PHOTO - Alex Ong, senior country manager, Symantec Malaysia.
Security solutions provider Symantec Malaysia's annual study - 2011 State of Security Survey - shows that security concerns continue to top the list of business risks for Malaysian organisations. Computerworld Malaysia asked Alex Ong, Symantec Malaysia senior country manager to elaborate on some of the findings.
What are top points of interest from your study of the state of enterprise security in Malaysia?
Security continues to be a huge concern for organisations in Malaysia. For the second year in a row, security has been reported to be the leading business risk for organisations in Malaysia, ahead of other risks such as traditional crime and natural disasters.
Organisations in Malaysia consider safeguarding their networks and data to be critically important to their business. Many see a growing menace in cyber attacks, with substantial hard and soft costs resulting from them. As the IT landscape continues its migration from desktop to mobile computing, along with increasing numbers of mobile and remote employees, the industry drivers of cyber security are reflecting these changes.
Organisations in Malaysia are getting better at fighting the war against cyber security threats. As the majority of respondents of the survey suffered damages as a result of cyber attacks, there are respondents who reported an increase in the number and frequency of attacks.
However, the survey revealed that many companies-nearly half of the respondents-could still do more to secure their networks and information assets. In response, companies are increasing their cyber security staffing and budgets.
How many organisations in Malaysia experienced cyber attacks in the past 12 months?
Concerns about hackers are well-founded, given the number of businesses that are experiencing cyber attacks. Sixty-seven percent of organisations from Malaysia experienced cyber attacks in the past 12 months, compared to 50 percent in 2010.
In addition, 26 percent of respondents from Malaysia reported an increase in frequency of cyber attacks in the past 12 months.
What are the damages as a result of the cyber attacks in Malaysia? What are the emerging cyber security challenges?
It's no secret that businesses continue to experience cyber attacks. In Malaysia, 19 percent of companies experience attacks on a regular basis in the past 12 months. The top attack vectors are malicious code, social engineering and denial of service attacks. The top three fastest growing attack vectors were malicious code, external malicious attacks and internal unintentional actions.
Eighty-eight percent of companies in Malaysia saw losses from cyber attacks. The top three reported losses were downtime, theft of employee's identity information, and theft of intellectual property and other corporate data. These losses translated to monetary costs 82 percent of the time. The top costs were loss of productivity, loss of revenue and damaged brand reputation. The survey found that 20 percent of companies in Malaysia lost at least RM800,000 (US$270,500) last year due to cyber attacks.
Significant industry trends are driving security concerns facing businesses. As organisations deal with the proliferation of smartphones and tablets in the enterprise, as well as the immense popularity of social media, they are grappling with new security challenges.
With the market saturated by mobile devices, it's no surprise that 52 percent of survey respondents from Malaysia consider mobile computing to be one of the top challenges to providing cyber security. Mobile computing may be revolutionising the productivity landscape, but IT finds it a major difficulty in securing corporate networks and data.
In addition to mobile computing, 55 percent of respondents indicate that another pressing concern is the surge in social media. While these communication channels present unique marketing and collaborative opportunities, the potential for clicking on malicious links or posting sensitive information worries IT.
Organisations report that the threats they're facing are evolving as well. Hackers are still their top concern, cited by 59 percent, followed by malicious insiders (57 percent). New to the list this year are targeted attacks, such as Stuxnet, that zero in specifically on a single organisation for political or economic reasons.
What role can Malaysia (government as well as industry) play on the global stage of cyber security initiatives?
Today's cyber criminals are thriving off of information they are gathering without permission from consumers and businesses. As these individuals and groups continue to devise new tools and techniques to defraud legitimate users around the globe, protection and mitigation against such attacks must become an international priority.
The lack of agreed-upon law enforcement procedures and cooperation across international jurisdictions continues to hamper efforts to combat cyber crime on an international scale. As a result it is likely that while cyber crime levels remain relatively constant in established countries, it will continue to grow in countries with emerging IT and broadband infrastructure.
The need for continual initiatives in raising awareness of cyber threats is important and this should be a collaborative initiative of multiple stakeholders, including the government, private sector and industry bodies. Organisations tend to be reluctant with investing in IT security if they fail to comprehend the potential impact or they will only react when a security breach has happened. We need to nurture a culture of security where organisations will value and care for their business information.
Organisations, whether public or private sector, should strive to achieve a sustainable security awareness programme that effectively addresses evolving risk factors and supports a culture of security where everyone in an organisation, from top to bottom, understands their role in keeping information secure.
What has been the impact of recent activities by government agencies (such as CyberSecurity Malaysia, IMPACT) and so forth?
The Malaysian government has been active in advocating cyber security and the progress is being made in the right direction. CyberSecurity Malaysia, for instance, has many initiatives that have certainly increased the level of cyber security awareness among Malaysians. It's most recently initiative in providing a set of information security guidelines for SMEs (small and medium enterprises) in order to promote awareness and understanding on issues surrounding information security is timely. SMEs will certainly benefit from the guideline to better protect their information.
There are many other government agencies that have taken positive initiatives in cyber security and Symantec welcomes any initiatives by government agencies that help improve cyber security posture. We believe that cultivating a strong public-private partnership plays an important role in enhancing security awareness and are committed to sharing insights and best practices to help develop national capabilities of the government in defending essential and critical infrastructure from internal and external threats.
How will economic uncertainties in the West affect cyber crime activities for Malaysian and Asia-based companies?
The economic uncertainties will not slow down cyber criminals. The underground economy is "recession-proof" and it has matured into an efficient, global marketplace in which stolen goods and fraud-related services are regularly bought and sold.
In addition, the geographical location of cyber crime servers is constantly changing as cyber criminals attempt to stay one step ahead of law enforcement efforts to shut them down.
Give top three takeaways that the Malaysian government and local industry need to take note of?
When it comes to security measures, businesses need to be able to both deter attacks and also react to them when they occur. It's also important to pursue strategic initiatives that will lay the foundation for future protection. Based on the survey results, there is room for organisations in Malaysia to improve in how they prepare for and respond to threats. It's clear that organisations are stepping up their efforts in improving their protection, but many companies-nearly half of those surveyed-have much work still to do in safeguarding their networks and information assets.
The key recommendations from Symantec are that organisations need to develop and enforce IT policies. By prioritising risks and defining policies that span across all locations, customers can enforce policies through built-in automation and workflow to protect information, identify threats, and remediate incidents as they occur or anticipate them before they happen.
Businesses need to protect information proactively by taking an information-centric approach to protecting both information and interactions. Taking a content-aware approach to protecting information is key in identifying and classifying confidential, sensitive information, knowing where it resides, who has access to it, and how it is coming in or leaving your organisation. Proactively encrypting endpoints will also help organisations minimise the consequences associated with lost devices.
To help control access, IT administrators need to validate and protect the identities of users, sites and devices throughout their organisations. Furthermore, they need to provide trusted connections and authenticate transactions where appropriate.
Organisations need to manage systems by implementing secure operating environments, distributing and enforcing patch levels, automating processes to streamline efficiency, and monitoring and reporting on system status.
IT administrators need to protect their infrastructure by securing all of their endpoints-including the growing number of mobile devices-along with messaging and Web environments. Defending critical internal servers and implementing the ability to back up and recover data should also be priorities. In addition, organisations need the visibility and security intelligence to respond to threats rapidly.
Sign up for Computerworld eNewsletters.