Homegrown Cybersecurity Consultancy Athena Dynamics

Homegrown cybersecurity consulting house Athena Dynamics has been in the business of disrupting protection technologies for over 10 years. With cyberthreats growing more sophisticated than ever with the help of AI, their services are more relevant than ever before. Founding CEO Ken Soh first assembled an IT department to formulate customised security solutions after he found high end cybersecurity purchased by parent company BH Global Corporation lacking. 

Soon after, BH Global began receiving security requests from the government. Since then, the department has assembled into the fully-fledged Athena Dynamics that protects enterprises across the likes of Indonesia, Malaysia, Hong Kong, France, and United Kingdom. In addition, Athena Dynamics continues to serve the Group and the local community, ensuring that the IT infrastructure can withstand pressures of today’s increasingly hostile environment.

What are the limitations of modern cybersecurity solutions?

Soh: “Over the years, we’ve learned the importance of being radically different in both technology and business model. The modern cybersecurity scene is stuck within a cocoon of thought, where tools such as antivirus and sandbox machine learning revolve around the same detection based models even though they appear advanced on the surface. When you’re dealing with more than 500,000 new viruses coming out globally everyday, detection alone is simply not good enough. We can’t detect all of them.

Instead of detection, we take a sanitization approach beyond detection to protect against the undetectable. Rather than pushing a specific solution, we listen intensely to customer interests, piece together and enable differentiated solutions sourced from all across the world. The solutions we deploy are often deemed to be unconventional, but it is these very technologies that help protect against the advanced threats of today. In other words, we fill the gaps that mainstream and conventional methods are not able to address.

Take Digital Forensics and Incident Response (DFIR) for example, where traditional methods can take up to three weeks per incident. Our solutions can compress this process into less than 10 minutes. As a rule of thumb, if your solutions can be categorised, it’s probably not innovation just an enhancement to an earlier invention. True innovation cannot be put in a box. That’s its true essence.”

What are the biggest challenges in cybersecurity for small businesses?

Soh: “Resources will always be a limiting factor, especially among smaller companies. Many business leaders jump straight into buying products, but this often results in over-protection or under-protection. Of course, it’s better to over-protect than under-protect. But the crux of the matter is that most SMEs don’t know what they’re protecting against.

In fact, today’s advanced threats don’t show symptoms until it is too late. If you encounter highly visible ransomware, you should consider yourself relatively lucky since responses and counter measures are activated immediately. More sophisticated hackers could be watching over all your activities through a LAN-implanted, waiting to strike at the right time. With that hackers today can also write very convincing phishing emails because they know  their target’s payment milestones down to the last digit. This tells them who, when, and what to write to elicit their desired response. So it really doesn’t matter how high-end your anti-phishing software is. Infiltration can happen the moment a single one slips through. Sanitization minimizes that. Beyond that, it is also important for SMEs to have not just backup, but offline backup that cannot be reached by the attacker.”

How can businesses mitigate obstacles around cybersecurity?

Soh: “There are many government grants available, but what’s more important is for businesses to understand their weakness. That’s always step 1. Once that’s done, you can apply the 80/20 rule for greater efficiency — using 20% of your effort to protect against 80% of your weakest exposure. Thereafter, you can recalibrate to focus on the remaining 20%. 

While you can’t necessarily afford the strongest innovations with this method, it is very possible to meet baseline security standards with the right consultancy and environmental assessment. The good news is that awareness is now stronger than ever among eCitizens probably due to the ongoing incidents that make headlines rather frequently. People have moved from a ‘this won’t happen to me’ to a ‘this may happen to me’ mindset. There are also cloud-based solutions that SMEs can adopt even without dedicated IT departments.”

What happens when companies don’t heed cybersecurity warnings?

Soh: “It’s important to provide feedback that is actionable. That’s why we always ascertain a client’s budget or funding capacity to determine the level of stringency. Security always involves a trade-off against convenience, after all, and the appropriate level of trade-off will vary significantly between companies. For example, military organisations can lock up their USB ports, but this can prevent organisations in the commercial world from being agile.”

What’s the secret behind building a successful Singapore cybersecurity consultancy?

Soh: “We knew from the beginning that relying on products alone would not be sustainable. We needed a strong differentiator, so we took a lot of seemingly competitive propositions and turned them into collaborative suppliers or partners. Coupled with a digital front, the world becomes our resource and market that we can tap into without physical expenses. Aside from flying down for critical commissions, most of our offerings are set up remotely. We hope this inspires SMEs in Singapore to craft niches that bring them to the world at very low cost, so that they can be resilient in the face of challenges that are similar to the Covid pandemic in the future. At the moment, we’re able to support SMEs pro-bono through various functions such as my position as Chair in the Singapore Cybersecurity Chapter. All of this is really meant to give back.”

A call for Private-Public-Partnerships (PPP)

Athena Dynamics continues to work closely with the government to address rising tech threats.Hopefully, leaders and talents in the private sector could be tapped well to counter the unceasing wave of handphone scams that have multiplied in volume and intensity. This could probably be best reached out via trade associations and special interest groups. While the dark side is always on the offensive, businesses therefore cannot afford to take defensive position all the time. They are also well communicated. We should too. By working on cross border crime prevention and working closely with both governments and trade associations, businesses can work together towards solving these teething issues at their root core.

Visit the TTAB publications page for more tech business success stories.