There are two major challenges that Malaysian businesses have to grapple with today: the push for digitalisation for accelerated growth and the heightened cybersecurity risks of expanding attack surfaces.
For instance, data stored with Maybank, Astro, and the Election Commission was compromised in Dec. 2022, affecting 13 million Malaysians. iPay88, a payment gateway, also suffered a significant breach where customers’ credit card details were compromised. Last year, CyberSecurity Malaysia (CSM) recorded an alarming 1,192% increase in data thefts.
This is not to say that digitalisation is detrimental—its net value remains positive.
But just as a brick-and-mortar store must equip itself with the necessary security measures to protect against physical theft and vandalism, an organisation’s digital infrastructure needs security reinforcements to ward off cyberthreats and safeguard sensitive data.
This is why Malaysian organisations must heed the call to strengthen their digital immune systems.
What is a digital immune system?
A digital immune system (DIS) enables swift detection and mitigation of cybersecurity risks to minimise their impact. It acts much like our body’s immune system, detecting and fighting off viruses around the clock.
In technical terms, a DIS is a framework of robust cybersecurity practices and technologies that can heighten an organisation’s cyber resilience and enhance user experience (UX). This includes the management of cyber incidents, the recovery that follows, and the maintenance of an organisation’s digital infrastructure—all of which ensure superior UX and customer satisfaction.
However, not all organisations are aware of how crucial it is to have a strong DIS. This is why the Malaysian government is set to enforce new DIS-related measures to foster a secure environment for societal advancement and economic prosperity. Through efforts by Bank Negara Malaysia (BNM), financial institutions are now required to implement and enforce strong cyber-hygiene standards, particularly around governance and patch management.
BNM has also partnered with CSM to enhance the financial sector’s cyber resilience by facilitating information sharing and collaboration. Dewan Rakyat has passed the Cyber Security Bill 2024, which mandates that Malaysian organisations adhere to specific best practices and standards to elevate cybersecurity nationwide.
What can you do to strengthen your DIS?
The stronger your organisation’s DIS, the quicker you’ll be able to resolve cybersecurity incidents. Here are four ways Malaysian organisations can strengthen their DIS.
- Monitor your digital infrastructure continuously
Keeping an eye on your network’s security and application infrastructure is highly important. Observability is key to enabling efficient performance tracking of your application or digital service. When you’re vigilant, you can catch performance issues, software bugs, and potential vulnerabilities early on and, more importantly, prevent exploitation.
2. Assess risk and test vulnerabilities regularly
Regular risk assessments and vulnerability testing are important steps in strengthening your DIS. This can help you determine if your existing defence mechanism is effective and robust. The reality is, a lot of anomalies go undetected by weak or compromised cybersecurity systems.
Put yourself in the shoes of cybercriminals by making attempts to breach your own infrastructure. This helps you to detect and proactively address unchecked vulnerabilities in your system before they are exploited. The insights gained from constant monitoring and frequent testing can provide you with actionable data that can be used to make improvements across your product offering in terms of both security and performance.
3. Implement incident recovery plans
After assessing your risks and testing your vulnerabilities, what’s next?
Develop incident recovery plans (IRAs) so that you can address your threats as quickly as you find them. Use the data gathered from testing to come up with viable solutions for discovered threats. That way, your organisation can recover quickly without having to halt and disrupt its entire operations. You can also automate the launch of your IRAs when certain threats emerge, using AI or other threat detection tools, without requiring human intervention.
4. Comply with the latest security standards
Be in regulatory compliance with as many security standards as possible. When your organisation is compliant, it proves that you’re doing your part to defend it from known threats and prepare for potential breaches.
When customers know that cybersecurity is your main priority, you are deemed more trustworthy and more reliable than your competitors, and customers will feel more confident in your ability to safeguard their data.
Strengthening your DIS is key to cyber resilience
Maintaining a healthy DIS is a continuous process, as the global cyberthreat landscape is in constant flux. There’s no denying that developing and maintaining a robust DIS takes work, but this effort will provide significant benefits not only with cyber resilience but also with UX and customer satisfaction.
Byline attributed to Eric Roshaan, Enterprise Analyst at ManageEngine
