Know yourself, know your enemy. That, according to Dr. Aswami Ariffin, Senior Vice President of CyberSecurity Malaysia’s Cyber Security Responsive Services, is the fundamental approach to cyber security that organisations should take in today’s cyber threat environment. He went on to say that organisations must always be vigilant, perform thorough risk analysis and assessment, have a proper information security management system (ISMS) in place and ensure that they’re well equipped in terms of people, process and technology to stay ahead of cyber threats.
“As we are moving towards Industry 4.0, it is very important for the top-level management of a company to make cyber security as part of the business instead of viewing it as a top up or an add-on,” he said. Dr. Asmawi spoke at a media briefing in conjunction with Trend Micro’s technical full-day conference, Trend Micro RED CODE 2017 held in KL.
Dr. Asmawi said that it’s imperative for system administrators of any enterprise to subscribe to threat intelligence reports so that they can take precautionary security measures before a major outbreak. As an example, Microsoft released an alert on the WannaCry ransomware as early as in March, giving system administrators ample time to review their systems and patch vulnerabilities to avoid infection.
According to Goh Chee Hoh, Managing Director of Trend Micro Malaysia, there has been significant transformation in three key areas that have changed the face of cyber security over the years:
Among the top challenges faced by Malaysian organisations today are the abundance of solutions available in the market as well as the lack of resources, security professionals with specialised knowledge that can help the organisation evade emerging vulnerabilities and attack strategies. For the latter case, automation and machine learning may just be the answer. Goh said, “There is an abundance of security solutions available for companies, it is important to choose the right solutions that best suit the company’s needs. The industry is continuously evolving with the inﬂux of new threats. If you lack the in-house personnel to implement your own full-fledged security program, a security partner such as Trend Micro, with its automated security systems, may be the right choice.”
Goh also mentioned that the solutions employed by businesses today have to be “cross-generational” – able to secure their legacy systems, tasks and applications while dealing with today’s challenges and prepare them for the future. He highlighted the urgent need for a multi-layered, connected threat defence that provides centralised visibility and control across the gateway to the network, server and endpoint.
On a positive note, the recent high profile cyber breaches and the heightened attention on cyber security has meant that more and more Malaysian organizations are starting to have better awareness and are putting more emphasis on security. Threat alerts such as from Trend Micro or from bodies such as Cybersecurity Malaysia, meanwhile, can keep internal security teams informed and updated on vulnerabilities.