experiencing a data breach up to 3 times. 

In 2017, the WannaCry ransomware infected thousands of computers across the globe and took data hostage. If companies had installed a critical update by Microsoft months before the attack, one of the vulnerabilities believed to exploited by hackers of WannaCry could have been avoided.  

Auditing and governance

While European countries affected by GDPR is leading the world’s adoption of strict data protection laws and regulations, other countries are following suit. Protecting personal data collected from customers is important even when organisations outsource their work to vendors. Companies must be accountable for their customers’ personal data and ensure cybersecurity governance of their third-party vendors. Otherwise, they risk potentially huge cost and reputational damages.

Closer to home, the SingHealth data breach in 2018 took on the mantle of being the nation’s worst data breach yet. 1.5 million patients’ non-medical personal data, including Prime Minister Lee Hsien Loong’s, were stolen in the data breach saga. The Personal Data Protection Commission (PDPC) had slapped the largest fine of $750,000 to SingHealth’s vendor, Integrated Health Information Systems (IHiS) for the lax in securing patient data.

If SingHealth has better cybersecurity governance over IHiS, this might not have happened. The huge fine is one thing, and while SingHealth may have avoided reputation damage arising from speculation by responding quickly to the media, Singapore’s reputation as a tech innovator received a dent.

Related articles:

The CISO Conundrums, Part 1: People and Culture

The CISO Conundrums, Part 2: Digitalisation – Cloud Migration & Data Security

The CISO Conundrums, Part 4: Metrics

—

For more content like this, follow us on web and our social channels.

Scammers love a crisis.  They have been exploiting fear and curiosity around the COVID-19 outbreak to scam unsuspecting online users and obtain sensitive information.

And they made it seem like the emails came from reputable authorities. From what we know, at least two phishing emails appeared to come from the Centre for Disease Control & Prevention (CDC) since the world saw the coronavirus outbreak in December 2019. Here are some notable ones:

Scam email that appeared to come from CDC
In a bid to trick unwitting users into clicking a link and entering their credentials, attackers promised to provide a list of active infections in the surrounding area if they do so. See a sample of this phishing email obtained by Kaspersky.

CDC bitcoin donation campaign
Another email obtained by Kaspersky also showed its sender as Center for Disease Control and Prevention and tries to solicit bitcoin donations from unsuspecting users.

“Singapore Specialist: Corona Virus Safety Measures.”
Mimecast detected spam emails titled “Singapore Specialist: Corona Virus Safety Measures.”, which had a malicious link to them. When clicked, the link installs malware. See a sample of this phishing email.

Email from “World Health Organisation”
Security software firm Sophos reported a phishing email that seemed to be sent by the WHO. Users are enticed to click a link in the email that alleges to be “safety measures” that can be taken against COVID-19 infections.

Stay safe and vigilant online, folks.

—

For more content like this, follow us on web and our social channels.

ICE71 Scale and ICE71 Accelerate startups and alums are creating waves in the news. Here’s a roundup of recent news from more than 7 of them!

Cyfirma, ICE71 Scale member

Cyfirma, which is Goldman Sachs-backed, has raised Series A funding from Z3 partners. Cyfirma is headquartered in Singapore and Tokyo. It has raised a total funding of US$8 million in the span of five months.

Attivo Networks, ICE71 Scale member

Attivo has announced new capabilities within its platform to anticipate and address methods an attacker will use to break out from an infected endpoint. Earlier in Q4 2019, the company announced plans to expand into Australia and New Zealand, appointing Malwarebytes’ Jim Cook as regional director.

Reblaze, ICE71 Scale member

Reblaze, which helps companies identify and eliminate malicious bots, announced that it now exceeds five billion HTTPS and web transaction requests a day.

Digital Shadows, ICE71 Scale member

Rick Holland, CISO of Digital Shadows, discussed the basic ways corporations can protect their global supply chains.

A recent study by the startup, From Minnows to Marlins, the Ecosystem of Phishing, was featured in news outlets including Security Magazine. The study analyzed many of the popular marketplaces and forums frequented by cybercriminals.

Mimirium, ICE71 Accelerate 3 alum

Mimirium was featured in a FASTCOMPANY discussion on DNA ownership for its experiment with data ownership models where consumers own and securely store their data while organizations get access on a case-by-case basis.

Gtriip, ICE71 Scale alum

Gtriip has raised an undisclosed 7-figure Series B funding to expand in Asia-Pacific. The company had said it was looking to raise about US$4 million for its Series B round.

Shape Security, ICE71 Scale member

Shape Security has been acquired by F5 for US$1 billion. With the acquisition of Shape Security, F5 will be delivering end-to-end application protection.

Bitglass,  ICE71 Scale member

Next-gen cloud security company Bitglass has released its 2020 Healthcare Breach Report. Report findings show that ‘Hacking and IT Incidents’ was the top cause of healthcare breaches last year. Read key findings in this report.

More ICE71 startup news here.

—

For more content like this, follow us on web and our social channels.

We just completed the 4th instalment of our ICE71 Inspire programme! ICE71 Cohort 4 comprises participants from different backgrounds and nationalities, ranging from students to working professionals—but they all had one thing in common—an enthusiasm for cybersecurity.

It’s interesting when we speak to some of the participants on how they got started with their interest in cybersecurity, a deep tech area often less understood than desired, even as it impacts all industry verticals.

For Terrence, a Singaporean youth and NUS computing student, it all started with an incident while he was in primary school. His personal blog got hacked and he got curious about cybersecurity ever since. Terrence also participated in NUS Overseas College (NOC) in Israel. There, he experienced an environment where cybersecurity is highly ingrained in its people. Terrence thinks it’s inherently wrong to look at cybersecurity as a hassle. And it looks like he’s all set to correct this with a gamification idea of his.

Jennie, another participant, is Vietnamese-American. She became intrigued with cybersecurity while she was studying geopolitical risk as part of her political science studies. Cybersecurity risk, besides financial and legal risks, are often risk functions under geopolitical risk. And what further stoked her passion for cybersecurity was her market research stint covering the cybersecurity industry.

ICE71 Inspire is a one-week intensive bootcamp programme designed for individuals to test their cybersecurity theories and ideas, qualify feasibility and commercial viability, and develop their business skills alongside other aspiring entrepreneurs. Programme modules are curated and run by our programme partner CyLon, a leading global cybersecurity accelerator and active investor in early-stage cybersecurity startups.

As with previous cohorts, the programme brought workshops across different areas of entrepreneurship, including technical development, business fundamentals and team building. There were also networking and mentorship opportunities for our participants.

Participants gained a lot of insights from these workshops, including lean methodology for startups, product positioning and hiring talent. In one of the sessions, they even got up close and personal with Land Transport Authority (LTA)’s Chief Information Security Officer, Huang Shaofei.

“There was one session that I really liked. I think it was Joanna’s session on hiring. I’m a startup founder so that was really relevant for me. I felt the greatest benefit I’ve gotten from ICE71 Inspire is actually connecting with my peers, my classmates. It’s such a diverse class. There’re students, industry professionals, researchers, and marketers from whom I’ve learnt a lot from, which is like the biggest value for me.”
– Mitali, ICE71 Inspire 4 participant and founder of Guardara

“One of the greatest learnings from ICE71 Inspire that I’ve got is about how to do business and marketing. I also learned about cybersecurity industry demands and challenges, and more about what people in the industry are doing.”
– Hong Ying, ICE71 Inspire 4 participant

“I think Thibaut’s session was good. If you tell Thibaut what you’re not sure about, he will go very in-depth about what to do. When I asked about how do I even get started with selling, he came up with this concrete go-to-market plan for me.”
– Jeffry, ICE71 Inspire 4 participant

It’s a great crash course on entrepreneurship.
– Jamie, ICE71 Inspire 4 participant

Bootcamp participants will continue to receive guidance and mentoring over a three-month period to keep the momentum of their business ideas going.

—

You may also be interested in:

ICE71 Accelerate

ICE71 Scale

For more updates like this, follow ICE71 on our web and social channels.

ICE71 Scale is growing! Introducing recent additions to our Scale family:

Aiculus helps organisations embrace new technologies without increasing their risk profile. Their specialty is applying advances in Artificial Intelligence to secure APIs.

Learn more: https://www.aiculus.co/

Polaris have built an advanced web application firewall that can be deployed on-premise or as a cloud solution to secure web applications against emerging threats by using machine learning to collect threat intelligence from all deployed firewalls.

Learn more: https://www.polarisec.com/

Flexible IR is an Incident Response system providing vendor agnostic process based Playbooks.

Learn more: http://www.flexibleir.com/

Amaris AI creates, develops and implements deep learning AI solutions.

Learn more: https://www.amaris.ai/

Responsible Cyber brings a fully integrated platform that provides live updates and security on any level of your business, all-in-one.

Learn more: https://responsible-cyber.com/

Entersoft provides application security assessments, security monitoring and consulting services.

Learn more: https://entersoftsecurity.com/

Digify provides a document security solution that gives users control over the files that they share online. It essentially makes it easy to protect and track access of information once it gets shared with someone else.

Learn more: https://digify.com/

Webdrone provides anti-cybercrime solution, monitoring platform and investigation service.

Learn more: https://www.webdrone.fr/en/

WeSecureApp provides Strobes, the perfect Security Orchestration and Vulnerability Correlation platform.

Learn more: https://wesecureapp.com/

Sixscape Communications is a Singapore based cryptographic authentication and communications vendor focused on digital certificate based security.

Learn more: https://sixscape.com/

Ziroh Labs provides a privacy preserving solutions that convert user’s data into encrypted garble. This safeguards privacy for structured and unstructured data in untrusted environments.

Learn more: https://ziroh.com/

Build38 provides mobile app and fraud protection for businesses.

Learn more: https://build38.com/

Reblaze provides next-generation protection via the clouds you already trust.

Learn more: https://www.reblaze.com/

ICE71 had our year-end social for 2019 and it was a blast!

Thanks to all of our community members who supported us throughout our exciting journey last year. 2019 was an eventful year with notable highlights for us (many firsts!) and our startups.

A recap of 2019 highlights for ICE71 includes:

• ICE71 Inspire 2 and Inspire 3 cohorts

• ICE71 Accelerate 2 and Accelerate 3 cohorts

• Launched ICE71 Singapore Cybersecurity Startup Map 2.0

• First CTF For Girls in Singapore

• First Cybersecurity Women’s Luncheon in Singapore

• First ICE71 Startup Pitch Pit at SICW 2019

• First closed-door CISO Roundtable

• First Cyber Solutions Showcase for SMEs

• First closed-door Investor Roundtable

• Data Privacy in ASEAN and Europe with French Tech Cyber community

• Cyber N’US, a collaboration with NUS IT featuring Paula Januszkiewicz, Founder and CEO of CQURE Inc. and CQURE Academy

• Featured in industry conferences such as Black Hat Asia, InnovFest Unbound, Singapore International Cyber Week, Cloud & Cyber Expo, Infosec in the City, and RSA APJ

• Distinguished Speaker event with George Kurtz, President, CEO and Co-Founder of CrowdStrike

• Distinguished Speaker event with Cheri McGuire, Global CISO of Standard Chartered Bank, at Cloudflare Asia HQ in Singapore

• and many more!

Our mission to grow the cybersecurity ecosystem in Singapore and the region continues on in 2020. We look forward to many more events and engagements with our cybersecurity community this year!

—

For more updates like this, follow ICE71 on our web and social channels.

Digital transformation is no longer a mere catch-phrase for businesses. It’s becoming an organisational undertaking among businesses that strive to be agile and competitive. In a 2018 Tech Pro research survey, 70% of survey respondents said that their companies either have a digital transformation strategy in place or are working on one.  

Digitalisation initiatives are part of digital transformation, and they can impact areas of a business such as its data, applications, as well as marketing.

In Part 2 of our 4-part “The CISO Conundrums” series, we explore data security challenges with cloud migration, a digitalisation initiative—which puts CISOs on the hot seat.

The case for cloud migration

Cloud migration is the process of moving data, applications or other business elements to a cloud computing environment, usually from on-premises or legacy infrastructure.

The benefits of the cloud include scalability, flexibility, lower costs, and  increased performance. Increased performance, for example, could include improvements in customer experience—housing data in cloud data centres helps to optimise processing of very high volume of data with minimal delay, resulting in reduced latency—compared to housing data in various on-premise servers.

As digital transformation unfolds, however, data security is playing catch-up instead of transforming in parallel. The more a digitalisation initiative like cloud migration happens, the more digital footprint there is, and the more potential attack surfaces—apps, users, cloud deployment, and of course, data—that come with it.

MuleSoft’s Connectivity Benchmark Survey found that 97% of IT decision makers are involved in digital transformation initiatives at their respective organizations. CISOs are very much involved and responsible to ensure data security with cloud migration. And it becomes more challenging for them in heavily regulated industries like financial services and healthcare, where a lot of personal data is involved.

Data protection

In Europe, the General Data Protection Regulation (GDPR) has set a new standard for European consumer rights about protecting their personal data. Other regions in the world are catching up in terms of personal data protection regulations.

IT teams in companies are facing compliance pressures in terms of data security, or infosecurity, which is about safeguarding personal data from being leaked or stolen. 

Data governance

Data governance and infosecurity come together like two peas in a pod to achieve data protection.

While infosecurity works to prevent hackers from stealing data, or detect vulnerabilities to “plug” data leakages—in turn making data safe, data governance in an organisation is put in place such that the right people have the right access, to ensure these safe data are accessible across the organization in a controlled manner.

Clearly, there is a price to pay as businesses undergo digital transformation to deliver better value to their customers—there’s a lot of work to be done by CISOs and infosecurity teams here. With the huge power of cloud computing, comes the huge responsibility of protecting data the in cloud.

—

You may also be interested in: 

The CISO Conundrums, Part 1: People and Culture

The CISO Conundrums, Part 3: Third-party Ecosystem & Risks

The CISO Conundrums, Part 4: Metrics

For more updates like this, follow ICE71 on our web and social channels.

We asked some of our ICE71 startup leaders to share with us their thoughts and reflections for 2019. Here they are!

“The greatest lesson that I have learned as a founder in 2019 is that it is all about the team. Bad hiring decisions can have a tremendous negative impact and that’s why it’s important to take the time and continuously improve the hiring process. I couldn’t be happier with the team we now have at GuardRails and we are continuing to grow fast. One of the clear highlights in 2019 was joining the ICE71 Accelerate programme, which opened a lot of doors for GuardRails. ICE71 helped me understand why an accelerator like it exists. It was through this programme where I met the great Cocoon team, which ultimately led to the close of our seed round! I can’t wait to see what 2020 has in store for us, but before that I wish everyone happy holidays and a good break.

– Stefan Streichsbier, GuardRails, ICE71 Accelerate Cohort 2

“2019 was the second year of Aiculus’ existence and reflecting back on the past 24 months put into perspective how far we had come as a company and a business and how much there was still left to do. I learnt to be better with my relationships, to nurture them and look after them better than I did before.”

– Omaru Maruatona, Aiculus, ICE71 Accelerate Cohort 3

“Joining the ICE71 Accelerate program was one of the highlights of a busy and exciting 2019. A lot was learnt from meeting and collaborating with other entrepreneurs in the same field, not to mention that it was ton of fun! A key revelation this year was realizing that cybersecurity can enable new value. Traditionally, cybersecurity was a sunk cost; you bought it because you had to, and it did not bring any value-add other than making you safer. However, by changing how you look at things, cybersecurity can create new opportunities and value for customers. For example, we found that customers can provide more convenient data access to their clients, now that they use our technology to protect their content. In other words, cybersecurity enabled this customer to provide more value to their customers. Looking ahead, I hope we can expand on this theme of creating new value through cybersecurity; making new friends, collaborators, and partners along the way. Have a happy and secure holiday season, and cheers to a rocking 2020!”

– Hiro Kataoka, 689Cloud, ICE71 Accelerate Cohort 2

“The greatest lesson for Threatspan in 2019 is that, as a resource-strapped startup, it pays to learn how to be patient in providing value upfront to potential clients—if it’s the right partnership, these efforts end up paying off in the long run. We are also very thankful to have been selected as one of the finalists for the prestigious Seatrade awards, among others. For the next year, we’d like to continue driving safe innovation and cybersecurity awareness in the maritime and offshore industry.”

– Leon Yen, Threatspan, ICE71 Scale

“My greatest highlight of 2019 – the birth of Cylynx. The second greatest highlight – getting to know the great community in ICE71. From the friendly faces in CyLon to the awesome cohort in ICE71 Accelerate 3, thank you for being such a great community! I guess our goal for the next year is to scale up! Wishing everyone a great 2020! 

– Timothy Lin, Cylynx, ICE71 Accelerate Cohort 3

We recently caught up with Pedro Hernandez, APAC Managing Director and co-founder of Build38, an ICE71 Scale startup. Pedro shared about the story behind Build38 as well as his thoughts on mobile app security and the digital wallet space.

What inspired you to start Build38, and what’s your role in it?

The mobile experience has become part and parcel in everything we do. Just think about actions and habits such as accessing your bank account, opening your car door, and saving your personal photos in your phone. These conveniences require access to personal and private data.

Inadvertently, these data may include those of our family. My co-founders at Build38 and I realised this earlier on, especially when we are all dads with kids (daughters, to be exact). My daughter was born in Singapore two years before the founding of the company in 2018. When you enter parenthood, protection and safety of your private and family lives become a concern. That naturally led us to focus in the protection of mobile applications to safeguard our online data—and our daughters’!

I have been working in the Mobile Security space for many years, from SIM Cards to Mobile Payment solutions in Europe and Asia Pacific, so it was a smooth transition for me. Currently, I’m taking care of the business in the Asia Pacific region for Build38.

How did the name “Build38” come about?

“Build” is there because our solution is used to build secure and relevant mobile apps and services. “3” is the number of locations where we have footprints—Munich, our HQ; Barcelona, the main development and operations centre; and Singapore, our Asia Pacific hub. “8” is the number of employees when we first started the company. Interestingly, in Chinese numerology, 3 sounds like “life” and 8 typically means “to prosper”. So you could say that our name means “build a life of prosperity”—a pretty good sign!

There are many mobile security solutions in the market. How does Build38 differentiate its product called “TAK”?

The Trusted Application Kit (TAK), is a combination of client and server protection which is unparalleled in the market. On the client side, TAK provides “hardening” of a mobile app, and for this purpose it has met very stringent security requirements. It’s been used in the financial, automotive and digital identity industries. With TAK, we combine the increase in app security (app hardening) with a monitoring service of the app. This service provides real-time data and AI-powered insights for our customers, keeping their apps secure and preventing breaches and fraud. These secured apps become “self-defending”.

Share with us an interesting client use case or two.

Our solution was originally conceived to protect mobile payments, but ended up in a very diverse number of use-cases. For instance, in China, one of the largest carmakers is using our solution to protect the mobile app they provide their customers to open a car and remotely start its engine. It was critical for the app to work even in an underground parking space without network coverage. That was a challenge from security perspective, and that was what we achieved.

In Germany, you can purchase subway tickets from your mobile phone. This convenience created a side problem—users started creating “clones” of the tickets and shared them with their friends and family, so a season ticket can be used by several people. The transit operator had to suspend this way of buying tickets! Our solution prevented ticket cloning, reducing such a fraud. We pride ourselves in protecting the bottom line of our customers in reducing fraud. Because app protection enables business where none was conducted before, we ultimately help our customers increase their revenues.

We’ve been hearing a lot of news around the digital wallet space in Singapore recently. For example, Grab recently launched Asia’s first numberless card with Mastercard. Local banks such as DBS and OCBC are also rolling out efforts for customers to use Google Pay without a credit card from 2020. What are your thoughts about this?

These developments make our lives exciting and are the reason behind our presence in this region from day one. Europe is a homogeneous and legacy-type market in payment infrastructure. On this side of the world, though, we see innovative markets exerting a big influence in introducing new ways of payment and money remittance.

Singapore is at the forefront and has become a test bed for many of these new payment methods, so we see associated security challenges emerging. You probably read in the news how some ride hailing apps were hacked in order to give some drivers an advantage in the acceptance of rides. User verification and tracking has become a challenge too, and we do see some interesting approaches here. With our solution, these challenges can be addressed, and we are pretty thrilled that we are already in discussions with many of the market players. We find lessons learned here useful as we can bring them back to other markets and be at the leading edge.

Cybersecurity is the protection of any computerised system from any compromise that would have a negative effect (trust, financial, personal) in the physical world.

– Pedro Hernandez

For more updates like this, follow ICE71 on our web and social channels.

By: Omaru Maruatona

Application Programming Interfaces (APIs) are protocols for accessing data or services from an organisation. For companies that use them, APIs are tunnels that allow systems to communicate with each other.

One of the earliest examples of an API is the Google Map API. Many companies incorporate this API into their websites and systems to provide their customers the location of a place and how to get there. Nowadays, APIs drive almost every function that users invoke for an online service — from transferring money online to booking a flight, to a simple task such as ordering a take-away meal online. Even tweeting involves an API. Twitter revealed in 2010 that over 75% of their traffic comes from their API.  

For many organisations, the strategic value of APIs lies in three key advantages — automation, innovation and optimisation. First, APIs allow organisations to have a seamless connection of previously unconnected systems. This enables end to end automation of digital service delivery. 

APIs also help organisations to expand their service scope and to introduce continuous, major transformations to their products or service offerings. This drives innovation as organisations are no longer limited by technology to translate new ideas into services that customers find valuable. 

Third, by having automation and innovation advantages, organisations get to a point where they can do more with fewer resources, and are consistently relevant to their target market. This paves the way for factors that drive efficiency and optimisation, such as reduced business costs and increased revenue. A 2015 Harvard Business Review article demonstrates the revenue factor. It reported that Salesforce, Expedia and eBay respectively generated 50%, 90% and 60% of their revenue through APIs.

Newer use cases for APIs are being introduced and more organisations are incorporating APIs into their digital service delivery. ZDNet cited a Forrester Research that predicted a fourfold increase in spending for API management, which underlines this trend in API adoption and usage. As the value of APIs are increasingly uncovered, businesses, governments and other organisations are also increasingly reliant on their APIs—to the extent a disruption to an API might halt an entire business.

The security of APIs in organisations is as important as the data they carry. Any compromise to their security or unauthorised access to these data can be costly for an organisation. A 2019 report by IBM and Ponemon Institute showed that globally an organisation stands to lose an average of over $3 million from a data breach. 

In 2018, Threatpost reported that T-Mobile had alerted over 2 million of its customers of a data breach caused by a “leaky” API. In the same year, The Guardian reported that a Berlin-based researcher, Hang Do Thi Duc—in a quest to reveal how a payment app can expose our private lives—had accessed and analysed over 200 million customer transactions through an external API of Venmo, a Paypal payment service. These are just a few examples of prominent breaches. And unfortunately the API attack surface, all the ways an API can be breached, is only going to get bigger.

APIs have transformed digital service delivery and have become the engines of modern technology consumption. However, their security has not matched their rapid advancement. The state of API security is best reflected by the growing number of API breaches even in large, resourceful organisations. For most of these companies, a $3 million loss from an API breach may not be significant, but the reputational damage arising from a breach can well be. 

About the author

Dr Omaru Maruatona is the CEO of Aiculus, a Cyber-AI company that helps organisations embrace API technology without increasing their risk profile. Aiculus is one of the 10 companies in ICE71 Accelerate cohort 3. Omaru is an experienced Cyber Security and Machine Learning practitioner and has been working in the API security space for over 2 years. Omaru has previously worked with a big Australian bank in Machine Learning based fraud detection. He has also worked for a global Share registry organisation as a Technical Security Analyst and for a Big Four consulting firm in Cyber Security Architecture and Strategy. Omaru is a thought leader in Cyber-AI and regularly publishes and speaks at various academic and industry conferences. 

This month, we feature an interview with Venu Rao, CEO and Co-Founder of WeSecureApp, an ICE71 Scale startup. Read on to glean interesting insights including how WeSecureApp was born, what Strobes is, and Venu’s views about having a business presence in Singapore.

Q: How did WeSecureApp come about and what is your role in it?

The founders of WeSecureApp—me, Akhil and Srini—have known each other for over 25 years. We are first cousins who complement each other with our unique talents and backgrounds. I’m a product specialist, Akhil’s a fantastic hacker and Srini’s a technologist with international experience. We work together to solve critical problems in the cybersecurity space.

Our journey began with the provision of cybersecurity services, and as we went on, we saw a huge opportunity in the vulnerability management space—that was how WeSecureApp started. Today, we offer a world-class enterprise security product to orchestrate security.

I’m CEO and one of the co-founders of WeSecure App. My primary focus is to generate revenues, build client relationships, and explore partnership opportunities. My prior product experience helps with product marketing strategy for the company. As to our company’s co-founders—Akhil heads Technology, while Srini leads Operations for our company.

Q: In a nutshell, what does WeSecureApp provide?

We tailor solutions that help secure our clients’ digital assets, such as their applications, network and infrastructure, cloud assets and blockchain assets. We do this by tapping on a mix of resources including certified security professionals (such as CREST, OSCP, and CEH) and bug bounty participants.

Based on our experiences, we built an enterprise security product called Strobes.

Q: Tell us more about Strobes. What exciting future developments do you have in store for us?

Strobes is a Security Orchestration and Vulnerability Correlation Platform. It currently connects with over 40 vulnerability scanners, including popular built-in open source scanners and commercial scanners. It also connects with tracking and communication tools like Jira, Slack, and ServiceNow. With the help of connectors, one can orchestrate security in just 3 simple steps. The platform also integrates into the CI/CD pipeline with no hassles.

We are currently working on adding many cool features to Strobes, such as Knowledge Bank, Developers Training Report, and Individual Dashboards.

Q: Can you share any interesting client use cases?

One of the top Indian financial companies was facing issues with its diverse and large number of digital assets spread across various subsidiaries. There were multiple tools and vendors for conducting security assessments, many with overlapping functions and results. There was neither accurate reporting on security metrics nor the right medium to capture relevant data. Prioritising thousands of vulnerabilities from various sources was time-consuming and challenging.

With the help of Strobes, integration of multiple scanners instrumented the consolidation of all vulnerabilities. Prioritisation and removal of duplicate vulnerabilities helped to simplify fixing of critical and high-level vulnerabilities. Strobes also helped in tracking zero-day security and known vulnerabilities for the tech stack used by this financial company.

Q: WeSecureApp is based in Hyderabad which has been described as the “next innovation address of India”. What are your views about Singapore when it comes to cybersecurity innovation and potential for business? What brings you here?

Indeed, Hyderabad is the next innovation address of India. There’s an exponential growth in technology startups there. In fact, Hyderabad is home for the Cybersecurity Center of Excellence (CCoE) in India.

Singapore is where most global companies have their APAC headquarters, and here we see great potential for a cybersecurity business. In terms of new cybersecurity technologies, there are early adopters, i.e. companies who are keen to explore new cybersecurity products— in this market. These include Fintech companies, banks and financial services firms.

Having our footprints kept to Hyderabad and Mumbai limits our market reach to India only. Having a presence in Singapore will pave out a gateway to the APAC and Japan markets.

“In the era of digital transformation, anything and everything online can be hacked. No company can shy away from hackers, it is better to prevent and prepare rather than repent and repair.”

– Venu Rao

For more updates like this, follow ICE71 on our web and social channels.

According to a recent CSA report, businesses in Singapore lost nearly S$58 million to email impersonation scams last year. In the US alone, according to the 2018 Internet Crime Report, US$1.2 billion were lost due to email activities. So how can we be more cyber aware with regards to phishing attacks? One way is to conduct your organisation’s own phishing drill. Because if you are not doing it, the attackers are going to do so! Earlier this year at RSA APJ 2019, we were fortunate to hear from NUS’s CISO, Mr Ang on how to design effective phishing simulation drills.With more than 50,000 users and being a renown university, NUS is highly susceptible to phishing attacks.

An overview of a Phishing Lifecycle Drill

There are 7 steps in the lifecycle and we shall briefly examine each of the steps as shared by Mr Ang.

Design

You need to know

• your target audiences,
• the techniques involved,
• the themes,
• training material used,
• frequency of the drills, and
• the phishing platform.

These are important as they define the whole simulation drill. There are also pre-drill and post-drill parts of the design phase, which aids in the effectiveness. Pre-drill could be sending out anti-phishing infographics, and post-drill could be sending out security advisory to the users who fell prey.

Review

Once you have designed a phishing drill, review to see if there are any sensitive content and/or obtain the necessary approvals. Sensitive content could be a simple “Your resort booking has been cancelled” message which may lead to the user thinking his or her credit card details had been compromised – resulting in card cancellation and police report being made. This might lead to undue stress on the user.

Notify

Notify the various departments in the pre-drill, during drill and post-drill phases. As always, communication is key but not in excess, as this will reduce the effectiveness of the drill.

Scheduling

When scheduling a drill, do note the working hours, day of the week, holidays, rate limits and duration. In terms of day of the week, for example, sending a phishing email on a Friday evening tends to be ignored. This will impact the results.

Test

Test the drill with a small group of users first, verifying the look and feel. Ensure all links are working and verify the recipient list.

Execute

Prepare for user queries and scripted answers for your IT helpdesk, as they maybe overwhelmed with queries once the drill has been executed.

Evaluate

This is essentially what to look out for after you have completed the drill. Compare your results with industry benchmarks, if any. Compare results across departments and against previous drills. Of course, identify users who repeatedly fall prey and send them for compulsory education trainings.

If you’ve been wondering how to get started with a phishing drill, wait no further. Start from the design process!

For more updates like this, follow ICE71 on our web and social channels.

It’s been an awesome year for ICE71 Accelerate alumni! Here’s a recap on notable milestones achieved by our past cohort members.

689Cloud, ICE71 Accelerate Cohort 2

689Cloud, a cloud content collaboration platform that allows users to protect, track, and control files AFTER they have been shared – now has its technology integrated into Ricoh’s new document protection service to enable secure document tracking. The new service will allow users to easily send and track business documents on the cloud. Read more

BluePhish, ICE71 Accelerate Cohort 2

Blue Phish, which provides an interactive cybersecurity training platform, has entered into a collaboration with EGUARDIAN Global Services as Technology Partner to drive cyber security awareness training in Sri Lanka and Oman. EGUARDIAN Global Services is a leading cyber security services provider in Southeast Asia and the Middle East. Read more

Keyless, ICE71 Accelerate Cohort 2

Keyless, a biometric authentication and identity management platform, has raised $2.2 million in pre-seed funding led by blockchain venture firm gumi Cryptos Capital. The other participating investors include Ripple Labs, Blockchain Valley Ventures and LuneX Ventures. Read more