Moving towards a proactive cybersecurity approach in Malaysia


As cybersecurity issues continue to be a major problem for businesses in Malaysia, more and more organizations are beginning to shift their focus to a proactive approach to securing their business data and employees.

In fact, the biggest problem for most data breaches in the country is that companies often reactively to cybersecurity. Simply put, unless there is a breach for that organization, cyber security would not be a priority when it comes to investing in technology and the like.

These were key points highlighted during the 2nd Summit on Cyber ​​Security and Intelligence Threats 2022, recently held in Kuala Lumpur. Organized by 3Novex, the cybersecurity event was attended by nearly 200 C-level executives from the public and private sectors, including financial services and the critical services industry in Malaysia.

Among the topics discussed were the importance of zero trust, addressing the need for cyber readiness with expanded disclosure and response, the importance of preserving secure national data and data sovereignty, and how identity security plays an important role in securing employees.

In his introductory address, Dato TS. Dr Haji Amirudin Abdul Wahab, CEO of Malaysia’s CyberSecurity, stressed the importance of companies considering threat intelligence as a means to improve their cyber security. This is in light of the growing data breaches faced by both private organizations and government agencies in recent months.

Two panel discussions were also held, focusing on building blocks for data breaches, as well as the future of intelligence on threats. In the first panel discussion, all panelists agreed that, although data breaches are increasing, there are still many areas that organizations can provide. This includes ensuring that there are sufficient methods to detect and prevent threats, as well as awareness of where their data is stored and who is accessing it.

According to Philip Victor, CEO of Welchman Keen, who was part of the panelists, one way to avoid breaches is to set a framework on how data is used and stored. He cited examples of how other countries in the Asia-Pacific region, for example, now take their citizens ’data more seriously and ensure they are well protected.

It was repeated by Dr. Chalee Vorakulpipat, head of the information security research team of the National Center for Electronics and Computer Technology (NECTEC) Thailand. He explained that in Thailand, the government has just introduced a data privacy law that focuses on security to ensure that Thai citizens ’data is not compromised or used for the wrong reasons.

Meisam Eslahi, Senior Director of Cybersecurity Global Services EC-Council Malaysia, highlighted concerns about undetected cyber attacks or Scope X. Scope X refers to all strangers in the organization for whom we may not be fully aware of their risks or even their existence. Here, too, a proactive approach to cyber security would be most appropriate.

Meanwhile, in another panel discussion focusing on the future of threat intelligence, panelist Azril Rahim, senior management of the Tenaga National Cyber ​​Threat Intelligence Service Berhad Malaysia, suggests that companies view cyber security investments from an ESG perspective. As more and more organizations want to improve their ESG approach, he believes they should consider the benefits that cyber security can provide to ESG, even though it is only a small percentage. In this way, companies can ensure the security of their data, as well as commitment to the ESG.

In addition, all panelists and participants in the event came to the conclusion that cyber security will continue to be a major problem in the country. While a proactive approach to cybersecurity can change the way organizations address violations and protect their employees, the reality is that many believe the government must also do more to ensure that companies are held accountable for their violations.

As there may not be a single approach for all companies when it comes to cyber security, a reactive approach needs to start somewhere, and reporting threats is a key component in enabling this.

Aaron Raj

Aaron enjoys writing about business technology in the region. He has attended and covered many local and international technology exhibitions, events and forums, speaking with some of the industry’s greatest technology figures. With more than a decade of media experience, Aaron has previously worked on news from politics, business, sports and entertainment.

Comments are closed.