Malaysia’s digital transformation journey has made significant strides in the past decade with all sectors and enterprises everywhere trying to digitise their core processes to perform better in a dynamic business environment.
However, as we migrate to the digital space, cybersecurity is becoming a serious concern. Quoting Dato’ Ts. Dr. Amirudin Abdul Wahab, Chief Executive Officer for Cybersecurity Malaysia, “Cybercriminals are no longer tied to a single individual. They are tackling companies and giants, and challenging the nation's security as a whole. It is of utmost importance for us to fully understand these threats and risks while incorporating the appropriate defences and productive features.”
Dato’ Ts. Dr. Amirudin Abdul Wahab, Chief Executive Officer for Cybersecurity Malaysia
He, along with Palo Alto Networks, unveiled the 2023 State of Cybersecurity ASEAN report in a recent media briefing, shedding light on the evolving cybersecurity scenario in the ASEAN region with great emphasis being on the home of the Malayan Tigers. Among the revelations, perhaps the most striking finding was that Malaysia had the highest incidence of disruptive cyber attacks within ASEAN over the past year.
The 2023 State of Cybersecurity ASEAN report paints a sobering picture of Malaysia's cybersecurity challenges, highlighting a substantial surge in disruptive cyber attacks. A staggering one-third of Malaysian organisations reported a troubling 50% or more increase in cybersecurity incidents. Notably, the critical infrastructure sector appears to be the prime target, amplifying the urgency for robust cybersecurity measures to safeguard essential services.
An Uptick in Cybersecurity Investments
Malaysian organisations find themselves grappling with a trifecta of formidable cyber threats: Malware, ransomware attacks, and password breaches. These threats, identified by 64% of organisations, rank as the top concerns in the nation's cybersecurity landscape. The transition to cloud-based services and applications has introduced a new set of challenges, with digital transactions surging and exposing businesses to heightened cyber risks (55%). Additionally, the escalating reliance on cloud services and apps (53%) and the proliferation of insecure Internet of Things (IoT) devices (49%) add to the complexity, warranting careful consideration.
In a promising trend, 79% of Malaysian organisations are committed to increasing their cybersecurity budgets in 2023, surpassing the regional average. One-third of these organisations report budget increments exceeding 50% compared to the previous year. This financial commitment reflects an increased awareness and readiness among organisations to confront ever-evolving cyber threats. More importantly, 80% of Malaysian businesses are now engaging in regular discussions about cybersecurity, a significant jump from 2022 (46%). While Malaysia faces a heightened risk of cybersecurity threats, an impressive 89% of organisations express confidence in their existing security measures. However, this confidence is less pronounced among smaller businesses, primarily due to budget constraints and a shortage of in-house cybersecurity expertise. The report underscores the importance for SMEs to bolster their security capabilities and advocates for adopting an actionable incident response plan, alongside greater automation, to address the talent shortage effectively.
ASEAN State of Cybersecurity
Safeguarding Operations Technology (OT) and IoT
The report brings attention to a concerning discrepancy in the incident response time for OT security incidents. Although 60% of companies can identify OT security issues within 2-3 days, a substantial 57% take considerably longer, with some requiring 1-4 weeks for recovery. This disparity underscores the critical need for Malaysian organisations to expedite their incident response in the OT domain to minimise downtime. Steven Scheurmann, Regional Vice President for ASEAN at Palo Alto Networks, emphasises the rising vulnerabilities in the OT environment and underscores the importance of prioritising OT security. “It is great to see CxOs in Malaysia are putting OT security as their priority,” Scheurmann said.
Steven Scheurmann, Regional Vice President for ASEAN at Palo Alto Networks
On a regional scale, the report underscores the growing adoption of Artificial Intelligence (AI) integration, particularly within the telco/tech/communications industries across Southeast Asia. Interestingly, Malaysian organisations exhibit a stronger interest in deploying big data or data lake applications, aligning with the expectations of their customer base, which seeks cybersecurity firms that can harness AI to deliver enhanced services.
As the threat landscape continues to evolve, remaining vigilant and adaptable is never enough. Malaysian businesses must wake up and work hand in hand with experts in order to effectively combat cyber threats, especially on a wider scale.
“Cybersecurity is a collective effort,” said Dato’ Ts. Dr. Amirudin Abdul Wahab, Chief Executive Officer for Cybersecurity Malaysia, as he ended the media briefing by suggesting the need to have active collaborations between various stakeholders, including government bodies, private organisations, and the general public.