“International cooperation is essential to help solve cyber threats as Internet security is an issue that transcends borders.”
In this second part of the interview (click here for the first part) with Dato’ Dr. Haji Amirudin Abdul Wahab, Chief Executive Officer of Cybersecurity Malaysia (CSM), we learn about collaboration with over 70 countries around the world through multilateral arrangements and Memorandums of Understanding with countries in the ASEAN region. Dato’ Dr. Haji Amirudin also talks about the milestones for CSM during his tenure and the challenges of changing mindset and culture.
CSM signed an MOU with Cybercrime Investigation and Coordinating Center (CICC) of the Philippines in December 2016. Cyberspace transcends national boundaries. How do you view international co-operation and CSM’s role in the region in creating, facilitating and sharing of knowledge towards a safer regional cyberspace?
International cooperation is essential to help solve cyber threats as Internet security is an issue that transcends borders.
Malaysia through CSM plays a vital role in international cooperation having established collaboration in cyber security with more than 70 countries, including the Asia Pacific region and the Organisation of the Islamic Conference (OIC) nations.
Presently, CSM is involved in various multilateral cooperation arrangements as stated below:
APCERT is a collaboration of CERTs established to ensure internet security in the Asia Pacific region are based around genuine information sharing, trust and cooperation. APCERT consists of national CERTs in the Asia Pacific region and currently has 28 members from 20 economies. CSM is a Steering Committee member and involved in formulating general operating policies, procedures, guidelines and other related matters affecting the APCERT as a whole. CSM is also responsible for the APCERT Outreach/Liaison area.
Malaysia represented by CSM and Indonesia represented by the Indonesia – Security Incident Response Team on Internet Infrastructure (Id-SIRTII) are the members and currently in the OIC-CERT Board of the Organization of the Islamic Cooperation-Computer Emergency Response Team (OIC-CERT).
The main objective of this collaboration is to assist member countries to build cyber security capabilities and strengthen existing capacity through knowledge sharing and experiences. The international collaboration platform in Computer Emergency Response Team (CERT) will also result in economic value creation by being a platform to foster greater trust, long-term friendship and business cooperation among countries. Other than optimising the dissemination of cyber alerts, it would also provide a platform to exchange ideas and expertise and to promote joint development on measures to deal with large-scale cyber security incidents. The objectives of the OIC-CERT are:
To date, the OIC-CERT memberships are from 21 OIC countries.
CSM is also actively involved in the ASEAN Regional Forum (ARF), the Council for Security Cooperation in the Asia Pacific (CSCAP) and the World Trustmark Alliance (WTA).
Based on the Memorandum of Understanding (MoU) signed on 7th December 2016 and between Malaysia through Cybercrime Investigation and Coordinating Center, Department of Information and Communications Technology, Republic of the Philippines. CSM is requested to cooperate and collaborate in the area of Cyber Security in Philippines.
The MoU provides a framework for understanding and cooperation between the two organisations for exchange of information on current threats and strategies to increase effectiveness of cyber security incident response; to respond and mitigate cross-border incidents, especially those that affect both countries; and sharing of experiences and knowledge to increase skill and expertise between both parties.
Malaysia can contribute to the collaboration with the Philippines in the areas of:
CSM can train Philippine officials on critical infrastructure protection, cryptography, and digital forensics as well as advise and assist them in their policy strategy planning for cybersecurity in the Philippines.
Based on the Memorandum of Understanding (MoU) signed on 10th November 2014 and renewed on 14th May 2015 between Malaysia through Indonesia – Security Incident Response Team on Internet Infrastructure (Id-SIRTII), CSM is requested to cooperate and collaborate in the development, capabilities and capacity in information security in Indonesia.
In addition to the MoUs with Indonesia and the Philippines, Malaysia is currently seeking new collaboration with Laos, Myanmar, Cambodia, Thailand and Vietnam. Under the collaboration, Malaysia is proposing Lebahnet as an initiative under APCERT’s Working Group of Malware Mitigation.
The Lebahnet operation is managed by the Malware Research Centre under MyCERT team, a department under CSM which specialises in conducting malware analysis and tracking. LebahNet is a honeypot based distribution system. It is a system that emulates vulnerabilities in the network services.
The LebahNet is managed via collaboration among its members to share malware threat, analysis, response and mitigation against cyber threat attacks. All data (such as source of attack and malware samples) obtained from the distributed sensors will be sent to the centralized reporting server for further inspection and analysis. It will automatically conduct research in malware threats and provide dashboard analysis with information sharing among participating members.
CSM is also working with France. CSM can offer cooperation in the fields of ICT policy and regulations, cyber security and combating cybercrime with relevant organisations in France. The following activities can be considered for collaboration:
What are some of the milestones and achievements in your role as CEO of CSM?
Among CSM’s milestones during my tenure as CEO are as below:
Here are some of CyberSecurity Malaysia’s achievements since I have been at the helm:
What are the biggest challenges you face as CEO of CSM?
The most challenging part of implementing the CSM’s transformation initiatives, namely Centre of Excellence (COE) initiative and the Business Transformation Plan (BTP), is to change the people’s mindset and culture. For instance, BTP is beyond the development of technical capability as it involves the transformation of mindset and culture of the agency’s employees.
CSM’s workforce will need to be commercially minded, place more emphasis on customer service and be flexible as well as robust to changes. The employees will have to migrate from the Government service mentality to business oriented mentality, change from reactive mindset to opportunity seeking mindset and discard complacency while striving for continuous competency, productivity and innovation. Besides staff readiness, other key challenges are service readiness, benefit for cyber security collaboration program partners and customer perception about CSM’s function.
We release new articles daily on trending topics within technology and the public sector. Subscribe to have weekly digests of our articles conveniently sent to your email address.
Mövenpick Hotel and Convention Centre KLIA
One Farrer Hotel
Sheraton Towers Singapore
Putrajaya Marriott Hotel
Marina Bay Sands, Singapore
JW Marriott Jakarta