The agriculture industry faces a variety of challenges such as climate change, low agriculture productivity and yield, high operating cost, and health hazards to farmers. Leveraging digital technologies, TM One Smart Agriculture solutions are opening a promising ability to address the industry's long challenges through the Smart Farming revolution.
TM One Smart Agriculture offers a diverse set of solutions to help farmers adapt to technological advancement. One of the features is a centralised monitoring dashboard that is integrated into the IoT-powered machines, which enables farmers a holistic view of their entire machinery performances and crop conditions.
Watch this video and know more about how TM One Smart Agriculture solutions can provide more efficient and sustainable farming practices.
According to Technologist Dr. Saiyid Abdallah Syahir Al-Edrus, General Manager for Cybersecurity Services and Product & Innovation at TM One, every organisation has the responsibility to ensure that their cybersecurity strategies run in tandem with their business growth.
“Organisations are responsible to protect and safeguard their business and customer data from cybercriminals. They need to have the right tools, processes and above all the right people, a team of cyber-intelligence experts or security analysts, in place at all times.”
BusinessToday spoke to the industry expert who has over 15 years of experience in consulting, network security, endpoint security, cloud security, application & data security, and cybersecurity risk management, and who has leveraged his expertise to help organisations protect their businesses from the increasing challenge of cyber-attacks and threats.
He pointed out that many Malaysian organisations of all sizes and across all industries faced gaps between their perceived capabilities and their actual performance when it came to ensuring their cybersecurity strategies addressed the needs of their business.
“Organisations may believe that they have taken all the necessary steps to protect their data and systems, when they have not. This false sense of security has resulted in major global corporations and regional government agencies falling victim to massive security breaches.”
Dr. Saiyid also noted that organisations tended to become complacent. “Organisations often take for granted that they will not be the target for cyber-attacks, because they feel that they are not managing critical infrastructure and sensitive data. However, attackers will target any organisation that can provide them with a lucrative payoff.”
Lack of resources was a third factor, he added.
“Most organisations may not have the budget to invest in robust cybersecurity measures or the necessary expertise/personnel. Instead they often rely on general IT support. Unfortunately, cybersecurity itself encompasses a very huge spectrum and domain, for which you need specific skills, experience and knowledge.”
“Having an external partner that can provide professional and advisory services will help enterprises navigate and manage their cybersecurity strategy.”
Dr. Saiyid noted that while TM One, the enterprise and government sector arm of Telekom Malaysia Berhad is fully capable of providing a complete outsourced cybersecurity service to its customers, his preferred approach involved a hybrid solution between organisations and their cybersecurity partner.
“Cybersecurity strategies must be based on the organisation’s needs and priorities. My recommendation would be that policies are governed in-house, where the client dictates and determines which security services are needed and cybersecurity framework the organisation should adopt.”
Responding to an IDC Enterprise Services Sourcing Survey, which stated that over 70% of Malaysian organisations recognised that security is not their core expertise, Dr. Saiyid pointed out that this view stems from understandable reasons - cybersecurity is generally underfunded and under-resourced.
“Businesses are often challenged to find and retain the right talents to manage digitalisation, cybersecurity, and innovation within their organisations. IT departments are now expected to support new revenue streams, on top of managing operational efficiency and reducing cost. Business leaders find it difficult to understand the ROI of IT security, and are more focused on growing their digital revenue – especially in the wake of COVID-19.”
As a result, meeting the need to secure these digital platforms can weigh on businesses’ priorities, requiring them to divert limited budgets and resources from opportunities to risk avoidance, Dr. Saiyid highlighted.
“In large organisations, managing cybersecurity efficiently requires a significant amount of resources and effort. Aside from the need to secure a well-equipped and complex IT environment, setting up a dedicated team means organisations need to invest in the technology and put together the security controls for the entirety of their IT environment. This can prove difficult as there is a marked scarcity of cybersecurity professionals, not only in Malaysia but internationally.”
With these realities, individual organisations should decide whether they want to outsource a certain portion of their cybersecurity responsibility or outsource the whole function.
“For instance, they can choose to retain identity management, which is the heart of IT operations and sits with Active Directory and domain controllers, while the rest, such as perimeter security, firewalls, intrusion prevention systems, or the 24/7 monitoring of the overall environment can be outsourced to the experts, like TM One.”
Service providers such as TM One can also provide organisations with round-the-clock protection, ensuring that their systems are always safe and secure. Furthermore, outsourcing cybersecurity can help organisations free up their internal resources so that they can focus on other areas of business.
TM One’s Professional Services supports organisations to assess their cybersecurity capabilities, and provides consulting and advisory services to help them strengthen their capabilities to respond to potential threats.
Specifically, TM One’s Cyber Defence Centre (CYDEC) is an end-to-end cybersecurity service which includes cybersecurity consulting or professional services to guide organisations carve out the best cybersecurity solutions that fit their needs and budget.
Through continuous support from TM One’s Security Operations Centre (SOC) and CyberAssurance services, organisations can benefit from managed security services to discover and address potential cybersecurity vulnerabilities, leverage solutions that help strengthen the readiness of in-house security teams, test systems to identify exploitable gaps, and monitor their broader business ecosystem to detect attacks or indicators of compromised systems and data more efficiently.
This includes Security Posture Assessment (SPA), Vulnerability Assessment and Penetration Testing (VAPT) services and Digital Attack Simulation either as a one-time engagement or a retainer programme.
Organisations who are interested to learn more about how TM One can help enhance their cybersecurity profile can visit its website at https://www.tmone.com.my/solutions/cybersecurity-services/.
This article was first published in Business Today
Cyberattacks have now become a constant threat for businesses everywhere incurring cost and causing reputational issues, on top of other economic conditions that organisations have to contend with.
Despite the inevitability and increasing frequency of these attacks, most businesses have yet to adequately safeguard their infrastructure and systems, with today’s more sophisticated hackers finding new ways to attack businesses of all sizes.
International Data Corporation (IDC) has reported that in 2021, Southeast Asian organisations spent a whopping US$3.2 billion on cybersecurity services, software and appliances.
Closer to home, the Malaysia Cyber Security Strategy 2020-2024 report states that the country may face economic losses of up to RM51 billion due to cyber threats. A study in VMware’s “The State of Incident Response 2021” report also found that 49% of organisations lack the expertise and tools for adequate incident response.
According toTs. Dr. Saiyid Abdallah Syahir Al-Edrus, General Manager, Cybersecurity Services, TM One, “A proactive strategy is when businesses wholly employ a good cybersecurity framework including leveraging new technologies and trends to keep their systems secure. Utilising artificial intelligence (AI) in cybersecurity and automation to bring benefits to their overall operations.”
AI has revolutionised the world by leaps and bounds, with AI in cybersecurity making it much faster to trace potential attacks, reduce the delay in response time and ultimately save man hours. Technology enables cybersecurity solution providers and analysts to analyse similar attack patterns and provide the necessary responses if there is a behaviour change.
Emerging cybersecurity technology will now help to facilitate organisations become more proactive. This includes the utilisation of security information and event management through technologies such as Extended Detection and Response (XDR), Security Orchestration, Automation and Response (SOAR) and Next Gen Security Operations Centre (SOC).
This ensures that enterprises and the government sector are able to implement and maintain a proactive cybersecurity strategy, leveraging the skills and capabilities of dedicated specialised talents and reducing the impact to their own over-stretched IT teams.
TM One works closely with its customers by thoroughly assessing their security posture, technology maturity and business needs through its consulting and other value-added services. The firm has positioned itself apart from its competitors through Managed Security Services (MSS) as its core solution offering.
TM One also recently received the prestigious Frost & Sullivan Best Practices 2022 Cybersecurity Company of the Year award.
Their credibility is seen in the development of its products and solutions offered for the cybersecurity scene. According to TM One, most Malaysian organisations lack in-house security expertise, professionals and tools. This leads to them importing or outsourcing their security operations to ensure the security posture of business infrastructure and manage their cyber risks.
To address this issue, TM One provides a wide spectrum of cybersecurity solutions, helping organisations improve their security posture and business infrastructure as well as better manage their cyber risks via TM One’s Cyber Defense Centre (CYDEC).
CYDEC’s extensive and comprehensive cybersecurity portfolio includes MSS, encompassing managed unified threat management, managed SOC, managed detection and response, cyber threat intelligence, managed anti-DDoS, managed web application firewall, vulnerability management, capture-the-flag service, cyber deception service, digital risk protection and many more.
TM One’s cybersecurity consulting services also include, and are not limited to, security assessment and posture, vulnerability assessment and penetration testing, cybersecurity design and implementation, compromised assessment and digital attack simulation.
Fuelled by TM’s SOC and centralised cybersecurity platform, TM One’s CYDEC incorporates advanced technologies like predictive analytics and machine learning to help customers address evolving cyberattacks on-premises and on the cloud. As an added advantage, this extensive cybersecurity portfolio allows TM One to curate and customise solutions based on customers' needs across various business sizes.
TM One has continuously proven that the right solution alongside robust technology will augment organisations in safeguarding systems, especially within the current complexities of today’s digital landscape. Prioritising cybersecurity skills as one of the most important areas to be addressed, TM One is committed to addressing the industry’s current challenges and support businesses navigate the digital space with greater confidence.
To find out how TM One can help you achieve world class cybersecurity, visit Cybersecurity Services and Solutions — TM One CYDEC
This article was first published in CEO Morning Brief - The Edge Markets
Innovation is a key driver for organisations to generate new opportunities and to create greater value. It enables organisations to find fresh solutions to problems and generate value that they otherwise couldn't access. It takes leadership’s commitment to drive innovation across an organisation. With the right mix of people, tools and leadership, organisations can unlock their next advantage, today.
What are the five top of mind factors that organisations should consider their NEXT phase of innovation?
TM ONE is your trusted partner in enabling your next advantage today and tomorrow by harnessing the power of human centered technology and innovation. We provide secure and robust fit-for-purpose business solutions to enterprises and the Government from across diverse industries, from banking to retail, oil & gas and energy, logistics, education, healthcare and many more.
We understand that every organisation has different needs and goals, with different business models, systems and operational landscapes.
Our end-to-end managed services and vertical solutions built across our pillars of connectivity solutions, data centres, cloud, cybersecurity and smart services which leverage the latest technologies empowers organisations to harness the power of big data and IR 4.0.
Together with our professional services teams across Malaysia and Indonesia, TM One offers value-based innovative solutions to businesses in line with TM’s role as the enabler of progressive innovative transformation.
TM One’s 5G Sphere, our circle of local and global smart solutions and technology partners, will also enable the next phase of enterprise innovation and transformation, harnessing 5G capabilities.
TM One’s 5G Sphere offers the opportunity for enterprises to springboard and accelerate their transformation, offering bespoke solution ideation and implementation to drive and generate positive business outcomes that address the unique needs of diverse businesses.
Register for your next advantage now at: 5g.tmone.com.my Your Next is Now.
This article was first published in Reuters Breakingview 2023
TM One highlights inclusion of machine learning and predictive technology to sift out cyber threats
THE push for digitalisation has enabled the Enterprise and Government sectors to expand their reach and improve efficiency. But with more transactions done online, the risk of cybersecurity breaches has also risen.
Every year, millions of new security threats are created, which have cost businesses more than US$1tril in 2020 alone.
These incidents of breach not only expose organisations to data leaks and fraud attacks, they also erode brand value and could potentially damage customer trust, according to Dr Saiyid Abdallah Syahir al-Edrus, General Manager of Cybersecurity Services at TM One.
Unfortunately, awareness on the importance of cybersecurity and the impact of breaches to organisations remains low.
Cybersecurity threats to organisations have been growing over the years from both external and internal sources and these attacks have also become more sophisticated over time.
“External attacks can happen on your Information Communication Technology infrastructure, Internet of Things (IoT) or operational technology (OT) devices, your cloud environment, remote service attacks, your supply chain infrastructure, or even as part of social engineering whereby your employee is targeted and lured to divulge sensitive information.
“Sometimes, disgruntled employees can also be a threat,” he added.
The importance of investing in well-rounded cybersecurity controls can’t be emphasised more, Saiyid noted.
Implementing a good combination of network and endpoint security controls such as a data leakage prevention system can help mitigate the situation. This includes regularly updating your software, improving detection capabilities, and reviewing your processes to respond to these attacks.
Educating employees in the proper use of IT facilities will also help.
As perpetrators become more advanced in their attacks, organisations will have to ensure that their security systems are 10 steps ahead.
One of the elements that TM One sees as increasingly crucial to deploying a robust cybersecurity system is the inclusion of artificial intelligence (AI) or machine learning, which allows enterprises and the government sector to become more accurate when predicting threats.
According to Saiyid, some organisations would typically sift through 50 to 100 security alerts in a day. Having machine learning capabilities or the right predictive tools will enable them to filter through these alerts quicker and identify true security threats more precisely.
“Before the use of machine learning, we needed human intelligence to do all the analysis to identify whether the alerts we get are a true positive or false positive. With machine learning, it helps us sift through hundreds of events and collect the data we need to confirm it as a true positive and to register that a true security incident is happening.
“But that doesn’t mean we should eliminate human intelligence from the process altogether, as we still need human intelligence to validate the outcome churned out by machine learning,” Saiyid explained.
Having predictive tools also helps organisations enhance their Security Operation Centres (SOC) with better mitigation and analytical abilities. This goes a long way in improving their productivity and efficiency when it comes to operations.
Customers, no doubt, have been favourable to integrating AI into their cybersecurity framework. The challenge, said Saiyid, is the availability of funds to invest in the technology.
"At TM One, we provide advisory services when we address the security controls they need to help them improve and defend their infrastructure. Via a consultative approach, we bring them through the journey of maturity. We understand that customers are at different maturity levels, so our approach is customised for each. It’s really about working with the customer and being able to help them find the best solution for their organization."
"You can start small and build as you mature, and understand the value of cybersecurity and how it helps you defend your brand value and critical assets. You may not see your data as critical assets but they are,” he said.
Notably, as with all forms of technology, there are risks in using AI. Even machine learning tools or AI platforms are susceptible to attacks or compromise.
"It really depends on how robust and secure your infrastructure is," said Saiyid.
"It really depends on how robust and secure your infrastructure is," said Dr. Saiyid Abdallah Syahir al-Edrus, General Manager of Cybersecurity Services at TM One.
If an organisation's security infrastructure is not robust, there may be a possibility of a system manipulation or "data poisoning". As machine learning relies on large data sets for analysis to determine accurate outcomes, organisations need to ensure the integrity and reliability of their data sets to avoid false predictions by the system.
Saiyid also urged enterprises and the government sector to consider multiple layers of check-and-balance cybersecurity mechanisms to ensure a resilient cybersecurity system and reduce over-reliance on AI only.
"Sometimes, the intention of data poisoning is to derail the focus of the system analysis to get the true positive incident or anomaly."
"By diverting attention to somewhere else, the hacker is able to use loopholes to enter your system.”
While machine learning is fairly new in Malaysia, the integration of AI in cybersecurity has advanced and this trend can help organisations in Malaysia.
"We started to develop services that leverage predictive technology as part of threat hunting, and others technologies that combine predictive tools and a bit of automation to respond to repetitive security incidents."
TM One is also deploying cybersecurity with machine learning enabled in the IoT and OT security monitoring space.
To find out how TM One can help you achieve cost effective world class cybersecurity, visit www.tmone.com.my
This article was first published in The Star
The pandemic accelerated digitalisation to levels never before seen, forcing the financial sector to evolve quickly or risk being left behind. In addition to pivoting to a remote workforce, financial sector also embraced digital banking and open application programming interfaces (API) in a race to compete with upstart fintechs.
TM One, the enterprise and government sector arm of Telekom Malaysia Berhad (TM), was on hand to help its clients in the financial sector using their Zero Trust Network Access (ZTNA) concept – which TM One calls Secure Access Service Edge, (SASE) or pronounced "sassy", to quickly secure their clients’ business environments while still achieving optimal speed-to-market for their digital banking products.
When the pandemic hit, many major financial institutions had to quickly pivot to enable their people to work remotely, securely. TM One responded with its SASE offerings for two main components: Internet Access and Organisation Assets.
Ts. (Technologist) Dr. Saiyid Syahir Al-Edrus, General Manager of Cybersecurity Services at TM One and his team are overseeing TM One’s efforts in real-time.
Saiyid explains, “Firstly, employees need secure internet access. Typically, when users browse the internet they are exposed to threat vectors. A cybersecurity solution protects employees by connecting all user traffic via a micro tunnel that goes into the SASE enforcement node or cloud proxy. Secondly, we secured employee access while using organisation assets such as SAP, Salesforce, and emails via secure remote access.
“Our cybersecurity solutions deployment is often quicker than other providers, because TM One does not need to deploy devices. All we need to do is push an agent into the customers’ laptops. The agent forwards traffic to the closest edge services, connecting users to the internet, a SaaS application, or an internal application through the appropriate zero trust service.
“This agent is also intelligent enough to determine when a user wants to access any cloud application for instance. So it will route users automatically based on that HTTP request. All IT activities are secured via a secure tunnel, which is encrypted and encapsulated,” he said.
Financial institutions are now launching a myriad of mobile apps dedicated to stock broking, wealth management, insurance services and other financial services to capture new markets and revenue. Their security practices, need to evolve quickly enough with these new digital offerings. Observed gap is mainly due to the lack of security planning at the development stage, said Saiyid. Too often, security comes as an afterthought, or is the last piece to the product puzzle pre-launch.
TM One is on a mission to educate more clients on the need to involve security right from the beginning of the product development process with DevSecOps.
“DevSecOps oversees security measures and how clients should secure all their applications or any new digital development. From the start of the app development process, DevSecOps will look at multiple security perspectives: What sort of app are we launching? Will it be hosted in the cloud or on premise? And, once released to market, how should the app be secured from being tampered?”
“Typically, you download an app from a marketplace, not the developer's website. However, when an app or a patch is still pending launch from the official source, a malicious attacker can hijack the app by releasing a fraudulent version first. Anyone visiting the app marketplace will mistake the fake app for the real thing.”
“Even after the app has already been released by the official source, it can still be tampered with using malicious code. This code or virus capable of stealing user data or hijack the data that users key in.”
“Typically, a financial services app cannot be published if you do not remediate any non-compliance findings or gaps. This will further delay the release of the app or product. This creates a bit of friction between a business's market growth aspirations and compliance with certain regulations. If clients only try to secure the environment at the end of the production process, it will just delay their launch further,” Saiyid remarked.
TM One provides Professional Services who consult and advise financial institutions about DevSecOps throughout the product development process. This includes conducting Vulnerability Assessment and Penetration Testing (VAPT) and security code assessments through which the cybersecurity team roots out bugs and corrects the app syntax that can unwittingly enable errors or bugs which are then taken advantage of by hackers.
“We’ve seen instances where the app works fine, but certain non-best practices in the code stream open it up to abuse or breach and increase product susceptibility to hacking and SQL injections,” Saiyid warned.
Besides that, TM One also secures the app infrastructure through cloud-hosted apps, with one of TM One’s solutions including the setting up Web Application Firewalls (WAF) either as a dedicated solution or WAF as a Service.
Due to massive monetary and brand value, financial institutions are among the most-targeted groups by Advanced Persistent Threats (APTs), which are groups of hackers that have been backed up by certain organisations that keep on attacking certain entities or certain individuals.
TM One is committed to protecting its clients both before and after APT attacks.
“TM One’s Digital Risk Protection services (DRP) include threat intelligence. We scour the public web, the deep web, and the dark web for certain keywords such as the company or brand name or even the name of key personnel linked to a financial institution. If there is chatter about organising an attack, we can quickly inform the customer to backup and monitor certain assets. If a client already outsources monitoring to TM One, we will do it ourselves. That’s the prevention part.
“However, despite an enterprise’s best efforts, APTs can still breach their environment. That’s why our DRP services also include mitigation or takedown services. If client data has been breached or shared in the internet, we initiate a takedown service by collaborating with our international pool of partners to reach out to the malicious attacker or whoever has shared the sensitive data. We force them to take down the sensitive data from being published, on threat of legal action. That’s the mitigation part,” Saiyid explained.
For financial institutions, brand value lies chiefly in customer trust in their services. Securing those services requires both proactive and reactive cybersecurity measures. At TM One, cybersecurity is a continuous, evolving effort that is both proactive against possible threats and reactive with quick-acting and widespread mitigation efforts.
This article was first published in Fintech News