Cybersecurity: Not just resiliency, but also sustainability
“I do believe it is extremely important to understand that our dependence on technology is actually making us vulnerable to any type of cybercrime,” cybersecurity researcher and author, Magda Chelly remarked during the Internet Alliance Business Summit 2023.
But she also highlighted the digital inequality which places some three million people globally, at risk because they do not have the tools and awareness to protect themselves. “They do not have access to technology in the same way that the rest of the world does,” she explained.
These two happenings, simply highlight the importance of securing the Internet and communications technologies like the Internet, because the future is coming, and it is inevitable.
For Malaysia, both the digital economy and industrial transformation have been earmarked as potentially significant contributors to the GDP. National-level blueprints have been drawn up to kickstart action and guide the anticipated growth and progress of these two sectors. In a bid to uplift communities that have been economically marginalised, the government also has high ambitions to help them tap into the digital economy.
But it is a journey that has to have cybersecurity as a very close companion.
During his opening remark for the event, NACSA CEO, Rahamzan bin Hashim, shared, “In fact, the Malaysian government has identified cybersecurity as one of the focus areas for our digital economy blueprint.”
What will it take?
NACSA has formulated the Malaysia Cyber Security Strategy 2020-2024 (MCSS) as a means to provide trust in our cyber environments ie. Digital economy, Industry4.0 and more. They have also issued the National Security Council Directive Number 26, to establish a government structure that can ensure more effective cybersecurity management for the nation.
On top of this, Rahamzan talked of a comprehensive cybersecurity bill which is in the midst of being enacted, and which would be responsible for overseeing and responding to cybersecurity risks, threats,and incidents to critical national information infrastructure (CNII).
So, how do individual private citizens and organisations fit into all of this?
“Continuously asking our clients to buy new cybersecurity products, is not sustainable. It creates additional complexity, and is just not efficient,” Magda pointed out.
What is needed is something she called ‘a sustainable cybersecurity strategy’ whereby there are two goals all parties involved need to achieve.
The first is to make the cyber intrusion as difficult as possible. Secondly, if and when intrusion happens, the organisation or individual must be able to detect the intrusion, as well as contain its impact.
This is possible with good governance, Magda believed, as well as an organisational mindset that sees cybersecurity not as a technology problem, but a phenomenon that requires awareness and good governance on the part of people and processes.