Malaysia organizations don't realize severity of cyberattacks
ZD Net Asia (23 May 2012)

Despite the rise in cyberattacks, Malaysian organizations are apathetic about information security and fail to realize they are potentially under serious threat, says the country's science, technology and innovation minister.

Minister Maximus Johnity Ongkili said at the Second Annual Information Security Summit, that complaints received by CyberSecurity Malaysia found that such incidents had risen from 2,123 in 2008, to 8,090 in 2010, and 15,218 last year, Bernama reported on Tuesday.

Cyberincidents have become a serious threat in Malaysia and could cripple the country's socio-economic development and national security, he said.

His words echoed CyberSecurity Malaysia's business development head, Mohd Anwer Mohamed Yusoff,  who last month revealed that the country had lost 2.75 billion ringgit (US$897.6 million) over the past five years to cybercrime.

On the other hand, only 60 out of 400 organizations identified as the country's critical national infrastructure (CNII) had been ISO/IEC 270001 Information Security Management System (ISMS) certified an international recognized security benchmark, the minister noted. This figure was far from satisfactory and the main pullback for organizations to be compliant is their apathy and "never mind" attitude, he warned.

Ongkili also remarked that the Internet and IT are a "double-edged sword", offering both opportunities for development and to commit crime.

For instance, the future looks bright for cloud computing as many Asian economies are already in the process of fully embracing the technology, but the security issues are not well-addressed to allow more companies to confidently move to the cloud, Ongkili pointed out. This security concern are hindering the increase in business agility and cost reduction for organizations, he explained.

Local organizations should be prepared to counter the concerns in information security while utilizing such technology to grow, he advised. "Both the public and private sectors should be cautious with the data storage when using cloud computing and work closely with vendors to ensure the prevention of data loss," Ongkili said.