Building Cyber Resilience: Strategies for Cybersecurity Preparedness and Recovery
In the dynamic landscape of cybersecurity, the responsibility for safeguarding an organisation’s digital assets transcends traditional boundaries. While rooted in the IT domain, cybersecurity is not solely the purview of technology professionals. Instead, it has evolved into a shared responsibility that spans across the entire business landscape.
Business leaders and executives now play a pivotal role in steering the cybersecurity agenda, understanding that the consequences of a breach extend far beyond the realm of IT. With the potential to impact reputation, customer trust, and overall business continuity, cybersecurity is undeniably a business imperative.
Malaysia’s Budget 2024, unveiled by Prime Minister Datuk Seri Anwar Ibrahim, earmarked a record-breaking RM393.8 billion for the national budget, signalling a substantial increase of RM5.8 billion from the previous year. The Ministry of Communications and Digital (KKD) secured a significant allocation exceeding RM2.84 billion under Budget 2024. These funds will propel digital connectivity initiatives, foster the digital economy, enhance cybersecurity measures, promote national information marketing, and support local talent and creative projects.
Participants during ASEAN Innovation Business Platform (AIBP’s) Conferences this year believed that while 51% of Malaysian enterprises believe allocating over 20% of their IT budget to cybersecurity is essential, more than 37% presently allocate less than 5% to cybersecurity.
The AIBP Innovation Working Groups seek to foster collaboration among stakeholders and promote the growth and development of ASEAN’s digitalisation and innovation through sharing knowledge, expertise, and resources. Following feedback from local stakeholders on common challenges, opportunities, and expected outcomes for digitalisation in their organisations, we curate this industry working group with CyberSecurity Malaysia featuring sharings of best practices and industry discussions of focused case studies.
Effective cybersecurity demands a collaborative approach, where IT professionals and business leaders work hand-in-hand to create a robust defence strategy. It necessitates a shared understanding of risks, proactive measures to fortify digital infrastructure, and a commitment to fostering a cybersecurity-aware culture throughout the organisation.
3 main challenges were highlighted during the discussion: incident response, scams and phishing attacks, and lack of efficiency in awareness/training programs.
In the global context, incident response remains a cornerstone of cybersecurity strategy. Prioritisation is crucial, especially in allocating resources effectively.
“Across the globe, a lot of the strategy is about having incident response. That’s most important because we need to prioritise and cannot invest our dollars in everything that we do. And that’s where risk assessment comes into play.”
Since the onset of the pandemic, Malaysia has experienced a surge in the value of e-commerce, escalating from 8.5% in 2019 to 12% in 2020. The implementation of the MYDigital Blueprint in 2021 further propelled this growth, registering a remarkable 17.1% increase in the third quarter of the same year. However, this rapid expansion inadvertently created opportunities for hackers and fraudsters to target unsuspecting individuals.
The escalation in digital fraud cases has empowered malicious actors with the resources needed to amplify both the frequency and severity of their attacks. The Malaysia Computer Emergency Response Team (MyCERT) noted a significant uptick in cyber-related incidents from 2017, with signs of only marginal slowdown in 2021. In August of the same year, the Malaysian Royal Police reported losses amounting to RM 5.2 billion due to scams over a span of 24 months.
Despite the prevalence of scam and phishing alerts experienced by participants in attendance, the efficacy of training programs tends to vary, emphasising that a one-size-fits-all approach may not be suitable.
Securing Tomorrow’s Tech: Navigating the Cybersecurity Challenges of 5G, IoT, and AI
The surge in cybercrimes is attributed to exploiting vulnerabilities within daily technologies. Cybercriminals leverage AI to hack passwords, leak information, and perpetrate scams, resulting in data breaches and financial losses.
Malaysia, recognizing the risks, has transitioned into an information-centric society. The 2024 budget allocates RM60 million to develop a 5G Cyber Security Testing Framework, emphasising the commitment to digital safety.
“Technology vendors are also working very hard to be secure. Someone mentioned Gen AI and maybe it’s a little disruptive. There is a degree of very difficult to detect those things. Every vendor, including CrowdStrike, is bringing in Gen AI, natural language processing models to make our lives easier.”
“In a world where technological innovation is accelerating at an unprecedented pace, our organisations face both incredible opportunities and daunting challenges. The increasing reliance on digital solutions, the proliferation of data, and the emergence of cutting-edge technologies like artificial intelligence, blockchain, and the Internet of Things present avenues for growth that were once unimaginable. However, these advancements come with a responsibility — the responsibility to safeguard our enterprises from the ever-evolving landscape of cyber threats. Which is why we hope to continue more of these discussions to encourage growth and emphasis on cyber and risk. Today’s working groups are designed to be more than just discussions; they are a platform for the sharing of experiences, insights, and lessons learned.”
Despite governmental initiatives, the collective effort remains imperative to forge a cyber-resilient society. Holistic cyber hygiene practices, continuous learning, collaboration, and information sharing are vital components of this collective endeavour.
This article was originally written and posted by Vanessa Kwan
