Malaysia's 2016 Cybersecurity AgendaCybersecurity Malaysia CEO Wahab on Responding to Evolving Threats
Malaysia has experienced over 10,000 cyber incidents in 2015 and expects increased commercial fraud, ransomware and online scams in 2016. The Internet of Things also throws up security challenges for enterprises, says Dr. Amiruddin Abdul Wahab, CEO, CyberSecurity Malaysia.
See Also: Ransomware Recovery in the 'New Normal'
"Cyber-attacks have increased dramatically over the last decade, exposing sensitive personal and business information, disrupting critical operations and imposing high economy costs," he says.
The disruption to Malaysia's Critical National Information Infrastructure, rising costs to business from cybercrime, theft of financial data and intellectual property will only drive investment away from the country. It's imperative, then, to protect cyberspace.
"Malaysia's primary focus in 2016 is establishing regional cooperation and cross-border collaboration with regional cybersecurity agencies and bringing in best practices on multiple spheres," he says.
He believes the key to enabling cybersecurity, particularly for critical infrastructure, is strengthening the ecosystem that enhances public private partnerships.
In this interview with Information Security Media Group, Wahab discuses collaboration with Indian CERT in sharing best security practices and developing frameworks. He also offers insights on:
- Engaging the private and public sector in driving cybersecurity;
- Recommendations for security practitioners in securing cyberspace;
- How Malaysia is beefing up cybersecurity.
Wahab, with more than 20 years in ICT in telecom and IT sectors in the government, semi-government and private sectors, is chairman, World Trustmark Alliance. As Under Secretary of the ICT Policy Division, MOSTI Malaysia, he led ICT development programs and activities, including Head of the Secretariat to the National Information Technology Council (NITC) Malaysia.
Year 2016 Challenges
GEETHA NANDIKOTKUR: What are the new cybersecurity challenges you envision for 2016?
AMIRUDDIN WAHAB: In 2015, we witnessed over 10,000 real incidents reported to cyberSecurity. Based on this, we predict that commercial fraud, ransomware and online scams will lead the trends in 2016. Businesses in Malaysia will soon face a new but challenging era in IT - IoT. Cyberattacks have increased dramatically over the last decade, exposing sensitive personal and business information, disrupting critical operations, and imposing high costs on the economy.
Centre for Strategic and International Studies, a global think-tank, says the cost to the global economy of cybercrime and online industrial espionage is US$445 billion (RM1.8tril) a year-- about as much as the GDP of a country. In my article to a media group, I'd stated that the challenge would be how we can make Malaysia a safer place to do business in and a developed nation by 2020. In my opinion, disruption to Malaysia's Critical National Information Infrastructure, rising costs to business from cybercrime, theft of financial data and intellectual property will drive investment away from countries whose systems are seen to be insecure.
NANDIKOTKUR: What are Malaysia's initiatives to beef up its cybersecurity?
WAHAB: The primary focus in 2016 is to establish regional co-operation and cross-border collaboration with regional cybersecurity agencies and bring in best practices on multiple spheres. A recent effort is working closely with Indian CERT in protecting cyberspace. Some initiatives include:
- Developing a framework for incident response management: A framework will be developed to facilitate cross-border cooperation as well as collaboration between the Computer Emergency Response Teams and collaboration in analysis of malware and computer security threats through the Malware Research Centre, so that threat research information can be shared;
- Capacity building to enhance knowledge in cybersecurity: Technical skills and knowledge enhancement can be conducted through information security competency and capability training courses and certifications and knowledge sharing platform for ICT professionals, provided through the Cyber Security Professional Development Programme;
- Development of a framework for international cooperation, dialogue and research: Strategic engagement can be carried out to undertake research initiatives in policy research pertaining to cyber laws, emerging technologies, content and new policies on the cybersecurity climate.
Public, Private Partnership
NANDIKOTKUR: You have been encouraging the public and private partnership model to develop the cybersecurity ecosystem. What is the progress made?
WAHAB: With cyber-threats increasing in number and sophistication, the government alone cannot prevent them from causing a threat to national security and societal well-being. The key is to strengthen the cyber ecosystem that enhances public private partnerships. Public-private cooperation improves effectiveness of risk management through sharing of information, experience and resources, catalysing innovation and developing competency to enhance the cybersecurity ecosystem. We want to engage with academic researchers and industry practitioners in a public-private partnership to enable cutting-edge technologies, new methodologies and deal with emerging cyber-threat arising from IoT and big data.
Advise to Practitioners
NANDIKOTKUR: What would you advise practitioners tackling sophisticated attacks?
WAHAB: Security practitioners must understand that the attackers are resorting to Advance Persistent Threat, targeting military, defence and sensitive government information. They are taking advantage of legacy security frameworks leveraging on spear phishing mails - many organisations still rely on legacy security solutions which are not effective against today's APT attacks - which also combine vectors like social engineering.
Organisations, particularly in the Critical National Information Infrastructure sector, should look at detection, response and recovery and must possess effective, proactive, preemptive and preventive incident response capabilities. I'd recommend using Information Security Management System framework, including three components of people, process and technology. There must be hard technology controls to fully protect the system. This includes good vulnerability management and continuous security posture testing and good impact and risk assessments to monitor and record all network activities. Raising awareness by educating and training people to be ready to identify potential cyber-threats is key. Then, users will be more careful about opening attachments or clicking on links in attachments or email messages and be able to identify anything suspicious.