Subterms
The most popular use of UWB is Apple’s AirTag tracker. CNET UWB — short for ultra-wideband — is a low-energy, short-range radio technology that’s been around for a couple of decades (it went under the name “pulse radio” for a while). UWB makes use of super-fast signal pulses (anything up to over a billion a […] More
The shift to hybrid work requires Singapore businesses to reassess their operating model and identify requirements specific to their work environment. Policies should facilitate flexibility alongside productivity, while tools will need to be integrated to ensure seamless user experience. With hybrid work continuing to gain traction, organisations must adapt or risk losing the ability to attract and retain talent, said Geraldine Kor, Telstra’s South Asia managing director. She noted that the shift had introduced challenges for companies in terms of delivering meaningful employee experiences. “Virtual and remote onboarding processes, for instance, haven’t necessarily evolved with this new way of working,” Kor told ZDNET. “Companies need to understand how to navigate these challenges to create a positive experience for new starters. This is especially so in Singapore, where hybrid is increasingly the norm in many organisations due to strong government support for flexible work arrangements.”Work-from-home setups, for instance, might not be ideal options for everyone or suitable for all occasions, said Dan Bognar, DocuSign’s group vice president and Asia-Pacific Japan general manager. According to research from the document management vendor, 79% of employees in Singapore believed working from home still had its share of obstacles, two years after companies began adopting a flexible work model. Some 40% saw no change in their productivity while 19% indicated their productivity dipped when they worked from home. The findings suggested that the technology and tools workers were equipped with, at the location where they worked, were critical to their productivity, said Bognar. A study from Logitech saw 59% of white-collar workers in Singapore acknowledging meetings would be more productive if all participants had equal opportunities to contribute and speak. Another 56% said in-office participants were more engaged during hybrid meetings than their peers who were dialling in remotely. DocuSign’s research also found that 49% of Millennials and 44% of Gen X workers in Singapore believed remote working had hampered teamwork and collaboration with colleagues. To address such challenges, companies should adopt tools that were robust and well-integrated, in order to ensure a holistic employee experience even for those working from home, Bognar said. “Empowering employees with the best tools that allow them to perform from wherever is a key success factor,” he added. “Organisations that are successful [because they] invest in the right innovative solutions that ensure their staff have the right tech support in their work.”To do so, he urged companies to include their employees’ perspectives in reviewing their business processes and identifying hybrid work models that were appropriate for their organisation. “This way, you can maximise efficiency, collaboration, and creativity,” he said, adding that businesses then needed to fully embrace hybrid work policies that allowed workers to exercise flexibility.Kor further noted that small and midsize businesses (SMBs) struggled with deploying technology that were critical in enabling hybrid work. Singapore companies often point to challenges in cross-departmental collaboration as well as difficulty in selecting the right technology amongst a multitude of options as key barriers. “It is critical for organisations, regardless of size, to overcome such challenges quickly so employees have the tools they need,” she said, adding that managing a decentralised workforce also required consistency in practices, guidelines, and policies across the organisation. Adopt tools that drive open, integrated collaboration In particular, technologies that facilitated open communication and collaboration were key to hybrid work, according to Kor. In addition to collaboration tools, visual collaboration platforms or whiteboarding tools also were essential to facilitate brainstorming amongst teams that were increasingly hybrid, she said.Noting that employees were eager to build stronger relationships with their hybrid teams, Kor said the right technology was important to create a seamless office experience for those who worked from home. “Today and in the future, we will need smart software that enables multiple employees working remotely to feel just as much a part of the action as those who are in an office,” she said. Telstra provided essential office equipment such as monitors and standing desks, as well as a self-service toolkit application, to support its own hybrid teams, she added. Bognar noted that while many IT departments had stepped up to support hybrid work following the global pandemic, some might not have deployed technology that were scalable. He underscored the need for organisations to regularly reevaluate their IT systems to identify and replace tools that consumed a disproportionate amount of cost and resources. Kor said: “An optimised hybrid workplace ensures flexibility and productivity, and businesses may need to relook their operating models and work arrangements to make this possible. Beyond tools and technology, this also includes having sufficient policies and programmes.””With many employees choosing their next job based on the ability to work from anywhere, companies that have strong infrastructure to facilitate flexible work will be able to better attract talent. Our research shows that more than half of business leaders are seeking to boost their cloud infrastructure, including cloud-based security platforms and services, to better manage a decentralised workforce,” she said. “Companies have an opportunity to better align their business processes and priorities across a distributed workforce, and to evolve collaborative processes and workflows in place to keep pace with their employees’ needs.”RELATED COVERAGE More
The most popular use of UWB is Apple’s AirTag tracker. CNET UWB — short for ultra-wideband — is a low-energy, short-range radio technology that’s been around for a couple of decades (it went under the name “pulse radio” for a while). UWB makes use of super-fast signal pulses (anything up to over a billion a […] More
Both UDP and TCP are designed for sending and transmitting information. TCP is focused on efficient and reliable data transfers. The TCP protocol establishes a session through handshakes to deliver data successfully. If data packets fail to transfer successfully, they are sent again. TCP will also use packet sequencing, which breaks large volumes of data up into smaller units to ensure that information is sent successfully, receiving confirmation before moving to the next packet. Also: The best web hosting servicesUDP, however, doesn’t stop for confirmation while sending data, nor will it necessarily resend lost packets. The trade-off for a lack of error monitoring is a gain in speed — with some information potentially lost in the process. While TCP requires handshakes between machines and there is delay tolerance, UDP is known as a “fire and forget” protocol. As Red Hat explains:TCP requires a lot of back-and-forth data exchange between sender and target to establish a network connection. Then, even after the connection is established, there’s more back and forth because TCP requires that the sender receive an acknowledgment from the target every time a data packet is sent. This back-and-forth eats up time. UDP has no back-and-forth connection handshake.In other words, TCP focuses on reliable, accurate data transmission, with speed as a trade-off. UDP does the opposite and prioritizes speed, and does not provide a guarantee for packet ordering or transmission. UDP may also be more susceptible to Distributed Denial-of-Service (DDoS) attacks. Also: Flipper Zero: Geeky toy or serious security tool?While the IETF has now proposed a standard for HTTP/3 over QUIC as a new protocol that can potentially balance both concepts, UDP and TCP are still very much in use worldwide. More
Google Pixel 7 Pro June Wan/ZDNET Bluetooth connections go both ways. You can connect your Android phone to third-party devices and you can connect third-party devices to your phone. That’s all fine and good and fairly simple. However, it can get a bit confusing when you have multiple Android phones in your house. Case in […] More
MyRepublic has unveiled its exit from Australia, as it looks to “refocus” on profitability and cut its operational costs. The move will involve moving its subscriber base to Superloop next quarter. The Singapore-based internet service provider (ISP) said in a statement Saturday the subscriber transfer agreement, which kicked in from December 23, encompassed the acquisition of its residential and enterprise subscribers on Australia’s national broadband network (NBN), but not its assets or liabilities. Headquartered in Brisbane, Australia, Superloop owns and operates 894 kilometres of metropolitan fibre networks across Australia, Singapore, and Hong Kong, where it connects more than 309 data centres and commercial buildings. MyRepubilc said the transfer marked its exit from the Australian broadband market, where it had launched its services in 2016. Most of the migration works are expected to be carried out in February next year, following the completion of network transition.The ISP said the move was part of its “strategic refocus” towards “profitability and liquidity”, as it looked to lower its operational costs. It also was refocusing on its broadband and mobile businesses in Singapore. MyRepublic’s group CEO and co-founder Malcolm Rodrigues said: “I love our Australian business…after much deliberation, however, we have made the decision to pivot towards a profitable business as we move into the next phase of our journey.”This year also marked the company’s first decade of operations, with Rodrigues announcing in February the start of “a new MyRepublic” and its ambition to be “the best-performing digital telco” in Singapore and the region. The ISP then had said its renewed business vision and operating model would help lay the groundwork for an initial public offering (IPO). In September last year, Singapore telco StarHub acquired a 50.1% stake in MyRepublic’s local broadband business. The $162.8 million deal saw the latter’s business unit subsumed as a StarHub subsidiary and pushed StarHub’s share of the Singapore broadband market to 40%. In a June 2021 interview with ZDNET, MyRepublic said it was seeking out new revenue in the enterprise space, which offered significant growth potential for the company. It said it would beef up its service offerings in the market segment, with particular focus on cybersecurity.MyRepublic also offers mobile and broadband services in New Zealand and has a franchise business in Indonesia via a partnership with the Sinar Mas Group.RELATED COVERAGE More
Besides ushering in the revolution of smartphones, 3G has played a foundational role in the navigation and alarm-based systems that we rely on during our everyday commutes. With the institution of faster and more reliable 5G, roadside assistance and emergency crash alerts are among the many network-based features that will be affected by the shutting down of 3G. Many cars also have an emergency SOS button that, when pressed, dials first responders via 3G. That, too, will lose functionality. Vehicles from popular automakers like Toyota, Lexus, Nissan, Hyundai, Dodge, and more released before 2019 are susceptible to the issues mentioned above. The main reason that newer models still carry 3G receivers, according to Roger Lanctot, director of automotive connected mobility at Strategy Analytics, is for automakers to save on manufacturing costs. Also: The best affordable EVsTo stay ahead of the curve, you’ll want to ensure that your car supports or can receive hardware upgrades to connect to 4G. As with smartphones, your best bet to stay in the know is by consulting with your local car dealer. While the modification may come in the form of downloadable software or physical spare parts, it will help to keep your vehicle up-to-date and functioning — especially during times of danger. More
All critical information infrastructures (CIIs) in Singapore must continuously transform to keep up with the changing threat landscape and this means going beyond “generic” cybersecurity practices. It requires a strong focus on operational technology (OT) security, encompassing the right skillsets and OT-specific cybersecurity practices for CII operators. Singapore last year tweaked its cybersecurity strategy to emphasise OT and provided guidelines on the skillsets and technical competencies OT organisations needed. The country defines OT systems to include industrial control, building management, and traffic light control systems that monitor or change the physical state of a system, such as railway systems. Cyber Security Agency of Singapore (CSA) has pushed the need for CII operators to beef up the cybersecurity of OT systems, where attacks could pose physical and economic risks. The need for efficiencies and functionalities had fuelled the convergence of IT and OT systems, the latter of which were traditionally designed as standalone infrastructures and not connected to external networks or the internet. No longer operating in such air-gapped environments, OT systems now run on a wider attack surface and are open to potential cyber attacks that can have real-world impact. Asked which CII sectors most needed cybersecurity transformation, CSA noted that as the threat landscape was constantly evolving, every CII sector should continuously “adapt and transform” their processes to combat existing as well as emerging threats. CII industries vary in size, function, and reliance on technology, all of which shape their respective cybersecurity strategies, the CSA spokesperson told ZDNET. He added that some sectors tapped OT and IT alongside IoT (Internet of Things), and this not only introduced additional industry-specific challenges, but also further increased the surface area that had to be protected against cyber threats. According to Keith Lunden, manager of analysis at Google’s Mandiant Intelligence, compared to IT assets, OT assets had experienced very limited amount of threat activities, primarily due to traditional air-gaps and internal network segmentation that minimised mainstream malware incidents. “However, this also served to minimise drivers of OT cybersecurity efforts, [so] instead of threat activities, regulatory requirements have been the primary driver of OT security efforts,” Lunden noted. “Correspondingly, unregulated industries such as water and wastewater, are most in need of transformation.”He added that these industries should develop risk-based cybersecurity countermeasures based on industry standards.Group-IB’s founder and CEO Dmitry Volkov also underscored the need for all CII sectors to constantly improve their cybersecurity posture, as their ability to operate without interruptions was critical to national security. He said sectors including healthcare, transportation, and government were frequent targets, pointing to how a ransomware attack had prompted the Costa Rica government to declare a state of emergency for the first time in April. Hackers had exfiltrated more than a terabyte of data, breaching 27 ministries in the attack. Building automation and oil and gas sectors also see high percentages of ICS (industrial control system) computers where malicious objects are blocked, according to Vitaly Kamluk, Kaspersky’s Asia-Pacific director for global research and analysis. The block rates for these industries continued to be above the global average, Kamluk said, noting that a higher usage of online resources and email amongst companies in building automation might have resulted in the sector leading others in the variety of malware attacks blocked. Lunden said cybercriminals had made significant advances in operational tradecraft in the last several years, with ransomware emerging as an effective business model and resulting in a large number of security incidents impacting critical infrastructures, often including OT environments.Pointing to state-sponsored attacks, he said Mandiant continued to see adversaries keen to exploit insecure by-design features of OT. “[These] aimed to maliciously leverage the native functionality of OT devices, rather than exploit vulnerabilities in these systems,” he noted. “As a result, we expect state-sponsored malware targeting these features of OT to remain a threat for the foreseeable future, as it is much more difficult to redesign these devices, rather than simply patch vulnerabilities in them.”Supply chains heighten potential OT threatIn addition, supply chains in some OT sectors, such as manufacturing and maritime, typically are expansive and involve multiple parties. And it can prove challenging to secure supply chains, CSA said, noting that organisations take on unknown cyber risks from third-party vendors since they do not have full visibility of their supply chain. “Organisations can only be as strong as their weakest link,” the spokesperson said. He pointed to CSA’s CII Supply Chain programme, which outlines five foundational initiatives to help these sectors address cyber supply chain challenges across different layers, including organisation, sectoral, national, and international. The programme includes a toolkit, handbook, certification scheme, and learning hub. In particular, all CII and OT sectors should improve their visibility since organisations would not be able to secure and defend assets they did not know existed, said Fabio Fratucello, CTO of CrowdStrike Asia-Pacific Japan. Without visibility, they also had no threat detection or protection against adversaries who would work to locate blind spots, Fratucello said. To address such challenges, he said CrowdStrike had introduced its Falcon Discovery for IoT to help customers understand interconnected relationships between their IT, OT, and IoT assets, and mitigate potential risks across these environments. “Once organisations have a deeper understanding of their attack surface, they are better equipped to make more informed, risk-based decisions by bridging the gap between OT environments and IT operations,” he noted. “It’s important for organisations to look externally as well as internally to understand security vulnerabilities. This includes risks via the supply chain, which in some industries can be an incredibly complex and lengthy chain.”Citing CrowdStrike research, he said 48% of Asia-Pacific organisations had experienced at least one supply chain attack last years, while 60% were unable to claim all their software suppliers had been vetted. To better manage their third-party ecosystems and safeguard their infrastructures, Volkov suggested OT sectors adopted isolation and segregation of IT, OT, and human processes and ensure the integrity of their infrastructure components. A threat intelligence platform also would identify potential attackers and how they were attacking OT infrastructures, he said, adding that it would indicate areas of compromise so these could be plugged and security posture improved. OT sectors should assess their suppliers’ external attack surface and work closely with their third-party suppliers to further ensure they had all the necessary security measures in place, such as an incident response team. Plugging gaps in OT securityWith demand for roles requiring competencies in IT and OT up amidst increased connectivity between both domains, CSA said it developed the OT Cybersecurity Competency Framework to offer guidelines on identifying skillsets and training for their engineers. It also maps out career paths for these engineers, the spokesperson said.The spokesperson added that CSA established the cybersecurity code of practice to set out mandatory OT-specific cybersecurity practices for CII operators. “These focus on network segmentation, patch management, detection, and continuous monitoring with the aim to reduce the probability of threat actors exploiting software vulnerabilities and gaining a foothold of OT systems,” he said. “It equips OT system owners with the know-how to mitigate emerging cyber threats more effectively.”Asked about the role of regulations in OT, he said Singapore’s Cybersecurity Act provided a framework for the designation of 11 CII sectors, while the code of practice stipulated basic standards of cybersecurity and measures these CII owners should implement to ensure their resilience. He noted that the code of practice recently was enhanced to help CIIs further strengthen their cyber resilience and defences against sophisticated cyber threats and be more agile in responding to emerging cybersecurity risks. The code review also improved coordination between the Singapore government and private sectors, so cyber threats could be uncovered and response initiated in a timely manner, the CSA spokesperson said. “Every CII sector faces cybersecurity risks that are specific to their digital terrains, such as migration to the cloud or use of 5G technologies,” he noted, stressing the importance of OT security. “Cyber hygiene practices that are generic across critical sectors would not be able to address such specific risks.”Kamluk said it was important to set industry standards requiring companies to build security foundations into their systems. While essential, however, regulations are just one component of a holistic approach to OT security. Collaboration also is key in integrating all elements within security, he said, urging organisations to band together and take a concerted approach to security as a sector. A clear roadmap provides a guiding plan everyone can work towards and this can ease friction within the sector, he added.With a plan and systems in place, there should be regular sector-specific meetings and routine maintenance. These “health checks” will ensure potential pitfalls and threats are raised early and players in the sector can recalibrate and remain resilient, Kamluk said. Volkov noted that new laws or amendments to existing ones should be “data-driven” and aim to address weaknesses identified during cybersecurity drills involving various parties. Lunden said: “Regulations need to be performance-based, rather than prescriptive. This can give OT system owners flexibility when implementing cybersecurity countermeasures. They also need to be tailored to apply to only the most critical OT assets of an organisation, as not all OT should be considered equal. “Regulators should learn from the experiences of other regulatory bodies that have improved the effectiveness of their regulations over time,” he added.In July, Singapore expanded its cybersecurity labelling programme to include medical devices, specifically, those that handle sensitive data and can communicate with other systems. Asked if the labelling scheme could be further expanded to include OT systems and applications, the CSA spokesperson said there currently were no plans to do so. He noted that the initiative aimed to provide greater transparency for consumer-facing IoT products, which OT devices were not. The latter generally performed more critical functions, such as ensuring the delivery of essential services, he said, adding that CSA offered other certification schemes such as the Common Criteria Scheme to facilitate security evaluation of IT products. RELATED COVERAGE More
