Safeguarding nation's cybersecurity threats
12th June 2006 (Computimes)

Q: Can you describe your current scope of responsibilities and tasks?

A: My current responsibilities and tasks, among others, is to lead and inspire the team at Niser. The purpose of Niser's existence is to assist Malaysia to cope with cybersecurity threats and to manage them proactively.

As the national reference and specialist centre in cybersecurity, Niser offers specialist services such as security management and best practices consultancies, incident response services, digital forensics services, cybersecurity policy research, and critical information infrastructure protection services. We are currently building up nation capability in security product assessment and certification services.

Q: What do you enjoy most at work?

A: I get my utmost satisfaction realising Niser services to as many clients as possible, stretching Niser potentials to achieve the organisation and national goals. I also like meeting people and attending to their needs in cybersecurity.

Q: What would you consider a significant achievement in your work life so far, and why?

A: There are many significant achievements in my work life. Being given the chance to lead Niser and turning it to become the national reference and specialist centre in cybersecurity is one of the best, and it is an honour indeed to serve the country.

I had the ambition to become an army general when I was in the military service and now I can regard myself as the "cyber general" of my beloved country, thanks to the trust given by the leadership of the country and the Government, as well as the Defence Ministry, the Malaysian Army, the Malaysian Army Royal Signal and the Royal Military. All these are part of the institutions that have prepared me to carry out these responsibilities.

Q: Where do you see yourself in five years?

A: It is hard to predict where I will be in five years' time. Therefore, I do not wish to dwell on it at length. More importantly, it is my aim to bring Niser into the mainstream of the society and make it relevant to the lives of the Internet users in Malaysia and the world. Our Government has given us some allocation under the Ninth Malaysia Plan to enhance the country's cybersecurity, and I will be committed to deliver what is expected to the best of my ability.

Q: In your opinion, what are among the key cybersecurity issues and challenges faced by Malaysia? What would be your answers to address these issues and challenges?

A: There are many key issues and challenges in cybersecurity, but there are two main issues I wish to highlight - converting cybersecurity awareness into a culture of security, and detecting and monitoring cyberthreats proactively.

As for creating the culture of security, there is no shortcut and everyone involves must play their part. It is not just about technology issues, it goes beyond that to include education at its root, effective international, national and organisational-level policies, and its implementation and enforcement. Suffice to say the key is education. In my view, there is a need to incorporate cybersecurity education in secondary school as a baseline.

As for the second issue, due to rapid changes in technology and slow progress in the harmonisation of the cyberlaws at the global level, it will be hard to resolve many cyber-related problems at its root for now. At the moment, I still regard the cyberspace as the "heaven" of cyber-abusers and criminals as they can easily hide their tracks without being detected.

On another note, the variation in interpreting privacy and security in the cyberspace between and within nation states will continue for quite sometime and will give advantage to the bad guys. Therefore, it is imperative for Niser to have adequate specialists to detect and assess cyberthreats at the earliest time possible.

Q: What is your management philosophy?

A: My management philosophies are "serve to lead" and "giving is better than receiving". In laymen's term, to provide good cybersecurity services to the Internet users at both national and international levels in order to create a safer cyber environment.

Q: What are your hopes for ICT - in terms of the sector, technology development and usage - for the country?

A: I have many hopes. Among them is to play a significant part in propelling Malaysia towards e-sovereignty and to make Malaysia as one of the world's respected cybersecurity centre.

I also hope to see MyKad being widely used as an authentication system for online transactions over the Internet. It would also be good if technology, service and solution providers are to design their solutions/services with security in mind from the start, and not to treat security issues in a compartmentalise way, and end up passing the burden to consumers.

Companies that offer e-services should spend more time and money educating their customers on transacting securely over the Internet. Internet users should also be more willing to open up and share good and bad experiences for the betterment of the communities. And last but not least, information security professionals should be given better recognition.