How a united voice can build digital trust in cybersecurity

In its business predictions for 2019, industry analyst Forrester says more companies will implement cybersecurity strategies based on a principle of “zero trust” --- continuously questioning the security of all internal and external activity. 

For cybersecurity as a whole, however, a zero trust approach is not an option. Everything cybersecurity vendors need to be able to do to protect customers --- collect and process information on suspicious and malicious files, hunt malware, share threat intelligence, and collaborate - including with law enforcement and governments --- is impossible if there is zero trust. How can we ensure they have faith in the industry and their specific provider?

This is where digital trust comes in. Digital trust is defined as the blend of cybersecurity, effective data privacy, accountability, and ethical data handling that leads customers to trust an organization. 

Cybersecurity needs to establish its own digital trust. Unfortunately, this aim is under growing threat from external forces, such as geopolitics and technology nationalism.

A world without trust. Thanks to cybercriminals and advanced threat actors, cyberspace has become a landscape of fear, uncertainty and doubt. Geopolitical tensions are being played out online, with security software and other technology products positioned as potential cyber weapons. 

GLOBALIZATION VS. NATIONALISM. Technology nationalism is flourishing because the world is engaged in a game without rules: there is no unified, independent global framework for standards in cybersecurity. That is not altogether surprising; cybersecurity is a relatively young industry still finding its feet as a sector and an agreed global playbook has not been essential before. 

WHAT WE CAN LEARN FROM OTHER SECTORS. The long established automotive sector got its global regulatory relationships in place in 1952, with among other things, the setting up of the World Forum for the Harmonization of Vehicle Regulations under the auspices of the UN Economic Commission for Europe (UNECE). Through the forum, the world’s main automotive manufacturing markets collaborate on essential motor vehicle regulations that apply to all.

At the same time, every country is different and has its own unique needs, approach and regulations. In the case of the healthcare industry, the World Health Organization (WHO) provides details on the laws and healthcare approaches of different countries around the world. 

Just imagine if such things existed for cybersecurity: if vendors could operate internationally on a level playing field, within an industry-wide trust framework, but tailor their activity and choices to the needs and regulations of individual countries?

THE RISK OF FAILURE TO ACT. The absence of a global framework puts the industry at risk of what is known as “balkanization” where barriers, restrictions or even outright bans are put in place by governments to keep technology vendors it wants to exclude on the other side of the fence. We believe that technology nationalism is damaging and will stifle competition, innovation and collaboration and undermine trust in the global digital economy. The only winners will be the cybercriminals who don’t see and certainly won’t respect any of those borders. 

The response of governments to industry insecurity needs instead to be based on dialogue with the relevant industry players and real evidence and assessment of the potential risks.

We are not the only ones concerned about trust and the future of cybersecurity. Across the industry there are partnerships and calls for a Digital Geneva Convention, including, most recently, the Paris Call. We are enthusiastic supporters of them all. But we also believe it is time to move beyond good intentions and take action to introduce tangible measures that prove trustworthiness, integrity and resilience.

OUR MODEL. For us, the answer is our Global Transparency Initiative. Launched in October 2017, the program involves, among other things, the relocation of key elements of our data processing and software build infrastructure to Switzerland, independent third party audits of our engineering practices, and the opening of three Transparency Centers where trusted partners can access external reviews of our source and update code and documentation. We achieved the first major milestones in November 2018 with the start of data processing in Zurich for customers in Europe, and the opening of our first Transparency Center in the city.

Becoming more transparent is not risk-free. Exposing your source code, for example, even in highly controlled circumstance could make it a target for attack. But these are risks we are prepared to take.

ROADMAP FOR RESILIENCE. The days of black box cybersecurity are over. Yes, not everyone understands or even wants to know about the hundreds of thousands of lines of code that make up a security product. But they need to be able to see clearly what you do, how you do it, and how protected it is from outside interference. Equally importantly, they need to know what kind of data you don’t collect and what things you will never do. And not just for one vendor, but for all of them, measured by the same high global standards that we create together.

FOR many small and medium businesses that aspire to deploy virtualisation platforms, there are very few options in the market that meet their criteria of affordability and ease. In a traditional data centre model, an organization would evaluate and purchase technology from multiple vendors and build its IT infrastructure from scratch. 

Even if you have experienced IT professionals or outsourced to a qualified third party, the process of designing the data centre, installing hardware and software, and making sure they function like clockwork is slow, expensive and risky.

A solution to simplify managing and monitoring efforts is hyper-convergence – an infrastructure that integrates server computing and storage in a box. Within a Hyper-Converged Infrastructure (HCI), businesses can design their IT environment flexibly by adding these boxes into a cluster just like building blocks. This “infrastructure in a box” approach also reduces power, cooling, cabling and space requirements to improve operational efficiency.

In addition to the above benefits, HCI also ensures scalability and flexibility of operations. Business expansion is one of the core aspirations for SMBs and HCI supports that by making it as easy as just adding another box. It also reduces necessary costs for electricity and space by merging storage and computing into one single hardware unit.

However, is HCI the right fit for your SMB? Not entirely. HCI may not result in the same performance as traditional solutions at all times, due to its nature which requires more computing resources and would not perform up to the mark with just a few hardware units. Also, the total cost of ownership for HCI can be way beyond the affordability of a growing SMB, since such infrastructure usually requires more hardware expense to accommodate a minimum of three hardware units up front, along with a high hypervisor license fee which often comes with it.

So, how can SMBs overcome the challenges of HCI while reaping its benefits? There are solutions like our latest software package “Virtual Machine Manager” (VMM) which provides a powerful yet affordable HCI-like infrastructure specifically targeted towards the needs of SMBs. With Virtual Machine Manger, users can run multiple Windows and Linux VMs on top of a clustered infrastructure of up to seven Synology units, providing flexibility and service management on a web-based graphic user interface.

To provide SMBs with an HCI-like infrastructure that delivers outstanding performance even when fewer hardware resources are available, VMM opts for local file system instead of a distributed one, to drastically reduce the amount of data that needs to be synced between different nodes, and thus the computing resource. 

In addition to providing such economic flexibility, it also future-proofs the risk of losing data due to single point failure, by providing the option of replicating snapshots to another Synology node as frequently as every five minutes, ensuring optimal data protection for SMB. Additionally, it also provides the much-needed scalability to a growing SMB along with reduced capital expenditure, since the VMM cluster can start from just one hardware unit and expand the hardware resources as the business grows.

For growing SMBs who want to enjoy the benefits like that of an HCI, VMM can be the perfect solution to fit their budget, efficiency and scalability needs. VMM provides features that help you focus on your business growth without bothering about the complex IT management and exorbitant IT expenditur

THE World Economic Forum (WEF) coined the ‘Fourth Industrial Revolution’ in 2016 a fusion of technologies, blurring the lines between the physical, digital and biological spheres. Two years on, digital technologies are boosting asset and labour productivity, accelerating time to market, and unleashing other efficiencies. In ASEAN, the impact of Industry 4.0 could see productivity gains of between US$216 billion and US$627 billion.

However, a McKinsey report found that ASEAN companies have been slow to climb aboard the bandwagon. Barring Singapore, ASEAN’s productivity gap is preventing the region’s manufacturing sector from reaching its full potential. ASEAN, in general, is optimistic about the potential of Industry 4.0, however, only 52 percent of technology suppliers and manufacturers in the Philippines are optimistic of the benefits from an Industry 4.0 transformation.

Exploring the need for Industry 4.0 in the Philippines

The Philippines was ranked 85 out of 138 countries in terms of technology readiness, attributed to the country’s weak institutional framework, human capital, technology and innovation. According to the Department of Trade and Industry, the country needs to focus on innovation to benefit from the changes driven by Industry 4.0. This includes addressing the challenges from disruptive technologies, rising operational costs and increasing global competition.

To this end, the Philippines unveiled a new industrial policy dubbed the Inclusive Innovation Industrial Strategy (i3S). i3S aims to grow and develop globally competitive and innovative industries, offering incentives on research and development and innovation, as well as tax deductions on training and workers’ skills upgrading.

Manufacturing to lead the march

Despite higher input costs due to the transitory price effects of tax reform, manufacturing is sustaining its growth – the Volume of Production Index (VoPI) for manufacturing grew by 13.6 percent in March 2018, higher than the 12.3 percent registered in the previous year. Manufacturing comprises more than half of the Philippines' industrial sector and accounts for almost a quarter of the country's Gross Domestic Product (GDP). 

The Philippines is accelerating the manufacturing sector's competitiveness to achieve sustainable and inclusive development for the country. To establish itself as a larger manufacturing hub, the Philippines needs to look towards automating its manufacturing sector through new technological advancements. The Department of Science and Technology declared robotics as a platform that companies can leverage to increase efficiency and enhance reliability. Automation using robots could help increase labour productivity by up to 40 percent. In the Philippines, the adoption of robotics stands at three robots per 10,000 employees, trailing behind the global average of 74.

Collaborative robots (cobots) have become one of the most explosive trends in robotics and the fastest growing segment in industrial automation. Cobots are expected to jump ten-fold to 34 percent of all industrial robot sales by 2025, according to the Robotic Industries Association.

Cobots – designed to work side-by-side with people – are lowering the barriers to automation in areas previously considered too complex or costly, helping businesses of all sizes. At M Social Hotel, Singapore, a Universal Robots (UR) cobot prepares eggs sunny-side-up or as an omelette. In India, UR cobots assist Bajaj Auto, world’s third largest motorcycle manufacturer. Automation through cobot technology has the potential to strengthen the Philippine economy to conquer not just local markets but beyond our borders.

The role of academic institutions

The adoption of automation will open up opportunities for completely new business models in manufacturing. Leveraging on the country’s position as the fastest growing ASEAN economy, the Philippines needs to focus on adopting automation and equipping workers with the right skills to stay competitive.

According to an International Labor Organization study, nearly half (49 percent) of jobs in the Philippines face a high risk of automation. As highly repetitive roles are replaced by robotic automation, academic institutions need to prepare the future workforce – new generation Filipinos need to possess the requisite skills for Industry 4.0. Apart from nurturing a pipeline of talents to take on new and higher value jobs that will arise from automation, universities must also initiate research and development for potential new Industry 4.0 technologies.

To foster automation, companies like UR are providing courses to help employees upgrade their skillsets. UR launched the UR Academy, an initiative offering free online learning modules to aid businesses in robotics training and adoption. The company also unveiled the UR Collaborative Robotics Course, an in-depth and hands-on robotics course held in Singapore, which is open to the general public including international participants. It empowers individuals with knowledge and skills to self-deploy robotic solutions and maintain automation equipment.

Staying competitive

The Philippines holds great potential to become a competitive nation in Southeast Asia – a report by Deloitte projects that the country’s GDP will expand 4.8 percent per year in the 2014 to 2033 period, growing faster than the region. The nation needs to seize automation opportunities to stay competitive and avoid losing ground to its neighbours as it gears towards becoming Asia’s next manufacturing hub.

IT is no secret that the cloud has democratized access to technology previously reserved for only the largest of organizations, leveling the playing field. With it, the role of the Chief Information Officer (CIO) has changed.

No longer is the CIO’s core focus that of ‘keeping the lights on’, and ensuring that technical operations function optimally. 

Today, the CIO is a partner to the business, driving innovation at DevOps speed and scale, and playing a key role in supporting the company’s go-to-market strategy.

Conceptualizing the perfect cloud approach is not an easy task, especially in today’s fast-paced business environment. Too often, business leaders spend a lot of time debating configurations, especially when deploying enterprise applications – only to find that the business has changed by the time they are done.

Thus, in this new cloud-driven world, the imperative is to move at the speed of business. This will ensure that organizations adjust and move beyond failing fast, to embrace “succeeding fast”.

A walk in the clouds

In the pre-cloud days, IT infrastructure deployment was a tedious and complex process. Monolithic applications meant dealing with multiple vendors and lengthy provisioning timeframes. Today, with the evolution of the cloud, ‘outsourcing’ software (Software-as-a-Service) to be delivered and managed by the experts, while you focus on running your business, is becoming the mainstream.

If a business realizes the need for additional computing firepower as a result of dynamic shifts in the industry landscape or a requirement to play less in the datacentre space, that’s where Infrastructure-as-a-Service (IaaS) comes into the picture. After the computing resources needed are determined, businesses can easily look at scalable resources, instead of being stuck with constantly underutilized capacities.

Platform-as-a-Service (PaaS) forms another critical component of cloud infrastructure, including components such as a database, analytics, integration, mobile, security, etc., that can be consumed on-demand.  Not only is the approach time efficient, but these cloud stacks can also help with building the extensible platform needed to support strategic business outcomes by lowering entry barriers and accelerating the go-to-market.

The hybrid cloud platform – a CIO’s key to cloud success

Achieving successful outcomes from the cloud increasingly involves taking a hybrid approach to deployment. Organizations need to be able to utilize different forms of cloud solutions that can best cater to their requirements while simultaneously meeting regulatory benchmarks, including data governance and evolving security regulations in the markets that they operate in.

The financial services industry, for example, has specific rules about how data is collected, used and stored. Oracle Cloud at Customer helps organizations in the sector enjoy the benefits of a public cloud, while allowing them to stay in control of their data and where it is located.

The secret in the “sauce”

Today, several vendors offer cloud stacks and solutions. So, how can CIOs choose the right option for their business, especially in a rapidly changing market that is moving beyond the cloud to incorporate advancements in Artificial Intelligence (AI), Machine Learning (ML) and automation?

This is giving rise to a whole new category of services. This new autonomous cloud is underpinned by three core tenets; being self-driving (where it literally runs itself, eliminating considerable human labor by self-tuning, self-patching, and self-scaling), self-securing (including intelligent threat detection, remediation and automatic encryption) and self-repairing (enabling the system to keep running even as patching and maintenance takes place).

This new cloud platform infrastructure has the potential to positively disrupt business models - enabling reduced risk, lower costs, and maximization of a business’ most important asset, their data. In the longer run, the resulting ‘autonomous organization’ has the potential to reach an ideal state where manual processes for running day-to-day operations and maintaining core IT systems can be completed without human interference. Instead, manpower can be redeployed toward value-added roles, enabling companies to redirect revenue and focus on innovating amid changing market dynamics.

The Journey Forward

Already we have moved far in the journey to the cloud. Some years ago, even established companies were wary of the cloud; today, cloud acceptance and adoption continues to grow.

Witnessing shifts within its business and customer demographics, driven by the rising tide of consumer e-commerce, Indonesia’s leading express logistics provider, JNE is introducing the Oracle Management Cloud to manage innovative applications, including a Business Reporting System for e-commerce customers. This enables end users to see where their items are at each stage of their journey and provide JNE with end-to-end visibility of all transactions to ensure performance and response times for deliveries.

Evidently, this new approach truly represents a new era of IT, where things are finally made simple, business leaders have a clear view of all applications and most importantly, glean actionable insights from data. Modern CIOs are now leading the charge in the way forward for their organizations with this new, enterprise-grade cloud that enables them to focus on supporting business strategy and leave the techie ‘how to’ to the cloud service providers.

In this new form, the cloud won’t just be ‘as a service’, but at your service – providing unprecedented access and ease of use to CIOs and their businesses. Cloud and other transformational technologies will be further demonstrated and discussed at Oracle OpenWorld Asia, the industry's most important business and technology conference, happening in Singapore from March 26 – 27. Registration is now open: https://www.oracle.com/sg/openworld/