The 5G race in Malaysia is heating up with various initiatives announced by service providers.
Telekom Malaysia (TM) edges out the competition by leveraging its existing ICT portfolio, professional service capabilities, and R&D to offer end-to-end solutions.
The 5G scene in Malaysia is heating up, as the market is only a few months away from expected commercial availability. The regulator, MCMC, recently announced that 5G will be available to users by July 2020. Since the kickoff of the 5G Demonstration Project (5GDP) by MCMC in September of last year, the telcos have been making regular announcements about their progress. These include Celcom’s partnership with the police and municipal council on a smart city deployment in Langkawi, Digi’s launch of its 5G OpenLab in Cyberjaya, Maxis’ 3 Gbps in C-band 5G trial spectrum, and TM’s collaboration with players from other verticals to co-develop 5G applications in Subang and Langkawi. While MCMC has outlined 55 use cases in 32 sites across six states for the 5GDP, Langkawi has been the center of the attention, as the service providers placed most of their resources for their 5G initiatives on the island. Continue reading “TM 5G Showcase Langkawi: Leading the 5G Race in Malaysia”→
Verizon’s annual Payment Security Report captures a snapshot of organizations struggling to continue successful controls and best practices over time.
The evidence shows those who do are rewarded with a better fortified defense against breaches.
Fifteen years after the payment card industry settled on a single data security standard with PCI DSS, there are indications that too many organizations’ security practices haven’t risen to the level of maturity which would have been anticipated at this point. In Verizon’s annual survey of payment card industry security practices, only 37% of the 302 surveyed enterprises sustain full compliance with the 12 specifications outlined in PCI DSS consistently over time. Effectively, most organizations are focusing on meeting the basic requirements rather than developing consistent and effective security practices – not unlike a procrastinating student who is just looking to pass the test. Just 18% check to see if they are meeting PCI DSS specifications more often than what the standard mandates. Continue reading “Verizon Payment Security Research Exposes Execution Issues”→
A new API lifecycle management approach is founded on emerging security innovations, including AI.
Pure-play API security providers threaten to outshine API management leaders through best-of-breed security.
This month’s API World in San Jose conveyed one dominant theme throughout keynotes, sessions, and the show floor: API security.
Alongside the usual suspects of leading API management providers, including IBM, Axway, and Akana, were a heap of API security providers, clearly generating a large amount of buzz among attendees. I recall a number of them attending API World last year, but the dominant theme of 2018 was Istio and other service mesh technologies, critical in helping move microservices-based apps into production. Following a year’s progress in digital transformations and the rollout of new app development architectures – including microservices and serverless computing – and the realization of all those unsecured APIs at the heart of DevOps-backed projects, unsurprisingly, security was the new belle of the ball. Continue reading “API World 2019: API Security Tops API Management Priorities”→
• After a protracted legal battle that spanned nearly a decade, Cisco settled a lawsuit accepting accountability for a security flaw in a video surveillance system sold to Homeland Security, the Secret Service, and other U.S. government agencies.
• As part of the settlement, the partner’s employee who originally reported the vulnerability will receive $1.5 million.
Eight years after the filing of a lawsuit against Cisco on behalf of U.S. public sector customers and more than a decade after a Cisco contractor initially called attention to a serious security flaw in one of the vendor’s video surveillance solutions, the IT equipment maker reached an $8.6 million settlement with the aggrieved parties and admitted culpability. In a blog posted in late July, Cisco General Counsel Mark Chandler wrote that software developed by Broadware – a company acquired by Cisco – used an open architecture that could be vulnerable to a breach. The settlement amount equates to a partial refund to the U.S. federal government and 16 states that bought products between 2008 and 2013. And the $8.6 million settlement included a $1.6 million payment to the person who first identified the vulnerability, although ultimately, no breach ever occurred. Continue reading “Cisco’s Settlement Over Video Surveillance Flap Signifies a New Era in Vendor Accountability”→
Starting on September 1, 2019, Microsoft will begin onboarding new Office 365 users directly into Microsoft Teams, in essence removing the option for customers to run both Teams and the soon-to-be-retired Skype for Business Online.
Though somewhat extreme, this migration plan has been coming on for some time now, frankly ever since Microsoft introduced Microsoft Teams in 2017.
Due to their privileged access to high-value corporate assets, executives are in the crosshairs of cyber attackers, according to the latest Verizon Data Breach Investigations Report.
The Verizon report found that the combination of access and the need to make quick decisions made C-level executives more vulnerable to social engineering attacks.
Enterprising cyber attackers driven by a money motive are setting their sights on objects that will deliver the highest returns. Thanks to their access to high-value systems and data, C-level executives are a prime target for social engineering hacks. This year’s Verizon Data Breach Investigation Report (DBIR) found social attacks, including business e-mail compromises (BECs) against enterprise executives, are on the rise. Speculating that the combination of proximity to high-value assets and the intensive pressure of their roles, which limits executive time to scrutinize messages, makes them more vulnerable than most employees with less critical roles, the Verizon DBIR claimed that staffers in leadership are 12 times more likely to be the victims of credential theft or other social incidents, such as being tricked into transferring money to an adversary’s bank account. Continue reading “New Research Reveals C-Level Execs Are Prime Targets for Cyber Attackers”→
Amazon Alexa is relaying recorded consumer speech for analysis by Amazon staff and contractors for product improvements.
There is a simple workaround to turn off the default communications between Alexa and Amazon employees.
Alexa apparently needs a little help from human sources to better decipher user requests. Amazon acknowledged that individual staff and contractors in a number of countries including Romania, India, Costa Rica, and the U.S. each evaluate as many as 1,000 recorded requests to Alexa during their nine-hour shift. The staffers feed notes into software that provides better context to requests, which Amazon said will ultimately produce a better user experience. Continue reading “Amazon Catches Heat for Alexa’s Dependence on Human Intellect”→