NTT Limited to offer free cyber sec solutions to mitigate SolarWinds attack

Technology services company NTT Limited will offer “specialised sensor” capability to help them determine their risk and potential means to mitigate attacks related to the recent SolarWinds incidents. This will be offered to specific clients, free-of-charge, the company said in a statement.

In December 2020, a supply chain attack through SolarWinds’ commonly-used network management software allowed malware to be distributed to at least 18,000 organizations around the world. Additional threats have also since been identified, potentially exposing many organisations’ applications and data.

In response to these supply chain attacks, NTT will provide companies that believe themselves to be at risk of compromise with their 30-day trial of its Specialized Sensor for SolarWinds Detection and Alerting across all platforms other than Azure, at no charge.

This offering includes:
Deployment of a specialized sensor in AWS and Google Cloud Platform environments for the detection of Indicators of Compromise (IOCs) specific to the SolarWinds breach.
Near real time notification to a client’s security organization in the event a compromise is detected.
An actionable incident report delivered automatically, immediately upon detection of IOCs linked to the SolarWinds compromise.

On 8 December 2020, cybersecurity company FireEye reported a breach and exfiltration of their Red Team tools. Ultimately, FireEye realized the breach had come via supply-chain attack carried out by the implantation of malicious code in the SolarWinds update server for the Orion Platform.

Sunburst attack

The attack on SolarWinds, dubbed Sunburst, loaded a Trojan into the SolarWinds software update. This malicious update infected SolarWinds Orion Platforms, thus compromising the networks of SolarWinds’ clients. The sophistication of the attack has led analysts to assert that the cyber event was most likely attributed to Russian nation-state threat actors.

On Friday, December 18th, Microsoft released a statement confirming that its network had been compromised by the malicious software updates from SolarWinds. FireEye and Microsoft were two of many companies affected by the attack. US-based organizations were targets of nearly 80 per cent of the attacks. Apart from them, organisations based in Belgium, Canada, Israel, Mexico, Spain, and the United Arab Emirates (UAE) were also affected.

In response to the US attacks, the United States Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive to US government agencies directing them to immediately disconnect or power down SolarWinds Orion products. US government agencies believed to have been breached so far include the Treasury Department, the Justice Department, the Energy Department, and the National Nuclear Security Administration, among others. The full extent of the attack is unknown. It is highly probable that more victims will be discovered since damage from this breach is still being assessed and new tactics, techniques, and procedures (TTPs) could be discovered.

Matt Gyde, President and CEO, Security Division at NTT Limited is of the view that threat actors have exploited disruption during the COVID-19 crisis to launch an accelerated wave of cyberattacks around the world. “The SolarWinds incidents were orchestrated by sophisticated operators and exploit the broad distribution of commonly-used software packages. NTT has now moved to proactively offer clients a way to identify potential problems in their technology infrastructure and take the steps needed to close those gaps,” he said.

Organisations can then engage with NTT for in-depth review, analysis, recommendations, and remediation including a rapid incident compromise assessment. NTT can also provide ongoing managed security services such as Security Operations Center as a Service (SOCaaS) and develop a Strategy for Supply Chain Security Assurance, to help clients monitor their technology assets and reduce risk from future threats.

Tata Tele Business Services launches cloud communication suite

Tata Tele Business Services (TTBS) has introduced Smartflo, a cloud communication suite designed to support today’s hybrid work culture, providing connectivity between all stakeholders, internally within employees and externally with customers and vendors across platforms and touch points.

Smartflo aims to enable businesses to strengthen engagement with customers through seamless communication across time and space, TTBS said.

The setup is quick with zero installation charges and no CAPEX investment. Smartflo comes with an uptime guarantee of 99.5 per cent, backed by TTBS 24X7 managed service capabilities and trust, contributing to a non-disruptive workflow, TTBS added.

Smartflo is suitable for enterprises across industries and sizes that require a multi-functional, multi-modal, economical yet technologically advanced cloud communication suite. It will also be beneficial for businesses to improve their digital agility, which will be a competitive advantage for enterprises during pandemic times, said TTBS.

The company reported that they have seen a strong customer interest for Smartflo solutions across industry verticals like BFSI, IT/ITES, Manufacturing, Education, Fintech, Logistics and E-commerce.

Elaborating on Smartflo, Vishal Rally, Senior Vice-President, Product & Marketing, Tata Teleservices said, “The world we are living in is constantly aligning and realigning itself. As business models are getting re-imagined there is an emerging need for solutions which are flexible and enable operations beyond boundaries. Smartflo suite of solutions combines an uninterrupted flow of business communication with intelligent call routing and monitoring. Not only this, but it also offers on-demand scalability, which allows businesses to adapt quickly to changing business conditions. Smartflo comes with enterprise-grade security and reliability.”

Smartflo comes with features such as:

· Intelligent routing of customer calls to the best of agents/employees

· Voice to Text conversion with keyword mapping

· Call sentiment analysis to understand customers better

· API integration with all enterprise applications to get a single customer view

· Quality checks of customer interactions through live call barge-ins

· Analytics and reports to get insights and enhance business outcomes

· On-demand scalability without additional Capex

· Inbuild Enterprise-Grade security and reliability

The recent disruption has accelerated the adoption of cloud-native technologies. According to Gartner, the cloud telephony market is estimated to grow 18 per cent in 2021 as telephony investment priorities shift to the cloud.

SAP to invest $60 million in India

Enterprise application software major SAP will invest $60 million in India in its cloud business, in an effort to localise and offer India customers a multi-cloud choice.

Underscoring its commitment to India, SAP said in a statement it will make available its multiple cloud solutions to the data centers in the country. SAP India is a leading cloud company that is working toward addressing local customer demands, the statement said.

“SAP’s commitment to support India’s growth vision remains a top priority and we are determined to achieve this with deeper collaboration with our customers, ecosystem and the government,’’ said Scott Russell, president, SAP Asia Pacific Japan.

Kulmeet Bawa, SAP Indian subcontinent president and managing director, pointed out that at present, customers are seeking scalability, faster deployment, data compliance and cost-effective solutions to enable innovation and achieve prompt business outcomes. SAP India began its operations in 1996 with headquarters in Bangalore and offices in other cities in the country.

The decision to increase investments in India come in the backdrop of India continuing to be one of SAP’s fastest-growing markets globally.

It has always been very very important because of a variety of reasons such as scale, demographic dividend, abundant opportunities, a cloud-first mindset, amongst others.

“We are extremely fascinated by what is happening in India’s start-up ecosystem,” stated Bawa. Small businesses in India are beginning to embrace digital tools to survive and drive their business.

India is home to the second largest startup ecosystem with more than 1,500 startups, according to industry body NASSCOM. Additionally, in 2020, India had 12 unicorn startups, signalling the increased tech adoption in the aftermath of the Covid-19 pandemic.

Cloud4C collaborates with Citrix for VDI Solutions

Cloud4C, a leading Cloud Managed Services provider, has partnered with Citrix to offer Citrix Virtual Apps and Desktops service for enterprises to leverage security and mobile workforce capabilities.

With expanding teams and remote working on the rise, the collaboration between Cloud4C and Citrix will help enterprises to seamlessly deploy Citrix’s Virtual Apps and desktops to any device across the workforce with ease and zero disruption. Cloud4C’s Virtual Desktop Infrastructure (VDI) solutions aims to enhance productivity and improve performance, with efficiency, security, and scalability, the company said. Providing secure, remote work is the core value proposition of the VDI solution and this has become more relevant due to the need for employees to work securely from home due to COVID-19 pandemic.

Cloud4C provides end-to-end VDI solutions, including managed services and managed security services. Cloud4C provides skilled Citrix experts who simplify implementation, reduce deployment time, and help in leveraging the full benefits of virtualized desktops.
Sridhar Pinnapureddy, Founder and CEO, Cloud4C said, “We are happy to collaborate with Citrix to offer a hybrid Citrix VDI solutions which help enterprises with high-definition consistent VDI experience on any device, boosting productivity even on unreliable connections, fast and secure access to applications and data, easy scaling up to support temporary workers working from anywhere, easy access to data-intensive applications, and reduced IT costs. At Cloud4C, we are equipped with multiple certified resources for Citrix, Windows, Security, and public cloud platform.”

The collaboration between Cloud4C and Citrix will help enterprises solve major challenges with Cloud4C taking end to end ownership. As part of a wide range of Hybrid VDI solutions, Cloud4C takes care of the implementation, licensing, infrastructure and end-to-end managed services.

This collaboration will also provide a lot of other benefits to enterprises, such as quick provisioning of desktops based on the requirement, easy connect over the internet or via MPLS link, Hosted Shared Delivery or VDI mode of Virtual Desktop and Integration with existing Active Directory/New AD. Apart from these services, the customers can leverage single window managed service and easy integration with other cloud services like Office 365.

“The pandemic has highlighted the importance of solutions to enable people to work from home and keep business-critical services going. Now more than ever, it is crucial to support businesses and their distributed workforce to get work done efficiently, unlocking their full potential, without putting their employees nor security requirements on risk,” said Ravindra Kelkar, Area Vice President, Indian Subcontinent, Citrix.

Cloud4C has 4,000 customers in 25 countries and 52 locations including 60 of the Fortune 500 Global multinationals. It provides cloud (public, private, hybrid) and community cloud services (Banking Community Cloud, SAP Community Cloud), cloud migration on public cloud platforms such as AWS, Microsoft Azure, Google Cloud, end to end cloud managed services, disaster recovery services, managed security services and helps businesses comply with stringent data sovereignty laws in respective countries.

E2E Networks Joins Hands With K-Tech Center of Excellence for Data Science & AI

National Stock Exchange-listed cloud provider E2E Networks has partnered with KTech CoE Data Science & AI Government of Karnataka (GoK) – powered by NASSCOM, to foster disruptive innovation by creating an entrepreneurial ecosystem and create quality human capital to meet the AI talent requirements.

NASSCOM is a not-for-profit industry association in India, is the apex body for the $180 billion dollar Indian IT BPM industry.

 

The partnership comes at a time when the world is fighting a pandemic, and cloud-based technology is taking massive leaps to help the economy. KTech CoE DS & AI has a great role to play as an evangelist and driver of AI enabled growth; Its vision is “to harness the potential of AI for augmenting the state’s and so the country’s innovation ecosystem and create multiplier impact on economy, industry and society “

The partnership will be beneficial for both the parties. E2E Networks will get access to KTech CoE DS&AI accelerated companies, and this will help them accelerate AI Innovation in India. It will also reap the direct benefits of the joint activities conducted by KTech CoE DS&AI.

For KTech CoE DS&AI accelerated MSMEs and Innovators, there will be an exclusive discount, which will also gain access to latest NVIDIA GPUs via cloud servers from E2E at highly affordable prices to run their artificial intelligence loads, which includes high-performance computing, machine learning, deep learning and data science workloads.

The tie-up shall provide a leg up to enable deep research benefiting various industries as well as the Government so that everyone can benefit. KTech CoE DS&AI, since its inception, has been driving the acceleration the adoption of AI solutions by user enterprises and public sector by creating toolkits, processes, and frameworks. It enables convergence of technological advancements and industry developments with deploy worthy Data Science and AI Innovations. Also develop skills to ensure talent pipeline to meet the growing requirements for AI professionals.

E2E Networks offers the latest GPUs – NVIDIA A100 Tensor Core GPU, NVIDIA T4 Tensor Core GPU, and NVIDIA Quadro RTX 8000. When combined with NVIDIA virtual GPU (vGPU) solutions for Quadro workstations, creative and technical professionals are able to work from anywhere, including their home offices, and run compute and graphics-intensive applications for CAD, digital content creation, simulation, and rendering.

“The biggest impediment faced by AI MSMEs and Innovators today is access to AI processing capability and flexible scaling of capacity. This is very capital intensive and hard to come by for AI Startups working on tight budgets. Through this tie-up, we are simply enabling what our MSMEs and Innovators asked for. Not only will it help our network of Data Science & AI companies to focus on Innovation rather than CapEx, but also help them accelerate their speed of AI innovation. The pandemic has ushered in an era where working remotely is the new normal. We think this is how the MSME and corporate world will function over the next few decades, and the transformation needs an OpEx model for AI processing needs,” said Krishna Prabu, Technical Director, Ktech CoE DS&AI.

“Our collaboration with KTech CoE DS&AI allows us to play a significant role in helping KTech CoE DS&AI incubated startups and members run their AI/ML training/inference, data science, Natural Language Processing (NLP), computer vision, and professional graphics workstation workloads,” said Tarun Dua CEO of E2E Networks.

TAC Security to foray into other markets outside India

TAC Security, an Indian Computer Emergency Response Team (CERT-In) empanelled information security organisation, is taking it’s new dark web threat intelligence solution, ESOF-DarkSec, to markets abroad.
This is an effort to address the growing demand for Cyber Security solutions and also add impetus to TAC Security’s global expansion plans . ESOF-DarkSec will be rolled out, to begin with in the North American market where it has a strong footprint and in the African market where it commenced operations. The company is further expanding operations in the Australian and European markets as well.

ESOF-DarkSec helps enterprises detect, measure, and identify the type of data available on the dark web about their companies.   “Data confidentiality has always been an issue for enterprise security teams, and the recent increases in the dark web exposure cases are intimidating for both governments and organizations. Cybersecurity threats are becoming more sophisticated with every passing day, and even more so during the COVID-19 outbreak where spear-phishing is being used as a tool to access critical data. We hope that the product will help inform business entities about the vulnerabilities of their infrastructure so they can secure their endpoints and networks against potential threats.” Chris Fisher, Chief Marketing Officer, TAC Security.

The launch is aligned with the rising number of data leaks on the dark web, which jeopardize sensitive information of government, businesses, and individuals alike. This cloud-based solution helps find the size, nature, and recent update (if any) of the leaked data on the darknet. ESOF-DarkSec also provides a dark web organization risk score on a scale from 0 to 10, so security teams can know the risk to the organization on available data in the dark web from and take action to mitigate the risk. The solution is available as a subscription plan in three tiers: Basic, Platinum, and Premium, with different price points based on deeper periodic scans.

Trishneet Arora, Founder and CEO of TAC Security said, “Data is the biggest asset for any entity in the current landscape. As much as it gives precious insights into enhancing customer experience, any unauthorized access to it can cause severe damage to personal, enterprise-level, or even national integrity, depending upon the nature of data. It is very difficult to get this data down once it enters the dark web. Knowing the extent of the dark web threat is pivotal as it enables an organization to analyze and limit the damages by taking preventive measures.”

TAC Security protects Banks and Financial Institutions, governments’ organisations, Fortune 500 companies, leading enterprises data around the world. TAC Security manages 5 million vulnerabilities through its Artificial intelligence (AI) based Vulnerability Management Platform ESOF. The company is also responsible for End to End Security Assessment of 200 UPI based Mobile Application for NPCI, an umbrella organisation for operating retail payments and settlement systems in India.

You can deep dive into cyber security and its various dynamics during W.Media’s Digital Week 2021, from February 23-26. Do check it out at https://w.media/digital-events/

The Philippines updates Cloud First Policy in transition to ‘new normal’ amidst COVID-19 pandemic

The Philippines has amended its Cloud First Policy to transition to a “new normal” brought on by the COVID-19 pandemic.

The Department of Information and Communications Technology (DICT) has recognised the vital role of ICT by providing clearer instructions on policy coverage, data classification and data security to meet global standards.

“We are paving the way to an ICT policy environment that is more responsive to current needs, further filling gaps in our country’s digitalisation efforts,” said DICT Secretary, Gregorio B. Honasan II.

The Cloud First Policy looks to promote cloud computing as the preferred technology for the Philippine Government’s administration and delivery of services to efficiently serve the public.

Mr Honasan said: “The shift to a truly digital government is much more pressing today.”

This shift is expected to empower greater flexibility, security, innovation and cost-efficiency.

“The DICT is committed to cover all aspects of this, primarily policies that would enable government digital transformation to ensure that we maximize ICT during this transition to the new normal,” said Mr Honasan.

Clarifying ‘Cloud First’

The amendments made to the Cloud First Policy clarify which institutions in the Philippines will be covered, and which are only encouraged to adopt cloud technology.

The policy will cover all departments, bureaus, offices and agencies of the Executive Branch as well as state universities and colleges. The Congress, Judiciary, Independent Constitutional Commissions and Ombudsman will only be encouraged to adopt the cloud services.

The amendments in the Cloud First Policy also clarify the Government’s position on data sovereignty, which was ‘confused with the concept of data residency’ in the previous version.

In the new version, the application of Philippine laws over foreign counterparts will be asserted over the data owned or processed by the Government or any entity that has links to the Philippines. 

This means that most data passing through the Philippines will be subject to the Data Privacy Act of 2012, which ‘protects the human right to privacy of communication while ensuring free flow of information to promote innovation and growth’ and the inherent obligation of the state to ensure that data is secured and protected.

Additional provisions on ICT capacity building and development of essential skills to meet international and local standards in the Philippines are also included in the Cloud First Policy.

The Philippines fell from 9th in 2018 to 11th in the 2020 Cloud Readiness Index by the Asia Cloud Computing Association. But there may be renewed optimism for a strong cloud future in the Philippines with these amendments, along with the Philippine Digital Transformation Strategy and more connectivity coming from DITO’s new data center.

Adapting to the ‘new normal’ in the Philippines

In response to the COVID-19 pandemic, various governmental departments in the Philippines have adopted cloud technology to adapt their services.

The Department of Education recently partnered with Microsoft to provide a virtual ‘graduation-in-a-box’ to students in schools nationwide.

“The future of the Philippines lies in the hands of the brilliant young minds sitting in its classrooms today and we are privileged to empower not just their learning experience, but also their future,” said Andres Ortola, Microsoft Philippines Country General Manager.

The Supreme Court in the Philippines has also worked with Microsoft to continue legal proceedings through cloud-based videoconferencing hearings for the first time.

Mr Ortola said: “I am so proud to be a part of this historic moment in the Philippines.”

Enabling migration to the cloud

In the original Cloud First Policy in 2017, the Philippines encouraged migration to the cloud to enable greater automation and agility. The DICT recommended a three-step process to achieve migration.

First, take stock by defining objectives, determine data classifications and map security considerations. 

Second, plan migration by defining responsibilities, identifying skill gaps and choosing a suitable cloud environment. 

And lastly, migrate and manage through testing workloads, tracking performance and training staff through service level agreements with cloud vendors.

If you would like to find out how you can successfully migrate to the cloud, register now for our free ‘Data Center Selection & Migration in Asia Pacific’ digital event on Thursday 23 July.

Get involved in conversation and connect with your peers on LinkedIn and Facebook using #WMediaEvent!

Image: jopetsy, Flickr