News, Views and Opinions

Blog of a Sentimental Data Digger

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
  • Team Blogs
    Team Blogs Find your favorite team blogs here.
  • Archives
    Archives Contains a list of blog posts that were created previously.
  • Login

Action Community for Entrepreneurship (ACE) has announced the official launch of the ACE International Centre (ACEIC). The centre will facilitate opportunities for both local startups seeking regional growth and international startups setting up their bases in Singapore, strengthening its position as a leading startup hub and a launch-pad for the region.

The organization has also signed an MoU with KPMG, to work with the audit firm’s Digital Village for setting up a regional co-innovation hub in Singapore

read the full article:


Hits: 2548

b2ap3_thumbnail_300x250_GIF-Banner.gifSWITCH (Singapore Week of Innovation & TeCHnology) is a leading “plug and play” platform in Asia that showcases the best ideas, technology and innovation from around the world. Through a series of complementing technology and innovation events held between 18 - 20 September 2017, SWITCH brings together the best minds to create exchanges that will shape our world. 

At SWITCH, interactions are the catalyst for change; at the end of the day, technology does not shape our future - we do. SWITCH brings together partners from around the world in the technology, innovation and enterprise ecosystem, featuring exhibitions, conferences, workshops and activities revolving around topics such as open innovation, technology transfer, tech entrepreneurship, venture funding and talent development. 

SWITCH is brought to you by National Research Foundation Singapore, and organised by SGInnovate. SWITCH Partners include Convergence, Impact Hub, Nature SciCafé, Slingshot@SWITCH, Slush Singapore, SWITCH ON@LaunchPad, TechInnovation, VentureCon (e27) and Women in Tech. 

For more information, please visit

Russian Venture Company (RVC), is a government fund of funds and a development institute of the Russian Federation, one of Russia's key tools in building of its own national innovation system is participating in the event for the 4th time as one of the sponsors of SWITCH.
This year we will bring a team from #GenerationS and a slew of innovative technology companies:
LocalGuide, Newton (NWTN-Group), Oz Forensics, Panda Money, Synthes.

#GenerationS is the largest business accelerator for start-ups and corporations in Russia and CIS countries, promising potential partners in Asia an access to the best industrial technologies from all over Russia and beyond (30 countries, 240 cities, 72 regions of Russia), as well as to the leading universities, techno-parks, incubators and engineering centres, the largest network of mentors, investors and industrial partners in Russia

#GenerationS is connecting innovations with market opportunities and funding, offering
    Intensive coaching and mentors’ support for free
    Access to the most prominent VCs and business angels
    Corporate platforms for testing pilots, products and sales to corporate customers
    Profit gains from existing products
    Creation of new products and entering new markets
    Optimization of production and product chains
    Mentoring opportunities
    Hedging of investment risks
    Access to the best startups
    Access to expert resources for startup selection
    Mentoring opportunities

Participating Start-ups:

1.    LocalGuide  

LocalGuide presents Palaround platform  – an all-in- one C2B2C and P2P mobile marketplace for on-demand assistance for tourist (aka smart concierge service) to connect clients with local businesses: professional guides, interpreters, volunteers, grocery, food delivery, chefs, house-cleaning, laundry, nursing, babysitting, doctor call-out, fitness instructors and general assistance.

The company is addressing a market niche of “can’t-wait- to-explore” micro moments (according to ThinkWithGoogle methodology) implying ad. hoc. search for activities only after arrival at the travel destination.

2.    Newton (NWTN-Group)
    B2B and B2C brokerage platform providing up-to-date market analytics and info on traded instruments:
    Trading terminal: Decision-support system with the ability to make settlements
    Brokerage: Client broker that gives the access to Russian and American markets
    Content: Fundamentals, news, multipliers on Russian and American stock market

3.    Oz Forensics
Oz Forensics helps financial institutions to reduce digital fraud risks and costs by automating
KYC processes with image, video and biometric authenticity recognition analysis.
The platform provides automation and can be integrated into

  •     Bank credit process
  •     Insurance loss adjustment
  •     Remote customer authentication in payment systems
  •     Digital documents check and customer`s verification in microfinance organizations
  •     Customers` remote services in fintech companies

The platform reduces

  •     Number of bad loans in financial organizations
  •     Risks of fraud in remote client authentication

4.    Panda Money
    A mobile platform a bank for kids and adults, teaching budgeting and gamification the process of money     saving and understanding finance
    The platform provides children with the ability to:

  •     use pre-paid cards with unique parental controls.
  •     set up a goal and save money for a dream.
  •     transfer money between parents, child, and friends.

    PandaMoney allows parents to make an immediate money transfer both to children card and to their mobile     “piggy bank”.

  •    learn more about finance in a game format.

    For parents, PandaMoney helps to teach their kids finance and also to control how much money they're     spending. Parents set tasks and spending rules for the child.
    PandaMoney has B2C and B2B business model. For end customers (B2C), we are offering the subscription model.     For banks, are offering White Label solution.

5.    Synthes – manufacturing, processing and application of steels; pellets and metal powders (including     refractory metals) for Powder Metallurgy (PM) and Additive Machines, producing consumables for RD Printers     and end-product manufacturers, using high-frequency plasma spheroidizing technology

 Come to visit us at the RVC booth!


Hits: 11298

Posted by on in Technology

 In 2017 budget, Singapore government invests $1.7B into smart nation, digital transformation. The funds would go towards ICT tenders in its fiscal 2017, which would encompass investments in various technology areas including data analytics and Internet of Things (IoT) sensors, as well as enhancements to the necessary communications infrastructures.

An agency with 1,800 data scientists, technologists and engineers was launched on Oct 7 2016 to pave the way for the Singapore Government to better serve its citizens.

GovTech transforms the delivery of Government digital services by taking an "outside-in" view, where users are at the heart of everything services do: harnessing info-communications technology and related engineering for public sector transformation.

GovTech’s role include

  • deploying a wide range of ICT solutions within the public sector
  • growing new capabilities and talent to support digital service delivery
  • developing the Smart Nation infrastructure and applications.

GovTech and the Infocomm Media Development Authority (IMDA) are formed as a result of a re-structuring between the Infocomm Development Authority (IDA) and the Media Development Authority MDA).

From 1 May 2017 onwards, GovTech reports to a new Smart Nation and Digital Government Group (SNDGG), under the Prime Minister’s Office.

From 2018, the effectiveness of government digital services will also be rated, bringing measurable data to further fine-tune them over time

1st wave- completed: deliver new digital services and enhance the quality of life for citizens and improve businesses.
2nd wave - high quality digital services. Citizens expect the same smooth and intuitive experience they get from the fast-moving private sector.

Technologies behind digital services:   

  • location sensing
  • cloud computing
  • mobile connectivity
  • Big Data
  • artificial intelligence

The goal: high-impact services that improve citizens’ quality of life in a Smart Nation.

Normal 0 false false false EN-NZ X-NONE X-NONE










Hits: 4890

Singapore Autonomous Vehicle Initiative (SAVI) is a joint partnership between LTA and A*STAR to provide a technical platform for industry partners and stakeholders to conduct research and development (R&D) and test-bedding of AV technology, applications and solutions.


Hits: 3618

Posted by on in Security

UK and Singapore signed a Memorandum of Understanding to cooperate in four areas, including cyber security incident response and cyber security talent development. (July 29)[1]. There will also be joint cyber research and development collaboration between the UK and Singapore, with funding being doubled over three years, from £1.2 million to £2.4 million (S$5.1 million).
The MOU was signed by Cyber Security Agency chief executive David Koh and Britain's National Security Adviser, Sir Nigel Kim Darroch. It built on agreements made during President Tony Tan Keng Yam's state visit to Britain last year[2].
The specific deliverables under the four areas are currently being discussed, and will be finalised during the next UK-Singapore Cyber Dialogue.
Temasek Poly sets up IT security and forensics hub[3]
The hub aims to provide students with hands-on training in areas such as IT networking, digital forensics and security operations, in order to increase the pool of trained cyber security specialists.
Opportunities in cybersecurity market in Asia for upcoming decade[4].
Not only Hong Kong or Singapore leading the efforts, , but many second-tier markets like Indonesia, Vietnam and Malaysia are investing as well.
The rising wave of attacks and the awareness of them in the region reflect what happened in the United States 10 years ago.
“Asian organisations are right in the crosshairs of today’s APT (advance persistent threat) attackers,” FireEye chief technology officer Grady Summers said at the RSA Conference Asia Pacific & Japan (RSAC APJ) 2015 in Singapore last week, citing research conducted by his security software firm.

  • APAC customers 33% more likely to be targeted than global average of 27%
  • China Govt the culprit behind many of these attacks or campaigns

About 37% of FireEye’s customers in Asia Pacific detected advanced cyber-attacks in the second half of 2014, and are 33% more likely to be targeted than the global average of 27%.
Speaking to Digital News Asia (DNA) on the side-lines of the conference, Summers said that in terms of IT maturity, Europe was about five to six years behind the United States while Asia was about 10 years behind. “Ten years ago in American IT, it was all about cost-cutting. Outsource all your IT to India, and we were getting 10-20% cost cuts year on year, but after a while you ran up against a brick wall in terms of security – and that forced a lot of change. “There are a lot of factors at play and IT is now being seen as a driver of business, so we are seeing budgets creeping up again. “Asia as a region can be averse to spending money on IT and security, but the trend has to reverse in the next few years because you can’t solve this problem with cost cutting,” he said.
Summers also reported that in the past 12 months, the APT space had got more diverse, with groups emerging from different geographies. “Now we’re seeing countries like Iran, North Korea and Syria getting in the game,” he said.


Hits: 2551

Posted by on in Security

Answers to a rhetorical questions - do most organizations are having difficulty balancing the need for improved security with employee productivity demands. Well, yes!

A report, "Corporate Data: A Protected Asset or a Ticking Time Bomb?" is derived from interviews conducted in October 2014 based on survey commissioned by Varonis Systems, Inc. and conducted by the Ponemon Institute surfaces an important factor that is often overlooked: employees commonly have too much access to data, beyond what the This research surfaces an important factor that is often overlooked: employees commonly have too much access to data, beyond what they need to do their jobs, and when that access is not tracked or audited, an attack that gains access to employee accounts can have devastating consequences."

key findings on control and oversight include:

  • 71 percent of end users say that they have access to company data they should not be able to see.
  • 54 percent of those end users who have access they shouldn't characterize that access as frequent or very frequent.
  • 4 in 5 IT practitioners (80 percent) say their organizations don't enforce a strict least-privilege (or need-to-know) data model.
  • Only 22 percent of employees say their organization is able to tell them what happened to lost data, files or emails.
  • 48 percent of IT practitioners say they either permit end users to use public cloud file sync services or permission is not required.
  • 73 percent of end users believe the growth of emails, presentations, multimedia files and other types of company data has very significantly or significantly affected their ability to find and access data.
  • 43 percent of end users say it takes weeks, months or longer to be granted access to data they request access to in order to do their jobs, and only 22 percent report that access is typically granted within minutes or hours.
  • 60 percent of IT practitioners say it is very difficult or difficult for employees to search and find company data or files they or their co-workers have created that isn't stored on their own computers.
  • 68 percent of end users say it is difficult or very difficult to share appropriate data or files with business partners such as customers or vendors.
Hits: 6378

Posted by on in Security

a good summary of data privacy legislation in Hong Kong and Singapore from LEXOLOGY:

Data protection regulation in the Asia Pacific: trends and recent developments

Statistics published by the Hong Kong government1, indicate that the number of computer crimes perpetrated in Hong Kong doubled between 2009 (1,506 crimes) and 2012 (3,015 crimes). During the same period, the financial losses suffered by Hong Kong companies as a result of computer crimes increased by a factor of 7.5, from HK$45.1m (£3.5m) to HK$148.52m (£26.7m).

Key trends across the region include the following:

  • Countries increasingly are adopting data protection rules.  A number of countries throughout the Asia-Pacific region recently adopted or are planning to adopt new data privacy regulations, including Malaysia, the Philippines, and Singapore.  Additional countries, such as Hong Kong, Australia, and New Zealand, among others, are seeking to tighten their privacy rules or already have done so.
  • Penalties for noncompliance are increasing.  Recent amendments to data protection rules in Hong Kong and Australia drastically increase penalties for noncompliance and/or data breaches.
  • Cross-border transfers of personal data are unevenly regulated.  Similar to the European Union (EU), some Asia-Pacific jurisdictions, including South Korea and Australia, only permit cross-border transfers of personal data where the destination country has “adequate” data protection laws in place or where prior consent is obtained.  Other countries have adopted cross-border transfer rules that are not yet in force, such as Hong Kong and Singapore.  Finally, cross-border transfer is not explicitly regulated by law in some Asia-Pacific countries, such as Japan.
  • Data privacy rules in the Asia-Pacific region are, for the most part, less stringent than EU standards.  To date, New Zealand is the only jurisdiction that is considered to have “adequate protection” by the EU.

Highlights of recent privacy developments in Singapore and Hong Kong.


Compared to data protection laws in the EU, Singapore law favours commercial flexibility and a business-friendly approach. 

On October 15, 2012, the Singapore Parliament passed the Personal Data Protection Act 2012 (PDPA) with two objectives: 

enhance an individual’s control over his or her personal data, defined as “information about an identified or identifiable individual”;

enhance Singapore’s competitiveness and strengthen its position as a trusted business hub. 

Unlike the EU laws, the PDPA does not reference a fundamental right of privacy. The PDPA takes a high-level approach and leaves more detailed rulemaking to sector-specific efforts by industry regulatory agencies.

  • the collection, use, and disclosure of personal data;
  • the transfer of personal data outside of Singapore;
  • the protection and retention of personal data;
  • the right to access and correct personal data;
  • sanctions and enforcement mechanisms.

Data Protection Commission with the authority to fine an organization an amount not exceeding S$1 million for rule violations. The main data protection provisions becoming enforceable on July 2, 2014.

Hong Kong

Hong Kong’s Legislative Council amended its main data protection regulation, the Personal Data (Privacy) Ordinance (Cap. 486), in June 2012 after it had remained largely unchanged since its adoption in 1997. 

The ordinance sets forth principles related to: 

  • the purpose and manner of collection of personal data;
  • the accuracy and retention of personal data;
  • the use of personal data;
  •  the security of personal data;
  • information that should be made generally available
  • access to personal data. 

The ordinance prohibits the transfer of personal data outside of Hong Kong except in specified circumstances, however, these cross-border transfer rules are not yet in force.

The 2012 amendment drastically increases penalties and introduces new offenses particularly focused on direct marketing and unauthorized disclosure of personal data.  Malicious disclosure of personal data without consent, now carries a maximum penalty of up to HK$1 million and imprisonment for up to five years.




Hits: 4931

The Monetary Authority of Singapore (MAS), the central bank in Asia’s biggest foreign-exchange center, said in October that it has been in touch with foreign regulators over the issue of currency manipulation. According to MAS. twenty banks and 133 traders tried to manipulate the Singapore interbank offered rate, swap offered rates and currency benchmarks
MAS censured 20 banks in June for trying to rig benchmark interest and currency rates. It ordered 19 of the companies to set aside as much as S$12 billion ($9.4 billion) at zero interest pending steps to improve internal controls.
A few players  have restricted access to chat rooms and enhanced guidelines to further strengthen governance and controls.
DBS Group Holdings Ltd. (DBS), Southeast Asia’s largest lender, restricted access to chat rooms
United Overseas Bank Ltd. (UOB) and Oversea-Chinese Banking Corp. increased scrutiny on electronic communications.
Goldman Sachs Group Inc., Royal Bank of Scotland Group Plc, UBS AG, JPMorgan Chase & Co. and Citigroup Inc. are among banks have banned or curtailed employees’ participation in chat rooms involving other banks.

Hits: 4932

Posted by on in Technology

From American Banker, Bank Technology News and IDC Financial Insights partner with the William Mills Agency -

Some noteworthy highlights from this year’s ranking include:

  • Two of the top five have changed since last year’s ranking: NCR Corporation is now #4, up from #5 in 2012; Cognizant Technology Solutions is now #5, up from #8 in 2012;
  • Four of the top 20 companies are headquartered outside the U.S., and include: Tata Consultancy Services of India at #2, Infosys Limited of India at #10, Nomura Research Institute of Japan at #9 and Wincor Nixdorf of Germany at #10;
  • Four companies climbed dramatically from last year: Investment Technology Group rose 26 spots to #66; as did OpenLink Financial to #43; Interactive Data Corporation moved up 19 positions to #49; and SS&C Technologies jumped 11 spots to #26;
  • There are five new entrants to the FinTech 100: CRIF made the highest debut at #46; Aurionpro Solutions at #88; BancVue at #89; Indecomm Corporation at #94; and EFT Source at #95; and
  • Digital Insights (formerly Intuit Financial Services) is back on the list this year at #37.
Hits: 4912

 The Treasury pays attention to our new  augmented reality. While "most threats to the stability of the financial system have "generally abated,"ones that remain include automated, high-speed trading." - Bloomberg, Reuters 


Hits: 3738

Posted by on in Security

Singapore's Infocomm Development Authority (IDA) has launched a three-tier cloud security standard to enable businesses to better evaluate offerings from different Cloud Service Providers (CSPs) and to encourage the adoption of cloud computing in the country.

Hits: 3292

Presentation at Def Con: An attacker could potentially run an attack using a distributed Hadoop cluster using either cloud services (such as Amazon's Elastic MapReduce) or commodity hardware. - From the Register



Hits: 13665

Posted by on in Risk Management

Monetary Authority of Singapore (MAS) has released significant revision to previous version of the Internet Banking and Technology Risk Management (IBTRM) guidelines (released on 2 June 2008).

12 notices on Technology Risk Management released on the same date. The guidelines are not legally binding, but the set of notices on Technology Risk Management are.

The notices and guidelines apply to all financial institutions and covers wider IT systems.  The notices will take into effect on 1 July 2014.  

 Key requirements:

  1. Establish a framework and process to identify critical systems
  2. Ensure High Availability of critical systems
  3. Meet Recovery Time Objective for critical systems
  4. Prompt reporting of incidents
  5. Implement IT controls to protect customer information from unauthorized access or disclosure.

Protection of customer information remains a priority.  Financial Institutions are required to implement robust and effective IT controls to protect customer information.

Financial Institutions are:

1.      Required to have a formal process identifying their critical systems that will be relevant for their operations.

2.      There is a maximum window of 4 hours unscheduled downtime for each of the critical system within 12 months period.  The maximum windows to recover will be 4 hours from point of disruption to restoration.  

3.      Reporting mechanism is to be established to meet the new requirement.  An incident, that has a widespread or material impact to the Financial Institutions and their customer, will have to be reported to Monetary Authority of Singapore (MAS) within 1 hour.  A detailed analysis on root cause and impact will be required for submission not later than 14 days.

Link to Monetary Authority of Singapore - Technology Risk Management Guideline

Hits: 19863
Recent comment in this post - Show all comments
  • Yuri Anisimov
    Yuri Anisimov says #
    The Monetary Authority of Singapore (MAS) issued the Technology Risk Management (TRM) Notice and Guidelines. The TRM Guidelines a

John P. Mello, Jr.’s article in CSO Magazine summarizes the Agari’ 2013 Email TrustIndex."Consumers may be worried about their privacy settings, but in terms of protecting consumers via email, social media is the clear leader."

Study finds one in seven emails from financial brands poses risks to consumers. Emails from social media brands are the safest on the Internet.

However, social media may contribute to the problem by increasing noise and growing interrupt-alerts that demand attention.

Financial services managed a Trust Score of 39.7. The worst sector in the report: travel, has a score of 17.2.

Ranking companies and industries based on the ThreatScore, and TrustScore benchmarks gives consumers and leading brands visibility into how aggressively a sector is being threatened and which companies are taking action to secure email and protect consumer data and trust

95 percent of data breaches start with a phishing email. It is practically impossible to educate people to be able to identify phishing attacks.  The only practical way to succeed is to utilize technology defences to determine what's a legitimate and what isn't.

Among technologies is DMARC (Domain-based Message Authentication, Reporting and Conformance, which reduce brand abuse through fraudulent email attacks and drastically reduces the risks of consumer loss, reputation damage and financial liability.

Hits: 7502