Having trouble viewing this email? View it in your browser.
ISSUE 17 | QUARTER 2 - 2017
Bahasa | English
APRIL 2017
Memorandum of Understanding Signing Ceremony between the Malaysian Chief Government Security Officer (CGSO) and CyberSecurity Malaysia, Seri Kembangan, Selangor
3 April 2017

On 3rd April 2017, a Memorandum of Understanding (MoU) was signed between the Malaysian Chief Government Security Officer (CGSO) and CyberSecurity Malaysia. The ceremony took place at CyberSecurity Malaysia in conjunction with the visit of the Director General of Government Security, YBhg. CP Dato' Zamri bin Yahya to CyberSecurity Malaysia.

It was officiated by the Chief Government Security Officer of Malaysia while CyberSecurity Malaysia was represented by YBhg. Dato' Dr. Haji Amirudin Abdul Wahab, Chief Executive Officer.

The MoU aimed to strengthen the country's national defense through the cooperation in cyber security field covering the aspects of security, digital forensics, cyber security incident management, competence development and cyber security certification.

Meanwhile, a work visit was held for CGSO officers to deepen their knowledge on the role and function of CyberSecurity Malaysia as well as to view the operations and infrastructure of the Malaysian Computer Emergency Response Team (MyCERT) and Digital Forensic laboratory. A total of 20 CGSO officers participated in this visit.

CyberSecurity Malaysia Staff Assembly, Kajang, Selangor
6 April 2017

On April 6th, 2017, CyberSecurity Malaysia organized its staff assembly. The event which was held twice a year is an activity initiated by staff relations to foster relationship as well as to update on the latest developments of the organization.

Among the activities are corporate integrity pledge, award and certificate presentation to staff who obtained professional certificate in 2016, staff who have served for more than 10 years, staff who joined sport activities as well as to their children who have excelled in the academics.

All CyberSecurity Malaysia staff participated in this event. Eventually, this gathering fosters relationship between the executives and senior management in the organization.

Work Visit by Malaysia Crime Prevention Foundation (MCPF) to CyberSecurity Malaysia, Seri Kembangan, Selangor
11 April 2017

CyberSecurity Malaysia welcomed a visit from the Malaysia Crime Prevention Foundation (MCPF) on 11th April 2017. A delegation of 10 members including the Councilors and MCPF officers led by YBhg. Tan Sri Lee Lam Thye as Senior Vice Chairman of MCPF was welcomed by YBhg. Dato' Dr. Haji Amirudin Abdul Wahab, Chief Executive Officer, CyberSecurity Malaysia.

This visit aimed to familiarize the Council with the function and role of CyberSecurity Malaysia, to update on latest cyber threats and to inform them on cyber security incident handling in Malaysia.

Delegates visited Digital Forensics Laboratory and were briefed on Malaysian Computer Emergency Response Team (MyCERT) operations.

Incident Handling Training of Bhutan Computer Incident Response Team (BtCIRT), Seri Kembangan, Selangor
12 - 21 April 2017

An intensive training on the handling of cyber security incidents to the Bhutan Computer Incident Response Team (BtCIRT) was held on 12th to 21st April 2017. The eight-day training program was held at CyberSecurity Malaysia and participated by three BtCIRT officers.

This technical training aimed to enhance BtCIRT officers' capabilities on incident handling and cyber security administration in order to increase efficiency and effectiveness. It is also a platform to share information and discuss current cyber security issues as well as to strengthen cooperation between Malaysia and Bhutan in cyber security.

Among the modules implemented during BtCIRT Incident Handling Training are incident handlings, development of Standard Operating Procedures (SOP), development of benchmarking agreements, ticketing systems and analysis, incremental and reduction of incidents. During the training, the delegation also visited the lab in CyberSecurity Malaysia.

CyberSecurity Malaysia as a training operator to BtCIRT demonstrated its capabilities and expertise in cyber security field, and eventually became a reference agency. This is an international recognition for CyberSecurity Malaysia.

MOSTI Social Innovation Program - "Ops Jelajah Cyber" Negeri Sembilan Edition, Kuala Pilah, Negeri Sembilan
12 - 13 April 2017

The MOSTI Social Innovation Program – "Ops Jelajah Cyber" Negeri Sembilan Edition was held on 12th and 13th April 2017 in Kuala Pilah, Negeri Sembilan. The event was officiated Mr. Ahmad Syafiq Bin Amin, Principal Assistant District Officer of Kuala Pilah and attended by Dr. Zahri Yunos, Chief Operating Officer, CyberSecurity Malaysia.

The Ops Jelajah Cyber which was held under the MOSTI Social Innovation is a collaboration program based on the National Blue Ocean Strategy (NBOS). The program is supported by Kuala Pilah District Office and PUSPANITA Negeri Sembilan.

Among the activities held throughout the program are data recovery and data sanitization, cyber security awareness talks, entrepreneurship development program, MyCyberSecurity Clinic (MyCSC) and cyber security field consultancy.

500 participants attended the two-day program. Ops Jelajah Cyber has successfully introduced CyberSecurity Malaysia role and function and services to the public.

Launch of CSM/VADS Marketplace, TM@Damansara, Kuala Lumpur
13 April 2017

On April 13th, 2017 CSM/VADS Marketplace Launching Ceremony was held at TM@Damansara. The ceremony was officiated by YABhg. General Tan Sri Dato' Seri Panglima Mohd Azumi Mohamed (Retired), Chairman of the Board of Directors, CyberSecurity Malaysia.

Among the attendees were YBhg. Dato' Khairul Annuar Mohamaed Zamzam - Chairman of Managed Account, Telekom Malaysia, YBhg. Dato' Dr. Haji Amirudin Abdul Wahab - Chief Executive Officer, CyberSecurity Malaysia, YBhg. Dato' Dr. Mohd Rais Azhar - Chief Information Security Officer, Telekom Malaysia and Mr Massimo Migliuolo - Chief Executive Officer, VADS.

CSM/VADS Marketplace is a joint venture between CyberSecurity Malaysia and VADS Berhad, a subsidiary of Telekom Malaysia in an effort to increase the efficiency, skills and capabilities of the people, especially those directly involved in cyber security.

The five-year program will see the Cyber Security Marketplace in the VADS Marketplace, which consists of 26 skills and awareness courses such as Cyber Security Awareness Program - CyberSAFE and CyberSecurity Essential that will benefit all targeted market segments. All these programs can be downloaded online through the VADS Marketplace.

With this initiative, access to capacity building in the effort to produce more experts can be expanded and enhanced. The collaboration between CyberSecurity Malaysia and VADS Berhad is also in line with the National Blue Ocean Strategy (NBOS) that strengthens public - private partnership.

Post-Graduate Seminars and Scientific Discussion with Key Laboratory of Mathematics Mechanization, Academy of Mathematics & System Sciences, Chinese Academy of Sciences, Beijing, China
17 - 21 April 2017

CyberSecurity Malaysia participated in post-graduate seminars and scientific discussions organized by the Key Laboratory of Mathematics Mechanization, Academy of Mathematics & System Sciences, Chinese Academy of Sciences from April 17th to 21st, 2017 in Beijing, China.

The program was held to discuss and gather the latest information on Al-Kindi's research laboratory, INSPEM located at Universiti Putra Malaysia (UPM). CyberSecurity Malaysia represented by Wan Zariman Omar while Al-Kindi Laboratory, UPM was represented by Prof. Madya Dr. Muhammad Rezal Kamel Ariffin.

The presentation aimed to update and educate the participants on latest cryptography development especially Cryptographic Mathematics and attacks on stream ciphers. In addition, there were discussions to explore collaborative opportunities to strengthen cryptographic research between higher education institutions, government agencies and research associations.

CyberSecurity Malaysia's aims to strengthen its position in cryptographic research and competency.

Visit by Technical Specialist of the Myung Information Technologies (MIT) Korea to CyberSecurity Malaysia, Seri Kembangan, Selangor
17 - 19 April 2017

On April 17th, 2017 technical experts from Korea's Myung Information Technologies (MIT) visited CyberSecurity Malaysia.

They discussed the potential areas of collaboration for MyCyberSecurity Clinic (MyCSC) training, research and development program with technical support from MIT Korea for more complex data recovery services such as RAID and aimed to improve MyCSC Standard Operating Procedure (SOP) with MIT Korea's technical experts.

MyCSC is one of CyberSecurity Malaysia's initiatives that offers digital forensic services such as data recovery, sanitization data and advisory services to government agencies, private companies and the people.

Two (2) experts from MIT Korea attended this visit namely Mr. Jun Youhyung, Head of Data Recovery Department and Mr. Kim Sangwook, Head of Department, Research and Development (R & D). They also visited MyCSC and Digital Forensics laboratories and were briefed on Kloner and Dupont products.

MyCSC in CyberSecurity Malaysia was able to develop latest techniques on state-of-the-art tools guided by MIT experts in order to handle cases related to data recovery .This will increase MyCSC's efficiency and skills.

28th ISO/IEC JTC 1/SC 27 Working Group Meeting and ISO/IEC JTC 1/SC 27 Plenary Meeting, Hamilton, New Zealand
18 - 25 April 2017

The CyberSecurity Malaysia attended the 28th ISO/IEC JTC 1/SC 27 Working Group Meeting and ISO/IEC JTC 1/SC 27 Plenary Meeting held in Hamilton, New Zealand.

ISO members from various countries - International Organization for Standardization and the IEC - International Electrotechnical Commission, two organizations that formed a specialized standard system worldwide, participated in this meeting.

In information security, there are five Working Groups (WGs) responsible for technical development for information and IT security standards. CyberSecurity Malaysia is a member of three working groups, namely Working Group 1 (WG1): Information Security Management Systems, Working Group 3 (WG3): Security Evaluation, Testing and Specification and Working Group 4 (WG4): Security Controls and Services.

CyberSecurity Malaysia was represented by Maslina Daud, Senior Vice President, Cyber Security Proactive Services Division and Zarina Musa, Cyber Security Assistance Specialist from MySEF Department.

CyberSecurity Malaysia was involved in several discussions, with most sessions impacting on the services and research conducted by CyberSecurity Malaysia. It enables CyberSecurity Malaysia to plan and set directions related to the provision of certification services offered.

MOSTI Social Innovation Program - "Ops Jelajah Cyber" Melaka Edition, Melaka
19 - 20 April 2017

On 19th to 20th April 2017, the MOSTI Social Innovation Program – "Ops Jelajah Cyber" Melaka Edition was held at Malacca International Trade Center (MiTC). The program was organized by CyberSecurity Malaysia in collaboration with PUSPANITA Melaka and MITC was officiated by YBhg. Datin Seri Rafeah Hanim Binti Johari, Chairman of PUSPANITA Melaka. Also present was YBhg. Dato' Dr. Haji Amirudin Abdul Wahab, Chief Executive Officer, CyberSecurity Malaysia.

Ops Jelajah Cyber is organized under the Ministry of Science, Technology and Innovation (MOSTI) Social Innovation Program aimed at providing awareness on cyber security to the public, providing data recovery, data sanitization and cyber security related services, demonstrating the equipment and software used for recovery and Data sanitization, promoting Entrepreneurship Development Program MyCyberSecurity Clinic (MyCSC); and introducing MyCSC program as a touch point to the people in addressing digital forensic problems as well as catalysts in ICT entrepreneurship.

350 participants attended this program, while 10 storage media (computers, hard drives, thumbdrives and smartphones) were successfully recovered during the program.

Through Ops Jelajah Cyber, CyberSecurity Malaysia introduced digital forensics services to the public via MyCyberSecurity Clinic (MyCSC). In addition, cyber security awareness were nurtured through talks and knowledge sharing on latest cyber threats and attacks.

Board Meetings 2/2017 Computer Emergency Response Team - Islamic State Organization of Cooperation (OIC-CERT), Mashhad, Iran
20 - 21 April 2017

On April 20th and 21st, 2017, the Board of Directors of the Computer Emergency Response Team – Organization of Islamic Cooperation (OIC-CERT) had a meeting at Mashhad, Iran. The first meeting of 2017 was attended by 13 members from seven countries, including Oman, Malaysia, Azerbaijan, Indonesia, Iran, Egypt and United Arab Emirates (UAE).

OIC-CERT Board of Directors meeting was held to discuss issues relating to operations such as membership, workgroup advancement and administrative framework. Additionally, the meeting also discussed the planning of the annual conference to be held in Baku, Azerbaijan in the third quarter of 2017.

This meeting highlighted the significant contribution and role played by Malaysia in the area of cyber security, especially to OIC countries. CyberSecurity Malaysia was appointed as the OIC-CERT Permanent Secretariat in 2013.

It also enhances Malaysia's ability to cope with cyber threats through information sharing, expertise, research findings and best practices with computer emergency response teams of OIC-CERT member states. Additionally, it is recognition to Malaysia's expertise in cyber security in which there was increase in demand by OIC-CERT countries for Malaysia to provide specialized training in cyber security to agencies from Pakistan, Indonesia, Brunei Darussalam, Nigeria, Arab Saudi and Egypt.

Common Criteria Recognition Arrangement (CCRA) Meetings, Amsterdam, Belanda
22 - 26 April 2017

On April 22nd to 26th, 2017 a Common Criteria Recognition Arrangement (CCRA) meeting was held in Amsterdam, Netherlands. Netherlands Common Criteria Scheme (NSCIB) organized this conference to discuss about testing and certification of IT security, testing and improvement.

28 CCRA countries attended the five day meeting to improvise the Common Criteria (CC) of ISO/IEC 15408 and ISO/IEC 18045, discuss the technical issues and the development of a new version of CC by CC Development Board (CCD) led by The United States is assisted by CCDB/ISO representative David Martin of the United Kingdom (UK) in collaboration with the International Organization for Standardization.

Participation by authorizing country, such as Malaysia is critical to determine the direction of CCRA. Malaysia, via CyberSecurity Malaysia succeeded an audit conducted by representatives from Australia and Turkey Voluntary Periodic Assessment on 21 to 25 March 2017. This achievement demonstrates Malaysia's capability in the field of cyber security product certification under the Common Criteria. In line with this, Malaysia is expected to be the Chairman of CCRA in 2021.

4th Session Training on Computer And Network Intrusion, Bangkok, Thailand
24 - 28 April 2017

CyberSecurity Malaysia participated in the 4th Session Training on Computer and Network Intrusion in Bangkok, Thailand from 24th to 28th April 2017. The annual course organized by the International Law Enforcement Academy (ILEA) Thailand was held as a platform for digital forensics analysts and law enforcement personnel in Asia Pacific countries to collect information, exchange views and analyze various types of digital evidence from computers.

24 participants attended this course and CyberSecurity Malaysia was represented by Mohd Izuan Effenddy Bin Yusof, Analyst, Digital Forensic Department.

Participants were exposed to the latest software and engineering applications as well as the analysis of collecting digital evidence of destruction when the computer was erased. The information and knowledge gained is useful to inspect victims and suspects computer in the investigation of a cyber criminal case.

CyberSecurity Malaysia increased its Digital Forensics expertise and capabilities in providing its services as a national reference center in cyber security. In addition, the course has strengthened the collaboration between CyberSecurity Malaysia and various agencies in Asia-Pacific region. It is in line with its vision to be a cyber-security reference center and internationally renowned expert agency.

The Cyber Security - Financial Industry Collaboration, Kuala Lumpur
27 April 2017

On April 27th, 2017 the Cyber Security - Financial Industry Collaboration program was organized by Standard Chartered Bank Malaysia, supported by CyberSecurity Malaysia and was held to share information on latest scenarios in the field of information security in banking industry, especially online banking.

The ceremony was officiated by YB Datuk Wira Dr. Abu Bakar Mohamad Diah, Deputy Minister of Science, Technology and Innovation. YABhg. General Tan Sri Dato' Seri Panglima Mohd Azumi Mohamed (Retired) - Chairman of the Board of Directors, CyberSecurity Malaysia, YBhg. Dato' Arif Siddiqui - Chief Information Officer, Standard Chartered Bank Malaysia and Chief Information Officer of the Islamic Banking Group Malaysia and YBhg. Dato' Dr. Haji Amirudin Abdul Wahab - Chief Executive Officer, CyberSecurity Malaysia attended the ceremony.

Presentations on online information safety were held. CyberSecurity Malaysia was represented by Hazlin Abdul Rani, Head of Cryptography Department who delivered a presentation entitled "Cryptocurrency & Blockchain - The Introduction".

Workshop on Global ACE Scheme Malaysia Pilot Chapter Cyber Security Domains Committee (CSDC) Focus Group, Kuala Lumpur
27 April 2017

On April 27th, 2017, Global ACE Scheme Pilot Chapter Cyber Security Domain Committee Workshop was held in Kuala Lumpur.

The workshop aimed to gather views from cyber security practitioners in the industry on the minimum level of knowledge, skills and behaviors required by cyber security experts under the ACE Global Scheme, to improve the "KSA (Knowledge, Skill & Attitude) Descriptor" and obtain confirmation from the participants on the eight (8) KSA Descriptors agreed in the KSA Descriptor Development Workshop in December 2016. 27 participants attended the workshop.

CyberSecurity Malaysia Recreation Program
April 2017

Throughout April 2017, CyberSecurity Malaysia organized several recreational programs for its staff.

These programs aimed to foster relationship between staff and provide a platform to create a harmonious atmosphere in carrying out daily tasks.

'Jom Jalan' activity was held on 7th April 2017 at Bukit Jalil Recreational Park. 51 staff joined this program. This activity established a direct two-way interaction between staff and CEO in an informal atmosphere.

On April 13th and 15th, 2017 Futsal and Badminton Championship 2017 took place. These competitions aimed to promote healthy lifestyle among CyberSecurity Malaysia staff. In addition, it enhances the teamwork spirit and strengthens existing relationships.

Useful Link
Visit to CyberSecurity Malaysia

Cyber Security Awareness Program - CyberSAFE
To report cybersecurity incidents, please click here