Lecture on cybersecurity in ASEAN and Singapore
- Definitions of cybersecurity in ASEAN (vs western definitions)
- Cyber threat landscape in ASEAN / types of cyber incidents and cyber crime in ASEAN
Why ASEAN is vulnerable
- Characteristics of ASEAN in cyberspace
non-interference, sovereignty
non-attribution of cyber attackers
- ASEAN cooperation in cyberspace
AMCC (ASEAN Ministers Cyber Conference)
ACICE (ADMM Cyber Info Centre of Excellence)
INTERPOL
Application Security - Your Success Depends on itWSO2
Traditional information security mainly revolves around network and operating system (OS) level protection. Regardless of the level of security guarding those aspects, the system can be penetrated and the entire deployment can be brought down if your application's security isn't taken into serious consideration. Information security should ideally start at the application level, before network and OS level security is ensured. To achieve this, security needs to be integrated into the application at the software development phase.
In this session, Dulanja will discuss the following:
The importance of application security - why network and OS security is insufficient.
Challenges in securing your application.
Making security part of the development lifecycle.
Designated IT security experts in Europe and Asia have been interviewed by RadarServices, the European market leader for managed security services, with regards to future IT security trends and challenges. They shared their views concerning the development of cyber attacks and security technologies until 2025.
Threat intelligence is information that informs enterprise defenders of adversarial elements to stop them.
It is information that is relevant to the organization, has business value, and is actionable.
If you having all data and feeds then data alone isn’t intelligence.
#Threat #Intelligence #Forensics #ELK #Forensics #VAPT #SOC #SIEM #Incident #D3pak
The Cybersecurity Risk Management Framework Strategy for Defense Platform Systems course prepares command leadership to implement the National Institute of Standards and Technology’s (NIST) cybersecurity Risk Management Framework (RMF) from a Platform Information Technology (PIT) perspective.
This one-day workshop reviews the five functions of cybersecurity that leadership must consider when making decisions about program resources and requirements.
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesSlideTeam
Information technology experts can now take advantage of How To Handle Cybersecurity Risk PowerPoint Presentation Slides. This information security PPT theme infuses top-quality design with data obtained by industry experts. Explain the present situation of the target firm’s information security management employing this PowerPoint layout. The data visualizations featured here simplify the elucidation of complex data such as the analysis of the current IT department. Showcase the cybersecurity framework roadmap and risks of the internet using our PPT presentation. Elaborate on the cybersecurity risk management action plan using the tabular format via this PowerPoint slideshow. Demonstrate the cybersecurity contingency plan with appreciable ease. Our information security management system PPT templates deck assists you in assigning risk handling responsibilities to the staff. Explain the duties of the management in successful information security governance. This PowerPoint presentation also addresses the cost of cybersecurity management and staff training. Hit the download icon and start personalization. Our How To Handle Cybersecurity Risk PowerPoint Presentation Slides are explicit and effective. They combine clarity and concise expression. https://bit.ly/3o0xDkR
Application Security - Your Success Depends on itWSO2
Traditional information security mainly revolves around network and operating system (OS) level protection. Regardless of the level of security guarding those aspects, the system can be penetrated and the entire deployment can be brought down if your application's security isn't taken into serious consideration. Information security should ideally start at the application level, before network and OS level security is ensured. To achieve this, security needs to be integrated into the application at the software development phase.
In this session, Dulanja will discuss the following:
The importance of application security - why network and OS security is insufficient.
Challenges in securing your application.
Making security part of the development lifecycle.
Designated IT security experts in Europe and Asia have been interviewed by RadarServices, the European market leader for managed security services, with regards to future IT security trends and challenges. They shared their views concerning the development of cyber attacks and security technologies until 2025.
Threat intelligence is information that informs enterprise defenders of adversarial elements to stop them.
It is information that is relevant to the organization, has business value, and is actionable.
If you having all data and feeds then data alone isn’t intelligence.
#Threat #Intelligence #Forensics #ELK #Forensics #VAPT #SOC #SIEM #Incident #D3pak
The Cybersecurity Risk Management Framework Strategy for Defense Platform Systems course prepares command leadership to implement the National Institute of Standards and Technology’s (NIST) cybersecurity Risk Management Framework (RMF) from a Platform Information Technology (PIT) perspective.
This one-day workshop reviews the five functions of cybersecurity that leadership must consider when making decisions about program resources and requirements.
How To Handle Cybersecurity Risk PowerPoint Presentation SlidesSlideTeam
Information technology experts can now take advantage of How To Handle Cybersecurity Risk PowerPoint Presentation Slides. This information security PPT theme infuses top-quality design with data obtained by industry experts. Explain the present situation of the target firm’s information security management employing this PowerPoint layout. The data visualizations featured here simplify the elucidation of complex data such as the analysis of the current IT department. Showcase the cybersecurity framework roadmap and risks of the internet using our PPT presentation. Elaborate on the cybersecurity risk management action plan using the tabular format via this PowerPoint slideshow. Demonstrate the cybersecurity contingency plan with appreciable ease. Our information security management system PPT templates deck assists you in assigning risk handling responsibilities to the staff. Explain the duties of the management in successful information security governance. This PowerPoint presentation also addresses the cost of cybersecurity management and staff training. Hit the download icon and start personalization. Our How To Handle Cybersecurity Risk PowerPoint Presentation Slides are explicit and effective. They combine clarity and concise expression. https://bit.ly/3o0xDkR
In today’s business environment, organizations have a responsibility to their employees, clients, and customers to ensure the confidentiality, integrity and availability of the critical data that is entrusted to them. Every network is vulnerable to some form of attack. However it is not enough to simply confirm that a technical vulnerability exists and implement countermeasures; it is critical to repeatedly verify that the countermeasures are in place and working properly throughout the secured network. During this webinar, David Hammarberg, Principal, IT Director, and leader of McKonly & Asbury’s Cybersecurity Practice will be joined by Partner, Michael Hoffner and they will lead a discussion on a Cybersecurity Risk Management Program including what it is and how it can prepare your organization for the future.
** CyberSecurity Certification Training: https://www.edureka.co/cybersecurity-certification-training **
This Edureka tutorial on "Cybersecurity Frameworks" will help you understand why and how the organizations are using the cybersecurity framework to Identify, Protect and Recover from cyber attacks.
Cybersecurity Training Playlist: https://bit.ly/2NqcTQV
[Round table] zeroing in on zero trust architectureDenise Bailey
Idea of Zero Trust
Frameworks e.g. NIST framework
Building a Zero Trust Architecture
Building Tech stack for transition to Zero Trust Architecture
Building Tech stack for directly implementing Zero Trust Architecture
Cyber security and demonstration of security toolsVicky Fernandes
Presentation on Cybersecurity and demonstration of security tools, conducted by Vicky Fernandes on 10th September 2019 at Don Bosco Institute of Technology, Mumbai.
In this webinar you’ll gain the insights you need to solve business problems proactively with IT Service (ITSM) and IT Asset Management (ITAM) working together.
Our panel of speakers will discuss real-world use cases where combining ITSM and ITAM processes, data and insights can be part of an overall plan to maximize operational efficiencies and improve service delivery, while also optimizing compliance and cost.
Threat modeling is about thinking what bad can happen and what can you do about it. It can also find logical flaws and reveal problems in the architecture or software development practices. These vulnerabilities cannot usually be found by technical testing.
Threat modeling helps you deliver better software, prioritize your preventive security measures, and focus your penetration testing to the most risky parts of the system. The beauty of threat modeling is that you can assess security already in the design phase. In addition, it is something every team member can participate in because it doesn't require any source code, special skills, or tools. Threat modeling is for everyone: developers, testers, product owners, and project managers.
The presentation covers various methods, such as the STRIDE model, for finding security and privacy threats. You will also learn to analyze use cases for finding business level threats. The presentation also includes practical tips for arranging threat workshops and representing your results.
This presentation was held in the Diana Initiative 2018 and Nixucon 2018 conferences.
Information technology is a complex business, at best. While IT can provide amazing benefits, it still requires vigilance and diligence to ensure it is running correctly and that it is secure. A security framework can be an excellent tool to evaluate what you might be missing and confirm that what you are already doing is spot-on correct. This session will discuss the importance of using security frameworks and walk attendees through the NIST Cyber Security Framework to review how the framework functions, how to use a framework, and most importantly, how the use of a framework can and will benefit their organization.
Everyone is talking about or asking for red teaming. Most of them are getting it wrong. I talk about the history and definitions of red teaming, what you should be doing before you bother with red teaming and critical issues to watch out for when you do leverage it.
Cyber Security Layers - Defense in Depth
7P's, 2D's & 1 N
People
Process
Perimeter
Physical
Points (End)
Network
Platform
Programs (Apps)
Database
Data
Discussion of how security is in crisis but DevSecOps offers a new playbook and gives security a path to influence. Taking a look at the WAF space, we look at how Signal Sciences has created feedback between Dev and Ops and Security to create new value.
Adapting to changing cyber security threats in South East Asia (IFRI 2020)Benjamin Ang
Lecture outline
1. Comparative analysis of cyber threats and their evolution in South East Asia
2. Digitization of critical infrastructure and growing security risks
3. Conceiving of and preparing for cyber warfare
Delivered to the French Institute for International Relations
In today’s business environment, organizations have a responsibility to their employees, clients, and customers to ensure the confidentiality, integrity and availability of the critical data that is entrusted to them. Every network is vulnerable to some form of attack. However it is not enough to simply confirm that a technical vulnerability exists and implement countermeasures; it is critical to repeatedly verify that the countermeasures are in place and working properly throughout the secured network. During this webinar, David Hammarberg, Principal, IT Director, and leader of McKonly & Asbury’s Cybersecurity Practice will be joined by Partner, Michael Hoffner and they will lead a discussion on a Cybersecurity Risk Management Program including what it is and how it can prepare your organization for the future.
** CyberSecurity Certification Training: https://www.edureka.co/cybersecurity-certification-training **
This Edureka tutorial on "Cybersecurity Frameworks" will help you understand why and how the organizations are using the cybersecurity framework to Identify, Protect and Recover from cyber attacks.
Cybersecurity Training Playlist: https://bit.ly/2NqcTQV
[Round table] zeroing in on zero trust architectureDenise Bailey
Idea of Zero Trust
Frameworks e.g. NIST framework
Building a Zero Trust Architecture
Building Tech stack for transition to Zero Trust Architecture
Building Tech stack for directly implementing Zero Trust Architecture
Cyber security and demonstration of security toolsVicky Fernandes
Presentation on Cybersecurity and demonstration of security tools, conducted by Vicky Fernandes on 10th September 2019 at Don Bosco Institute of Technology, Mumbai.
In this webinar you’ll gain the insights you need to solve business problems proactively with IT Service (ITSM) and IT Asset Management (ITAM) working together.
Our panel of speakers will discuss real-world use cases where combining ITSM and ITAM processes, data and insights can be part of an overall plan to maximize operational efficiencies and improve service delivery, while also optimizing compliance and cost.
Threat modeling is about thinking what bad can happen and what can you do about it. It can also find logical flaws and reveal problems in the architecture or software development practices. These vulnerabilities cannot usually be found by technical testing.
Threat modeling helps you deliver better software, prioritize your preventive security measures, and focus your penetration testing to the most risky parts of the system. The beauty of threat modeling is that you can assess security already in the design phase. In addition, it is something every team member can participate in because it doesn't require any source code, special skills, or tools. Threat modeling is for everyone: developers, testers, product owners, and project managers.
The presentation covers various methods, such as the STRIDE model, for finding security and privacy threats. You will also learn to analyze use cases for finding business level threats. The presentation also includes practical tips for arranging threat workshops and representing your results.
This presentation was held in the Diana Initiative 2018 and Nixucon 2018 conferences.
Information technology is a complex business, at best. While IT can provide amazing benefits, it still requires vigilance and diligence to ensure it is running correctly and that it is secure. A security framework can be an excellent tool to evaluate what you might be missing and confirm that what you are already doing is spot-on correct. This session will discuss the importance of using security frameworks and walk attendees through the NIST Cyber Security Framework to review how the framework functions, how to use a framework, and most importantly, how the use of a framework can and will benefit their organization.
Everyone is talking about or asking for red teaming. Most of them are getting it wrong. I talk about the history and definitions of red teaming, what you should be doing before you bother with red teaming and critical issues to watch out for when you do leverage it.
Cyber Security Layers - Defense in Depth
7P's, 2D's & 1 N
People
Process
Perimeter
Physical
Points (End)
Network
Platform
Programs (Apps)
Database
Data
Discussion of how security is in crisis but DevSecOps offers a new playbook and gives security a path to influence. Taking a look at the WAF space, we look at how Signal Sciences has created feedback between Dev and Ops and Security to create new value.
Adapting to changing cyber security threats in South East Asia (IFRI 2020)Benjamin Ang
Lecture outline
1. Comparative analysis of cyber threats and their evolution in South East Asia
2. Digitization of critical infrastructure and growing security risks
3. Conceiving of and preparing for cyber warfare
Delivered to the French Institute for International Relations
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptabilityitnewsafrica
Pat Pather, Chief Executive Officer at Forensic Sciences Institute, delivered a presentation on Cyber Security Unchartered: Vigilance, Innovation and Adaptability- Exploring the Depths of Cybersecurity, at Public Sector Cybersecurity Summit 2023 on the 3rd of October 2023. #PublicSec2023 #Conference #Cybersecurity #PublicSector
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...Netpluz Asia Pte Ltd
One of the biggest challenges facing IT professionals right now in any organisation is the complexity that resulted from the use of disconnected, problem-specific tools from multiple vendors, almost none of which work together.
Simplify and secure your network availability with eSentinel, a 'Plug & Play' Cloud-based security platform.
Website: https://www.netpluz.asia
Cyberspace is rapidly transforming our lives – how we live, interact, govern and create value. With the JAM (Jan Dhan, Aadhaar and Mobile) trinity, India is at the forefront of global digital transformation. “Digital India” is being hailed as the world's largest technology led programme of its kind.
While internet, smartphones and modern information and
communication devices have been great force multipliers, endless connectivity and proliferation of IoT devices is giving rise to vulnerabilities, risks and concerns. Cyber security is today ranked among top threats by governments and corporates. Heightened concerns about data security and privacy have resulted in a spate of regulations in India and across the world. India is in the process of discussing and enacting its own comprehensive data security and privacy regulation, as well as vertical specific ones. Cyber security is an ecosystem where laws, organisations, skills, cooperation and
technical implementation would need to be in harmony to be
effective.
Overall, a robust regulatory framework based on global and
country-specific regulations, development of a holistic cyber
security eco-system (academia and industry as well as
entrepreneurial) and a coordinated global approach through
proactive cyber diplomacy would help to secure cyber space and promote confidence and trust of key stakeholders including
citizens, businesses, political and security leaders.
CII has been actively working in the cyber security space. The CII Task Force on Public Private Partnership for Security of the Cyber Space has been set up to bring about improvements in the legal framework to strengthen and maintain a safe cyberspace ecosystem by capacity building through education and training programmes. We would facilitate collaboration and cooperation between Government and Industry in the area of cyber security in general and protection of critical information infrastructure in particular, covering cyber threats, vulnerabilities, breaches, potential protective measures, and adoption of best practices.
Data Protection: balancing convenience, privacy and securityEthical Sector
Myanmar Government’s policy and plans on data protection, transfer and storage
Presentation at Myanmar Digital Rights Forum 2019
Read more: https://www.myanmar-responsiblebusiness.org/news/digital-rights-forum-2019-report.html
Troels Ørting Jørgensen, Chairman at Bullwall, Expert Member at INTERPOL
Mr. Ørting is a globally recognized Cyber Security Expert. He has been working in cybersecurity ‘first line’ for over 4 decades. Throughout career, Mr. Ørting has been working with governments and corporations to advise on how they react to the increasing international cyber threats, and worked closely with law enforcement, intelligence services and cyber security businesses.
Formerly, with the Danish National Police, first as Director, Head of the Serious Organised Crime Agency and then as Director of Operations, Danish Security Intelligence Service; Deputy Head, ICT Department and Deputy Head, OC Department, Europol, EU’s Police Agency; Head of European Cybercrime Centre and Head of Europol Counter Terrorist and Financial Intelligence Centre. 2015-18, Group Chief Information Security Officer (CISO), Barclays. Chaired the EU Financial Cybercrime Coalition, of which most banks are partners, and has very strong experience in cyber security. Since 2018, Head of the Centre for Cybersecurity, World Economic Forum. Chairman of the Board of World Economic Forum Centre for Cybersecurity (C4C).
Troels Oerting
“WE, IN SECURITY, SHOULD NOT PROMOTE FEAR – BUT PROTECT HOPE”
BEFORE THE GLOBAL PANDEMIC HIT THE WORLD IN SPRING 2020, the digital transformation increased speed and magnitude. Fuelled by super-drivers like mobile/5G, IoT, Cloud and AI the number of users, applications, storage, connections and algorithms outpaced what we had seen before. The huge possibilities provided by the Internet created a ‘tech’ environment attracting the best brains the World could produce and geopolitical tensions between China, Russia, EU and US intensified the regional competition on ‘who controls the Internet’ and the subsequent influence, growth and wealth.
THE GLOBAL COVID PANDEMIC FORCED US TO MOVE APPROXIMATELY 1.2 BN WORKERS FROM THEIR OFFICES to work from homes in order to keep the wheels spinning. Internet enabled communication tools substituted physical meetings, teaching, marketing, trading, reading, accounting, watching and demand for online services surged and Accenture has estimated that globally we went through 3 years normal speedy digital transformation in just 3 months. This will continue. We will not go back to the ‘old days’ even after we get a vaccine. We will continue to work remotely – not necessarily from home but from anywhere. Both employers and employees have seen the benefits of this new flexible work-regime providing support from working both from offices and from anywhere.
“In the future everything will be connected, everything will be sensing, everything will be stored and everything will be used, sold or utilised in other ways”
THE FUTURE will provide more positive opportunities for the global, and connected, citizen – for businesses, education, healthcare, sustainability, climate, transparency and democracy. But it will also present challenges to security, privacy...
A look at why Caribbean cyber security is important, Caribbean experiences achieving cyber security, why an effective strategy is critical and the importance of an effective Information Governance strategy.
International Cooperation to Impose Consequences for Malicious Cyber Activity...Benjamin Ang
Session 4 - International Cooperation to Impose
Consequences on Malicious Cyber Activities
Many states are concerting joint efforts to impose costs for irresponsible behaviors in
cyberspace by sharing information, jointly disclosing attribution, or issuing joint statements with allies, partners, or like-minded states. Being aware of the importance of the roles played by private sectors for national cybersecurity, states are seeking ways to induce cooperation from private sectors as well.
Session 4 covers cooperation efforts at the international level for imposing consequences on irresponsible state behavior in cyberspace. Speakers are expected to address the following
points.
H. Introduce cases where costs for irresponsible state behavior in cyberspace are effectively
imposed with joint efforts among states.
I. Introduce cases where cooperation between private and public sectors has contributed to
impose costs for irresponsible state behavior in cyberspace.
J. Underscore specific areas where efforts for international cooperation need to be concerted
to effectively impose consequences for irresponsible state behavior in cyberspace.
[Panel]
Moderator: Caitriona Heinl (Azure Forum for Contemporary Security Strategy)
Speaker: James Lewis (Center for Strategic and International Studies)
Speaker: Benjamin Ang (Nanyang Technological University)
Speaker: Karsten Geier (Centre for Humanitarian Dialogue)
[12:00-13:30, KST (GMT+9)] Luncheon
Changing Domains - The Cyber Info Realm 2023.pdfBenjamin Ang
CYBERSPACE: A global domain within the information environment consisting of the interdependent networks of information technology infrastructures and resident data, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.
Definition
Foreign interference occurs when a foreign entity (state or non-state actor),
with hostile intent,
takes actions to deliberately, covertly and deceptively
disrupt the politics and policies of the target state
Source: Fog of war: how the Ukraine conflict transformed the cyber threat landscape, published by Google TAG (Threat Analysis Group)
Overview
1. Russian government-backed attackers have engaged in an aggressive, multi-pronged effort to gain a decisive wartime advantage in cyberspace, often with mixed results.
2. Moscow has leveraged the full spectrum of IO – from overt state-backed media to covert platforms and accounts – to shape public perception of the war.
3. The invasion has triggered a notable shift in the Eastern European cybercriminal ecosystem that will likely have long term implications for both coordination between criminal groups and the scale of cybercrime worldwide.
Sources: Defending Ukraine: Early Lessons from the Cyber War (Microsoft)*
Defense against a military invasion now requires for most countries the ability to disburse and distribute digital operations and data assets across borders and into other countries.
Recent advances in cyber threat intelligence and end-point protection have helped Ukraine withstand a high percentage of destructive Russian cyberattacks.
As a coalition of countries has come together to defend Ukraine, Russian intelligence agencies have stepped up network penetration and espionage activities targeting allied governments outside Ukraine.
In coordination with these other cyber activities, Russian agencies are conducting global cyber-influence operations to support their war efforts.
This calls for a coordinated and comprehensive strategy to strengthen defenses against the full range of cyber destructive, espionage, and influence operations.
The Strontium group was targeting Ukrainian institutions, media organizations, and government institutions and think tanks in the United States and the European Union
Microsoft got court orders 16 times to redirect internet traffic from Strontium domains into a ‘sinkhole’
How to defend the information domain
Public coverage and exposure
Clear counter-messages
Legislation
Build media and digital literacy
Work with citizens, influencers
Detect and expose fake accounts
Active measures
Work strategically, not reactively
Build a strong narrative that is more attractive than the adversary
Cooperation between ASEAN military civil academic in international cybersecur...Benjamin Ang
3 areas of cooperation
Council for Security Cooperation in the Asia Pacific (CSCAP)
Track II Network of ASEAN Defence and Security Institutions (NADI)
UN OEWG Open-ended Working Group on security of and in the use of information and communications technologies
Council for Security Cooperation in the Asia Pacific (CSCAP)
non-governmental (second track) process for dialogue on security issues in the Asia Pacific
informal mechanism for scholars, officials and others in their private capacities
to discuss political and security issues and challenges facing the region
provides policy recommendations to inter-governmental bodies
convenes regional and international meetings
establishes linkages with institutions and organisations in other parts of the world
exchanges information, insights and experiences in the area of regional political-security cooperation.
Track II Network of ASEAN Defence and Security Institutions (NADI)
Secretariat is RSIS
Aims of the forum
network and to build confidence and familiarity among the Asean think tanks and research institutions to facilitate closer cooperation.
policy analysts specialising in defence and security issues, academics researching security cooperation and defence officials to discuss issues of security cooperation that the Asean Summit and Asean Defence Ministers have raised
participants to think beyond their governments’ positions and to provide timely fresh ideas and relevant recommendations for the Asean defence track to consider.
UN OEWG on Cyber
Open-ended Working Group on security of and in the use of information and communications technologies
The group is mandated to
further develop the rules, norms and principles of responsible behaviour of States;
consider initiatives of States aimed at ensuring security in the use of information and communications technologies;
establish, under the auspices of the United Nations, regular institutional dialogue with the broad participation of States;
continue to study, with a view to promoting common understandings, existing and potential threats in the sphere of information security, inter alia, data security, and possible cooperative measures to prevent and counter such threats, and how international law applies to the use of information and communications technologies by States,
as well as confidence-building measures and capacity-building.
Technology Disruption Digital Inclusion and the Law.pdfBenjamin Ang
What is technology disruption?
A new technology that changes
The way things are done
Expectations and behaviors
Market or industry
Uber/Grab vs taxi business
Airbnb vs hotel business
Netflix vs TV, DVD, cinemas
Blockchain vs financial institutions
Google vs books, libraries
ChatGPT vs Google
How can technology disrupt the Law?
DoNotPay
https://donotpay.com/
Bizibot
https://www.btlnet.co.uk/digital-transformation-solutions-overview/bizibot
WeVorce
https://www.wevorce.com
OCBC Online Will Generator
https://www.ocbc.com/personal-banking/lifegoals/willgenerator/#/
Transcripts
https://fortherecord.com/transcript-express/
Law firms using Blockchain
https://www.raconteur.net/technology/blockchain/blockchain-revolutionising-legal-sector/
LawGeex AI vs human lawyers, on reviewing standard contracts
Accuracy
Time taken to review contract
Courts used technology to deliver justice during COVID
But litigants with resources had the advantage
https://www.pewtrusts.org/en/research-and-analysis/reports/2021/12/how-courts-embraced-technology-met-the-pandemic-challenge-and-revolutionized-their-operations
Disruption has no ethics. But we do.
Must bridge the Digital Divide
Parties may need help
https://www.ncsc.org/__data/assets/pdf_file/0026/53738/PPP-Technology-Digital-Divide-Considerations.pdf
Using AI for judgments
Benefits
Exclude legally irrelevant factors
Standardise decisions
Help courts to prioritise cases, increase efficiency
Encourage parties to settle if success is predicted to be unlikely
https://www.cppr.in/articles/predictive-justice-using-ai-for-justice-introduction
Risks
Over reliance on machine decisions
Algorithmic bias: bad history = bad future
Bad data feedback into bad data
Inability to explain decisions: bad for rule of law
https://www.suls.org.au/citations-blog/2020/9/25/predictive-judicial-analytics-implications-for-rule-of-law-and-the-legal-profession
Cases of AI bias in justice system
COMPAS (for probation)
Black defendants were 2x wrongly predicted to be high risk of recidivism
White defendants were 2x wrongly predicted to be low risk of recidivism
Black defendants were 2x more likely to be misclassified as high risk of violent recidivism
White violent recidivists were 63% more likely to have been misclassified as low risk
https://www.propublica.org/article/how-we-analyzed-the-compas-recidivism-algorithm
Public Safety Assessment (for bail)
More likely to recommend high bail for males than females
https://venturebeat.com/ai/study-finds-crime-predicting-judicial-tool-exhibits-gender-bias/
How does this type of AI work?
How does this type of AI work?
Where did the ML (Machine Learning) come from?
Garbage In = Garbage Out
Always check what’s going in and what’s coming out
Rand Report on Protecting Individuals using tech in the Justice
Why Application of International Law Applies to ASEAN.pdfBenjamin Ang
There is no international definition of these concepts in cyberspace
Armed attack
Use of force
Act of war
Traditional definitions require physical damage or physical injury
Rules of Law of Armed Conflict / International Humanitarian Law(but in cyber?)
Distinction – must distinguish between civilians and military targets
Proportionality – must avoid excessive harm to civilians / objects
Military necessity – allows force that is reasonable, lawful (see above), and operationally justified
Limitation – prohibits tactics that cause unnecessary suffering
Humane treatment – e.g., of captured prisoners
Do we need a Binding Legal Instrument?
US - No new international legal instrument needed, can interpret existing law
China - States must reach international consensus, new international legal instruments
EU - No new international legal instrument needed, can interpret existing law
ASEAN chooses its own terms on norms/law
ASEAN supported both UNGGE and OEWG tracks in 2018 – Indonesia, Singapore, and the Philippines said both processes were not incompatible
ASEAN has always followed its instinct of creating an internationally agreed, rules-based order based on its own interests, which is consistent with other arenas where international law or rules are unsettled
ASEAN may even consider plurilateral treaties
What ASEAN states need to move forward
Common language related to cyberspace
Legislation that can be translated across members
Capacity building in
Cyber issues, policy making, critical infrastructure protection (ASCCE) and
Military operations (ADMM Cyber and Information COE)
Confidence building measures e.g., CERT-CERT communications, contact lists
More participation from states, academia, and civil society
What is Cybersecurity – C, I, A?
Cybersecurity or Information Security?
Activities of foreign political, economic, military, intelligence, and information entities
The striving of countries toward dominance in the world information space
Development (by states) of information war concepts that create means for dangerous attack on the information spheres of other countries
Infringing the state’s control over information flows and public opinion (called “cyber sovereignty”)
ASEAN leaders
Value the principles of “mutual respect” and “non-interference”
View sovereignty as sacrosanct principle among ASEAN member states
Do not define ‘sovereignty’ – this provides flexibility in foreign and domestic policy
ASEAN member states also attach great importance to the creation of an international rules-based order,
which includes forming and adhering to international law and norms.
like the UN Convention of the Law of the Sea or UNCLOS.
Lessons learned from Capacity Building on International Cyber Norms in Southe...Benjamin Ang
Capacity building is recognized as a key to promote the adoption and implementation of international norms of responsible state behaviour in cyberspace. States at varying levels of cyber maturity benefit from these efforts, to develop a shared understanding of how international cyber norms support the stability of cyberspace, and to grow their own capacity and capabilities to implement these norms. This presentation draws on the experiences of the academics and practitioners who have been conducting cyber capacity building activities in southeast Asia and beyond, to derive lessons of what has (or has not) worked, some potential best practices, and to provide suggestions on how cyber capacity building can provide more value to the further growth of international cyber norms in the world.
UNGGE 2015 Cyber Norms
UN Open Ended Working Group (UN OEWG)
UN Singapore Cyber Programme (UNSCP)
Norms Implementation Checklist
RAP Matrix
ASEAN Ministers Cyber Conference (AMCC)
Capacity building
Confidence Building Measures (CBMs)
Cybersecurity and Geopolitical Risk.pdfBenjamin Ang
Two mistaken views of Cybersecurity and Geopolitical Risk:
1. “It doesn’t affect me because I’m not a government entity or major target”
2. “There’s nothing I can do about it anyway”
Cybercrime and Cyber Warfare (and Information Operations) – Your questions an...Benjamin Ang
Slides from a talk given to Eunoia Junior College, Singapore
-------------------
Cyber Warfare questions
Are the concerns about cyber warfare overblown?
Why should young people care about cyber warfare?
What are the national/international systems or structures currently in place to protect us from cyber warfare? Are these protections adequate?
Considering that Singapore is a small country, is there really anything we can do in the face of the challenges posed by cyber warfare?
-------------------
Cybercrime Questions
How do scammers make Singaporeans lower their guard despite them already knowing that scams are prevalent in our society? Why do you think people still fall for scams?
By the time new types of scams are reported, new types of scams are already being created. How do you think the Singapore government can break this cycle?
How hard is it to find out criminals behind cyber attacks?
-----------
Information Operations questions
The Russo-Ukraine War, what are your thoughts on it being publicized on social media unlike many wars from the past?
Are there any political implications regarding the publication of the war on TikTok? Could posting the war on TikTok create any social issues?
Disinformation in Southeast Asia and Pro Russian Anti Ukraine NarrativesBenjamin Ang
Case studies of disinformation and misinformation from Southeast Asia including Asian examples of Pro-Russia Anti-Ukraine narratives at the start of the Russian invasion of the Ukraine. Presented at the Conference on Disinformation and Cybersecurity of the War Studies University, Warsaw Poland, in 2022. Refers to the RSIS Framework on Information, Influence and Interference, from the Centre of Excellence for National Security at the S Rajaratnam School of International Studies (RSIS) at Nanyang Technological University (NTU) Singapore
Foreign Interference and National Security - Law Society Public Law conferenc...Benjamin Ang
[ To read and download the Policy Report that this presentation is based on, see https://www.rsis.edu.sg/rsis-publication/cens/cases-of-foreign-interference-in-asia/ ]
The Public and International Law Committee of the Law Society of Singapore invites you to join us for the Public Law Conference 2021 which aims to promote interest in the administrative and constitutional law of Singapore, highlight new judicial decisions, and facilitate discussion of recent developments.
To be held online on 15 September, we are pleased to have the Minister for Home Affairs and Law, Mr K Shanmugam, deliver a keynote speech on the public law issues relating to online harms and foreign interference. These issues are important and topical as they have a significant impact on society today, not just in Singapore, but worldwide. This will be followed by a panel that will analyse and develop the themes raised in the keynote, as well as discuss possible solutions, including legislative solutions, to such issues, in the context of public law. The panellists will comprise the Honourable Minister himself, practitioners, legal officers and academics active in the fields of administrative and constitutional law.
This conference provides a platform to hear from legal experts, and for different sectors of the legal industry to share ideas. We hope it will be relevant to all legal practitioners, government decision-makers, public-sector policy makers, academics and law students interested in public law.
Technology Disruption in the New Normal, Digital Inclusion and the LawBenjamin Ang
Technology disruption has swept through legal practice and the justice system, as it has in every other aspect of life in our new normal of remote work and online access. While digital transformation has been hugely beneficial to our society, there are new legal and cybersecurity questions that we need to grapple with as we continue to serve the public. Among the public, varying levels of digital capability and access raise new issues of digital inclusion for us to address in policy and operations. This talk seeks to raise awareness of these issues and to develop ideas for practical application.
Infographic of the flow of Contract Law
Formation of Valid Contract
Offer, Acceptance, Consideration, Intention
Vitiating Factors which make a contract not valid
Misrepresentation, Mistake, Minor
Terms of Contract
Promises, Representations vs Warranties
Express vs Implied Terms
Discharge of Contract
Discharge by Breach - Actual and Anticipatory
Discharge by Agreement, Frustration of Contract
Law and warfare in the cyber domain (for NSSP, AFP, NDCP)Benjamin Ang
Covers 1. Cyber threats to ASEAN and recent incidents, 2. International Law relating to cyber conflict, Gaps in IHL and LOAC, 3. UN and ASEAN steps to prevent cyber warfare. Lecture for the National Defense College of the Philippines (NDCP), government’s highest center for education, training, and research on defense and national security, in the National Security Studies Program (NSSP) for Armed Forces of the Philippines (AFP) officers.
Framework of responsible state behaviour in cyberspace - for Marshall Center ...Benjamin Ang
Lecture on the different cyber norms frameworks for responsible state behaviour in cyberspace - describing Paris Call, Charter of Trust, Microsoft Digital Geneva Convention, Tech Accord, GCSC, Shanghai SCO, UN GGE, UN OEWG - explaining each of the 11 cyber norms from the UN GGE 2015 meeting, and concluding with a case study on ASEAN's approach to international law in cyber operations
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020Benjamin Ang
This public, 90-minute session examined the prevalence of cyber threats in the Indo-Pacific region based on some of the high-profile cyber-attacks and data leaks, as well as advanced persistent threat campaigns. It assessed the growing prominence of information warfare, especially in the current pandemic. The session highlighted the most common tactics, techniques and procedures used by malicious actors, and the countermeasures that governments and the private sector have undertaken to fortify their cyber defenses in the emerging data-driven economy. This session then examined the role played by the US and Singapore in enhancing regional cybersecurity as well as clarify the points of convergence and divergence between Singapore and the US to improve future cooperation.
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...Benjamin Ang
lecture for Columbia University - Cyber Conflict and Cybersecurity in East Asia course (Prof Adam Segal) on the challenges for cybersecurity in South East Asia, and ASEAN efforts to develop robust cyber norms
Legal Technology Vision (Singapore) and the future of legal tech (2020 update)Benjamin Ang
This lecture covers the The Legal Technology Vision which is a five-year roadmap to help the legal industry in Singapore to leverage technology to enhance their practice. It is also a call to action for legal technology providers to engage in public-private collaboration for the building of a legal tech ecosystem. You can find it at https://www.sal.org.sg/Resources-Tools/Legal-Technology-Vision
You can follow Benjamin Ang on Twitter for updates and commentary on technology policy and legal issues at http://twitter.com/benjaminang
Thinking of a career as a paralegal, lawyer, prosecutor, in-house counsel, or even outside the legal industry, or starting your own business as an entrepreneur? You'll be surprised what Legal Technology could mean for your future.
Public education - enhancing the first line of defence against fake news - ...Benjamin Ang
what is the important role that public education and public educators play in the fight against fake news and foreign interference, together with media literacy, citizen efforts, technology, governments, NGOs and more?
Overview of national cybercrime strategiesBenjamin Ang
This is an overview of national cybercrime strategies, presented at the INTERPOL ASEAN Cyber Capacity Development Project’s (ACCDP) Decision Makers Meeting. It reviews best practices in developing national cybersecurity and cybercrime strategies, key pillars to consider, the life-cycle of the strategy process, stakeholders to engage, and best practices.
हम आग्रह करते हैं कि जो भी सत्ता में आए, वह संविधान का पालन करे, उसकी रक्षा करे और उसे बनाए रखे।" प्रस्ताव में कुल तीन प्रमुख हस्तक्षेप और उनके तंत्र भी प्रस्तुत किए गए। पहला हस्तक्षेप स्वतंत्र मीडिया को प्रोत्साहित करके, वास्तविकता पर आधारित काउंटर नैरेटिव का निर्माण करके और सत्तारूढ़ सरकार द्वारा नियोजित मनोवैज्ञानिक हेरफेर की रणनीति का मुकाबला करके लोगों द्वारा निर्धारित कथा को बनाए रखना और उस पर कार्यकरना था।
01062024_First India Newspaper Jaipur.pdfFIRST INDIA
Find Latest India News and Breaking News these days from India on Politics, Business, Entertainment, Technology, Sports, Lifestyle and Coronavirus News in India and the world over that you can't miss. For real time update Visit our social media handle. Read First India NewsPaper in your morning replace. Visit First India.
CLICK:- https://firstindia.co.in/
#First_India_NewsPaper
Welcome to the new Mizzima Weekly !
Mizzima Media Group is pleased to announce the relaunch of Mizzima Weekly. Mizzima is dedicated to helping our readers and viewers keep up to date on the latest developments in Myanmar and related to Myanmar by offering analysis and insight into the subjects that matter. Our websites and our social media channels provide readers and viewers with up-to-the-minute and up-to-date news, which we don’t necessarily need to replicate in our Mizzima Weekly magazine. But where we see a gap is in providing more analysis, insight and in-depth coverage of Myanmar, that is of particular interest to a range of readers.
‘वोटर्स विल मस्ट प्रीवेल’ (मतदाताओं को जीतना होगा) अभियान द्वारा जारी हेल्पलाइन नंबर, 4 जून को सुबह 7 बजे से दोपहर 12 बजे तक मतगणना प्रक्रिया में कहीं भी किसी भी तरह के उल्लंघन की रिपोर्ट करने के लिए खुला रहेगा।
ys jagan mohan reddy political career, Biography.pdfVoterMood
Yeduguri Sandinti Jagan Mohan Reddy, often referred to as Y.S. Jagan Mohan Reddy, is an Indian politician who currently serves as the Chief Minister of the state of Andhra Pradesh. He was born on December 21, 1972, in Pulivendula, Andhra Pradesh, to Yeduguri Sandinti Rajasekhara Reddy (popularly known as YSR), a former Chief Minister of Andhra Pradesh, and Y.S. Vijayamma.
Future Of Fintech In India | Evolution Of Fintech In IndiaTheUnitedIndian
Navigating the Future of Fintech in India: Insights into how AI, blockchain, and digital payments are driving unprecedented growth in India's fintech industry, redefining financial services and accessibility.
03062024_First India Newspaper Jaipur.pdfFIRST INDIA
Find Latest India News and Breaking News these days from India on Politics, Business, Entertainment, Technology, Sports, Lifestyle and Coronavirus News in India and the world over that you can't miss. For real time update Visit our social media handle. Read First India NewsPaper in your morning replace. Visit First India.
CLICK:- https://firstindia.co.in/
#First_India_NewsPaper
role of women and girls in various terror groupssadiakorobi2
Women have three distinct types of involvement: direct involvement in terrorist acts; enabling of others to commit such acts; and facilitating the disengagement of others from violent or extremist groups.
27052024_First India Newspaper Jaipur.pdfFIRST INDIA
Find Latest India News and Breaking News these days from India on Politics, Business, Entertainment, Technology, Sports, Lifestyle and Coronavirus News in India and the world over that you can't miss. For real time update Visit our social media handle. Read First India NewsPaper in your morning replace. Visit First India.
CLICK:- https://firstindia.co.in/
#First_India_NewsPaper
31052024_First India Newspaper Jaipur.pdfFIRST INDIA
Find Latest India News and Breaking News these days from India on Politics, Business, Entertainment, Technology, Sports, Lifestyle and Coronavirus News in India and the world over that you can't miss. For real time update Visit our social media handle. Read First India NewsPaper in your morning replace. Visit First India.
CLICK:- https://firstindia.co.in/
#First_India_NewsPaper
In a May 9, 2024 paper, Juri Opitz from the University of Zurich, along with Shira Wein and Nathan Schneider form Georgetown University, discussed the importance of linguistic expertise in natural language processing (NLP) in an era dominated by large language models (LLMs).
The authors explained that while machine translation (MT) previously relied heavily on linguists, the landscape has shifted. “Linguistics is no longer front and center in the way we build NLP systems,” they said. With the emergence of LLMs, which can generate fluent text without the need for specialized modules to handle grammar or semantic coherence, the need for linguistic expertise in NLP is being questioned.
Cybersecurity in ASEAN and Singapore Columbia - Lecture for Columbia SIPA 2023.pdf
1. CYBERSECURITY AND
INTERNATIONAL SECURITY
IN ASEAN AND SINGAPORE
Benjamin Ang
Head, Centre of Excellence for
National Security
and Future Issues in
Technology;
Head, Digital Impact Research
RSIS | NTU | Singapore
2. OUTLINE
1. What does ‘cybersecurity’ mean in ASEAN?
2. Types of cyber threats in ASEAN
3. What are the characteristics of ASEAN cyberspace?
4. How do ASEAN member states cooperate in cyberspace?
3. DEFINITIONS
Cybersecurity in the West
Confidentiality
- Data breach (e.g., OPM)
Integrity
- Critical infrastructure (e.g., water)
Availability
- DDOS
- Ransomware (e.g., MGM Grand,
Colonial pipeline)
Priorities in ASEAN
Cybercrime and scams
Child pornography
‘Fake news’
9. CYBER INCIDENTS IN ASEAN 2020 -
2023
Data breach in Malaysia personal
information of over 13,000,000
allegedly from Maybank, Astro
Indonesia data breach over
1,000,000,000 Indonesian SIM card
data, sold on Dark Web by Bjorka
Singapore data of an alleged
2,600,00 user accounts from online
marketplace Carousell, sold on Dark
Web
11. APTS TARGETING ASEAN FOR
ECON/GEOPOL INTELLIGENCE
APT Target countries Target entities
FunnyDream
(C)
Malaysia, Philippines,
Thailand, Vietnam
High-level government
organisations; political parties
Platinum Indonesia, Malaysia,
Vietnam
Diplomatic and government
entities
Cycldek (C) Laos, Philippines, Thailand,
Vietnam
Government, defence, and
energy sectors
HoneyMyte Myanmar, Singapore,
Vietnam
Government organisations
Finspy Indonesia, Myanmar,
Vietnam
Individuals
PhantomLance Indonesia, Malaysia,
Vietnam
Entities
Zebrocy (R) Malaysia, Thailand Entities [source: Kaspersky]
12. CYBERCRIME IN ASEAN
INTERPOL ASEAN Cybercrime
Operations Desk reported increase in
2019
Botnets
Phishing
Business email compromise (BEC)
Banking malware
Ransomware
Cryptojacking
Vulnerability is due to
Quicker digital transactions
Greater internet connectivity
Growing digital economies
Asia becoming digital asset hub
Lacking cybersecurity investment
Low awareness
Source: INTERPOL
13. CASE STUDY: CYBER THREAT LANDSCAPE
FOR SINGAPORE 2022
Phishing
• 8500
• Double from 2021
Ransomware
• 132
• 4% less than 2021
Infected
Infrastructure
• 81,500
• 13% less than 2021
Website
Defacement
• 340
• 19% less than 2021
14. INFORMATION THREATS IN ASEAN
Threat actors
Buzzers (PR companies)
Cyber Troops (government backed)
Cyber criminals (and call centres)
Great powers
Examples of information operations
COVID-19 pandemic
Russia / Ukraine war
Israel / Hamas war
Drivers
Pro-western sentiment
Anti-western sentiment
Islamist extremists
15. RECENT DEVELOPMENTS IN ASEAN
THAT ACCELERATED CYBER THREATS
Changes
Pandemic WFH
Pandemic forced digital
transformation
More IOT (Smart everything)
US-China Great Power Competition
Impact
More targets online
More data on insecure systems used
by vulnerable people
More reliance on networks
Impact on supply chains
Benjamin Ang | Centre of Excellence for National Security | RSIS
CYBERSECURITY AND NATIONAL SECURITY
17. ASEAN PRINCIPLES & PRIORITIES
Mutual respect
Non-interference
Sovereignty
ASEAN states do not pool sovereignty
like the European Union
sovereignty and non-intervention are a
defence against neo-colonialism
Priorities for cooperation
Economic
Political
Security
18. ASEAN MEMBERS ARE DIFFERENT
Different legal systems (common,
civil, hybrid)
Different political systems
(democratic, communist, military)
Different languages and cultures
Different economic and cyber levels
Different alliances (US, Russia, China)
Different interpretations of cyber
19. CASE STUDY: VIETNAM
AIRPORT SCREENS HACKED
Cyberattack by 1937CN? 1
They denied responsibility
Vietnam Government tells
cyber community to show
restraint after attack 2
20. CASE STUDY:
SINGAPORE’S
HEALTHCARE
SYSTEM
Personal data of 1.5 million
patients, including Prime Minister
Lee 3
“Deliberate, targeted and well-
planned cyber attack … not the
work of casual hackers or criminal
gangs" 4
“We are not able to reveal more
because of operational security
reasons”5
21. SYMANTEC CALLS SINGHEALTH
HACKER ‘WHITEFLY’
‘Whitefly’ launched targeted
attacks against multiple
organizations 8
CSA comment “As this is an
independent investigation
report by a commercial entity,
we have no comment on its
contents.”9
22. WHY DIDN’T THEY
IMPOSE
CONSEQUENCES?
Difficulty of attribution?
Lack of capacity to impose consequences?
Diplomatic
Informational
Military
Economic
Financial
Intelligence
Legal
Power imbalance or economic dependence?
24. AMCC DECISIONS
Adopted Norms
Support development of
cyber norms, referring to
2015 UNGGE
2016
Propose
mechanism
Singapore would propose
a mechanism to enhance
ASEAN cyber
coordination
2018
Agree to move
Agreed to move forward
on a formal cybersecurity
coordination mechanism
2019
Checklist
Singapore + United
Nations to draw up a
checklist of steps to
implement cyber norms
2020
Design by PresentationGo
25. 2020 AMCC AGREES TO ACTION
ON NORMS
Singapore + United
Nations to draw up a
Norms Implementation
Checklist with ASEAN
ASEAN to share its
experience and knowledge
with the UN
SG + Malaysia to start
Regional Action Plan (RAP)
Matrix
26. PROGRAMMES IN MOTION IN ASEAN
Capacity Building Programmes
ASEAN-Singapore Cyber Centre of
Excellence (ASCCE)
ADMM Cyber Info Centre of
Excellence (ACICE)
ASEAN-Japan Cybersecurity Capacity
Building Centre in Thailand
UN-Singapore Cyber Programme
(UNSCP)
Capacity building with US, NL, UK, AU
Confidence Building Measures
Joint training between Member States
to improve communication
ACID Drill (ASEAN CERT Incident Drill)
27. CYBERCRIME
COOPERATION IN
ASEAN
Interpol Cyber Capabilities & Capacity
Development Project
Operation Night Fury (2019-2020)
- malware targeting e-commerce websites in
ASEAN
- arrest of three individuals in Indonesia
Operation Goldfish Alpha (2019)
- region-wide operations against cryptojacking
targeting routers
- located infected routers, alerted victims and
assisted with patching 78% of the identified
devices