Accelerated digital transformation since the pandemic has highlighted how lack of preparation can be just as detrimental to organisations as an actual cyberattack. Going forward into 2022 and beyond, the rapidly changing landscape continues to create significant new cyber threats that will increase cyber risks on multiple global fronts via numerous evolving threat vectors.
According to the Cyber security considerations 2022 report by KPMG, navigating this fluid environment will require a mindset shift towards one of enablement to focus on striking a balance and ensuring that “security is everyone’s job”, acknowledging its role in building and maintaining customer, client, and stakeholder trust.
From January to December 2021, a total of 10,016 cases of cyber incidents were reported to the Cyber999, the cyber security incident response center operated by MyCERT (Malaysia Computer Emergency Response Team).
According to a study referenced in the Malaysia Cyber Security Strategy 2020-2024, Malaysia has the potential to lose RM51 billion due to cyber security incidents, which accounts for more than 4% of the country’s total gross domestic product.
“Out of over 10,000 cyber security incidents reported to MyCERT last year, 71% were fraud related, while intrusion attempts and malicious codes make up the top three threats reported. Cybercrime is changing as criminals avail themselves to new technology, which means our approach to cyber security must evolve as well,” commented Ubaid Mustafa Qadiri, Head of Technology Risk & Cyber Security at KPMG in Malaysia.
“Whether it’s advanced persistent threats, ransomware, backdoor attacks, or something we’ve yet to see, there will likely always be new perils with which to contend. We have found that a lack of preparation and being overly reactionary can be as detrimental as the actual cyber incident.
“That’s why it’s so important to have a plan, test your responses according to different scenarios, and understand the depth and breadth of potential cyber incidents to your business,” advised Ubaid.
The report also identifies several emerging cyber security challenges which could soon become major areas of focus for cyber professionals across virtually every industrial sector: Industrial Internet of Things (IIoT), 5G Networks and Artificial Intelligence (AI).
The Minister of Communications and Multimedia had last year announced the 5G Cyber Security Test Lab (My5G) in anticipation of the nation’s 5G rollout. My5G will be Southeast Asia’s first specialist security evaluation and test facility testing for 5G products, devices and applications.
“The prospective capabilities of 5G will be game-changing but will also pose new security challenges. The Government will need to create an environment that is flexible and adaptable to address existing legacy issues and tackle new emerging threats.
“Meanwhile, organizations looking to capitalize on the benefits of 5G will also need to begin strengthening their security infrastructure in order to get ahead of the competition,” added Ubaid.