Pikom drafts plan on info-security awareness
By ROZANA SANI
8th April 2002 (Computimes)

ADOPTION of information and communications technology security (info-security) measures among organisations and individuals locally is still at an infancy stage despite a steady increase in reliance on ICT for communication and business processes.

Without proper checks in place, info-security threats could be detrimental to government-driven initiatives such as the Multimedia Super Corridor, which is content-centric. By not securing content, organisations and individuals are at a risk of losing their intellectual property (IP) with money and time spent going to waste.

As such, the Association of the Computer and Multimedia Industry Malaysia (Pikom) is gearing up to boost info-security awareness among local organisations and individuals as well as seek opportunities for industry members.

Through its Special Interest Group (SIG) on Info-security, Pikom is drafting out a plan of action which includes collaborations with Government bodies, educational campaigns, and the establishment of an e-community forum.

Xavier Tan who is chairperson of Pikom's SIG on Info-security, said the plan revolves around the group's definition of info-security which is the protection of information against unauthorised disclosure, transfer, modification or destruction, whether accidental or intentional. "The exponential growth of the Internet has created a dire need to address info-security issues. If we can identify issues that create opportunity for members, then they are at least guided in their direction in the area," Tan told Computimes last Thursday.

For starters, the SIG is collaborating with the Communications and Multimedia Commission (CMC) to participate in roadshows to create info-security awareness. The first was held at the end of last month while the next will be held in Penang in June.

Apart from that, the SIG is working towards establishing a framework for info-security for any individuals and organisations, which comprise steps such as need identification, threat identification, listing vulnerabilities, analysis and diagnosis.

"This is important, especially with asynchronous digital subscriber line (ADSL) widely available soon with always-on line for Internet connections between users and Internet service providers. The lines will always be open to attack," said Tan, who is also managing director of the Extol group of companies. There are also plans to impart to SIG members and the public best practices guideline in info-security.

"With the lack of skill set in the country, info-security is hard to achieve unless there is shared knowledge. Locally, current info-security skills are self-acquired and the guideline can contribute in the area," said Tan.

Pikom hopes to establish an info-security forum for ICT users to discuss issues and share their experience. "There is a need to overcome our culture in jealously guarding information for the benefit of all," said Tan.