Full visibility through a single pane of glass: The key to stronger security amidst hyperconnected organisations

By Singtel

Alan Phua, Head of Cyber Security from Singaporean telecommunications conglomerate Singtel, explains how the single pane of glass can provide visibility over hyperconnected environments and improve the cybersecurity posture of public and private sectors.

The hyperconnected IT environments of today bring with them increased attack surfaces. In light of this, having visibility through a single pane of glass may be the solution, according to Alan Phua, Head of Cyber Security at Singtel. Image: Singtel

Technologies such as 5G, multi-access edge computing (MEC), Internet of Things (IoT) solutions and multi-cloud platforms have changed the game for the public and private sectors, improving the delivery of services and unlocking untapped value for growth. According to a Gartner definition, such hyperconnected environments can integrate data and workflow processes to deliver increasingly interdependent and complex services anywhere, anytime, while automating various business and IT processes.

But while such hyperconnected environments can bring gains to all, they can also increase attack surfaces and create additional vulnerabilities if cybersecurity leaders lack visibility over the entire ecosystem, from firmware to the edge.

Enterprises today are facing higher levels of cybersecurity risk and cybersecurity incidents. This year, growth strategy consulting and research company Frost and Sullivan found that out of 240 CIO respondents, 69 per cent reported experiencing at least one cybersecurity incident. Another 21 per cent said though no cybersecurity incidents were found, forensics or data breach assessments were not performed regularly for assurance. These proportions were higher for respondents from Singapore – 81 per cent of CIOs reported experiencing at least one cybersecurity incident.

The security and resilience of existing and future digitalisation initiatives must be considered thoroughly at every stage of implementation rather than as an afterthought, says Alan Phua, Head of Cyber Security from Singaporean telecommunications conglomerate Singtel. He adds that organisations need a clear “security-by-design vision and strategy” for a strong and future-ready cyber posture.

GovInsider sits down with Phua to learn more about the solutions that can help organisations improve their cyber posture within hyperconnected environments.

1. What are some of the current security gaps regarding visibility and control across an organisation’s hyperconnected environment?

As organisations tap into different telco and IT networks, environments, and IoT assets to drive various operations and digital initiatives, systems have become more complex, and more of them operate in silos. Therefore, threat visibility is also in the silo.

Without a single line of sight that has oversight of threats lurking within and across these different hyperconnected systems, there is a high risk of cybersecurity blind spots and a poor overview of an organisation’s overall cybersecurity posture. Unfortunately, this also means they lack real-time insights to immediately hunt, detect, and respond to cybersecurity threats.

2. How can organisations achieve improved overall threat visibility for early threat detection and response?

The answer to this is a single interface or pane of glass that offers unified visibility into real-time threats and vulnerabilities of security and telco workflows across silo network environments.

As a telco and a digital service provider that offers cybersecurity services, Singtel is in a unique position to unify security and telco workflows for greater, integrated visibility into real-time threats and IT assets – from the firmware to the device network edge.

By drawing on different threat intelligence sources from our Security Operations Centre (SOC) and Security Orchestration, Automation and Response (SOAR) systems, our teams will get an integrated view of a client organisation’s security postures - across different enterprise network environments such as data centres, multi-clouds, or 5G & MEC – through a dashboard aka a single pane of glass for early threat detection and rapid response.

At one glance, our managed detection and response teams will know what critical security events and alerts need immediate action.

If the inevitable happens, it is critical to maintain business continuity and ensure rapid triage, hunting and incident response.

Whenever possible, triage is automated based on our ready-and-recovery playbooks and action plans, which are well supported and enabled by:
  • Singtel’s cybersecurity arm,  Trustwave’s Spiderlabs advanced threat detection and incident response with proprietary threat intelligence and human-led threat hunting capabilities
  • Red and purple teaming frameworks, which refer to teams of ethical hackers who test the security defences of an organisation and teams that oversee such exercises respectively
  • Digital forensics and incident response
  • Robust cybersecurity and crisis management education for executive teams, developers, and security teams
  • A robust ecosystem of partner technologies and solutions
3. As 5G-enabled IoT adoption becomes more widespread, what should organisations take note of?

Organisations are looking to next-generation capabilities such as 5G & MEC as well as IoT devices and applications to digitalise operations for gains and efficiency.

In our engagements with organisations for their evolution towards 5G, we noted that they lack visibility into the security strength of third-party ecosystem and software supply chain partners providing devices, components, applications, and software. Many organisations might not know, for example, where the devices come from, how rigorously they’ve been tested and how secure they are.

Ensuring an adequate security posture leveraging Singtel’s ecosystem and supply chain partners is critical in enabling next-gen capabilities such as 5G, edge computing, and advanced devices and applications at your fingertips.

One way to overcome this is to enforce security controls and testing on these devices, components, applications, and software before they are introduced into the enterprise environment.

Singtel Paragon and its ecosystem approach offers a secure, trusted platform that helps organisations seamlessly orchestrate and manage 5G network and edge cloud resources, as well as deploy advanced applications like autonomous robotics, immersive VR/AR, digital twins, BVLoS drones, video analytics and AI in real-time. Paragon, essentially, is a one-stop digital acceleration platform for enterprises.

On the Paragon’s Marketplace platform, enterprises will have access to tested and validated enterprise 5G solutions and applications as well as standard proven Singtel cyber security services such as managed threat detection, managed DDoS and more to help your business drive a resilient 5G transformation.

4. Where can one learn more or see Singtel’s solutions in action?

Seeing is believing. At GovWare 2022, we will demonstrate how the gaps can be addressed.
For example, through the use case of an autonomous mobile robot on a manufacturer’s manufacturing shop floor, we will share how a hack can be avoided with full threat visibility, rapid threat detection and response capabilities, and validated next-gen applications and security services available on Paragon Marketplace.
----
Get insights from Alan Phua, who will be speaking at GovWare 2022 on Tuesday, 18 Oct from 2.30pm to 3 pm at the Developing the Cybersecurity Ecosystem track on Level 3, Sands Expo and Convention Centre.

As Singtel’s Head of Cyber Security, Alan oversees an extensive portfolio of solutions and services, including telco security, managed security, consulting and professional services. He plays a pivotal role in bolstering security and driving strategic value to its client organisations. Alan is passionate about IT and cybersecurity and enjoys sharing the knowledge he has acquired over the past 20 years and exchanging insights on the latest industry trends.