EXCLUSIVE - Safeguarding Malaysian cyber space (Part II) - International cooperation, changing mindsets
In this second part of the interview (click here for the first part) with Dato’ Dr. Haji Amirudin Abdul Wahab, Chief Executive Officer of Cybersecurity Malaysia (CSM), we learn about collaboration with over 70 countries around the world through multilateral arrangements and Memorandums of Understanding with countries in the ASEAN region. Dato’ Dr. Haji Amirudin also talks about the milestones for CSM during his tenure and the challenges of changing mindset and culture.
CSM signed an MOU with Cybercrime Investigation and Coordinating Center (CICC) of the Philippines in December 2016. Cyberspace transcends national boundaries. How do you view international co-operation and CSM’s role in the region in creating, facilitating and sharing of knowledge towards a safer regional cyberspace?
International cooperation is essential to help solve cyber threats as Internet security is an issue that transcends borders.
Malaysia through CSM plays a vital role in international cooperation having established collaboration in cyber security with more than 70 countries, including the Asia Pacific region and the Organisation of the Islamic Conference (OIC) nations.
Presently, CSM is involved in various multilateral cooperation arrangements as stated below:
- Asia Pacific Computer Emergency Response Team (APCERT)
APCERT is a collaboration of CERTs established to ensure internet security in the Asia Pacific region are based around genuine information sharing, trust and cooperation. APCERT consists of national CERTs in the Asia Pacific region and currently has 28 members from 20 economies. CSM is a Steering Committee member and involved in formulating general operating policies, procedures, guidelines and other related matters affecting the APCERT as a whole. CSM is also responsible for the APCERT Outreach/Liaison area.
- Organization of the Islamic Cooperation-Computer Emergency Response Team, www.oic-cert.org (OIC-CERT)
Malaysia represented by CSM and Indonesia represented by the Indonesia - Security Incident Response Team on Internet Infrastructure (Id-SIRTII) are the members and currently in the OIC-CERT Board of the Organization of the Islamic Cooperation-Computer Emergency Response Team (OIC-CERT).
The main objective of this collaboration is to assist member countries to build cyber security capabilities and strengthen existing capacity through knowledge sharing and experiences. The international collaboration platform in Computer Emergency Response Team (CERT) will also result in economic value creation by being a platform to foster greater trust, long-term friendship and business cooperation among countries. Other than optimising the dissemination of cyber alerts, it would also provide a platform to exchange ideas and expertise and to promote joint development on measures to deal with large-scale cyber security incidents. The objectives of the OIC-CERT are:
- Strengthening the relationships amongst CERTs in the OIC member countries;
- Encouraging experience and information sharing in ICT security;
- Preventing and reducing cyber-crimes;
- Cultivating and fostering education and outreach ICT security programs;
- Promoting collaborative technology research, development and innovation in ICT security fields;
- Promoting good practices and/or recommendation to help address legal and regulatory issues; and
- Assisting member countries in establishing National CERTs.
To date, the OIC-CERT memberships are from 21 OIC countries.
CSM is also actively involved in the ASEAN Regional Forum (ARF), the Council for Security Cooperation in the Asia Pacific (CSCAP) and the World Trustmark Alliance (WTA).
- Memorandum of Understanding (MoU) between Malaysia and ASEAN countries
Based on the Memorandum of Understanding (MoU) signed on 7th December 2016 and between Malaysia through Cybercrime Investigation and Coordinating Center, Department of Information and Communications Technology, Republic of the Philippines. CSM is requested to cooperate and collaborate in the area of Cyber Security in Philippines.
The MoU provides a framework for understanding and cooperation between the two organisations for exchange of information on current threats and strategies to increase effectiveness of cyber security incident response; to respond and mitigate cross-border incidents, especially those that affect both countries; and sharing of experiences and knowledge to increase skill and expertise between both parties.
Malaysia can contribute to the collaboration with the Philippines in the areas of:
- Training and capacity building in various cyber security areas for both technical and non-technical;
- Development of Digital Forensics, CERT and other relevant laboratories capabilities;
- Advisory on policy, strategy and relevant cyber security related;
- Encourage activities for strengthening mutual cooperation and relationship; and
- Other forms of collaboration agreed by both parties on a case-by-case basis.
CSM can train Philippine officials on critical infrastructure protection, cryptography, and digital forensics as well as advise and assist them in their policy strategy planning for cybersecurity in the Philippines.
Based on the Memorandum of Understanding (MoU) signed on 10th November 2014 and renewed on 14th May 2015 between Malaysia through Indonesia - Security Incident Response Team on Internet Infrastructure (Id-SIRTII), CSM is requested to cooperate and collaborate in the development, capabilities and capacity in information security in Indonesia.
In addition to the MoUs with Indonesia and the Philippines, Malaysia is currently seeking new collaboration with Laos, Myanmar, Cambodia, Thailand and Vietnam. Under the collaboration, Malaysia is proposing Lebahnet as an initiative under APCERT’s Working Group of Malware Mitigation.
The Lebahnet operation is managed by the Malware Research Centre under MyCERT team, a department under CSM which specialises in conducting malware analysis and tracking. LebahNet is a honeypot based distribution system. It is a system that emulates vulnerabilities in the network services.
The LebahNet is managed via collaboration among its members to share malware threat, analysis, response and mitigation against cyber threat attacks. All data (such as source of attack and malware samples) obtained from the distributed sensors will be sent to the centralized reporting server for further inspection and analysis. It will automatically conduct research in malware threats and provide dashboard analysis with information sharing among participating members.
CSM is also working with France. CSM can offer cooperation in the fields of ICT policy and regulations, cyber security and combating cybercrime with relevant organisations in France. The following activities can be considered for collaboration:
- Enhancement of information security governance that will provide countries with the necessary requirements, standards and best practices in managing and securing information;
- The formulation of effective strategies such as harmonization of laws and procedures to deal with cross-border cybercrime and jurisdictional issue;
- The development of collaborative programs in Information Security Awareness and Capacity Building;
- The development of outreach programs to inculcate the culture of cyber security;
- An international collaboration platform in Computer Emergency Response Team (CERT) will also result in economic value creation by being a platform to foster greater trust, long-term friendship and business cooperation among countries; and
- The exchange of experts in information security will be more cost effective than sending trainees to other countries.
What are some of the milestones and achievements in your role as CEO of CSM?
Among CSM’s milestones during my tenure as CEO are as below:
- CyberSecurity Malaysia’s Milestones at the National Level.
- Launched the Malaysia Trustmark for Private Sector in 2013
- Appointed as Co-Chair of Council for Security Cooperation in the Asia Pacific (CSCAP) Study Group on Cyber Security, CSM has served as a cyber expert in CSCAP Malaysia in 2014.
- CSM CEO is a member of the independent panel set up to review the standard operating procedure for public examinations following a leak in examination papers for Ujian Penilaian Sekolah Rendah (UPSR) in 2014. The eight member panel is chaired by former chief justice Tun Zaki Tun Azmi.
- CSM has conducted a National Baseline Survey on the Current Cyber Security Awareness among School Children in 2016. From the findings, CSM in collaboration with the Ministry of Education will formulate modules to be incorporated in the school curriculum.
- CSM was involved in the national cyber crisis exercise or X-Maya 5 in collaboration with the National Security Council in 2013. CSM provided the infrastructure and technical support for the success of the cyber drill based on the experience of organising regional cyber practical trainings with Organisation of the Islamic Conference - Computer Emergency Response Team (OIC-CERT) and Asia Pacific Computer Emergency Response Team (APCERT) as well as CSM’s capability and expertise in handling various cyber security incidents through Cyber999 Help Centre and Malware Research Centre.
- In 2017, X-MAYA 6 was organized by National Security Council (NSC) supported by CSM aimed at assessing the cyber security emergency readiness and preparedness of critical national infrastructure agencies against cyber attacks.
- CyberSecurity Malaysia’s Milestones at the International Level
- CSM is the first organisation to hold the Chairmanship of the Organisation of Islamic Cooperation – Computer Emergency Response Team (OIC-CERT) for 201 3-2015 terms, making Malaysia the first country to Chair of the OIC-CERT
- CSM is the Permanent Secretariat to the Organisation of Islamic Cooperation – Computer Emergency Response Team (OIC-CERT). It leads the cyber drill for OIC-CERT countries.
- CEO of CSM was reappointed as Chairman for for World Trustmark Alliance for a second term in 2015.
- CEO of CSM was honoured as an Outstanding Chief Information/Security Officer Award (CSO Award) in conjunction with the 10th ASEAN CIO| CSO Summit and Awards 2014 held in Ho Chi Minh City, Vietnam on 2 December 2014.
- CEO of CSM appointed as a Deputy Director of the 32 Global Expert Council Members Of APEC e-Commerce Business Alliance (APEC ECBA)
- As Deputy Chair of APCERT, CSM led Coordinated Malware Eradication (CME) program for Asia Pacific CERT in 2015
- CSM’s digital forensic laboratory was re-accredited by ASCLD/LAB for 'Digital & Multimedia Evidence' discipline in 2016. It was the first forensic laboratory in Malaysia and the Asia Pacific region to be accredited by ASCLD/LAB I 2011.
- It serves as a cybersecurity expert in the Council for Security Cooperation in the Asia Pacific (CSCAP) Malaysia
- CSM is the only Cybersecurity Training Provider in Malaysian Technical Cooperation Programme (MTCP) Under the Ministry of Foreign Affairs.In line with Malaysia Chairmanship for Asean 2015, CSM have been given a mandate to conduct the 1st Cybersecurity Capacity Building Program for Asean.
- Member Country Partnership Strategy (MCPS) – CSM spearheaded cybersecurity area under Reverse Linkage Program. Assist Central Bank of Suriname to established Information Safety Management System (ISMS) Framework
- FireEye Award : Best Cyber Security Innovation Award 2015
- Signing of a Memorandum of Understanding (MoU) on cooperation between CSM and the Indian Computer Emergency Response Team (CERT-In) of India’s Department of Electronics and Information Technology in 2015
- Signing of MoU between CSM and the Cybercrime Investigation and Coordinating Center (CICC), agency under the Philippines Department of Information and Communications Technology (DICT) in 2016
- CSM was conferred the WSIS Champion Prize at the World Summit of the Information Society (WSIS) 2016: “Securing the Cyberspace through International Collaboration of the Computer Emergency Response Teams
Here are some of CyberSecurity Malaysia’s achievements since I have been at the helm:
- More than 80,000 cyber security incidents have been handled by Cyber999 Help Centre under the Malaysia Computer Response Team (MyCERT) which is a department under CSM
- More than 5,000 digital forensics cases have been solved by the Digital Forensics Department
- eight information security guidelines and 11 best practices
- 67 vulnerability assessment and information system technology service and 54 ICT security products
- 5,277 professional certification in information security
- CyberSAFE outreach programs attracted 170,057 participants from schools, universities and organisations
- 12 international strategy affairs
- 8 local engagement strategy
- 33 companies registered under collaboration program with industry
- 40 cyber security products and services
What are the biggest challenges you face as CEO of CSM?
The most challenging part of implementing the CSM’s transformation initiatives, namely Centre of Excellence (COE) initiative and the Business Transformation Plan (BTP), is to change the people’s mindset and culture. For instance, BTP is beyond the development of technical capability as it involves the transformation of mindset and culture of the agency’s employees.
CSM’s workforce will need to be commercially minded, place more emphasis on customer service and be flexible as well as robust to changes. The employees will have to migrate from the Government service mentality to business oriented mentality, change from reactive mindset to opportunity seeking mindset and discard complacency while striving for continuous competency, productivity and innovation. Besides staff readiness, other key challenges are service readiness, benefit for cyber security collaboration program partners and customer perception about CSM’s function.