Cyber Security in Malaysia: Major ICT Security Issues

Interview with Dr. Amirudin Bin Abdul Wahab, CEO of CyberSecurity

Can you give us a brief history of CyberSecurity?

Our journey started with the creation of the Malaysia Computer Emergency Response Team or MyCERT (www.mycert.org.my) on 13 January 1997 as a unit under MIMOS Berhad (www.mimos.my).

On 24 January 1998, the National information Technology Council or NITC (www.nitc.my) proposed for the establishment of an agency to address emerging ICT security issues in Malaysia.

As a result, the National ICT Security & Emergency Response Centre (NISER) was created in 2001 as a department in MIMOS Berhad, and the Malaysia Computer Emergency Response Team (MyCERT) was placed under NISER.

On 28 September 2005, the Cabinet of Malaysia decided for NISER to be spun off from MIMOS Berhad as a separate entity under MOSTI.

On 30 March 2007, NISER was registered as a not-for-profit Company Limited by Guarantee (CLG), wholly owned by the Government of Malaysia, under the purview of MOSTI.

CyberSecurity participates in the annual ecommerce conference. Can you tell us about the importance of CyberSecurity being involved in ecommerce and how it plays a part in the success of ecommerce in Malaysia?

CybersSecurity Malaysia involvement in the annual e-commerce conference is to educate consumer and retailer about cyber security issues and how they can avoid cyber security incidents such as scam or fraud in the e-commerce field.

Through CybersSecurity Malaysia service, MyTrustSEAL – consumer can be assured to do their e-commerce transaction and trust the retailer who has adopted e-commerce good practise based on certification issued by CybersSecurity Malaysia.

As a member of World Trustmark Alliance, CybersSecurity Malaysia is capable and authroized to validate retailer websites and businesses according to the international standard, requirement as well as national regulation.

What role does CyberSecurity play in the advancement of the Malaysian economy?

In essence, the role of CyberSecurity Malaysia is to provide specialized cyber security services to ensure the security and safety of our cyber space. It is part of our contribution towards supporting Malaysia in becoming a digital nation and high-income nation driven by the digital economy.

Our focus as reflected in the National Cyber Security Policy (NCSP) is on the protection of the Critical National Information Infrastructure (CNII), where governments, businesses and citizens are highly-reliant on to enable the nation to function and acquire critical services.

In today’s global and highly competitive market place, any disruptions to the CNII including data loss, damages, cyber attacks and other cyber criminal acts can cause the anxiety about security breaches and significantly impact Malaysia’s economic competitiveness.

Perpetrators can access the information systems or use other electronic means to launch cyber attacks against critical information infrastructures such as financial, energy, transportation and government operations. The online banking system and electrical distribution grid can be crippled by shutting down the control systems. Cyber attacks can sabotage the airport traffic control systems and government operations can be disrupted with attacks on the national network services.

As cyber security threats are real, this underscores the strategic role of CyberSecurity Malaysia in driving the Malaysian economy to greater growth and progress by ensuring the infrastructure and digital assets are protected and safeguarded against cyber security threats. A secure and resilient cyberspace is important not only to ensure the continuous growth of the country’s economy but also its competitive advantage in the global economy.

To play its role in creating a safe and secure cyberspace, CyberSecurity Malaysia provides specialised cyber security services as follows:

• Cyber Security Emergency Services;
• Security Quality Management Services;
• InfoSecurity Professional Development and Outreach; and
• Cyber Security Strategic Engagement and Research.

Through the above services, CyberSecurity Malaysia, among others, provides 24×7 computer security incident response services (MyCERT) to all Internet users, assists in cyber forensics and analysis (DF), provides impartial assessment and certification based on the foremost international standard for ICT security function (ISCB & SA), promotes awareness of online safety and security issues among Malaysians (CyberSAFE) and conducts programmes for cyber security professionals development (CSPD).

Besides providing services to enable the conducive growth of the economy, cyber security industry is also fast emerging as a new engine of growth for Malaysia. In this regard, CyberSecurity Malaysia plays a vital role in developing a vibrant cyber security industry by offering global solutions as well as ICT certification, assurance and evaluation services which are at par with international standards.

Cyber Security Malaysia Awards, Conference & Exhibition (CSM-ACE) event is held annually to provide a one-stop and conducive platform for business matching as well as trade and investment opportunities. Through the conferment of Malaysia Cyber Security Awards during such event, it will spur innovation, commitment, and foster strategic alliances within the local security and ICT industry.
This will help to bolster projects under the Digital Malaysia initiative which is targeting an increase in Gross National Index (GNI) contribution of digital technologies to 17% of Gross Domestic Product (GDP) and creating 160,000 high value jobs by the year 2020.

Your company provides services in order to protect the public, the economy, and government services. What types of services do you offer?

The services that we offered are definitely those are related to cyber security field. Amongst the specialised cyber security services are:

1. Cyber Security Emergency Services:
   .    Cyber early warning system
   .    Malware research
   .    Cyber999
   .    Digital Forensics – Cyber CSI
2. Security Quality Management Services
   .    Security Management & Best Practises
   .    Security Assuarance
   .    Cyber Security Certification Services
   1. MyCC Scheme
   2. CSM27001 Scheme – ISMS
   3. Malaysia Trustmark
3. InfoSecurity Professional Development and Outreach
   • Professional training
   • CyberSAFE
4. Cyber Security Strategic Engagement and Research
   • Industry Development – we organized annual cyber security conference known as CSM-ACE
   • Government & Multilateral Engagement
   • Research

Who are some of your clients?

CyberSecurity Malaysia serves the Stakeholders i.e. the Government of Malaysia, the LEA (Law Enforcement Agency), the CNII (Critical National Information Infrastructure).

CNII consists of 10 Critical National Information Infrastructure – namely Health, Water, Banking and Finance, Information and Communications, Energy, Transport, Defense and Security, Government, Food and Agriculture and Emergency Services
Apart of the government (public sectors), we also served the private sectors such as organisation in various industries specifically those entities that use ICT as their operational based. Most of the services offered are meant for the country making our main clients reside within the country itself.

As a national cyber security specialist agency, CyberSecurity Malaysia plays the role as facilitator to provide the platform for multi-stakeholders to address concerns and issues in various facets of the cyber security industry and develop action plans for the growth and development of the local industry. This will also open up opportunities for greater alliances within the local and regional ICT industry to gain a competitive advantage and propel the industry into the future.

Can you describe to us your company logo and how it represents your vision and mission?

The two sets of vertical slats represent gates which CyberSecurity Malaysia has set up to protect the cyberspace of Malaysia.
The font chosen reflects the hi-tech industry that we monitor whilst the grey colour in the design represents the many grey areas that pervade the industry and our efforts in shedding light on them.

The orange colour serves as a warning beacon to anyone thinking of abusing Malaysia’s cyberspace. CyberSecurity Malaysia brand represent who we are, what we are, how we do and why we do our job as the frontier of cyber and internet security in Malaysia.

The brand is positioned as the national reference centre responsible for securing Malaysia’s cyberspace and that makes CyberSecurity Malaysia different from others.

Our brand is what we stand for the services we promise to deliver to our clients and the community. The core value which is proactive, impartial and trusted is the foundation of our brand that describes our approach and professionalism in carrying our duty.
In developing the brand, CyberSecurity Malaysia uses generic branding proposition where the word “Cyber” has been extended to other specialized services created within the organization. The word Cyber relates to the main brand and also reflects the nature of business by the organization itself.

Definitely the logo represents the Vision and Mission of CyberSecurity Malaysia as follows:

Vision: Our vision is to be a globally recognised National Cyber Security Reference and Specialist Centre by 2020.
Mission: Our mission is to create and sustain a safer cyberspace to promote National Sustainability, Social Well-Being and Wealth Creation.

CyberSecurity Malaysia must stay relevant and grow stronger each day. The representation can be seen based on the two sets of vertical slats that symbolize the gates to protect the Malaysian cyberspace.

Are you currently present in any other countries in the region?

At present, Malaysia through CyberSecurity Malaysia involves in various multilateral cooperation in the field of cyber security:

The Asia Pacific Computer Emergency Response Team (APCERT).

APCERT is a collaboration of CERTs established to ensure internet security in the Asia Pacific region based around genuine information sharing, trust and cooperation. APCERT consists of national CERTs in the Asia Pacific region and currently has 27 members from 19 economies. CyberSecurity Malaysia and Korea CERT/CC are a member of the APCERT Steering Committee which is responsible for general operating policies, procedures, guidelines and other related matters affecting the APCERT as a whole. At present, JPCERT/CC is the Chair and Secretariat of APCERT.

Common Criteria Recognition Arrangement (CCRA) Authorising Participant

Malaysia through CyberSecurity Malaysia, is the Authorizing members of the CCRA. The purpose of this Arrangement is to advance those objectives by bringing about a situation in which IT products and protection profiles which earn a Common Criteria certificate can be procured or used without the need for further evaluation. It seeks to provide grounds for confidence in the reliability of the judgments on which the original certificate was based by requiring that a Certification/Validation Body issuing Common Criteria certificates should meet high and consistent standards.

World Trustmark Alliance (WTA)

Malaysia, through CyberSecurity Malaysia, is the member of the World Trustmark Alliance (WTA). The WTA (http://www.wtaportal.org) is developed from the Asia Pacific Trustmark Alliance (ATA) in 2010. WTA remains a membership-based organization as ATA with 37 Trustmark operators from 30 countries. Malaysia has been a member of the WTA since 2011.
CyberSecurity Malaysia is the 2014 Chair of the WTA.

Tripartite Agreement

CyberSecurity Malaysia signed a two-year technical partnership with data recovery specialists, Myung Information Technologies of South Korea (MIT Korea) and Myung Inovasi Terkini (Myung Malaysia) for MyCyberSecurity Clinic. The purpose of the agreement is MIT Korea and Myung Malaysia have agreed to provide CyberSecurity Malaysia with their respective portions of technical services such as consultancy services, technical & management support services, and training services. MyCyberSecurity Clinic (MyCSC) is an initiative by CyberSecurity Malaysia to bring trustworthy and convenient digital forensic services such as data recovery and data sanitization as well as consultancy to government agencies, private companies and to the public.

Organization of The Islamic Cooperation – Computer Emergency Response Team (OIC-CERT)

The OIC-CERT was established in 2009 after a resolution was accepted at the Organization of the Islamic Cooperation (OIC) 35th session of the Council of Foreign Ministers held in Kampala, Uganda on 18-20 June 2008. This is a platform for member countries to explore and to develop collaborative initiatives and possible partnerships in matters pertaining to cyber security that shall strengthen their self-reliant in the cyber space. The OIC-CERT consists of 36 members from 19 countries. Malaysia through CyberSecurity Malaysia has served as Chair of OIC-CERT for the first two terms of the establishment of OIC-CERT in 2009 – 2011 and 2011 – 2013. Now, CyberSecurity Malaysia is the Permanent Secretariat for OIC-CERT.

Your goal is to be a globally recognized National Cyber Security reference and Specialist Centre. What steps are you taking to achieve that goal?

CyberSecurity Malaysia’s vision is to be a “Globally Recognized, National Cyber Security Reference & Specialist Centre by 2020” needed a master plan to chart its path forward. Our strategic roadmaps have put few strategic initiatives for us to move forward and achieve our vision. Our mission is to create and sustain a safer cyber space to promote national sustainability, societal well-being and wealth creation. With the vision and mission statement, CSM have aligned our initiative into below concepts:

• National Subject Matter Expert in the niche /specialized areas
• Deep vertical expertise in the niche areas
• Core business functions (i.e. services/products/certification etc) delivered in a package to serve national needs and industry demand.
• National reference center in the area of cybersecurity to various key

What are some of the main cyber security problems Malaysia faces?

Based on the incident reports that we receive (through our Cyber999 Help Centre), some of the main cyber security problems Malaysia faces are frauds, malware, intrusion, intrusion attempts and harassments.
The statistics is as below for 2014. The statistics is as of September 2014.
Fraud: 3326
Malware: 645
Intrusion: 708
Intrusion Attempts: 1244
Harassment: 430
Link to MyCERT statistics:

http://www.mycert.org.my/en/services/statistic/mycert/2014/main/detail/949/index.html

You are under the Ministry of Science, Technology, and Innovation. What are some other aspects that give you the competitive advantage?

I would say that the main factor that separates CyberSecurity Malaysia from other competitors is that we are mandated by the Government of Malaysia to provide specialized cyber security services and to continuously identify possible areas that may be detrimental to national security and public safety as gazetted by Order of the Ministers of Federal Government.

In accordance with Order No. 24 of the Policy and Mechanism for National Cyber Crisis Management by the National Security Council, CyberSecurity Malaysia is required to support as well as provide technical assistance and training services for national cyber crisis management.

CyberSecurity Malaysia was also involved in the formulation of the National Cyber Security Policy (NCSP) with the Ministry of Science, Technology and Innovation (MOSTI) in 2006 and was given the mandate to provide technical support to the Government in the implementation of the NCSP.

Established as a Company Limited By Guarantee under the purview of the Ministry of Science, Technology and Innovation (MOSTI – in short), CyberSecurity Malaysia is a non-profit organization and is entrusted to act with impartiality by providing consultation, advice and decision making with professionalism based on established facts and rationale, which is devoid of any personal or conflict of interest and bias.

Given our roles and responsibilities, we provide support both to the Government and society, in terms of the needs and sensitivity in the area of national security and public safety.

We do not compete with the industry, instead we believe that no single agency can work alone in cyber security. Hence, we collaborate with them via Public- Private-Partnership to strengthen the domestic cyber security. In managing the risks of cyber security threats and cyber incidents in the country, the competitive advantage of CyberSecurity Malaysia is the comprehensive services offered, among which are:

Cyber999, a cyber security response centre, that provides technical assistance and incident handling in resolving incidents in cyberspace such as intrusions into computer systems, seditious or defamatory attacks, online frauds and cyber harassments as well as issuance of cyber security advisories;

forensic services through the digital forensic laboratory which is the first forensic laboratory in Malaysia and in the Asia Pacific region that is accredited by the American Society of Crime Laboratory Directors/Laboratory Accreditation Board (ASCLD/LAB); digital forensics analysts who are recognised as ‘expert witness’ in digital forensics under the Criminal Procedure Code 399 subsection 3(f) to assist law enforcement agencies, regulatory bodies, and government agencies in crime scene investigation;

Vulnerability Assessment Service to improve the country’s resilience against cyber threats and exploitation due to vulnerabilities in information systems, networks and technology;

Malaysia Security Evaluation Facilities, an ISO 17025 accredited test lab, for security functional testing, security assessment, validation, auditing and evaluating a variety of ICT products and systems; Malaysian Common Criteria Evaluation & Certification (MyCC) Scheme which evaluates and certifies the security functionality of ICT products, systems and Protection Profiles against the international standard ISO/IEC 15408;

Information Security Professional Development Programme that provides information security competency and capability training courses and certifications as well as knowledge-sharing platform for ICT professionals; and, Outreach programmes to inculcate cyber safety and security awareness to create a culture of positive Internet usage amongst people from all walks of life in Malaysia.

Note:
Order of the Ministers of Federal Government – Vol.53, No.13, dated 22 June
2009 (revised and gazetted on 26 June 2013 [P.U. (A) 184])

What are the investment opportunities in your particular sector, as well as Malaysia in general?

The rapid development of ICT worldwide has resulted in enhanced prosperity amongst nations, and cyber security is a critical factor in underwriting that prosperity. In view of this, all nations share common interests in ensuring the security of the cyber environment, therefore, Malaysia, as a nation has adopted a holistic approach in enhance the security of its cyber environment.

Our level of knowledge and expertise is at par with other countries and CyberSecurity Malaysia wants to remain as a recognized trusted provider to secure the cyberspace to our nations. As far as cyber security is concern in Malaysia, we believe that there are a lot of investment opportunities in cyber security industry. We want to be the preferred references for any related to cyber security and providing solution in the technical field to address the most complex cyber security challenges.

We want to continue building the capacity as organization that going to be prepared no matter how the threat and the landscape in cyber to be in three or five year from now. CyberSecurity Malaysia will continue to be vigilant in protecting our government and infrastructure and to demonstrate our commitment to building the best cyber security team in this region.

What is your outlook for 2015?

Enhancing our capability and provide niche technical expertise services as well as growing the industry.