A metallic fist breaking through a brick wall. Digital illustration.

Embracing Cybersecurity as a Digital Economy Driver

By Albert Chai, Managing Director, Cisco Malaysia

The increasing demand of organisations to create new revenue streams, reduce expenses, and improve customer experiences has fuelled the growth of Malaysia’s digital economy. Currently, 34 percent[1] of the organisations in Malaysia are undertaking Digital Transformation projects.

As organisations face enormous pressures to cope with unprecedented demands of digitally savvy customers, this figure is set to increase. All types of organisations – be they businesses, social enterprises, or government – are on a course to digitise their operations and achieve their respective goals. However, their journey ahead might not be so smooth. By 2020, it is estimated that 60 percent[2] of digital organisations will face major service failures due to the inability of IT security teams to manage digital risk.

Albert Chai Managing Director for Cisco in Malaysia

Albert Chai Managing Director for Cisco in Malaysia

These risks arise from the increasing complexity of IT environments where modern networks are now more expansive encompassing data centres, endpoints, virtual environments, branch offices, and the cloud. The constant evolution of networks and their components introduces new attack vectors that needed to be secured including home computers, web browsers, mobile devices, wearables, hypervisors, social media, and even home appliances.

Apart from expanding entry points, cyber-attacks have also evolved tremendously becoming more sophisticated and dynamic than ever. In October 2016, a DDoS attack on DNS provider Dyn through Mirai IoT botnet caused a massive internet outage affecting popular sites namely Twitter, Reddit, SoundCloud and Spotify. The same type of malware also brought down Liberia’s internet in the following month causing a number of businesses to halt their operations. Malaysia faced its fair share of malware encounters too with Malaysia Computer Emergency Response Team (MyCERT) reporting over 2.7 million botnet drones and malware infection attacks throughout 9,000 cyber security incidents in 2015.

Essentially, cybersecurity and trust will be key determinants of a successful digital transformation. Consider this, effective cybersecurity strategies alone will have the potential to drive an estimated value of USD5.3 trillion (RM22.55 trillion) in the private sector globally over the next decade as a result of digital technology enablement. Without placing cybersecurity as a priority, organisations will be left vulnerable to threats that are becoming more rampant with the growth of Internet of Things (IoT) and digitization. In addition, businesses that have doubts about their cybersecurity capabilities will delay important digital initiatives which might cause them to fall behind the competition. According to a Cisco survey, 71% of respondents said that cybersecurity risks and threats have hindered innovation in their organisations.

In light of this, Malaysian organisations need to ask themselves a very important question – are we ready to face the emerging cybersecurity challenges brought about by the digital economy? A recent IDC study provided a much needed reality check on our preparedness. It revealed that more than 72 percent[3] of Malaysian organisations are inefficient in their cyber security strategy deployment and are placed in the “Ad-Hoc” and “Opportunistic” in stage of IT security preparedness.

In order to stay relevant and thrive in the digital age, cybersecurity needs to be at the heart of every company’s digital transformation strategy. Companies will need an integrated threat-centric approach that can deliver cybersecurity across their entire IT infrastructure and ensure that there are security capabilities are embedded within all their IT products and services, from their networks to cloud to data center architectures.

Since data is the currency in a digital economy, one of the important areas that companies need to look at is cloud security. The critical lack of visibility of data traffic flows within virtual instances drastically increases the time needed to detect threat activity and reduces the organisation’s overall security posture. By combining network sensors and analytics, organisation can identify threats based on behaviour to pinpoint suspicious activity in real time, allowing incident responders to investigate and mitigate an attack before data is compromised. For example, if a cloud user who normally only accesses a few megabytes of data within the cloud begins collecting gigabytes in a short period of time, this could be a sign of a security breach.

Drawing on key lessons from numerous cyber incidents, threats are rarely contained only in the cloud. Digital adopters need to employ a security everywhere approach where security is pervasive – from the cloud to the network to the endpoint – to reduce risk and damage from impending cyber-attacks, gain competitive advantage over their peers and make security a growth engine for the digital economy. The same flow based visibility provided to the cloud needs to be extended to networks and endpoints in detecting insider and advanced persistent threats that may require additional attention.

Finally, end users must be equipped with the necessary cyber security knowledge and awareness. Organisations can have the most secure system in the world, but attackers will then try to seek out the path of least resistance – end users. As they are the first line of defence for organisations, they play a major role in ensuring that threats are not introduced into the system by practicing the highest standards of cybersecurity practices. It is incumbent on organisations to provide their users with the right security training and introduce regulations as well as procedures to ensure their operations are not compromised due to their users’ behaviour.

Cybersecurity will make or break a digital organisation and they need to recognize that cybersecurity is more than just a way to stop threats, it is a key growth driver that protects and enables new business value. The ability to successfully compete in the digital economy requires the ability to securely innovate. By building cybersecurity into the foundation of an organisation’s digital strategies, they can confidently drive growth and capture the massive potential value within the digital economy.

 

[1] How Digital Transformation (DX) is Reshaping the IT Services Market in Malaysia

[2] Gartner: Cybersecurity at the Speed of Digital Business

[3] IDC: The State of IT security in Malaysia




Leave a Reply

Please Login to comment
  Subscribe  
Notify of