Cybersecurity remains one of the critical challenges that business leaders face in their quest to strengthen their company’s resilience in the new normal that has emerged from the pandemic. In tandem with rapidly evolving technologies as well as the surge in digital commerce and remote working in the new normal, the cyberthreat landscape has seen an increase in both the quantity and sophistication of attack vectors.
According to a 2020 report on the cyberthreat landscape that must be addressed by member countries of the Association of Southeast Asian Nations (Asean), botnet infections, phishing scams and ransomware, among others, are on the rise. International security agency Interpol ranks Malaysia among the top three countries in terms of mobile banking malware detections.
Cybersecurity threats have been exacerbated by Covid-19: Malaysia recorded an 82.5% increase in cybersecurity cases in 2020. A total of 838 incidents were reported to Cyber Security Malaysia (CSM) between March 18 and April 7 last year — when the first phase of the Movement Control Order (MCO) was imposed.
Recently, Anonymous Malaysia, a group of hacker activists or hacktivists that resurfaced after a five-year hiatus, made a cyberattack threat to hack government websites and online assets. This has raised concerns about cybersecurity readiness among organisations and companies in the country.
In the current shifting landscape, Malaysian enterprises, many of which lack the resources to obtain the necessary critical cybersecurity skills, technologies and capabilities to mitigate the sophisticated wave of cyberthreats, must make urgent strategic decisions — and act on them.
Moving forward, the remote working culture is here to stay, and cloud adoption plays a vital role as both an enabler and operational platform for an organisation’s digital transformation. Businesses need to decide which elements can be handled in-house and which must be outsourced or brought in as a service. These game-changing decisions can help them transform the new normal into an era of opportunity.
By 2025, the digital economy will contribute 22.6% to the country’s GDP. In the recently announced Malaysia Digital Economy Blueprint (DEB), Prime Minister Tan Sri Muhyiddin Yassin provided the assurance that “the government is very committed to monitoring the security of the data management system to avoid any future cyberthreats”. He also said cyber and data security will be one of the main areas of focus for the government in realising the vision of a nation of digital technology. “The data of citizens will be handled with care based on the security standards set by the government through the implementing agency, the National Cyber Security Agency (NACSA).”
Building cyber resilience must go hand in hand with an organisation’s proactive cyber defence strategy: This heightened approach will result in a better protected digital infrastructure and cleaner data in the cloud and through every end-point.
IDC defines building digital trust as “enabling decisions to be made between two or more entities that reflect their level of confidence in each other”.
Today, digital trust between an organisation and its customers is essential for most, if not all, economic activity in an increasingly digital-first world.
Furthermore, enterprises are obligated to protect their clients’ data. Mandatory regulatory compliance means that an organisation is required to maintain the confidentiality, integrity and relevant accessibility of data and digital services.
The success of an organisation’s digital transformation is guided by high standards in its safety and compliance regulatory frameworks. Excellence in regulatory management and compliance translates to robust baseline security standards, which will increase digital trust and cyber resilience.
It is important that we remain aware of certain security risks when using cloud services, especially those that do not comply with regulatory requirements, and correctly manage and mitigate disruptions such as identity theft, online fraud, malware infections and data breaches.
Companies should have in place guidelines to safeguard their brand and reputation. They must carefully balance the digital risks of using cloud computing against the benefits and returns on investment (ROIs).
The Malaysia Cyber Security Strategy 2020-2024 (MCSS) outlines the key objectives and five strategic pillars that will govern all aspects of cybersecurity planning and implementation in the country. One of the focus areas is to improve national cyber resilience against cyberthreats, which range from advanced persistent threats to cybercrimes and content-related threats.
MCSS plays a crucial role in Malaysia’s DEB by protecting government and Critical National Information Infrastructure (CNII) networks, systems and data, as well as businesses and citizens, while combating cybercrime and cyberthreats. This is where an Active Cyber Defence (ACD) approach is required. Organisations need to develop and apply ACD measures to effectively mitigate cyberthreats and enhance their level of cybersecurity readiness, focusing on the capability to detect, analyse and act upon any cyberthreats within Malaysia’s cyber defence ecosystem.
According to various reports, more than a third of organisations globally are striving to implement new technologies to support their digital journey.
In Malaysia, organisations are figuring out how to navigate a highly sophisticated cybersecurity landscape.
According to IDC’s 2020 Asia/Pacific (excluding Japan) Enterprise Services Sourcing Survey, more than 70% of Malaysian organisations surveyed agreed that security was not within their core portfolio, and said they would prefer to engage a trusted partner to address their security requirements.
A dynamic technology landscape, coupled with rising levels of sophisticated artificial intelligence-powered cyberthreats, exacerbated by a shortage of in-house digital and security skills, points to the power of a collaborative approach as a business strategy. Partnering with the right vendors, with expertise and solutions that include cybersecurity services and functions, is the ideal business strategy in this new digital era.
TM ONE’s Cyber Defence Centre (CYDEC) provides security services, including global cyberthreat intelligence (CTI) services, to protect a company’s brand and reputation and prevent online fraud and business disruptions. TM ONE, the business solutions arm of Telekom Malaysia Bhd (TM), has an extensive and distinguished record as a digital transformation partner and is the only local Cloud Service Provider (CSP) for the MyDIGITAL blueprint.
With CYDEC, organisations can effortlessly ensure that in-house IT resources are focused on the core business. By leveraging CYDEC’s pool of security professionals, more time and resources can be allocated to an organisation’s internal team, enabling sustained focus on business-critical areas, such as data security, identity monitoring and internal threat hunting across systems.
CYDEC’s capability and capacity focuses on a business-value approach. It eliminates potential risks when implementing security technologies by ensuring that the new tools integrate with the organisation’s existing portfolio, which enhances the internal security team’s efficiency and effectiveness.
Furthermore, CYDEC offers real-time visibility with the Global Cybersecurity Operations Centre (G-CSOC) or a 24/7 monitoring of global cyberthreat incidents.
For businesses, this means real-time cyber defence services, which result in time and cost savings, the avoidance of business disruptions, peace of mind and regulatory compliance.
In today’s new reality, ensuring compliance with the many regulations is an essential journey to becoming a trusted business with the necessary levels of cyber resilience. Global leaders now use compliance audits to further refine the transformation process and enhance technology and the capabilities of their people.
The DEB is aimed at accelerating the country’s transformation into a technologically advanced economy by 2030. TM via TM ONE will continue to support national digital connectivity (fixed and mobile), as well as the digital infrastructure (cloud and data centre), to ensure that it is secure and protected.
TM ONE CYDEC helps Malaysian enterprises and public sector institutions build digital trust and cybersecurity resilience. This is done by managing the five key areas of risk — cybersecurity, compliance, privacy, ethics and social responsibility.
TM ONE, as the enabler of Digital Malaysia, is here to provide the cybersecurity needed for organisations to use cloud services so that they can focus on their transformation journey confidently.