CYBER attacks are nothing new, with companies worldwide vulnerable to such threats. This occurs when an unauthorised action or an intentional effort to compromise the confidentiality, integrity, or availability of a computer infrastructure, including its network, system or digital devices happens.
Most recently, Swinburne University of Technology Sarawak Campus (Swinburne Sarawak) has its cybersecurity
compromised as it was attacked by ransomware. The university has promptly taken immediate action, including reporting the attack to local authorities and working with specialists to assist in investigations and mitigations.
The case with the university highlights that there is a vulnerability gap that can occur unexpectedly and affect organisations today. The rising threats have also propelled the Malaysian government to introduce the Cyber Security Bill 2024 and gazette the Cyber Security Act 2024. On the state level, initiatives are underway to address cybersecurity concerns, such as the Sarawak government’s plans to establish a Cyber Security Unit.
With cyberthreat incidents a growing occurence this year, organisations looking to bolster their security frameworks will have to look at approaching cybersecurity differently. Cybercriminals are constantly finding new ways to exploit weaknesses in cybersecurity; therefore, implementing comprehensive defences and a strategic approach is key.
Sharing on helping Malaysian organisations to become cyber security-ready and build cyber resilience is digital service provider company Accenture ASEAN’s managing director and cyber security leader, Vinod Shankar whose role in the company is to enhance clients’ security, introduce innovative solutions, and raise awareness about new and emerging threats.
Evolution of cyberthreats in Malaysia
Ransomware attacks, among the frequently occurring and reported incidents among business organisations, are expected to continue growing in Malaysia this year. According to Vinod, attacks have surged by 40 per cent since 2020, driven by the rise of Ransomware-as-a-Service (RaaS).
Meanwhile, cryptojacking incidents have increased by 20 per cent in 2023, and supply chain attacks have become a significant concern, contributing to 15 per cent of major incidents. “These trends highlight the growing sophistication and frequency of cyber threats in Malaysia.”
“The main tactics adopted by the cybercriminals are still social engineering tactics such as phishing and spearphishing, which are becoming more prevalent,” added Vinod.
Sharing a report by Accenture — ‘The Cyber-Resilient CEO’ — data showed that 64 per cent of CEOs around the world believed that cybercriminals could use generative AI to create more sophisticated attacks such as phishing scams, social engineering attacks, and automated hacks. The report also said that the acceleration of generative AI was setting the stage for organisations to realise the importance of ramping up cybersecurity measures.
Building cyber resilience in Malaysia
In Malaysia, its cybersecurity landscape has seen significant advancements over the past few years, marked by increased awareness, robust government initiatives and enhanced technological adoption. According to the International Telecommunication Union’s Global Cybersecurity Index 2020, Malaysia ranked eighth globally and fourth in the Asia-Pacific region, reflecting its commitment to strengthening cyber defences.
Meanwhile, the introduction of the Malaysia Cyber Security Strategy (MCSS) 2020–2024, backed by an allocation of RM 1.8 billion, underscores the government’s dedication to protecting national cyberspace through comprehensive policies and infrastructure development.
The country has also witnessed a 30 per cent increase in cybersecurity professionals since 2018, driven by expanded educational programmes and certifications offered through collaborations between institutions like Cybersecurity Malaysia and local universities.
Furthermore, public-private partnerships have been bolstered, leading to the establishment of initiatives such as the National Cyber Coordination and Command Centre (NC4), which facilitates real-time threat intelligence sharing and coordinated response efforts.
In terms of technological adoption, Malaysian organisations have increasingly integrated advanced solutions like artificial intelligence and machine learning for proactive threat detection and mitigation. Reports indicate that investments in cybersecurity technologies have grown by 25 per cent over the last three years, enabling better preparedness against sophisticated cyber threats, including ransomware and phishing attacks.
In sharing the above, Vinod added that the recent passing of the Cyber Security Bill 2024 in April also reflected a national commitment to strengthening cybersecurity.
“This legislation is a positive step towards addressing the growing cyber threats and enhancing overall resilience. However, the bill also highlights the gap between awareness and actual preparedness. While Malaysia is increasingly cognisant of the cyber risks it faces, many organisations still struggle with effective implementation and readiness.”
Sarawak’s cybersecurity paramount in its road to digitalisation
As Sarawak embraces digitalisation through its Sarawak Digital Economy Blueprint 2030, cybersecurity is pivotal. With the state’s aim to transform into a technology-driven economy, ensuring the security of digital assets and infrastructure becomes paramount. Therefore, cybersecurity plays a crucial role in uplifting the private and public sector, contributing to the growth of the state and country through:
Securing the Digital Core and Transforming Businesses: The blueprint encourages local businesses to innovate and adapt new digital business models. To thrive amidst change and capture the value of disruptive technologies like generative AI, companies need a digital core that is reinvention-ready. The digital core is a critical technological capability that can create and empower an organisation’s unique reinvention ambitions. Having a digital core also means embedding cybersecurity by design to help modernise and function at speed and scale. Having a robust cybersecurity measure is necessary to create a secure environment for new innovations to flourish.
Safeguarding Data for Organisations: With the increasing amount of data being generated and utilised, cybersecurity becomes crucial for data protection. This is especially relevant at a time when data breaches are rampant in Malaysia, with a total of 142 data breaches reported to CSM in the first three months of 2024. Effective cybersecurity practices ensure that sensitive data—whether it’s customer information, financial records, or proprietary business data—is protected from breaches and cyber threats, aligning with the blueprint’s goal of a secure digital economy.
Building Confidence for Public and Private Sectors: The blueprint’s success relies on collaboration between the public and private sectors. For organisations, strong cybersecurity helps build trust among customers, partners, and stakeholders.
Meanwhile, public sector organisations can better de-risk and safeguard themselves by increasing resiliency to protect sensitive data and better manage regulatory compliance. When organisations can assure their clients that their digital interactions are secure, it fosters confidence and encourages more robust participation in the digital economy.
With the establishment of Sarawak Cyber Security Unit at the end of 2023, the services aim to guide the public and private sectors during times of cyber crisis. In commenting further on this, Vinod applauded the advancement as it is crucial in enhancing the overall security posture of Sarawak.
“The unit’s focus on protecting critical infrastructure helps address key vulnerabilities that are vital for daily life and economic stability. This proactive approach not only helps safeguard essential services but also reduces the risk of severe disruptions from cyber threats.”
As the Sarawak region invests in new technologies and start-ups, a dedicated cybersecurity team can ensure emerging businesses and innovations are built on a secure foundation, enhancing their chances for success and resilience.
“Ultimately, this will also improve Sarawak’s global competitiveness and digital growth, all of which are essential for building a thriving digital economy and attracting foreign investments,” he added.
As the country and the Sarawak region adopt and transition into digitalisation, ultimately cybersecurity measures are of the utmost important.
