NEW TECHNOLOGIES IN CYBER SECURITY COMPETITIVE …Energy Government Service Transportation Health Service s Framework Food & Agriculture Information & Communication Defense & Security

Copyright © 2017 CyberSecurity Malaysia Copyright © 2015 CyberSecurity Malaysia

NEW TECHNOLOGIES IN CYBER SECURITY

- COMPETITIVE ADVANTAGE OR HIDDEN THREAT: MALAYSIA’S EXPERIENCE

by

DATO’ DR. HAJI AMIRUDIN ABDUL WAHAB

Chief Executive Officer

22 Sep 2017

Copyright © 2017 CyberSecurity Malaysia

DIGITAL ENVIRONMENT - Emerging Technologies

Copyright © 2017 CyberSecurity Malaysia 3

It's great to be part of the disruptors, but scary when we are the one being disrupted

DIGITAL DISRUPTION — Threat or Opportunity?


Source: Dimensional Research for Tripwire (March 2017) (https://www.i-scoop.eu/internet-of-things-guide/industrial-internet-things-iiot-saving-costs-innovation/cybersecurity-industrial-

internet-things/)

CURRENT DIGITAL LANDSCAPE

While IIoT may bring new challenges and risks, the fundamentals of security still apply. Organizations don’t need to find new security controls, rather they need to figure out how to apply best practices in new environments - Tim Erlins, Director, Security & IT Risk Strategist, Tripwire

DON’T FEEL PREPARED

NEED PROTECTION AGAINTS ATTACKS

EXPECT RISKS & VULNERABILITIES TO INCREASE

EXPECT SECURITY ATTACKS TO INCREASE

EXPECT IIOT DEPLOYMENT TO RISE


5

IoT - CAN TURN INTO INTERNET OF THREATS

- James Bone, “Cognitive Hack”

- More Devices With More Vulnerabilities,


1. Cyber crime damage costs to hit $6 trillion annually by 2021. 2. Cybersecurity spending to exceed $1 trillion

from 2017 to 2021.

3. Cyber crime will more than triple the number of unfilled cyber security jobs, which is predicted to reach 3.5 million by 2021.

4. Human attack surface to reach 4 billion people by 2020.

5. Global ransomware damage costs are predicted to exceed $5 billion in 2017.

http://www.csoonline.com/article/3153707/security/top-5-cybersecurity-facts-figures-and-statistics-for-2017.html

CYBER SECURITY HAS BECOME A MAJOR SECURITY CONCERN & FACTS ABOUT THE FINANCIAL IMPACTS OF CYBER ATTACKS


Evolution of Cyber Attacks


UNDERSTANDING CYBER THREAT

& POTENTIAL RISKS



Brand impact

• Sensitive media scrutiny

• Customer churn

• Loss of business due to critical intellectual asset loss

Regulatory impact

• Independent audits

• Regulatory fines

• Restriction on information sharing

• Implementation of comprehensive security solutions

Financial impact

• Detection and escalation

• Notification

• Lost business

• Response costs

• Competitive disadvantage

Operational impact

• Diversion of employees from strategic initiatives to work on damage control

CYBER SECURITY IS TOP MANAGEMENT ISSUE

-Cyber Risks and Impacts of Cyber Attacks


RISKS OF CYBER ATTACKS

- Financial Impacts


“This growth in DDoS was bad news for UK businesses, which were the second most targeted during Q2 2017, suffering over 32.5 million attacks. The US took the unfortunate top spot, being subjected to over 122.4 million attacks in just three months.”

“A major ransomware attack has brought businesses to a close throughout Europe, in an infection reminiscent of last month’s WannaCry attack. The most severe damage is being reported by Ukrainian businesses, with systems compromised at Ukraine’s central bank, state telecom, municipal metro, and Kiev’s Boryspil Airport.”

GLOBAL NEWS IN 2017 - Operational Impacts


Source : Cyber_Risk_In_Asia-Pacific_The_Case_For_Greater_Transparency by Oliver Wyman

CYBER ATTACKS IN ASIA PACIFIC - Operational Impacts



- Impacts on Image and Branding



- Impacts on Image



- Regulatory and Legal Impacts

The cord-blood bank agreed to settle Federal Trade Commission

charges it failed to protect customer data due to inadequate

security that exposed Social Security and credit-card

information on 300,000 people.

Source: https://www.google.com/#q=The+cord-blood+bank+agreed+to+settle+Federal+Trade+Commission

Copyright © 2017 CyberSecurity Malaysia 17 17

THE IMPACTS OF EMERGING CYBER ATTACKS CAN BE MORE DAMAGING


MALAYSIA’S DIGITAL LANDSCAPE

18


MALAYSIA IS TRANSFORMING ITSELF TO BECOME A DIGITAL NATION

FinTech - technologies that are disrupting traditional financial services i.e. mobile payments, money transfers, loans “….investment in Fintech around the world has increased dramatically from $930 million in 2008 to more than $12 billion by early 2015” - Accenture

Source: https://www.forbes.com/sites/bernardmarr/2017/02/10/a-complete-beginners-guide-to-fintech-in-2017/#2f6414393340

.


CYBER ATTACKS - RISK OF HIGHEST CONCERN IN MALAYSIA


88

87

77

73

73

69

68

65

0 20 40 60 80 100

Bankcard Fraud

ID theft

Virus/hacking

War/terrorism

Online shopping

Natural disasters

Financial obligations

Personal safety

Malaysia’s Top Security Concerns 2017

Source: 2017 UniSys Security Index


196 527 347

860 625

912 915 754

1372 1038

2123

3566

8090

15218

9986

10636

11918

8334

5484

0

2000

4000

6000

8000

10000

12000

14000

16000

1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017

Type of incidents: 1. Intrusion 2. Intrusion Attempt 3. Denial of Service Attack (DOS) 4. Fraud 5. Cyber Harassment 6. Spam 7. Content Related 8. Vulnerabilities Report 9. Malicious Codes

Type of incidents (Excluding Spam)

1. Intrusion 2. Intrusion Attempt 3. Denial of Service Attack (DOS) 4. Fraud 5. Cyber Harassment 6. Spam 7. Content Related 8. Vulnerabilities Report 9. Malicious Codes

10636

CYBER INCIDENTS REFERRED TO CYBERSECURITY MALAYSIA

(1998 – 31 AUGUST 2017)

As of 31 Aug 2017


Cyber Security Incident (1 Jan -31 Aug 2017)

Cyber Security Incident Jan Feb Mar Apr May June Jul Aug Total

Fraud 296 233 274 265 346 298 329 382 2423

Intrusion 98 201 148 101 138 284 146 363 1479

Malicious Code 94 68 65 62 92 71 62 56 570

Cyber Harassment 41 45 64 71 119 39 27 25 431

Content Related 2 5 9 2 9 2 1 4 34

Intrusion Attempt 39 19 32 41 22 8 37 31 229

Spam 26 38 24 30 31 32 36 30 247

DDoS 11 0 3 3 1 3 8 6 35

Vulberabilities 5 2 8 3 1 4 2 11 36

Total 612 611 627 578 759 741 648 908 5484


MALAYSIA’S REGIONAL APPROACH &

ENGAGEMENT WITH PROFESSIONAL COMMUNITY

- Turning the risks into opportunities

24


Adoption of HOLISTIC APPROACH that identifies potential threats to CNII organization and impacts to the national security & public well-being AND; to develop the nation to become cyber resilience having the capability to safeguard the interests of its stakeholders, reputation, brand and value creating activities


RISK MANAGEMENT THROUGH

TECHNOLOGY (LEVERAGING NEW TECHNOLOGIES TO STAY AHEAD OF EMERGING THREATS)


TRADITIONAL CYBER SECURITY APPROACH

- Important but not sufficient

27

• Leaves significant gaps in cyber defence • Most APT malware lies dormant and

remains undetected • A new approach is required to address

APT and new breed of cyber attacks

Malware is racing ahead and existing security tools can not keep up….

..Intelligent & automated threat detection and response is absolutely critical moving forward


A Time of Great Risk: The Time Between Compromise and Mitigation

28 Source: ciosummits.com


SECURITY INNOVATION NEED TO EVOLVE WITH TECHNOLOGY ADVANCEMENT


ENSURING CONTINUITY OF BUSINESS OPERATION via ADAPTIVE SECURITY

• To be more proactive, dynamic and integrated in cyber security approach


User and Entity Behaviour Analytics (UEBA)

31 Source:sqrrl.com


NEW TECHNOLOGIES AS NEW CYBER TOOLS – SECURITY INTELLIGENT

Adaptive Learning Algorithms can detect the

step-by-step penetration of APT malware (Phishing,

Trojans, Adware, Botnets...)

innovative data scientists and architects already realize that semantics is the key to

delivering meaning and context to information.

• Building Security Descriptive, Predictive and Prescriptive Analytics Capabilities


Way Forward - Key Questions to CISO

33 Source:ibm.com


RISK MANAGEMENT THROUGH

PROCESS (POLICY FRAMEWORK, LEGAL & GOVERNANCE, QUALITY

MANAGEMENT & BEST PRACTICES AND DOMESTIC & INTERNATIONAL

COOPERATION)


NATIONAL CYBER SECURITY

POLICY

POLICY Formulating & Coordinating Policy

NATIONAL SECURITY COUNCIL

NATIONAL CYBER SECURITY AGENCY (NACSA)

LAW ENFORCEMENT AGENCIES & REGULATORS

Preventing & Combating Terrorism through Law Enforcement

ROYAL MALAYSIAN POLICE BANK NEGARA MALAYSIA

MALAYSIAN COMMUNICATION & MULTIMEDIA COMMISSION

TECHNICAL SUPPORT Providing Technical Supports &

Services CYBERSECURITY MALAYSIA

Cyber Security Eco System in Malaysia

Government Agencies

Critical Information Infrastructure

Internet Service Providers

Industry

Academia

Cyber Security Professionals

Public


NATIONAL CYBER SECURITY POLICY

Banking &

Finance

Energy

Government

Service

Transportation

Health

Service

s

Food &

Agriculture

Information &

Communication

Defense &

Security

Water

Emergency

Services

Critical National Information Infrastructure (CNII)

Thrust 1: Effective

Governance

Thrust 2: Legislative & Regulatory Framework

Thrust 4: Culture of Security & Capacity Building

Thrust 3: Cyber Security

Technology Framework

Thrust 7: Cyber Security

Emergency Readiness

Thrust 8: International Cooperation

Thrust 6: Compliance & Enforcement

Thrust 5: R&D Towards Self Reliance

“Malaysia’s CNII shall be secure, resilient and self-reliant. Infused with a culture of security it will

promote stability, social well being and wealth creation”

VISION

http://www.inmagine.com/view_image.php?filename=pdre052574&sid=

http://www.inmagine.com/view_image.php?filename=rbv0030519&sid=

http://www.inmagine.com/view_image.php?filename=pdre052935&sid=2373185

http://www.inmagine.com/view_image.php?filename=is868087&sid=2373225

http://www.inmagine.com/view_image.php?filename=paa154000063&sid=

http://bahasajepun.com/flash/images/keretabomba.jpg


MALAYSIA’S CYBER SECURITY SERVICES - via Proactive and Responsive Services

37


RESPONSIVE AND MITIGATIVE ACTIONS

- Minimize Impacts of Cyber Attacks via Cyber Crisis Management

X-MAYA - National Cyber Crisis Exercise (Cyber Drill) conducted by CyberSecurity Malaysia in collaboration with the National Security Council.

The X-MAYA - to assess and improve the National Cyber Crisis Management Plan together with CNII's readiness against the threat of cyber attacks.


CYBER SECURITY EMERGENCY READINESS


RESPONSIVE AND RECOVERY ACTIONS

- Minimizing and recovering from losses

40

CyberD.E.F • Detection • Eradication • Forensic


HANDLING OF RANSOMWARE CASES

- Post-event Crisis Management

41

[TRANSLATION OF THE NEWS HEADLINES:

MYCERT DEFEATED RANSOMWARE]


RISK-BASED CYBER SECURITY via DOMESTIC & INTERNATIONAL

COLLABORATION

-

INTERNATIONAL SECURITY Protecting Common Interests Confidence Building Measures Legal and

Policy Framework

Regional and Global Cyber Security Cooperation DOMESTIC SECURITY

Protecting National Security, Prosperity and Public Safety

Public‐Private Partnership

OIC CERT

FIRST

APCERT

ITU

CSCAP

ARF

SOVEREIGN STATES

VIA

BILATERAL/MULTIL

ATERAL

ENGAGEMENT

ASEAN CERT


INFORMATION SHARING IN COMBATING CYBER CRIME

- Minimizing Risks of Cyber Attacks


RISK MANAMENT

THROUGH PEOPLE (THE WEAKEST LINK – HUMAN)


The study was completed in November 2010 • The capacity building programs are targeted

towards Critical National Information Infrastructure (CNII)

• Focusing on efforts to increase the knowledge

and skill sets on the information security workforce

• Aimed at creating a quality and well-equipped

information security workforce and promoting recognition of the Information Security profession.

NATIONAL STRATEGY FOR CYBER SECURITY

ACCULTURATION & CAPACITY BUILDING PROGRAM


• As cyber threats become more diverse, persistent and

sophisticated; there is a need for bi-lateral & multi-

stakeholders partnership in cyber security

capacity building to formulate a framework for the

creation of a competent cybersecurity workforce both at

national and regional levels

4

6

MALAYSIA’S APPROACH IN CAPACITY BUILDING

THROUGH BILATERAL & MULTI LATERAL PARTNERSHIP


PARTNERSHIP TO

DEVELOP MORE

CYBER SECURITY

PROFESSIONALS

47


PARTNERSHIP IN PRODUCING MORE CYBER SECURITY

TALENTS WITH THE LOCAL UNIVERSITIES

• Universities & Higher Learning Institutions

The National University of Malaysia

Ministry of Education

Department of Polytechnic Education

Department Of Community College Education

International Islamic University Malaysia (IIUM)

Universiti Tunku Abdul Rahman (UTAR)

University of Kuala Lumpur (UniKL)

University Putra Malaysia (UPM)

Multimedia University (MMU)

University Teknikal Malaysia Melaka (UTeM) etc

48


• Staying Ahead Through Innovative & Effective R&D Capacity

Building Programs

To Identify Technologies That Are Relevant and Desirable by the CNII

To Promote Collaboration with International Centres

of Excellence

To Provide Domain Competency Development

49

PARTNERSHIP IN CYBERSECURITY R&D ACTIVITIES


OUR ACHIEVEMENTS SO FAR …

50

The assessment were weighted based on the five pillars of the GCI below:

1. Legal: Measured based on the existence of legal institutions and frameworks

dealing with cybersecurity and cybercrime.

2. Technical: Measured based on the existence of technical institutions and

frameworks dealing with cybersecurity.

3. Organizational: Measured based on the existence of policy coordination institutions

and strategies for cybersecurity development at the national level.

4. Capacity Building: Measured based on the existence of research and

development, education and training programmes; certified professionals and public

sector agencies fostering capacity building.

5. Cooperation: Measured based on the existence of partnerships, cooperative

frameworks and information sharing networks.

The Global Cybersecurity Index (GCI) is a survey that

measure the commitment of Member States to cyber

security


COUNTRY GCI SCORE LEGAL TECHNICAL ORGANIZATIONAL CAPACITY BUILDING

COOPERATION

ITU GLOBAL CYBER SECURITY INDEX 2017 - Malaysia is 3rd in Global Ranking


The Global Cybersecurity Index (GCI)

Top three countries in Asia and the Pacific region

52


CONCLUSION AND WAY FORWARD

53

Our approach to cope with emerging new technologies should be

equally intelligent by adopting holistic strategy and through the

use of new cyber tools

To effectively apply cyber security fundamentals with innovative

features and techniques

Strengthening Public-Private-Partnership and International

Collaboration

To evolve in parallel with technology by enhancing:

Sharing of Information amongst relevant parties

Cyber Incidents Response and Coordination

Innovative & Collaborative Research

Capacity Building

Cyber Security Awareness and Education

Copyright © 2017 CyberSecurity Malaysia Copyright © 2017 CyberSecurity Malaysia

NEW TECHNOLOGIES IN CYBER SECURITY COMPETITIVE …Energy Government Service Transportation Health Service s Framework Food & Agriculture Information & Communication Defense & Security

Documents