MALAYSIA S APPROACH IN CAPACITY BUILDING. Dr Amirudin Abdul Wahab Chief Executive Officer CyberSecurity Malaysia 24 March 2017

Transcription

1 MALAYSIA S APPROACH IN CAPACITY BUILDING Dr Amirudin Abdul Wahab Chief Executive Officer CyberSecurity Malaysia 24 March 2017 Copyright 2017 CyberSecurity Malaysia

2 ASEAN s JOURNEY TOWARDS DIGITAL TRANSFORMATION Widespread adoption of new technologies & we are getting more connected Increased threats are arising from the use of technologies & human weaknesses Copyright 2017 CyberSecurity Malaysia 2

3 DIGITAL TECHNOLOGY IS A KEY ENABLER FOR ASEAN CONNECTIVITY - A Plan for Smart Cities in 2025 Copyright 2017 CyberSecurity Malaysia 3

4 DIGITAL TECHNOLOGY BRINGS NEW SECURITY CHALLENGES We are facing emerging threats of cyber crime, hactivism, cyber espionage. More actors hackers, criminals, state and state-sponsored actors with various motives Source: Copyright 2017 CyberSecurity Malaysia 4

5 PEOPLE ARE KEY COMPONENT IN DIGITAL ENVIRONMENT - Cyber attacks become more sophisticated - We are to win against cyber attacks through competent professionals Copyright 2017 CyberSecurity Malaysia 5

6 THE DEMAND FOR CYBER SECURITY HAS INCREASED - We are shortage of cyber security professionals Paul Curran, Aug , The demand for the (cybersecurity) workforce is expected to rise to 6 million (globally) by 2019, with a projected shortfall of 1.5 million, - Symantec CEO Michael Brown. the demand for cybersecurity will result in over a million job openings in 2016 alone as the growing cyber security market continues to soar with a projected growth from $75 billion in 2015 to a $170 billion by Steve Morgan, Editor-In-Chief of the Cybersecurity Market Report, Copyright 2017 CyberSecurity Malaysia 6

7 CAPACITY BUILDING IS ONE OF THE POLICY THRUSTS IN NATIONAL CYBER SECURITY POLICY NATIONAL CYBER SECURITY VISION: Malaysia s Critical National Information Infrastructure shall be secure, resilient and self-reliant. Infused with a culture of security it will promote stability, social well being and wealth creation. Copyright 2017 CyberSecurity Malaysia 7

8 NATIONAL STRATEGY FOR CYBER SECURITY ACCULTURATION & CAPACITY BUILDING PROGRAM The study was completed in November 2010 The capacity building programs are targeted towards Critical National Information Infrastructure (CNII) Focusing on efforts to increase the knowledge and skill sets on the information security workforce Aimed at creating a quality and well-equipped information security workforce and promoting recognition of the Information Security profession. Copyright 2017 CyberSecurity Malaysia 8

9 OUR CONCEPT OF OUTREACH & CAPACITY BUILDING Competency Training Developing Competent cyber security work-force and practitioners for the nation Professional Development Building & accrediting competent cyber security professionals through the Global ACE Scheme CyberSAFE An end-user focused training Programs aimed at combating cyber-attacks designed for non-technical and end-users Nurture and certify cyber security workforce with the required Knowledge, Skills & Attitude (KSA): 1. Enabling secured usage of technology to minimize digital risk; 2. Equipping necessary skillsets; and 3. Upskilling work-force awareness & capabilities in lights of the ever-changing cyber security landscape. Strategic collaborations with reputable International organizations Copyright 2017 CyberSecurity Malaysia

10 Our Vision & Mandates in Capacity Building To be the Cyber Security Training Provider in the ASEAN region and OIC countries that delivers relevance, competitive and resilience Cyber Security capacity building programs in today s fast moving landscape. To increase the number of cyber security professionals to cater for the increasing number of internet users in Malaysia Estimated about 6300 (as of Jan 2017) internationally certified professionals in Malaysia Target to achieve security professionals by 2020 Copyright 2017 CyberSecurity Malaysia 10

11 Cyber Security Capacity Building Framework Our training programmes are structured according to below framework: Objectives: 1. To nurture cyber security knowledge groups and/or individuals that are resilient to cyber security incidents; 2. To nurture cyber security practitioners that are technically capable and proficient in the operation; 3. To nurture cyber security professionals that are capable in strategizing, planning and executing cyber security initiatives Copyright 2017 CyberSecurity Malaysia

12 Our Own Competency Training Programs Copyright 2017 CyberSecurity Malaysia 12

13 PRODUCING LOCAL TALENTS via Partnerships with Intl Recognized Training Providers Copyright 2017 CyberSecurity Malaysia 13 13

14 PRODUCING LOCAL TALENTS THROUGH PARTNERSHIP WITH LOCAL UNIVERSITIES - via Educational / Academic Programs Ministry of Education Department of Polytechnic Education Department Of Community College Education The National University of Malaysia International Islamic University Malaysia (IIUM) University Tunku Abdul Rahman (UTAR) University of Kuala Lumpur (UniKL) University Putra Malaysia (UPM) Multimedia University (MMU) University Teknikal Malaysia Melaka (UTeM) etc Copyright 2017 CyberSecurity Malaysia 14

15 ENHANCING NATIONAL COMPETENCIES CYBER READINESS VIA NATIONAL CYBER CRISIS EXERCISES X-MAYA - National Cyber Crisis Exercise (Cyber Drill) conducted by CyberSecurity Malaysia in collaboration with the National Security Council. The X-MAYA - to assess and improve the National Cyber Crisis Management Plan together with CNII's readiness against the threat of cyber attacks. Copyright 2017 CyberSecurity Malaysia 15

16 ENHANCING NATIONAL TECHNICAL SKILLS & KNOWLEDGE - via Collaboration With Multi National Companies MoU between BAE & CSM in Cyber Security Framework for technical collaboration and in capacity building Dec 2014 MoU between Huawei & CSM to outline Cyber Security collaboration Copyright 2017 CyberSecurity Malaysia 16

17 ENHANCING MALAYSIA s CAPACITY BUILDING - With CERT Partners (MULTI-LATERAL) Copyright 2017 CyberSecurity Malaysia 17

18 ENHANCING MALAYSIA s CAPACITY BUILDING - With CERT Partners (BILATERAL) Copyright 2017 CyberSecurity Malaysia 18

19 ENHANCING NATIONAL CAPACITY BUILDING VIA COLLABORATION Multi-stakeholders partnership in cyber security capacity building to formulate a framework for the creation of a competent cyber security workforce both at national and regional levels ASEAN CERT WITH MULTI LATERAL PLATFORMS ITU CSCAP ARF OIC CERT FIRST APCERT Industry professionals are required to constantly train and re-train to upgrade their skills and knowledge while keeping abreast with the latest changes in the global information vectors SOVEREIGN STATES VIA BILATERAL/MULTILATE RAL ENGAGEMENT INTERNATIONAL SECURITY Protecting Common Interests Confidence Building Measures DOMESTIC SECURITY Protecting National Security, Prosperity and Public Safety Regional and Global Cyber Security Cooperation Public Private Partnership Copyright 2017 CyberSecurity Malaysia Legal and Policy Framework

20 CONCLUSION & WAY FORWARD Today, the world is witnessing widespread adoption of digital technologies and constant evolving of cyber threats; To stay ahead, we need sufficient and competent cyber security people; Malaysia continues to adopt evolutionary and innovative approach in capacity building programs As part of regional community, Malaysia s efforts in capacity building are also to strengthen regional cyber security Regional community to collaborate and combine ideas to stay ahead of rapidly changing cyber threats Industry professionals are required to constantly train and re-train to upgrade their skills and knowledge while keeping abreast with the latest changes in the global information vectors hence requiring multi-stakeholders partnership Copyright 2017 CyberSecurity Malaysia 20

21 Copyright 2017 CyberSecurity Malaysia 21