CIO OPINION

Acronis ’ strongly believes that information and knowledge should be shared with the greater Cybersecurity community .

Kevin Reed CISO , Acronis

The Singapore Cyber Landscape ( SCL ) 2022 report published by the Cybersecurity Agency of Singapore warned of the extended risk faced by the state from emerging threats such as ransom for reputation and AI-based cyberattacks . We spoke to Kevin Reed CISO at Acronis as to what that means on the frontline .

What are the key cybersecurity threats and trends that you have observed in Singapore over the past year , and how have they evolved compared to previous years ?

Ransomware attacks continue to be prevalent threat in 2023 and continue to rise both globally and in Singapore . The initial access vectors shifted slightly from weak credentials on publicly available endpoint like Remote Desktop ( which was common at the beginning of pandemic ) to exploiting vulnerabilities in various public-facing services as well as attacks using leaked credentials .

As a cybersecurity company operating in Singapore , what are the specific challenges you face in addressing the unique threat landscape of the region ? Are there any notable differences compared to other global markets ?

Singapore may be different from other markets because there is a relatively high concentration of data centers here in comparison to IT being employed by local businesses . Although the absolute numbers are not high – Singapore is not even in top 10 of nations by the number of data centers – this relatively small population makes the ratio of data center resources to population rather high . This skews threat landscape towards attacks on server systems instead of clients .

With the rapid Digital Transformation taking place in Singapore , including the increasing adoption of IoT devices and cloud technologies , how has this affected the cybersecurity landscape ? What measures are being taken to mitigate the associated risks ?

E-sims are a new threat . A new convincing technology , but recovery protocols are not very well developed and do not take security issues into account sometimes . In the past , sim recovery required sim to be shipped to an address in Singapore or a personal visit to operator ’ s office , but e-sims are managed over the Internet and fraudsters take advantage of it . There were other cases of financial fraud , for example SMS phishing attack

44 INTELLIGENTCIO APAC www . intelligentcio . com