Among the most alarming attack vectors that cybercriminals can target are the hardware and software used in industrial settings to monitor and control billions of devices, processes and critical infrastructure. These include control sensors, power generation management, oil & gas refining management, cameras, switches, machinery, and fire systems to cite a few examples. These operational technology (OT) instances are mainly designed to interact with specific equipment, and they don’t always come with sufficient security or update mechanisms built-in to withstand concerted attacks.

Our guest on this episode of the Tech Means Business podcast, Nigel Tan, works for Delinea, a leading Privileged Access Management (PAM) solutions provider that can protect this layer of infrastructure, whether new or legacy.

While endpoint protection is often not viable and network-layer security unsuitable, it’s zero-trust and careful PAM that can make the difference between safe OT and an open door for hackers.

Nigel is Delinea’s Technical Director of Sales Engineering at Delinea for the Asia-Pacific, a battle-hardened professional who’s been active in cybersecurity for many years. Together, we discuss the present situation, the potential for damage to critical national infrastructure and worse, the possibility that a cyber incursion can easily damage human lives, physically.

There are ways and means, of course, to ameliorate the situation, which Nigel helps us discover as we check out Delinea’s OT protection methods.

Check out the Delinea website here:
https://delinea.com

Read the company’s blog on security, starting here:
https://delinea.com/blog/privileged-access-management-for-industrial-iot-security

Nigel Tan of Delinea is here:
https://www.linkedin.com/in/nigel-t-bb4bba7/

Joe Green’s LinkedIn profile lives here:
https://www.linkedin.com/in/josephedwardgreen/

The post Protecting Operational Technology with zero-trust appeared first on TechWire Asia.

Today’s wide-reaching discussion covers such ground as zero-trust security and changes in authentication methods, plus protecting the agreements and contracts at the heart of most organizations today.

We chat to the CIO of DocuSign, Shanthi Iyer, about how her company protects itself and its cloud infrastructure, plus the ways that security policies baked into the DocuSign platform help its users rest safer in the knowledge that their IP (intellectual property) is properly overseen.

Brett Winterford, Regional CISO for APJ, represents long-time DocuSign partner Okta. Brett talks about security methods and current thinking and how different elements of a machine or person’s identity can inform security systems constantly about the ongoing threat levels that any company faces.

There’s plenty to take in and learn from these two industry stalwarts, each with a specific position on the trust that organizations today give, how to stay safe and protect assets, and what role governments can play in guiding all of us.

Learn more about DocuSign’s baked-in security processes here:
https://www.docusign.com/trust/security

The Okta internal cybersec team’s blog:
https://sec.okta.com/articles

Okta’s portfolio can be explored starting here:
https://www.okta.com/

Shanthi Iyer is on LinkedIn:
https://www.linkedin.com/in/shanthiiyer/

Brett Winterford can be seen here:
https://www.linkedin.com/in/brettwinterford/

Your show’s host is on LinkedIn:
https://www.linkedin.com/in/josephedwardgreen/

The post Future-proofing your business with secure IT practices appeared first on TechWire Asia.

Although the motives of cyber attackers may be slightly different from the point of view of security experts in the public sector, their methods tend not to be. But there are particular ways that organizations can protect themselves more thoroughly, and our guest on this episode of the Tech Means Business podcast knows most of them.

Nigel Tan, the APAC Director of Systems Engineering at Delinea has had a long and distinguished career in cybersecurity, and talks to us today about zero-trust and PAM (privileged access management) in the enterprise.

It’s becoming increasingly necessary to ensure a constant check is made on access to information and software, whether that’s in the cloud or on-premise. Additionally, “identities” are a concept applicable to both machines and people. A complicated situation, that many in cybersecurity teams are struggling to contend with.

Nigel guides us through the technical side of the issues in play, and we discuss best practice, current trends in hacker behavior, and the differences that need to be considered when protecting large, public sector organizations from bad actors.

You can learn more about Delinea here:
https://delinea.com/

Nigel Tan is on LinkedIn, here:
https://www.linkedin.com/in/nigel-t-bb4bba7/

And Joe Green, your host, is here:
https://www.linkedin.com/in/josephedwardgreen/

The post Protecting the public sector with PAM and zero-trust appeared first on TechWire Asia.

When companies use the services of a Managed Service Provider (MSP) for their IT needs, they’re handing over a good part of responsibility for their cybersecurity too.

But the importance of protection online means that it’s still incumbent on the owner of any data (including intellectual property) to ensure they’re as safe as they can be. Today’s guest on the Tech Means Business podcast argues the case for a high degree of cybersecurity awareness, regardless of whether there’s an MSP in the picture.

“It’s all about your appetite for risk,” says Leon Friend of ConnectWise, whose company helps MSPs deliver the best possible cybersecurity for their clients, educating and informing about the best ways to protect multiple targets.

In the context of the ACSC’s Essential Eight, we talk about cyber insurance, the chancers of the hacking world, script kiddies and the rise in sophisticated hacking methods now available to anyone with half an interest in an illicit income.

Whether you run an MSP or just want to learn about the best approaches to protecting an organisation, this episode of TMB is essential listening.

ConnectWise on the web:
https://www.connectwise.com/

The events run by ConnectWise in APAC:
August 17 – Cybersecurity Masterclass, Sydney
https://www.connectwise.com/theitnation/evolve/agenda?tab=apac

Read about the ACSC’s Essential Eight:
https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/essential-eight

Leon Friend, friend of the show is on LinkedIn:
https://www.linkedin.com/in/leonfriend/

Joe Green and his safe room are here:
https://www.linkedin.com/in/josephedwardgreen/

The post Managing Risk with your Managed Service Provider appeared first on TechWire Asia.

The last time we talked to Wipro about retail, we were looking at some of the challenges facing companies as they transitioned their IT stack to the cloud. In this episode of the Tech Means Business podcast we look at cybersecurity in the retail space, and how outsourcing helps companies find compliant, scalable and safe ways to operate.

To attackers, every retailer and its assets (brick and mortar or virtual) are just IP addresses. So, what are the specific security issues facing the sector that, more than most, defines “edge computing” (or “many shops” as we might say)?

And with OT (operational technology) so significant in what are often long and complex supply chains, retailers have very specific cybersecurity issues that our guests address during the course of our discussion.

To learn more about Wipro’s work with large retailers in the UK, Ireland and across the world as well as its work in cybersecurity, visit here:

https://www.wipro.com/retail/

https://www.wipro.com/cybersecurity/

Prabhu Ramaiah is on LinkedIn, here:

https://www.linkedin.com/in/prabhu-ramaiah-8328b06/

Hitesh Bansal is here:

https://www.linkedin.com/in/bansalhitesh/

Richard Vinnicombe can be found here:

https://www.linkedin.com/in/richard-vinnicombe-46b36817/

And Joe Greens are BOGOF here:

https://www.linkedin.com/in/josephedwardgreen/

The post Shopping around for cybersecurity partnerships appeared first on TechWire Asia.

The economic downturn is turning the screws on public sector funding right across the world. In the UK and Ireland that’s no different, with smaller budgets, a demand for more open, easily accessible services and, of course, the expectation that everything is to be delivered safely.

Many government departments, authorities and taxpayer funded organisations look to outsourcing ‘non-core or enabling functions’ as a way of focusing on delivering the best core value to citizens.

There are particular constraints on the public sector in the UK & Ireland in terms of data sharing inside the auspices of the legal & regulatory requirements, plus a need to offer services down as many routes as possible to a very broad demographic.

On today’s episode of the Tech Means Business podcast, Joe Green talks to two representatives from Wipro, a global multinational service provider, about some of these challenges and possible ways to approach cybersecurity service delivery in the public sector. Our guests talk about risk, cybersecurity education, and budgetary difficulties facing the sector, and bring their expertise to bear on this complex area.

Learn more about Wipro’s work in the public sector and cybersecurity here:
https://www.wipro.com/public-sector/
https://www.wipro.com/cybersecurity/

Hitesh Bansal, Country Head (UK & Ireland), Cybersecurity & Risk Services is here:
https://www.linkedin.com/in/bansalhitesh/

Richard Vinnicombe, Partner at Wipro Limited can be found here:
https://www.linkedin.com/in/richard-vinnicombe-46b36817/

Your host is Joe Green, who is here:
https://www.linkedin.com/in/josephedwardgreen/

The post Safer digital public services in focus appeared first on TechWire Asia.

There are no avenues that cybersecurity bad actors won’t pursue – emails, software supply chain poisoning, networking, and hardware. With attacks on the internal workings of microchips themselves and even on the memory resources of a server, its critical to secure hardware-based infrastructure. Servers play a key role in IT security and an organization’s ability to resist and mitigate cyberattacks effectively. For data center operators, securing the systems that run-in today’s DCs is of paramount importance.

In today’s episode of the Tech Means Business podcast, we talk to two household name technology vendors about how hardware can be hardened so the services running on them are more secure. Peter Chambers from AMD and Chris Kelly from Dell Technologies talk about chips and servers that are shipped with security baked into hardware, and in Dell’s case, accompanied by advanced tools to make its latest Dell PowerEdge Server range that helps protect customers’ sensitive data and reinforce their security efforts.

Dell announces its PowerEdge Server range:

https://www.dell.com/en-sg/dt/corporate/newsroom/announcements/detailpage.press-releases~usa~2022~11~20221110-next-generation-dell-poweredge-servers-dramatically-improve-performance-for-more-sustainable-data-centers.htm#/filter-on/Country:en-sg

Sign up for a day’s bespoke workshop tailored to your business:

https://www.dell.com/en-sg/dt/what-we-do/customer-engagement-programs/customer-solution-centers.htm

More about Dell Technologies World 2023
https://www.dell.com/en-sg/dt/events/delltechnologiesworld/2023/index.htm

AMD publishes plenty of information about its chips, and more, here:

https://www.amd.com/en/data-center-blogs/delivering-the-modern-data-center

Chris Kelly, the Senior Vice President, Data Center Solutions at Dell Technologies, Asia Pacific and Japan can be found on LinkedIn:

https://www.linkedin.com/in/chris-kelly-7a0b825/

AMD’s Peter Chambers, Managing Director – Sales, Asia Pacific & Japan, is here:

https://www.linkedin.com/in/peter-chambers-59bb819/

The spectre of Joe Green lingers here:

https://www.linkedin.com/in/josephedwardgreen/

The post Secure by Design: AMD and Dell in the DC appeared first on TechWire Asia.

In light of the latest reports from the NCSC and ACSC (National [New Zealand] and Australian Cyber Security Centre) on best practice, companies and organisations in the region are looking to amend their everyday work processes. But many smaller outfits (think fewer than 100 people) have no dedicated IT team. In many cases, these will turn to their MSP (Managed Service Provider) for advice and, ultimately, protection from hackers and malware.

In this episode of the Tech Means Business podcast, we talk to Leon Friend of ConnectWise, about the software and systems that his company provides to MSPs: dedicated security systems designed from the ground up for MSPs. With each of an MSP’s clients having specific requirements, configuring and managing mixed security provisions would be a nightmare with “normal” cybersecurity tools. Not so with the ConnectWise platform.

We cover some of the ACSC and NCSC’s recommendations and talk about going further: back up, sure, but what to back up? Multifactor authentication, great, but is SMS really secure?

Learn more about improving your organisation’s security posture in this episode of Tech Means Business.

You can see the ConnectWise portfolio of solutions here:
https://www.connectwise.com/en-au

The ACSC and NCSC are here:
https://www.cyber.gov.au/
https://www.ncsc.govt.nz/

Leon Friend is on LinkedIn:
https://www.linkedin.com/in/leonfriend/

And your host, Joe Green, can be seen here:
https://www.linkedin.com/in/josephedwardgreen/

The post For the Many, One: MSP Cybersecurity Considered appeared first on TechWire Asia.

Until companies and organizations get large enough to run their own dedicated cybersecurity function, many use the services of an MSP (managed service provider) to help protect them from the increasing number of attacks that happen each year.

Getting external help certainly works in dynamic computing environments, where companies are changing between on-premise, multi-, and hybrid-cloud deployments. But some companies shy away from contacting so-called big-name cybersecurity providers, wrongly assuming that large, expert companies are not interested in helping the smaller business.

In the APAC and Australasia region, Kaspersky is happy to explode the myth: it’s here, especially that its expert services can be leveraged. As part of a larger digital transformation project, Kaspersky’s easy licensing models keep the MSP’s clients safe, drive cost efficiencies, and bring relief to organizations struggling to find specialized staff or with limited in-house resources.

Today’s guests are Bridget Huang and Tako Nijsson from Kaspersky. We discuss the why’s and wherefore’s of cybersecurity via a third party and the growing threat landscape facing any online business in the APAC and beyond.

Read more about Kaspersky’s Managed Service Partner Partnership:
https://www.kaspersky.com/partners/managed-service-provider

Find out more on how Kaspersky can deliver fully-managed detection and response services:
https://go.kaspersky.com/optimumsecurity.html

Bridget Huang is here:
https://www.linkedin.com/in/bridgethuang/

Tako Nijssen can be found here:
https://www.linkedin.com/in/tako-nijssen-95646546/

Your host, Joe Green, appears here:
https://www.linkedin.com/in/josephedwardgreen/

The post MSP’s Vital Role in Keeping the Internet Safe with Kaspersky appeared first on TechWire Asia.

We talk to Scott Hesford, the Director of Solutions Engineering, Asia Pacific at BeyondTrust, about applying granularity of privileges to multiple users at scale, and keep on top of it all, too. What could be a simple granting of privileges to a subcontractor for a day, can turn into a gaping cybersecurity hole that can bring an organization to its knees. And BeyondTrust is the company that’s here to help!

We talk about implicit zones, movement through the IT stack to get a day’s work done, and NIST’s airplane analogy for cybersecurity: who can get through to the departures lounge, who can board the plane, and (even) where a user can sit Or, in more direct terms, allowing a subcontractor to restart a service without sudo.

It’s all possible, it just needs the right partner; one with the cybersecurity tooling that’s not out of its depth in a multi-cloud, mobile, cloud-heavy environment.

Read more about BeyondTrust here:
https://www.beyondtrust.com/

The NIST zero trust information we refer to is here:
https://csrc.nist.gov/publications/detail/sp/800-207/final

The US Federal Government directive on Zero Trust can be found here:
https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf

The CISA Zero Trust Maturity Model can be found here:
https://www.cisa.gov/zero-trust-maturity-model

Scott Hesford is on LinkedIn:
https://www.linkedin.com/in/scott-hesford/

Joe “economy class” Green is here:
https://www.linkedin.com/in/josephedwardgreen/

The post Boarding the Privilege Plane: BeyondTrust in the Clouds appeared first on TechWire Asia.