More collaboration between governments, not for profit organisations and
the private sector has been suggested as a way to manage growing cyber
threats as well as a ‘Red Team’ approach to testing agency preparation
for attacks.
Professor Mohamed Ridza Wahiddin, Chief Research Director for Malaysian Institute of Microelectronic Systems (MIMOS) told FutureGov Asia Pacific that Malaysia’s existing National Cyber Coordination Committee (NC3)
could be better mobilised against cyber threats by discussing the
implemention of a ‘Red Team’ approach, to “keep agencies on their toes”.
A ‘Red Team’ is a group of penetration testers that access the security of an organisation without its knowledge.
Ridza said that such an approach would go beyond the Information Security Management System (ISMS) standards, which govern the processes and systems devised to manage risks to the information assets of Malaysia’s agencies.
“Security threats today and into the future require coordination and a fast response,” he said.
“It’s not just about problem solving anymore, but it’s also about problem finding, something like early warning signatures.”
Understanding and addressing the information security divide and the privacy divide would help encourage collaboration.
Agencies needed to explore the technology options that will enhance innovation and over-ride the ‘silo’ mentality, he added.
“These agencies probably have not realised it’s detrimental to security.
“If the field marshall wants to take the hill he needs to win over
the hearts of his soldiers by inspiring and sharing with them the
reasons to do so.
“Similarly, agencies need to be communicated on why there is a need for collaboration.”
Ridza said there was a current lack of knowledge on which data and
information needed to be shared, and he warned that cyber attacks could
reoccur unless agencies started to share more of their information.
“In Malaysia, more safety mechanisms have to be in place. There has
to be a serious sharing of real security threats between the agencies.”
Only then will government agencies have a truly integrated approach to addressing rising security threats, he added.
|