Battling cybersecurity threats in the cloud

We recently gave an interview conducted by Stuart Crowley, Editor for W.Media on the topic of cybersecurity for cloud.

While in the midst of a COVID-19 pandemic, many businesses have been affected badly. To transform themselves or to simply survive this unfortunate event, many went online to sell their ware. However, many may not have cybersecurity top of their mind when rushing to move to the cloud. In the interview, I was asked how we view this and ways to address such risk.

Here’s the article from W.Media. Feel free to leave comments or simply send us an email to, with your view on cybersecurity and the cloud.

read more

CSA APAC Summit 2020: The Current & Future of Cloud Security Strategy

I am honoured to be invited as a panellist, as part of CSA APAC Summit 2020, to discuss on the topic of Cloud Security Strategy.

We discussed about topic ranging from the pandemic impact to cloud security to strategy on security an organization’s cloud infrastructure.

Here’s the official link to CSA APAC Summit 2020 for the video.

read more

Executive Cybersecurity Strategy

Balancing business needs and security obligations

In the course of our work helping and advising our customer, be it the organizations CEO or CIO, we are constantly met with a certain degree of push back from these leaders. Of course it is at no fault of theirs, that they usually prioritize business objectives rather than information security or cybersecurity best practice.

Insyghts Security is honored to collaborate with Keyaan Williams of CLASS-LLC in our vCISO service. One of our key initiative to bring about better discussion and education on information security, cybersecurity, and their relation with driving or be driven by business needs, is a series of CISO discussion webinar.

Our inaugural CISO webinar is targeted at C-Level executives on the topic of balancing an organization’s business needs with that of information security obligations.

Join us on the 28th of August 2020, 10am SGT for a discussion on this topic. /

read more

Zero Trust Access Management

PrivX® is the lean and modern privileged access management you are looking for!

Different from traditional PAM solutions, PrivX® adopts the latest Zero Trust just-in-time technology which is the best fit to secure agile R&D teams, MSPs, outsourcers and fast-growing companies.

With PrivX®, each connection will be validated in real-time with short-lived certificates that remove the need for passwords.

Our role base, on demand workflow makes sure your environment would only be opened to third parties with your authorization.

With the enterprise grade monitoring and auditing features, we assure you the all access and sessions are under your control!

Due to the pandemic, we understand that you will need more time to get to know us and the solution. Therefore, we now open PrivX for FREE trial for 90 DAYS up to 50 HOSTS! You could also get local support if you have any questions! Contact us NOW!

read more

Free Webinar – Why should you concern your PAM during this pandemic

Insyghts recently organized our first in a series of webinars to share views, thoughts, and solutions to better cybersecurity during this unprecedented time.

We invited our partner to share their view security of an organization’s critical resource when their privileged users and vendors are accessing them remotely.

Reach out to us if there are questions regarding the webinar at

read more

Maintaining cybersecurity hygiene in an isolated economy

Businesses are now in a lockdown or work from home mode. Even after opening from the lockdown, business is no longer as normal. This makes access to critical systems more challenging. Working remotely and from home exposes more risk in managing cybersecurity than in a controlled enterprise environment.

Typical cyber hygiene problems

Some of the typical attack or breach of data are result of simple things;

  • Malware infection or ransomware attack result of a phishing attack
  • Security breach due to outdated software, infra, and systems
  • Unchecked privileged user or internal user risk abuse
  • Cyber attack discovered too late from lack of visibility

Maintaining good cybersecurity hygiene

Cybersecurity hygiene and maintaining it relates to implementing best practices for IT systems, which include but not limited to;

  • Ensuring devices, systems, applications, etc are kept properly configured
  • They are kept up-to-date to prevent exploits and vulnerabilities
  • Ensure properly installed, functioning and updated anti-malware solution
  • Enforcing strong password and 2FA
  • Consistent monitoring for threats, vulnerability, and exploits

These look straight forward but they are the most often overlooked due to lack in resources or discipline to keep track.

Keeping track of your cybersecurity posture

To effectively manage and maintain the organization’s cybersecurity hygiene,

  • Know your maturity level, risk and risk acceptance level
  • Have strategy and controls measures to mitigate cybersecurity risk mapped out
  • Have a good information security management system to guide reduction of risk
  • Gain good visibility into the posture and threats within your organization

Your CISO or an outsource vCISO can help in determining your organization’s risk, areas to improve on, and propose controls for those areas, and a dedicated team or outsourced SecOps can help to track security operations and monitoring to maintain your operational cyber hygiene health.

For organizations with a larger infrastructure systems footprint, a comprehensive tool to keep track of compliance and health of systems, such as Cyber Observer will help C level and senior managers/directors keep track of risk, and compliance will help with keeping score of the company’s risk.

read more