February 20, 2023 3:05 p.m.
Every fourth business executive in Southeast Asia (SEA) prefers not to flag lack of understanding when discussing cybersecurity issues. A recent Kaspersky study also reveals one in ten C-level managers have never heard of threats such as Botnet, APT and Zero-Day exploit.
The same proportion appeared to be unfamiliar with cyber security concepts like DecSecOps, ZeroTrust, SOC and Pentesting.
According to a PwC’s study, while backing cybersecurity in every business decision has already become the norm in every other company, more than half of executives lack confidence that their cyber spending is being allocated to the most significant risks their organization is facing. Kaspersky conducted their own research to help IT and C-level find common ground and explore the root of their misunderstandings, where a total of 300 executives from the SEA region were surveyed.
The Kaspersky poll indicates that C-suite sometimes struggle to understand their IT security peers and are not always ready to show their confusion. Thus, 26% of non-IT executives here say they would not feel comfortable flagging that they don’t understand something during a meeting with IT and IT security.
Although most of them hide their confusion because they prefer to clarify everything after the meeting or choose to figure everything out by themselves, more than half (55%) don’t ask additional questions because they don’t believe the IT peers will be able to explain it in a clear way. Almost two-in-five also feel embarrassed revealing they don’t understand the topic and 42% don’t want to look ignorant in front of their IT colleagues.
Also, even though all surveyed top-managers from SEA regularly discuss security related issues with IT security managers more than one-in-ten respondents have never heard of threats such as Zero-Day exploit (11%), Botnet (9%), and APT (9%). At the same time Spyware, Malware, Trojan and Phishing appeared to be more familiar for top-managers.
More than one-in-ten top managers here admit they have never heard of cybersecurity terms like DecSecOps (10%), SOC (10%), Pentesting (10%), and ZeroTrust (6%).
“Non-IT top management do not have to be experts in complex cybersecurity terminology and concepts and IT security executives should keep this in mind when communicating with the board,” comments Sergey Zhuykov, Solution Architect at Kaspersky.
“To establish efficient cooperation CISO should be able to focus C-level attention precisely on meaningful details and clearly explain what exactly the company is doing to minimize cybersecurity risks. In addition to communicating clear metrics to stakeholders, this approach requires offering solutions instead of problems,” says Zhuykov.
“On the other end of the communications spectrum, only 6% of IT security professionals in SEA admit facing difficulty in discussing aspects of their work to the C-level. This means the majority of our technical workforce deem that their updates are understood by the decision makers. To bridge this dangerous gap, security teams should also incorporate effective tools – real life examples and use of reports and numbers – to ensure that discussions are done effectively,” adds Chris Connell, Managing Director for Asia Pacific at Kaspersky.
To ease the communication between IT security and business functions within the company, Kaspersky recommends the following:
- IT security should be positioned as a driver for growth and innovation in the organization. To achieve this the IT security team should move away from prohibitive tactics and rather explain how the business can achieve its goals while mitigating cybersecurity risks.
- CISO should actively engage in operational activities and build relationships with the company’s stakeholders. While fewer than 20% of CISOs have established partnerships with key executives in sales, finance, and marketing, it is hard for them to stay abreast of the needs of the business.
- When communicating with the board, use arguments based on an overview of threats by experts, your company’s attack status and best practices.
- Explain to the board what the main responsibilities of the IT security team are. If possible, provide them with an opportunity to walk in a CISO’s shoes to get insights on the most relevant IT security challenges.
- Allocate cybersecurity investments in tools with proven efficacy and ROI. This means tools that lower the level of false positives, and reduce times of attack detection, the time spent per case and other metrics are important to any IT security team.
Kaspersky in Southeast Asia also has launched a Buy 1 Free 1 promo to help SMBs and midrange enterprises in beefing their cybersecurity capabilities. Businesses can now enjoy two years of enterprise-grade endpoint protection for the price of 1 with Kaspersky Endpoint Security for Business or Cloud or Kaspersky Endpoint Detection and Response Optimum, with 24×7 phone support. Interested customers can reach out to email@example.com.
The full report and more insights on communications issues between C-level and IT security managers are available via the link.
Kaspersky reports more than 340, 000 attacks with new malicious WhatsApp mod
November 20, 2023 8:52 p.m.
Kaspersky researchers recently uncovered a new malicious WhatsApp spy mod, which is now proliferating within another popular messenger, Telegram.
While the modification serves its intended purpose by extending user experience, it also clandestinely harvests personal information from its victims. With an extensive reach surpassing 340,000 in just one month, this malware predominantly targets users who communicate in Arabic and Azeri, though victims have been identified globally.
Users often turn to third-party mods for popular messaging apps to add extra features. However, some of these mods, while enhancing functionality, also come with hidden malware. Kaspersky has identified a new WhatsApp mod offering not only additions like scheduled messages and customizable options, but it also contains a malicious spyware module.
The modified WhatsApp client’s manifest file includes suspicious components (a service and a broadcast receiver) not present in the original version. The receiver initiates a service, launching the spy module when the phone is powered on or charging. Once activated, the malicious implant sends a request with device information to the attacker’s server. This data covers IMEI, phone number, country and network codes, and more. It also transmits the victim’s contacts and account details every five minutes as well as being able to set up microphone recordings and exfiltrate files from external storage.
The malicious version found its way through popular Telegram channels, predominantly targeting Arabic and Azeri speakers, with some of these channels boasting nearly two million subscribers. Kaspersky researchers alerted Telegram about the issue. Kaspersky’s telemetry identified over 340,000 attacks involving this mod in just October. This threat emerged relatively recently, becoming active in mid-August 2023.
Examples of Telegram channels distributing malicious mods
Azerbaijan, Saudi Arabia, Yemen, Turkey, and Egypt witnessed the highest attack rates. While the preference leans towards Arabic and Azerbaijani-speaking users, it also impacts individuals from the US, Russia, UK, Germany and beyond.
Kaspersky products detect the Trojan with the following verdict Trojan-Spy.AndroidOS.CanesSpy.
“People naturally trust apps from highly followed sources, but fraudsters exploit this trust. The spread of malicious mods through popular third-party platforms highlights the importance of using official IM clients. However, if you need some extra features not presented in the original client, you should consider employing a reputable security solution before installing third-party software, as it will protect your data from being compromised. For robust personal data protection, always download apps from official app stores or official websites,” comments Dmitry Kalinin, security expert at Kaspersky.
To stay safe, Kaspersky experts recommend:
- Use Official Marketplaces: Download apps and software from reputable and official sources. Avoid third-party app stores, as the risk that may host malicious or compromised apps is higher.
- Use reputable security software: Install and maintain reputable antivirus and anti-malware software on your devices. Regularly scan your devices for potential threats and keep your security software up to date. Kaspersky Premium protects its users from known and unknown threats.
- Educate yourself about common scams: Stay informed about the latest cyber threats, techniques, and tactics. Be cautious of unsolicited requests, suspicious offers, or urgent demands for personal or financial information.
- Third-party software from popular sources often comes with zero warranty. Keep in mind that such apps can contain malicious implants, e. g. because of supply chain attacks.
Globe’s next-gen leaders delve into AI and humanity at International Design Conference
October 27, 2023 3:45 p.m.
Globe’s next generation leaders shared invaluable insights on the blend of Artificial Intelligence (AI) and the human experience at the 7th International Design Conference, an event that marked the 50th anniversary of the Design Center of the Philippines.
Returning with more disruptive design concepts and an immersive environment that encouraged attendees to rethink limits, the two-day conference, held in cooperation with Globe, unveiled the evolving landscape and transformative potential of design.
Design luminaries and game-changers from the design sector and the Philippine creative economy collaborated to captivate audiences with immersive keynote presentations, provocative fireside chats, inspiring case studies, future-focused visioning, and an industry meet-up.
Globe’s Wil Sarmiento, Director and Head of Customer Lifecycle, and Paolo Toledo, Director and Head of Creatives, stood out with their forward-thinking perspectives. They joined world-renowned personalities such as award-winning design critic and author Alice Rawsthorn, program director of the Danish Design Centre Christina Melander; Sarah ichioka, founding director of Desire Lines; Dr. Anna Whicher, Policy Consultant of the “Making Design Count: The Value and Impact of Design on the Philippine Economy”; and Professor Daniela Bohlinger, Sustainability Design Pioneer.
Sarmiento, delivered a keynote that delved into the future skills in the age of human-machine collaboration, underscoring the potential of a symbiotic relationship that harnesses the strengths of both.
“Being human is the greatest design of all. While technology provides efficient solutions, it simply answers “what’s right” or “what’s needed”. BUT it’s us humans who trigger innovation and purpose. We hold the power to ask “what’s next?” and more importantly, “what for?” he said.
The International Design Conference, with its rich legacy of championing design innovation, is a thought leadership platform that celebrates the intersection of design, business, technology, and policy while thriving at the edge of disciplines to remain provocative and to use design and creativity to ask difficult questions and to take the audience to new territories.
Globe’s design leaders not only contributed to this dialogue but also illuminated the path forward, emphasizing a future where technology and human ingenuity seamlessly converge.
For more information about the International Design Conference and its key takeaways, please visit www.facebook.com/DTI.DesignCenterPH.
To learn more about Globe, go to https://www.globe.com.ph/.
LG honored with multiple awards for Innovative Product Design at IDEA 2023
September 4, 2023 3:11 p.m.
LG Electronics (LG) has once again been recognized for outstanding product design, earning 13 awards at the International Design Excellence Awards (IDEA) 2023, announced at the International Design Conference in New York, New York.
The LG PuriCare AeroTower, an air purifier that can also be used as a side table and mood lamp, was honored with a Bronze Award at yesterday’s conference. Offering personalized performance and design options, as well as a compact form factor, LG’s air purifier can be tailored to match any home interior and is ideal for smaller spaces. With its latest win, the LG PuriCare AeroTower has now been recognized by all three of the world’s top industrial design award programs: IDEA, the Red Dot Award and iF Design Award.
Another IDEA 2023 honoree, the LG OLED Flex (model LX3) is an innovative TV featuring the world’s first bendable 42-inch OLED screen. The LX3, which made its international debut at IFA last year, offers a new level of screen customizability – its self-lit display able to go from completely flat to spectacularly curved with the push of a button.
“The achievement from this year’s IDEA is the result of the synergy between customer experience-centered technology and aesthetics,” said Hwang Sung-gyul, head of the Design Management Center at LG Electronics. “We will continue to improve the level of perfection by reflecting innovative customer experiences beyond the existing framework in product design by constantly communicating and empathizing with customers.”
Organized annually by the Industrial Designers Society of America (IDSA), IDEA is one of the world’s leading design award programs, recognizing exceptional achievements in the area of industrial design while taking into consideration various factors relating to design strategy, digital interaction, the environment, and social impact, when selecting award recipients.
Life’s about more than having the latest technology, rather, it’s about the experiences technology creates that impact our lives. LG Electronics Philippines delivers consumer electronics through top-of-the-line home entertainment appliances that prepare Filipinos for their greatest moments. LG promises to bring “Innovation for a Better Life” nationwide – from Luzon, to Visayas, and Mindanao. LG products are available via lg.com/ph and through its flagship stores in Lazada and Shopee. For more information, visit and follow their social media channels on Facebook, Instagram, Tiktok and Youtube (@lgphilippines).