dr amirudin abdul wahab chief executive officer ... 2017/dr amirudin... · dr amirudin abdul wahab...

Copyright © 2017 CyberSecurity Malaysia Copyright © 2017 CyberSecurity Malaysia

MALAYSIA’S APPROACH IN CAPACITY BUILDING

Dr Amirudin Abdul Wahab Chief Executive Officer CyberSecurity Malaysia

24 March 2017

Copyright © 2017 CyberSecurity Malaysia 2

ASEAN’s JOURNEY TOWARDS DIGITAL TRANSFORMATION Widespread adoption of new technologies & we are getting more connected

Increased threats are arising from the use of technologies & human weaknesses


DIGITAL TECHNOLOGY IS A KEY ENABLER FOR ASEAN CONNECTIVITY - A Plan for Smart Cities in 2025


Source: http://www.hackmageddon.com/2017/03/02/january-2017-cyber-attacks-statistics/

•We are facing emerging threats of cyber crime, hactivism, cyber espionage …. •More actors – hackers, criminals, state and state-sponsored actors with various motives

DIGITAL TECHNOLOGY BRINGS NEW SECURITY CHALLENGES


PEOPLE ARE KEY COMPONENT IN DIGITAL ENVIRONMENT

- Cyber attacks become more sophisticated - We are to win against cyber attacks through competent professionals


Paul Curran, Aug 30-2016, https://www.checkmarx.com/2016/08/30/cyber-security-career-paths-salaries-and-the-most-in-demand-job-titles/

“…the demand for cybersecurity will result in over a million job openings in 2016 alone as the growing cyber security market continues to soar with a projected growth from $75 billion in 2015 to a $170 billion by 2020…”

- Steve Morgan, Editor-In-Chief of the Cybersecurity Market Report,

“The demand for the (cybersecurity) workforce is expected to rise to 6 million

(globally) by 2019, with a projected shortfall of 1.5

million,” - Symantec CEO Michael Brown.

THE DEMAND FOR CYBER SECURITY HAS INCREASED - We are shortage of cyber security professionals

Copyright © 2017 CyberSecurity Malaysia

CAPACITY BUILDING IS ONE OF THE POLICY THRUSTS IN NATIONAL CYBER SECURITY POLICY

NATIONAL CYBER SECURITY VISION:

Malaysia’s Critical National Information Infrastructure shall be secure, resilient and self-reliant. Infused with a culture of security it will promote stability, social well being and wealth creation.

7


The study was completed in November 2010 • The capacity building programs are targeted

towards Critical National Information Infrastructure (CNII)

• Focusing on efforts to increase the knowledge

and skill sets on the information security workforce

• Aimed at creating a quality and well-equipped

information security workforce and promoting recognition of the Information Security profession.

NATIONAL STRATEGY FOR CYBER SECURITY ACCULTURATION & CAPACITY BUILDING PROGRAM


Strategic collaborations with reputable International organizations

OUR CONCEPT OF OUTREACH & CAPACITY BUILDING

Professional Development

Building & accrediting competent cyber security professionals through the

Global ACE Scheme

Competency Training Developing Competent

cyber security work-force and practitioners for the

nation

CyberSAFE An end-user focused

training Programs aimed at combating cyber-attacks

designed for non-technical and end-users

Nurture and certify cyber security workforce with the required Knowledge, Skills & Attitude (KSA): 1. Enabling secured usage of technology to minimize digital risk; 2. Equipping necessary skillsets; and 3. Upskilling work-force awareness & capabilities in lights of the ever-changing cyber security

landscape.


Our Vision & Mandates in Capacity Building

To increase the number of cyber security professionals to cater

for the increasing number of internet users in Malaysia

Estimated about 6300 (as of Jan 2017) internationally certified

professionals in Malaysia

Target to achieve 10000 security professionals by 2020

10

To be the Cyber Security Training Provider in the ASEAN region and OIC countries that delivers relevance, competitive and resilience Cyber Security capacity building programs in today’s fast moving landscape.


Cyber Security Capacity Building Framework • Our training programmes are structured according to below framework:

• Objectives: 1. To nurture cyber security knowledge groups and/or individuals that are resilient to cyber

security incidents; 2. To nurture cyber security practitioners that are technically capable and proficient in the

operation; 3. To nurture cyber security professionals that are capable in strategizing, planning and

executing cyber security initiatives


Our Own Competency Training Programs


PRODUCING LOCAL TALENTS – via Partnerships with Intl Recognized Training Providers

13


PRODUCING LOCAL TALENTS THROUGH PARTNERSHIP WITH LOCAL UNIVERSITIES - via Educational / Academic Programs

14

Ministry of Education Department of Polytechnic Education Department Of Community College

Education The National University of Malaysia International Islamic University Malaysia (IIUM) University Tunku Abdul Rahman (UTAR) University of Kuala Lumpur (UniKL) University Putra Malaysia (UPM) Multimedia University (MMU) University Teknikal Malaysia Melaka (UTeM) etc


X-MAYA - National Cyber Crisis Exercise (Cyber Drill) conducted by CyberSecurity Malaysia in collaboration with the National Security Council.

The X-MAYA - to assess and improve the National Cyber Crisis Management Plan together with CNII's readiness against the threat of cyber attacks.

15

ENHANCING NATIONAL COMPETENCIES CYBER READINESS VIA NATIONAL CYBER CRISIS EXERCISES


ENHANCING NATIONAL TECHNICAL SKILLS & KNOWLEDGE - via Collaboration With Multi National Companies

Dec 2014 MoU between Huawei & CSM to outline Cyber Security collaboration

MoU between BAE & CSM in Cyber Security Framework for technical collaboration and in capacity building


ENHANCING MALAYSIA’s CAPACITY BUILDING - With CERT Partners (MULTI-LATERAL)


ENHANCING MALAYSIA’s CAPACITY BUILDING - With CERT Partners (BILATERAL)


ENHANCING NATIONAL CAPACITY BUILDING VIA COLLABORATION WITH MULTI LATERAL PLATFORMS

INTERNATIONAL SECURITY Protecting Common Interests Confidence Building Measures

Legal and Policy Framework

Regional and Global Cyber Security Cooperation

DOMESTIC SECURITY Protecting National Security, Prosperity and Public Safety

Public-Private Partnership

OIC CERT

FIRST

APCERT

ITU

CSCAP

ARF SOVEREIGN STATES

VIA BILATERAL/MULTILATE

RAL ENGAGEMENT

ASEAN CERT

Multi-stakeholders partnership in cyber security capacity building to formulate a framework for the creation of a competent cyber security workforce both at national and regional levels

Industry professionals are required to constantly train and re-train to upgrade their skills and knowledge while keeping abreast with the latest changes in the global information vectors


CONCLUSION & WAY FORWARD

• Today, the world is witnessing widespread adoption of digital technologies and constant evolving of cyber threats;

• To stay ahead, we need sufficient and competent cyber security

people; • Malaysia continues to adopt evolutionary and innovative approach in

capacity building programs

• As part of regional community, Malaysia’s efforts in capacity building are also to strengthen regional cyber security

• Regional community to collaborate and combine ideas to stay ahead of rapidly changing cyber threats

• Industry professionals are required to constantly train and re-train to upgrade their skills and knowledge while keeping abreast with the latest changes in the global information vectors – hence requiring multi-stakeholders partnership

dr amirudin abdul wahab chief executive officer ... 2017/dr amirudin... · dr amirudin abdul wahab...

Documents