Malaysia keen to be security focal point
The central theme of ISWec 2011 or the InfoSeeurity World
Exhibition and Congress was the enhancement of information security against the
rapid rise of cyber threats. With more than 200 booths exhibiting at the event,
Malaysia has signalled its keen intent to place itself as the focal point in
the region for experts and key players from the local and international
industry to exchange views and ideas.
Iswec 2012
At the launch, YABhg. Datin Paduka Seri Rosmah Mansor notes
that Malaysia was becoming a regional hub of choice for information technology
in Asia due to its strategic location, excellent infrastructure,
skilled and dynamic workforce and supportive government.
"Information assets are critical to every organisation.
The security and safeguarding of these assets are paramount to survive and
thrive in this highly digital global economy.
The congregation of key industry players in Malaysia at the
ISWec 2012 is a reflection of Malaysia's growing role as an information
security hub in the Asian region," YABhg. Datin
Paduka Seri Rosmah Mansor says.
YABhg Datin Paduka
Seri Rosmah Mansor, wife of the Prime Minister of Malaysia
With a reported attendance of over 5,000 local and international Channel players, buyers and trade
visitors, this was a good start for a key industry event looking to be a major
player in the region. The two-day tradeshow featured 160 leading brands from
global industry players. Themed 'Forging New Businesses and Strategic
Alliances’, ISWec 2012 serves as a platform to showcase the latest products and
technologies in information security while providing delegates with updates on
the latest trends and solutions to internal and external information security
threats with the focus on effective management of people, processes and
technologies.
She says that our
younger generation need to be educated about securing their personal
information.
There were also conference sessions featuring keynote
speakers allowing a platform to exchange ideas and interact with leading
players in the infosecurity arena while having panel-discussions and exciting
networking sessions.
Dr. Amirudin Abdul Wahab, Ministry of Science, Technology
and Innovation presented the keynote address of ISWec 2012. In his keynote
speech, he mentioned that the ICT industry has been entrusted with three
objectives. The first objective is to spearhead the development of the ICT
industry and indigenous technologies. The second objective is to strengthen the
national IT ecosystem through the formulation of policies and effective time
management. Lastly, is to support efforts towards making Malaysia a global ICT
hub.
He stated that Cyber Security Malaysia has developed the
National Cyber Security Policy with the purpose of ensuring that the nation
critical national infrastructure is resilient. The Internet has altered the way
business is done and we are being exposed of external threats like hacking,
identity theft, fraud and spamming. This calls for effective measurement and
protection to ensure business stability and it is more important now to detect
threats and prevent them in order to protect personal and business information.
Phillip Victor, Director of the Centre for Policy and
International Cooperation was next and he talked about ITU-IMPACT's role in
bringing together all stakeholders in the fight against cyber threats. ITU is the
International Telecommunication Union, whereas IMPACT is a cybersecurity
organisation called International Multilateral Partnership Against Cyber
Threats.
Phillip Victor,
Director of the Centre for Policy and International Cooperation
Victor started off by showing that huge organisations and
developed countries are also being hit by cybercrime. No one is being spared
from this wave of cyberthreats and it is an ongoing effort to ensure that
organisations are continuously updated and people are informed of the kind of
threats that are being faced daily. One of the reasons why this is happening
was pointed out by IMPACT: many countries do not have national CERTs or
computer emergency response teams. That translates to these countries not having
even a first line of defence.
Victor says that IMPACT has been
helping these countries by introducing legal framework in place. But, cyber
attacks are borderless and it is difficult for the laws of one government to
prosecute these criminals when they are across borders. He says, “The main
problem in this area is that laws are not harmonised; the cyber laws in one
country may not be applied in another. There needs to be a very strong
coordination among these countries and cvcr/one needs to understand that
everybody plays an important role in this entire ecosystem."
He cited the Estonia DDoS (distributed denial of service)
attack in 2007 as an example as it took the country two to three weeks to
restore communications with the rest of the world. When Estonia detected the
attacks, it was from countries which Estonia did not have any political ties
with them. This is where, on a global level, cybersecurity needs platforms that
can help them resolve these kinds of issue. Victor concludes that people need to
look at security as a whole and it doesn't involve only one level but many
levels.
Next, David Sykes, Director of Crossbeam Systems South East
Asia and Pacific stepped up to discuss about security in cloud computing. He
separated the cloud computing into three categories, namely public, private and
hybrid.
According to Sykes, cloud computing is having your
applications being installed in some place by someone so that it can be
accessed from almost anywhere and at any time. Sykes says, from a security
point of view, the problem with this is almost everything; when people start to
move ahead with these things, overtime, history repeats itself. Security is
always second in place.
Security has
always been in second place and the conference sessions aim to highlight the
importance of it
He explains, “What tends to happen is that people tend to
get carried away with an opportunity and go ahead to implement it Then
businesses will realise that they are dependent on this stuff and wonder if
there is enough security for this? Then they need to spend more money on it and
the people who develop these applications will say it's not their problem. In
quick summary, people need to step back a little bit and start thinking about
putting security in right from the start"
