Page 1
Copyright © 2017 CyberSecurity Malaysia Copyright © 2015 CyberSecurity Malaysia
NEW TECHNOLOGIES IN CYBER SECURITY
- COMPETITIVE ADVANTAGE OR HIDDEN THREAT: MALAYSIA’S EXPERIENCE
by
DATO’ DR. HAJI AMIRUDIN ABDUL WAHAB
Chief Executive Officer
22 Sep 2017
Page 2
Copyright © 2017 CyberSecurity Malaysia
DIGITAL ENVIRONMENT - Emerging Technologies
Page 3
Copyright © 2017 CyberSecurity Malaysia 3
It's great to be part of the disruptors, but scary when we are the one being disrupted
DIGITAL DISRUPTION — Threat or Opportunity?
Page 4
Copyright © 2017 CyberSecurity Malaysia 4
Source: Dimensional Research for Tripwire (March 2017) (https://www.i-scoop.eu/internet-of-things-guide/industrial-internet-things-iiot-saving-costs-innovation/cybersecurity-industrial-
internet-things/)
CURRENT DIGITAL LANDSCAPE
While IIoT may bring new challenges and risks, the fundamentals of security still apply. Organizations don’t need to find new security controls, rather they need to figure out how to apply best practices in new environments - Tim Erlins, Director, Security & IT Risk Strategist, Tripwire
DON’T FEEL PREPARED
NEED PROTECTION AGAINTS ATTACKS
EXPECT RISKS & VULNERABILITIES TO INCREASE
EXPECT SECURITY ATTACKS TO INCREASE
EXPECT IIOT DEPLOYMENT TO RISE
Page 5
Copyright © 2017 CyberSecurity Malaysia
5
IoT - CAN TURN INTO INTERNET OF THREATS
- James Bone, “Cognitive Hack”
- More Devices With More Vulnerabilities,
Page 6
Copyright © 2017 CyberSecurity Malaysia 6
1. Cyber crime damage costs to hit $6 trillion annually by 2021. 2. Cybersecurity spending to exceed $1 trillion
from 2017 to 2021.
3. Cyber crime will more than triple the number of unfilled cyber security jobs, which is predicted to reach 3.5 million by 2021.
4. Human attack surface to reach 4 billion people by 2020.
5. Global ransomware damage costs are predicted to exceed $5 billion in 2017.
http://www.csoonline.com/article/3153707/security/top-5-cybersecurity-facts-figures-and-statistics-for-2017.html
CYBER SECURITY HAS BECOME A MAJOR SECURITY CONCERN & FACTS ABOUT THE FINANCIAL IMPACTS OF CYBER ATTACKS
Page 7
Copyright © 2017 CyberSecurity Malaysia 7
Evolution of Cyber Attacks
Page 8
Copyright © 2017 CyberSecurity Malaysia 8
UNDERSTANDING CYBER THREAT
& POTENTIAL RISKS
Page 9
Copyright © 2017 CyberSecurity Malaysia 9
Page 10
Copyright © 2017 CyberSecurity Malaysia 10
Brand impact
• Sensitive media scrutiny
• Customer churn
• Loss of business due to critical intellectual asset loss
Regulatory impact
• Independent audits
• Regulatory fines
• Restriction on information sharing
• Implementation of comprehensive security solutions
Financial impact
• Detection and escalation
• Notification
• Lost business
• Response costs
• Competitive disadvantage
Operational impact
• Diversion of employees from strategic initiatives to work on damage control
CYBER SECURITY IS TOP MANAGEMENT ISSUE
-Cyber Risks and Impacts of Cyber Attacks
Page 11
Copyright © 2017 CyberSecurity Malaysia 11
RISKS OF CYBER ATTACKS
- Financial Impacts
Page 12
Copyright © 2017 CyberSecurity Malaysia 12
“This growth in DDoS was bad news for UK businesses, which were the second most targeted during Q2 2017, suffering over 32.5 million attacks. The US took the unfortunate top spot, being subjected to over 122.4 million attacks in just three months.”
“A major ransomware attack has brought businesses to a close throughout Europe, in an infection reminiscent of last month’s WannaCry attack. The most severe damage is being reported by Ukrainian businesses, with systems compromised at Ukraine’s central bank, state telecom, municipal metro, and Kiev’s Boryspil Airport.”
GLOBAL NEWS IN 2017 - Operational Impacts
Page 13
Copyright © 2017 CyberSecurity Malaysia 13
Source : Cyber_Risk_In_Asia-Pacific_The_Case_For_Greater_Transparency by Oliver Wyman
CYBER ATTACKS IN ASIA PACIFIC - Operational Impacts
Page 14
Copyright © 2017 CyberSecurity Malaysia
RISKS OF CYBER ATTACKS
- Impacts on Image and Branding
Page 15
Copyright © 2017 CyberSecurity Malaysia 15
RISKS OF CYBER ATTACKS
- Impacts on Image
Page 16
Copyright © 2017 CyberSecurity Malaysia 16
RISKS OF CYBER ATTACKS
- Regulatory and Legal Impacts
The cord-blood bank agreed to settle Federal Trade Commission
charges it failed to protect customer data due to inadequate
security that exposed Social Security and credit-card
information on 300,000 people.
Source: https://www.google.com/#q=The+cord-blood+bank+agreed+to+settle+Federal+Trade+Commission
Page 17
Copyright © 2017 CyberSecurity Malaysia 17 17
THE IMPACTS OF EMERGING CYBER ATTACKS CAN BE MORE DAMAGING
Page 18
Copyright © 2017 CyberSecurity Malaysia
MALAYSIA’S DIGITAL LANDSCAPE
18
Page 19
Copyright © 2017 CyberSecurity Malaysia 19
MALAYSIA IS TRANSFORMING ITSELF TO BECOME A DIGITAL NATION
FinTech - technologies that are disrupting traditional financial services i.e. mobile payments, money transfers, loans “….investment in Fintech around the world has increased dramatically from $930 million in 2008 to more than $12 billion by early 2015” - Accenture
Source: https://www.forbes.com/sites/bernardmarr/2017/02/10/a-complete-beginners-guide-to-fintech-in-2017/#2f6414393340
.
Page 20
Copyright © 2017 CyberSecurity Malaysia 20
CYBER ATTACKS - RISK OF HIGHEST CONCERN IN MALAYSIA
Page 21
Copyright © 2017 CyberSecurity Malaysia 21
88
87
77
73
73
69
68
65
0 20 40 60 80 100
Bankcard Fraud
ID theft
Virus/hacking
War/terrorism
Online shopping
Natural disasters
Financial obligations
Personal safety
Malaysia’s Top Security Concerns 2017
Source: 2017 UniSys Security Index
Page 22
Copyright © 2017 CyberSecurity Malaysia 22
196 527 347
860 625
912 915 754
1372 1038
2123
3566
8090
15218
9986
10636
11918
8334
5484
0
2000
4000
6000
8000
10000
12000
14000
16000
1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017
Type of incidents: 1. Intrusion 2. Intrusion Attempt 3. Denial of Service Attack (DOS) 4. Fraud 5. Cyber Harassment 6. Spam 7. Content Related 8. Vulnerabilities Report 9. Malicious Codes
Type of incidents (Excluding Spam)
1. Intrusion 2. Intrusion Attempt 3. Denial of Service Attack (DOS) 4. Fraud 5. Cyber Harassment 6. Spam 7. Content Related 8. Vulnerabilities Report 9. Malicious Codes
10636
CYBER INCIDENTS REFERRED TO CYBERSECURITY MALAYSIA
(1998 – 31 AUGUST 2017)
As of 31 Aug 2017
Page 23
Copyright © 2017 CyberSecurity Malaysia
Cyber Security Incident (1 Jan -31 Aug 2017)
Cyber Security Incident Jan Feb Mar Apr May June Jul Aug Total
Fraud 296 233 274 265 346 298 329 382 2423
Intrusion 98 201 148 101 138 284 146 363 1479
Malicious Code 94 68 65 62 92 71 62 56 570
Cyber Harassment 41 45 64 71 119 39 27 25 431
Content Related 2 5 9 2 9 2 1 4 34
Intrusion Attempt 39 19 32 41 22 8 37 31 229
Spam 26 38 24 30 31 32 36 30 247
DDoS 11 0 3 3 1 3 8 6 35
Vulberabilities 5 2 8 3 1 4 2 11 36
Total 612 611 627 578 759 741 648 908 5484
Page 24
Copyright © 2017 CyberSecurity Malaysia
MALAYSIA’S REGIONAL APPROACH &
ENGAGEMENT WITH PROFESSIONAL COMMUNITY
- Turning the risks into opportunities
24
Page 25
Copyright © 2017 CyberSecurity Malaysia 25
Adoption of HOLISTIC APPROACH that identifies potential threats to CNII organization and impacts to the national security & public well-being AND; to develop the nation to become cyber resilience having the capability to safeguard the interests of its stakeholders, reputation, brand and value creating activities
Page 26
Copyright © 2017 CyberSecurity Malaysia 26
RISK MANAGEMENT THROUGH
TECHNOLOGY (LEVERAGING NEW TECHNOLOGIES TO STAY AHEAD OF EMERGING THREATS)
Page 27
Copyright © 2017 CyberSecurity Malaysia
TRADITIONAL CYBER SECURITY APPROACH
- Important but not sufficient
27
• Leaves significant gaps in cyber defence • Most APT malware lies dormant and
remains undetected • A new approach is required to address
APT and new breed of cyber attacks
Malware is racing ahead and existing security tools can not keep up….
..Intelligent & automated threat detection and response is absolutely critical moving forward
Page 28
Copyright © 2017 CyberSecurity Malaysia
A Time of Great Risk: The Time Between Compromise and Mitigation
28 Source: ciosummits.com
Page 29
Copyright © 2017 CyberSecurity Malaysia 29
SECURITY INNOVATION NEED TO EVOLVE WITH TECHNOLOGY ADVANCEMENT
Page 30
Copyright © 2017 CyberSecurity Malaysia 30
ENSURING CONTINUITY OF BUSINESS OPERATION via ADAPTIVE SECURITY
• To be more proactive, dynamic and integrated in cyber security approach
Page 31
Copyright © 2017 CyberSecurity Malaysia
User and Entity Behaviour Analytics (UEBA)
31 Source:sqrrl.com
Page 32
Copyright © 2017 CyberSecurity Malaysia 32
NEW TECHNOLOGIES AS NEW CYBER TOOLS – SECURITY INTELLIGENT
Adaptive Learning Algorithms can detect the
step-by-step penetration of APT malware (Phishing,
Trojans, Adware, Botnets...)
innovative data scientists and architects already realize that semantics is the key to
delivering meaning and context to information.
• Building Security Descriptive, Predictive and Prescriptive Analytics Capabilities
Page 33
Copyright © 2017 CyberSecurity Malaysia
Way Forward - Key Questions to CISO
33 Source:ibm.com
Page 34
Copyright © 2017 CyberSecurity Malaysia 34
RISK MANAGEMENT THROUGH
PROCESS (POLICY FRAMEWORK, LEGAL & GOVERNANCE, QUALITY
MANAGEMENT & BEST PRACTICES AND DOMESTIC & INTERNATIONAL
COOPERATION)
Page 35
Copyright © 2017 CyberSecurity Malaysia
NATIONAL CYBER SECURITY
POLICY
POLICY Formulating & Coordinating Policy
NATIONAL SECURITY COUNCIL
NATIONAL CYBER SECURITY AGENCY (NACSA)
LAW ENFORCEMENT AGENCIES & REGULATORS
Preventing & Combating Terrorism through Law Enforcement
ROYAL MALAYSIAN POLICE BANK NEGARA MALAYSIA
MALAYSIAN COMMUNICATION & MULTIMEDIA COMMISSION
TECHNICAL SUPPORT Providing Technical Supports &
Services CYBERSECURITY MALAYSIA
Cyber Security Eco System in Malaysia
Government Agencies
Critical Information Infrastructure
Internet Service Providers
Industry
Academia
Cyber Security Professionals
Public
Page 36
Copyright © 2017 CyberSecurity Malaysia
NATIONAL CYBER SECURITY POLICY
Banking &
Finance
Energy
Government
Service
Transportation
Health
Service
s
Food &
Agriculture
Information &
Communication
Defense &
Security
Water
Emergency
Services
Critical National Information Infrastructure (CNII)
Thrust 1: Effective
Governance
Thrust 2: Legislative & Regulatory Framework
Thrust 4: Culture of Security & Capacity Building
Thrust 3: Cyber Security
Technology Framework
Thrust 7: Cyber Security
Emergency Readiness
Thrust 8: International Cooperation
Thrust 6: Compliance & Enforcement
Thrust 5: R&D Towards Self Reliance
“Malaysia’s CNII shall be secure, resilient and self-reliant. Infused with a culture of security it will
promote stability, social well being and wealth creation”
VISION
Page 37
Copyright © 2017 CyberSecurity Malaysia 37
MALAYSIA’S CYBER SECURITY SERVICES - via Proactive and Responsive Services
37
Page 38
Copyright © 2017 CyberSecurity Malaysia
RESPONSIVE AND MITIGATIVE ACTIONS
- Minimize Impacts of Cyber Attacks via Cyber Crisis Management
X-MAYA - National Cyber Crisis Exercise (Cyber Drill) conducted by CyberSecurity Malaysia in collaboration with the National Security Council.
The X-MAYA - to assess and improve the National Cyber Crisis Management Plan together with CNII's readiness against the threat of cyber attacks.
Page 39
Copyright © 2017 CyberSecurity Malaysia
CYBER SECURITY EMERGENCY READINESS
Page 40
Copyright © 2017 CyberSecurity Malaysia
RESPONSIVE AND RECOVERY ACTIONS
- Minimizing and recovering from losses
40
CyberD.E.F • Detection • Eradication • Forensic
Page 41
Copyright © 2017 CyberSecurity Malaysia
HANDLING OF RANSOMWARE CASES
- Post-event Crisis Management
41
[TRANSLATION OF THE NEWS HEADLINES:
MYCERT DEFEATED RANSOMWARE]
Page 42
Copyright © 2017 CyberSecurity Malaysia
RISK-BASED CYBER SECURITY via DOMESTIC & INTERNATIONAL
COLLABORATION
-
INTERNATIONAL SECURITY Protecting Common Interests Confidence Building Measures Legal and
Policy Framework
Regional and Global Cyber Security Cooperation DOMESTIC SECURITY
Protecting National Security, Prosperity and Public Safety
Public‐Private Partnership
OIC CERT
FIRST
APCERT
ITU
CSCAP
ARF
SOVEREIGN STATES
VIA
BILATERAL/MULTIL
ATERAL
ENGAGEMENT
ASEAN CERT
Page 43
Copyright © 2017 CyberSecurity Malaysia
INFORMATION SHARING IN COMBATING CYBER CRIME
- Minimizing Risks of Cyber Attacks
Page 44
Copyright © 2017 CyberSecurity Malaysia 44
RISK MANAMENT
THROUGH PEOPLE (THE WEAKEST LINK – HUMAN)
Page 45
Copyright © 2017 CyberSecurity Malaysia 45
The study was completed in November 2010 • The capacity building programs are targeted
towards Critical National Information Infrastructure (CNII)
• Focusing on efforts to increase the knowledge
and skill sets on the information security workforce
• Aimed at creating a quality and well-equipped
information security workforce and promoting recognition of the Information Security profession.
NATIONAL STRATEGY FOR CYBER SECURITY
ACCULTURATION & CAPACITY BUILDING PROGRAM
Page 46
Copyright © 2017 CyberSecurity Malaysia
• As cyber threats become more diverse, persistent and
sophisticated; there is a need for bi-lateral & multi-
stakeholders partnership in cyber security
capacity building to formulate a framework for the
creation of a competent cybersecurity workforce both at
national and regional levels
4
6
MALAYSIA’S APPROACH IN CAPACITY BUILDING
THROUGH BILATERAL & MULTI LATERAL PARTNERSHIP
Page 47
Copyright © 2017 CyberSecurity Malaysia 47
PARTNERSHIP TO
DEVELOP MORE
CYBER SECURITY
PROFESSIONALS
47
Page 48
Copyright © 2017 CyberSecurity Malaysia
PARTNERSHIP IN PRODUCING MORE CYBER SECURITY
TALENTS WITH THE LOCAL UNIVERSITIES
• Universities & Higher Learning Institutions
The National University of Malaysia
Ministry of Education
Department of Polytechnic Education
Department Of Community College Education
International Islamic University Malaysia (IIUM)
Universiti Tunku Abdul Rahman (UTAR)
University of Kuala Lumpur (UniKL)
University Putra Malaysia (UPM)
Multimedia University (MMU)
University Teknikal Malaysia Melaka (UTeM) etc
48
Page 49
Copyright © 2017 CyberSecurity Malaysia
• Staying Ahead Through Innovative & Effective R&D Capacity
Building Programs
To Identify Technologies That Are Relevant and Desirable by the CNII
To Promote Collaboration with International Centres
of Excellence
To Provide Domain Competency Development
49
PARTNERSHIP IN CYBERSECURITY R&D ACTIVITIES
Page 50
Copyright © 2017 CyberSecurity Malaysia
OUR ACHIEVEMENTS SO FAR …
50
The assessment were weighted based on the five pillars of the GCI below:
1. Legal: Measured based on the existence of legal institutions and frameworks
dealing with cybersecurity and cybercrime.
2. Technical: Measured based on the existence of technical institutions and
frameworks dealing with cybersecurity.
3. Organizational: Measured based on the existence of policy coordination institutions
and strategies for cybersecurity development at the national level.
4. Capacity Building: Measured based on the existence of research and
development, education and training programmes; certified professionals and public
sector agencies fostering capacity building.
5. Cooperation: Measured based on the existence of partnerships, cooperative
frameworks and information sharing networks.
The Global Cybersecurity Index (GCI) is a survey that
measure the commitment of Member States to cyber
security
Page 51
Copyright © 2017 CyberSecurity Malaysia 51
COUNTRY GCI SCORE LEGAL TECHNICAL ORGANIZATIONAL CAPACITY BUILDING
COOPERATION
ITU GLOBAL CYBER SECURITY INDEX 2017 - Malaysia is 3rd in Global Ranking
Page 52
Copyright © 2017 CyberSecurity Malaysia
The Global Cybersecurity Index (GCI)
Top three countries in Asia and the Pacific region
52
Page 53
Copyright © 2017 CyberSecurity Malaysia
CONCLUSION AND WAY FORWARD
53
Our approach to cope with emerging new technologies should be
equally intelligent by adopting holistic strategy and through the
use of new cyber tools
To effectively apply cyber security fundamentals with innovative
features and techniques
Strengthening Public-Private-Partnership and International
Collaboration
To evolve in parallel with technology by enhancing:
Sharing of Information amongst relevant parties
Cyber Incidents Response and Coordination
Innovative & Collaborative Research
Capacity Building
Cyber Security Awareness and Education
Page 54
Copyright © 2017 CyberSecurity Malaysia Copyright © 2017 CyberSecurity Malaysia