CyberSecurity Malaysia –“CyberNEWS”
Bahasa | English Issue 6 | Quarter 3 - 2014
  12 OGOS 2014

The 4th Information Security Conference was held in Kuala Lumpur with the theme "Protecting The World's Information And Services In Relation To Escalate"

Dr. Aswami Fadillah Mohd Ariffin, Vice President of Cyber Security Responsive Services represented CyberSecurity Malaysia as one of the speakers with presentation title "Cyber Security in Malaysia".

The conference was held to expose and share information with the specialists and experts of information technology and law enforcement on cyber crimes in Malaysia. It also gave an opportunity for participants to exchange views on strategies to combat cyber crime.

Several benefits gained from the conference, among others are:

  1. Technology Exposure: CyberSecurity Malaysia will be able to understand current issues facing the industry based on various presentations by international speakers.
  2. Technology Transfer: The knowledge gained can be shared thus reinforcing CyberSecurity Malaysia's position as the national cyber security specialist centre and digital forensics
  3. Communication and Networking: The event provided an opportunity for CyberSecurity Malaysia to establish relationships and networks with external organization in the effort to mitigate cyber crimes in line with the CyberSecurity Malaysia's mission and vision to be recognized globally.
  4. Access to Technology of the Future: The conference gave access to the latest information on the current cyber security technology.
  13 – 14 AUGUST 2014

CyberSecurity Malaysia participated in the Malaysia Internet Governance Forum 2014 (MyIGF) with the theme "Internet Governance for National Resilience and Sustainable Development".

The forum which was organised by the Computer Science and Engineering Faculty of Universiti Utara Malaysia (UUM) was attended by Lt. Col. Sazali Sukardi (Retired), Mohamed Anwer Mohamed Yusoff and Noor Azwa Azreen Abdul Aziz from CyberSecurity Malaysia.

Among issues highlighted during the panel discussion headed by CyberSecurity Malaysia were:

  1. Security, privacy and trust issues from the point of the law.
  2. A trustworthy identification management system.
  3. Risks and trust issues faced by users towards the Internet.
  4. Administration issues relating to cryptography procedures
  5. Understanding the challenges and effects of Internet governance.

During the session, it was stressed that security, privacy and trust is an important aspect in Internet governance, especially for the development of a sustainable and endurable country.

A total of 21 panellists and 72 participants representing the government and private sector, Non-Governmental Organisations (NGOs), civil communities, technical communities, academicians and industry shareholders were present.

  13 - 15 AUGUST 2014

The induction programme was held to assist new employees to adapt themselves with the new working environment. Organised by the Security Assurance Department, the programme was also a revision to the current MySEF (Malaysian Security Evaluation Facility) staff.

Among the objectives of the programme were:

  1. Welcoming new MySEF staff and provide them with sufficient information so that they are able to familiarize themselves with the environment and consequently work consistently, radically and effectively;
  2. Provides information about contribution and roles of MySEF staff including information on policies of CyberSecurity Malaysia's MySEF Quality Management System;
  3. Exposes MySEF staff with a comprehensive understanding on the Quality Management System including policies, guidelines and other related documents;
  4. MySEF will meet their obligations to the staff by providing information that is suitable to ensure a safe and healthy environment;
  5. Reviews all documents and identifies updates if required;
  6. Get ideas to increase measurements of MySEF's Quality Objective;
  7. Further strengthening document usage in MySEF's Quality Objective.

The three days programme was attended by 14 staff from MySEF and also Cyber Security Proactive Division. On the third day, Puan Maslina Daud, Vice President, Cyber Security Proactive Division, Puan Sabariah Ahmad, Head of Security Management & Best Practises, and Encik Abd. Raouf Mohammed Sayuti, Head of Internal Audit Department were invited to share knowledge on the Quality Objective that is used as a measurement tool on the effectiveness of MySEF's services.

  14 AUGUST 2014

The Information Security Management System (ISMS) Certificate Presentation to the Ministry of Home Affairs (KDN) and Immigration Department of Malaysia (JIM) was held on the 14 August 2014 during the KDN Monthly Gathering at Dewan Auditorium, Kompleks D, Putrajaya.

The ceremony saw the presentation of certificate to KDN and JIM after both organisations successfully completed the first and second stage of audit (Initial Certification). KDN and JIM are now prepared to use the IEC/MS ISO 27001:2007 certifications as certified by CyberSecurity Malaysia.

The presentation ceremony was attended and officiated by the Minister of Home Affairs, YB Dato' Seri Dr. Ahmad Zahid Hamidi.

KDN and JIM are now listed as organisations that have successfully received the MS ISO/IEC 27001:2007, in line with the requirements of the Cabinet Memorandum on 24 February 2010, Reference No: MOSTI(R)/ICT/PSK-1/67 from the Ministry of Science, Technology and Innovation (MOSTI).

  19 AUGUST 2014

The 4th ASEAN Financial Institution Conference (ASEANFIC) was held at Hotel Mulia, Jakarta, Indonesia. Organised by Secure Metric Technology Sdn.Bhd., the conference was attended by approximately 150 delegates from 15 banks and government bodies in Jakarta.

ASEANFIC aims to create a platform for knowledge sharing and industrial focus business networking event across Asia. CyberSecurity Malaysia's participation at the conference was to introduce CyberSecurity Malaysia as the entity to provide certification on Malaysia Common Criteria (MyCC) Scheme.

It also gave MyCC chances to obtain more products to be assessed and certified by CyberSecurity Malaysia. The presentation was done by Dr. Solahuddin Shamsuddin, Chief Technology Officer, CyberSecurity Malaysia.

  20 AUGUST 2014

CyberSecurity Malaysia participated in the Cloud & Big Data Conference, which was jointly organised by UNICOM Training and Seminars Pvt. Ltd. and Universiti Teknologi Malaysia (UTM) at the Universiti Teknologi Malaysia, Jalan Semarak, Kuala Lumpur.

The conference demonstrated analysis techniques as well as software and information management issues involving the technological integration of Cloud and detailed analysis of information classified as Big Data. Ideas and information regarding the industry's online information security and management were presented by referencing to the 'Big Data' concept. 'Cloud' technology was also presented with an update on its latest findings in terms of development and research of its technology.

Among the topics discussed included: "Strategies & Challenges in Implementing Big Data & Cloud Computing at the Enterprise Level" and "Security, Privacy, and Compliance Management for Public, Private and Hybrid Clouds".

The findings during the conference will contribute towards expanding the Centre of Excellence (COE) of CyberSecurity Malaysia. The conference has also created a heightened awareness in emphasising on the security research when developing products such as 'Cloud' and 'Big Data'.

  22 - 23 AUGUST 2014

CyberSecurity Malaysia received an international recognition with the invitation from Kerala Government and POLYCYB to attend the International Cybersecurity and Policing Conference 2014 in Kochi, India as a panellist.

Lt. Col. Sazali Sukardi (Retired), Vice President of Strategic Research Division represented CyberSecurity Malaysia and presented a paper on "National Cyber Security Policies and Initiatives in Malaysia".

Lt. Col. Sazali touched on current situations and incidents on cyber security in Malaysia. He suggested a few holistic cyber security approaches for government agencies, the industry and the community in order to create a secure and trustworthy cyber environment.

The involvement of CyberSecurity Malaysia in the conference has demonstrated the commitment and leadership qualities of CyberSecurity Malaysia in maintaining cyber security on the national and international platform, especially in raising awareness and knowledge of participants towards current cyber threats. Other panellists included representatives from USA and Ukraine.

  26 - 28 AUGUST 2014

CyberSecurity Malaysia and National Security Council (MKN) jointly organised the Digital Forensic First Responder Training to provide assistance for officers involved in determining and seizing digital evidence at crime scenes.

The training was aimed at providing an in-depth look at digital forensics methodology, theory and practical methods in seizing digital evidence using digital forensics equipment.

The session enabled participants to enhance their level of understanding, awareness and importance of the process as well as enabling them to train other agencies when it comes to digital forensics. Participants were also able to handle digital forensics equipment accurately when seizing digital evidence. They were also given the chance to debate and discuss the topics presented as well as understand the role of the first responder.

A total of 13 representatives from eight agencies / ministries took part in the training such as:

  1. Ministry of Domestic Trade, Co-operatives and Consumerism
  2. Ministry of Science, Technology and Innovation
  3. Ministry of Communications and Multimedia
  4. Ministry of Plantation Industries and Commodities v. Ministry of Defence (MINDEF)
  5. Department of Broadcasting (RTM)
  6. National News Agency of Malaysia (BERNAMA)
  7. CyberSecurity Malaysia
  26 – 28 AUGUST 2014

The ISO/IEC 27001:2013 Implementation Seminar was jointly organised by CyberSecurity Malaysia and Jabatan Standard Malaysia. The seminar was an initiative by CyberSecurity Malaysia through the Information Security Certification Body (ISCB) in helping organisations that received certification from CyberSecurity Malaysia prepare for migration processes to the latest ISO/IEC 27001:2013 Standard.

The seminar was also opened to organisations with the potential to obtain certification from CyberSecurity Malaysia.

Among the objectives of this seminar is to understand the contents of the latest edition of the Information Security Management System (ISMS), ISO / IEC 2013 and the process of adaptation of new standards.

The seminar session was attended by 22 participants from various organisations such as Ministry of Defence Malaysia, Westport Malaysia Sdn. Bhd, Bursa Malaysia Berhad, Royal Malaysian Customs Department, International Islamic University Malaysia, Department of Veterinary Services, and Teknologi Tenaga Perlis Consortium.

In addition, the seminar also involved group activities and presentation to ensure participants fully understood the training at hand. From the feedback received, CyberSecurity Malaysia saw the need to implement an Internal Audit ISO 27001:2013 seminar.