Balancing Security with Usability
At TechInnovation 2020, members of the Singapore Cybersecurity Consortium shared their new technologies with an eager online audience comprising investors, technical experts and the public.
SARS-CoV-2 wasn’t the only virus to besiege our world this year. As people stayed home and remote working became the new normal, digital viruses proliferated too. Ransomware attacks alone increased 40 percent from the previous year in the third quarter of 2020, reaching almost 200 million cases worldwide.
The pandemic-driven shift to remote working, coupled with other digitalisation trends such as the rise of the Internet of Things (IoT) and an increase in the number of businesses migrating online, have presented new opportunities for cybercriminals. Accordingly, they have also spotlighted innovations in cybersecurity solutions.
To facilitate the development of these solutions in Singapore, the Singapore Cybersecurity Consortium (SGCSC) was established in 2016. Funded by the National Research Foundation and anchored at the National University of Singapore (NUS), the consortium promotes engagement between industry, academia and government agencies to encourage research, translation and manpower training in the cybersecurity sector.
Over the years, these private-public partnerships have borne fruit, giving rise to new technologies commercialised by companies and used by national institutes, SGCSC academic director and NUS Professor Abhik Roychoudhury shared at the virtual SGCSC Industry Day held on 7 December. Part of IPI’s TechInnovation 2020, the event highlighted promising cybersecurity solutions from four SGCSC member firms, attracting an eager online audience comprising investors, technical experts and members of the public.
In case you missed the action, here are some of the most noteworthy insights and technologies featured in the session.
Usability and security go hand-in-hand
If you’ve ever bought something online with your credit card, you would be familiar with the two-factor authentication (2FA) process used by banks. Before an order is processed, we usually have to key in a verification code sent to us via SMS. E-commerce is just the tip of the iceberg though: 2FA technology is used in a whole suite of online services, from verifying email accounts to login attempts.
While 2FA may be important for cybersecurity purposes, the verification technology is a pain point for many users, as Singapore-based start-up Silence Laboratories has found. “The moment the user is requested to open an app, source for the code and type it in the browser, there’s a dip in user experience. That’s the core reason people don’t use 2FA,” explained Jay Prakash, who founded the authentication solutions firm.
By using sophisticated sensing technology and sensor fusion algorithms, Silence Laboratories aims to develop simple and seamless authentication solutions. “We are trying to balance usability and security in our authentication solutions across different platforms and services of logins, ride-sharing and last-mile delivery,” Prakash said.
Silence Laboratories wasn’t the only firm to prioritise the user experience in developing cybersecurity solutions. After all, poor usability may result in the inadequate or improper application of cybersecurity tools, hampering their effectiveness. Oleg Ishanov of Acronis, a Swiss firm with its international headquarters in Singapore, also emphasised the importance of a good user experience when he shared the company’s all-in-one data protection and management software with the audience. Giving them a product demonstration, Ishanov highlighted the software’s intuitive user interface, which masked a sophisticated backend system.
Ishanov further pointed out that while cybersecurity solutions are getting more advanced, no system is fail-safe. “All the products in the market try to achieve 100% protection level, however that’s usually not possible,” he said. “While you cannot detect every threat, you should always be able to respond and recover from them.”
Innovating to stay a step ahead
Two other firms, Secure-IC and Attila Cybertech, also shared new technologies to fend off sophisticated cyberattacks. With IoT becoming a focus point in recent years, homegrown Attila Cybertech has developed operational technology (OT) to make industrial networks more cybersecure, said CEO David Ong, who showcased the firm’s data diode device at the event.
The hardware-based, uni-directional data transmission solution stops malware from flowing from infected computers or untrusted sites to plants, reducing the risk of cyberattacks leading to operational failure. At the same time, data from the plant can still flow to the computer and internet platforms to be monitored and analysed. “Due to the integration of IT and OT, there are more and more challenges that OT has never before encountered, which are now surfacing in terms of cybersecurity gaps,” Ong said.
As our world becomes increasingly digitalised and ever more connected, cyberattacks look set to become more commonplace. But every cloud has its silver lining. With a vibrant ecosystem supported by the SGCSC, Singapore is well-positioned to ride the cybersecurity wave.
To find out how your firm can join the SGCSC and benefit from partnerships with government agencies and academia in the cybersecurity sector, visit https://sgcsc.sg/. If you wish to view the on-demand videos from the SGCSC Industry Day at TechInnovation 2020, click here.