Panel comes out empty
12th November 2001 (The Sun)

The first Panel of Experts (POE) meeting organised by the National ICT Security and Emergency Response Center (NISER) discussed obvious problems related to the lack of information communication technology (ICT) security in the country. The PoE did not make any recommendations but intends to have a proposal ready in the first quarter of next year.

The first designated chairperson of the PoE, Dr Mohamed Awang Lah, said the meetingrevolved around three major issues. The first being the lack of coordination between various security agencies in the face of ICT related emergencies due to lack of clarity in functions and the lack of authority. The second issue is the inadequate level of awareness among top level management of companies and the public to deal with ICT related security threats and finally issues of law and implementation.

"Laws such as the Computer Crimes Act 1997 are not actively enforced and the Digital Signature Act 1997 are not being used by the public to protect themselves", he said. Mohamed who is senior vice president of MIMOS Berhad has been appointed as the PoE chairperson for the period of two years. He admitted that the nation's ICT Infrastructure is vulnerable to attacks. "There is no cause for concern as the security issues in the country are under control," he said.

When asked to define what major secutity issues the nation has, his response was, "The nation is not under any major attacks."

The PoE was formed in response to recent developments in security issues throughout the world. It is the first group of ICT security experts in the country gathered to act as an independent and interactive 'think-tank' for the purpose of helping the nation navigate through the complexities of information technology security.

According to Mohamed, members of the PoE are by invitation only and selected based on qualification in the realm of expertise, profession and recognised by ICT security community. This also includes relevant government representatives. The members also compomise of commercial and community representatives to cover 10 key areas of information communication technology security. These include telecommunication and network security, system security, cryptography, database security, application security, security management, security standard criteria & evaluation, business continuity planning, cyberlaws and operation security.

"The Panel is expected to provide recommendationsto the National Information Infrastructure Protection Agenda (NIIPA), which provides comprehensive ICT securiy, roadmap and action plans. With the growing threats of ICT attacks in recent years the country needs effective arrangements among various agencies planning, managing, protecting, coordinating and implementing national cyber defense. All developments and recommendations from this panel will be reported to the National Information Technology Council (NITC), Cabinet and relevant agencies for further action," Muhamed said.

The PoE will be administered by NISER. NISER's director, Major Husin Jazri said NISER is excited about the formation of PoE and will assist members of the PoE in perfoeming their individual and collective roles in which ever form the can. NISER will also assist in providing the ncessary background information that is required by the PoE to formulate their plans.

NISER also presented to the PoE the first ever Malaysian ICT Security Survey for the year 2000/2001 to help the panel members formulate effective strategies at a national level. The survey covers the wide spectrum of organisations in public and private institutions to provide comprehensive analysis on various ICT security issues. Members form private and public organisations can obtain the report at cost from NISER's website at by filling up the online order form.