Addressing Thailand’s threat landscape 2024

TUESDAY, MARCH 19, 2024

Kaspersky announces the launch of its integrated software solution that includes a set of functions for event monitoring and management, Kaspersky Unified Monitoring and Analysis Platform (KUMA) to help businesses and organizations stay safe in cyberspace while embracing digitalization. 

According to the Economy SEA 2023 report, the Southeast Asian ( SEA ) digital economy is set to deliver $100 billion in revenue. Thailand is projected to remain SEA's second-largest digital economy in terms of gross merchandise value ( GMV ) between 2023 and 2030. Its GMV is predicted to reach US$100-165 billion by 2030, up from US$49 billion in 2025 and US$36 billion. in 2023.

Driven by the Southeast Asia (SEA) rapid digitalization movement, experts at Kaspersky predict the upcoming cybersecurity threat landscape in the region this year. According to a report by Kaspersky, the dangers of phishing, scams, data breaches, and geopolitically-motivated cyberattacks are seen to continue targeting organizations and individuals from the region. 

In 2023, Kaspersky blocked over 12.92 million web threats and 22.26 million local infections that targeted users in Thailand.

To empower businesses and organizations to be one step ahead of these developing challenges and needs, Kaspersky brings a native Security information and event management ( SIEM ) solution for security information and event management, Kaspersky Unified Monitoring and Analysis Platform ( KUMA ).

What is KUMA? Benefits KUMA brings to businesses and organizations

Back in June 2023, Kaspersky experts uncovered a mobile Advanced Persistent Threat ( APT ) campaign while monitoring the network traffic of its corporate Wi-Fi network using the KUMA . Upon further analysis, company researchers discovered the threat actor has been targeting the iOS devices of dozens of company employees, distributing zero-click exploits via iMessage to run malware gaining complete control over the device and user data.

“When it comes to cybersecurity, even the most secure operating systems can be compromised. As APT actors are constantly evolving their tactics and searching for new weaknesses to exploit, businesses must prioritize the security of their systems. This involves providing employees and technical teams with the latest tools to effectively recognize and defend against potential threats as well as timely remediation of incidents,” says Yeo Siang Tiong , General Manager for Southeast Asia at Kaspersky.

KUMA is a unified console for monitoring and analyzing information security incidents. The fundamental program includes the following components:

• One or more Collectors that receive messages from event sources and parse, normalize, and, if required, filter and/or aggregate them.

• A Correlator that analyzes normalized events received from Collectors, performs the necessary actions with active lists and creates alerts by the correlation rules.

• The Core that includes a graphical interface to monitor and manage the settings of system components.

• The Storage, which contains normalized events and registered incidents.

Advantages of KUMA include:

• High performance: 300k+ EPS per KUMA instance.

• Low system requirements: Virtual or physical environment and up to 10k EPS AiO on one virtual server.

• Scalability: Flexible microservice architecture with HA support for each component.

• Unified web console interface: Single fully multi-tenancy UI console for everything

• Out-of-the-box integration: With third-party products and Kaspersky solutions

• Low entry threshold: Does not require knowledge of special query languages ​​or writing rules

Thanks to the integration with the Kaspersky CyberTrace platform, which processes reports from the National Coordination Center for Computer Incidents, the researcher can extract compromise indicators and use them to detect events in SIEM.

SIEM is a central element of most mature information security systems, hence, it must meet all relevant market requirements and take into account the changing landscape of cyber threats. KUMA expands the capabilities of analysts and allows businesses and organizations to optimize the budget for cybersecurity, providing protection at the optimal level.

“Threat actors increasingly use diverse tactics to launch sophisticated targeted attacks. Therefore, it is essential to use a system that can monitor network activity, like security information and event management. With the launch of KUMA, we hope that we can empower tech experts to handle complex cybersecurity incidents with unmatched extended detection and response, to enhance the safety of Thailand's cyberspace,” says Benjamas Chuthapiphat , Country Manager for Thailand at Kaspersky.

Addressing Thailand’s threat landscape 2024

Addressing Thailand’s threat landscape 2024

Addressing Thailand’s threat landscape 2024