Tag: information-security

  • PH firms urged to double down on cybersecurity solutions

    PH firms urged to double down on cybersecurity solutions

    Recent data breaches have cast a spotlight on the vulnerabilities of Philippine businesses and raised concerns about their cybersecurity preparedness. Despite the alarming rise in sophisticated cyberattacks worldwide, only 1% of Filipino companies are considered well-equipped to defend themselves.

    This vulnerability stems from a reluctance to adopt advanced cybersecurity measures, often perceived as complex and daunting. Businesses must overcome this hesitation and prioritize robust data security for themselves and their customers, according to cybersecurity firm Yondu.

    “Threat intelligence has to grow in a certain community,” says Dennis Sanchez, Chief Information Security Officer at cybersecurity firm Yondu.

    “In our country, there’s no one source for all the knowledge of the threats that happen. Somehow, we are not united. That’s one thing that we want to build,” Sanchez explains. He emphasized the need for a collaborative community where experiences and threat patterns can be shared, enabling better prediction and prevention of future attacks.

    Leveraging the expertise of innovative technology partners can be crucial to bolstering cybersecurity for Philippine businesses. Yondu offers comprehensive Managed Security Services (MSS) that cover various security domains, including monitoring, detection, and incident handling.

    “Traditionally, you set up defenses to detect and respond to attacks quickly,” Sanchez explains. “But beyond that, you need proactive measures like vulnerability assessments, penetration testing, and staying informed about the latest threats. Instead of just waiting for attacks, you should test your own systems and use up-to-date techniques. Understand what hackers are doing and apply those methods to your own defenses.”

    Sanchez adds, “A notable success story highlights this effectiveness: during Christmas season, our early threat intelligence gathering and proactive threat hunting enabled clients to remain secure and enjoy their holidays without interruption.”

    Yondu’s tailored approach ensures that each business receives solutions that meet its unique needs, simplifying technology and making its implementation more effective.

    For proactive measures such as penetration testing and vulnerability assessments, they deploy a specialized VAPT team. To understand and predict future attacks, they utilize advanced threat intelligence capabilities and conduct threat hunting to uncover potential threats that existing security systems might miss.

    Adopting these cybersecurity solutions provides businesses with immediate and long-term benefits, including enhanced protection, reduced risk of data breaches, and improved operational continuity. Customized cybersecurity helps businesses feel more secure online and protect their valuable assets from cyberattacks.

  • Cybersecurity firm teases upcoming major upgrades to flagship product

    Cybersecurity firm teases upcoming major upgrades to flagship product

    Blackpanda, a leading digital forensics and cybersecurity firm in Asia, has released its first proprietary study, revealing the top cybersecurity vulnerabilities in small and medium-sized enterprises (SMEs) across the Asia Pacific region.

    The study, conducted using Blackpanda’s in-house external attack surface management (ASM) scan, highlights three major vulnerabilities that require immediate attention to prevent potential infiltration by attackers:

    1. Compromised Assets: Email breaches in the high-risk category constitute 71.68% of the total risk level combined, highlighting a significant risk of information leakage and phishing attacks. This category represents the most extensive vulnerability, emphasizing the need for advanced threat detection and incident response strategies.
    2. Exposed Web Services: Making up 69.92% of high-risk exposed services issues, vulnerabilities in web services indicate a widespread vulnerability to web-based attacks that can disrupt operations and compromise customer data.
    3. Known Software Vulnerabilities: Medium-risk level accounts for 59.96% of the system security issues, where these vulnerabilities emerge as a crucial focus area, with practicable actions required to prevent data breaches that could lead to severe financial and reputational damage.

    In addition to the top three vulnerabilities, the study also draws attention to other significant security risks, including:

    1. Database and remote access services vulnerabilities, emphasizing the importance of robust access controls.
    2. System services and DNS configuration issues, highlighting the need for improved security practices.
    3. Underlying risks from software misconfiguration and SSL/TLS configuration gaps, which can lead to severe breaches if not addressed promptly.

    Gene Yu, CEO of Blackpanda Group, emphasized the importance of addressing these vulnerabilities, stating, “The majority of the cyber incidents we encounter can be traced back to fundamental vulnerabilities that remain unpatched. Just as a burglar can easily enter through an unlocked door or opened window, cyber attackers exploit these open vulnerabilities to breach systems. As part of our commitment at Blackpanda, and through our Pandamatics Underwriting arm, we are not only focused on responding to these emergencies but also on significantly reducing the occurrence of such attacks across the entire market.”

    Blackpanda’s flagship solution, IR-1, integrates top-tier incident response, continuous vulnerability assessments, and seamless access to cyber insurance—all in one SaaS platform. IR-1 is designed for small and medium-sized enterprises in the Asia Pacific region, combining proactive cybersecurity tools and hassle-free incident response.

    One of the standout features of IR-1 is its 24/7 fixed-cost incident response service. This feature guarantees businesses immediate access to expert support in the event of a cyber incident, which is crucial for minimizing downtime and mitigating damage swiftly. The fixed-cost model also helps businesses better manage their cybersecurity budgets by preventing unexpected costs associated with emergency responses.

    At the heart of IR-1’s preventative strategy is its continuous vulnerability scanning capability. This service works tirelessly to monitor and detect vulnerabilities within an organization’s digital environment. By identifying and addressing these vulnerabilities early, businesses can significantly reduce their exposure to potential cyberattacks and enhance their overall security posture.

    Another innovative aspect of IR-1 is its automated cyber insurance access, available specifically in Singapore and Hong Kong through Pandamatics Underwriting, an entity of the Blackpanda Group. This feature simplifies the process of obtaining cyber insurance, allowing businesses to quickly secure coverage that aligns with their risk management strategies.

    Evelyn del Monte, Blackpanda’s Managing Director for Philippines, highlighted the benefits of IR-1, stating, “IR-1 equips our clients with robust tools and resources essential for both preventing and mitigating cyberattacks. We are not resting on our laurels; rather, we have several significant upgrades scheduled for this year. Our subscribers can look forward to rolling out even more advanced, technology-driven solutions tailored to their needs.”

    In the Philippines, Blackpanda’s channel network partners are Exclusive Networks (EN) and iSecure Network (ISN).