Security conference to shine spotlight on risk and compliance
- Cyber Security Malaysia Awards, Conference and Exhibition (CSM-ACE) 2012 set to take area from Nov 6-7
- Main intention to raise attention and blessings of securing security certification for nearby ICT products and services
CYBER Security Malaysia has released the Cyber Security Malaysia Awards, Conference and Exhibition (CSM-ACE) 2012, set to take region from Nov 6-7 along side the World Innovation Forum Kuala Lumpur (WIFKL) 2012.
Cyber Security Malaysia (CSM) is the countrywide cyber safety professional below the Ministry of Science, Technology and Innovation (MOSTI).
Themed ‘Cyber Security Risk & Compliance for Economic Transformation,' the occasion objectives to provide a platform for authorities businesses and increase the attention of obligatory compliance of facts protection standards.
CSM appearing leader govt officer Zahri Yunos (percent, center) stated the key goal for CSM-ACE 2012 is to nurture a sturdy lifestyle of cyber safety awareness, specially among facts and communications generation (ICT) customers specifically inside the Critical National Information Infrastructure (CNII) sectors.
There are 10 CNII sectors under the National Cyber Security Policy: National Defense & Security, Banking & Finance, Information & Communication, Energy, Transportation, Water, Health Services, Government, Emergency Services and Food & Agriculture.
According to CSM, the alarming upward push of premeditated assaults which includes disbursed denial-of-carrier (DDoS) attacks and superior chronic attacks (APT) with probably catastrophic outcomes to interdependent community and facts structures throughout the globe has demanded that giant attention be paid to protection initiatives.
Cost of certification
Cyber protection has been diagnosed as a capacity sector for boom underneath the National Transformation Program (NTP). Razman Azrai Zainudin (above p.c, right), CSM's vp of Corporate Planning & Strategy, said that one manner of accomplishing this boom become through the adoption and promotion of safety requirements.
Razman highlighted the Malaysian Common Criteria Evaluation and Certification (MyCC) Scheme, which evaluates and certifies the safety functionality inside ICT products against ISO/IEC 15408 general that is referred to as Common Criteria (CC).
The method used inside the evaluation is also a diagnosed trendy known as Common Evaluation Methodology (CEM) or ISO/IEC 18045.
“Malaysia is the best country in the vicinity which currently gives this, and it's far a less expensive method to undergo due to the foreign exchange rate versus getting the certification in nations inclusive of the USA or United Kingdom,” he said, including that queries had been received from agencies distant places searching for to apply for certification.
Razman said that there are presently 21 neighborhood agencies which have gone through and been granted CC certification for their products, but there are nevertheless many agencies with eligible merchandise that have yet to use for certification.
He additionally added that the present day country of right documentation for IT products stays lacking in the country.
When asked why so few neighborhood companies have carried out for certification, Razman pointed to a couple of reasons.
“First I agree with is the reality that the MyCC scheme is still pretty low profile, as we handiest launched it in 2010. The 2nd and larger barrier is the cost factor,” he stated.
During the preliminary rollout of the MyCC Scheme, the authorities had set aside budget to subsidize local businesses who wished to get certified, but the ‘promotion’ is no longer in region.
While the certification costs vary, CSM shared that the ballpark determine for Evaluation Assurance Level 1 is set RM100,000 and for Level 2 RM200,000 and so forth.
Azman said a large portion of the price goes closer to preserving the Malaysian Security Evaluation Facility (MySEF), whose important duty is to perform security reviews against agreed requirements in an independently accepted environment.
“To keep our globally recognized certification, we must observe every year audits of the ability at the side of training for team of workers to conduct the assessment and certification manner,” he delivered.
However each Azman and Zahri careworn that at the same time as the price of certification can be high, the long term benefits to businesses will justify the preliminary funding.
The advantage of certification with a globally identified wellknown, Azman said, become the capacity to market products and answers to a global market, easing the due diligence manner with procurement departments.
Zahri brought that through the adoption and compliance of cyber security standards; the nation's cyber risks are mitigated therefore fueling financial sports which include the activity introduction and commercial enterprise possibilities.
“We want to teach and beef up Malaysia’s self-reliance in phrases of generation requirements and compliance,” he stated.
In line with the assignment of growing the attention of protection certification, a pavilion with might be set up on the CSM-ACE 2012 exhibition to spotlight neighborhood businesses that have secured Common Criteria (ISO15408) certificate via MyCC.
Conference project
The two-day event forms a part of the NTP beneath the Strategic Reform Initiative (SRI) to conduct trade occasions and business match-making possibilities. Zahri said the agency did no longer screen enterprise transactions for CSM-ACE 2012 and delivered that essential awareness become on raising the profile of security troubles.
The convention portion of the occasion functions 3 tracks: Governance, Standards & Compliance, Technical and Business Continuity Management.
Speakers include managing director of BAE Detica South East Asia Richard Watson; Fortinet's local director for South-East Asia Datuk George Chang; Malaysian Communications and Multimedia Commission (MCMC) senior director Lt Col Asmuni Yusof (R); and Md Shah Nuri Zain, Under Secretary Cyber & Space Security Division., National Security Council, Prime Minister's Department.
ICT Infrastructure solutions company HeiTech Managed Services is the professional accomplice for the Business Continuity Management track
Fong Chiok Hin (above percent, left), director of Disaster Recovery & Infrastructure Management for HeiTech, said that globally, especially after the Sept. 11 assaults, the subject of disaster recovery has been growing in significance for lots corporations.
“However, in Malaysia with regards to catastrophe recuperation readiness, we've got an extended way to go,” he stated.
The consciousness of the tune may be on showcasing to attendees what can occur inside the event of a disaster with a study the commercial enterprise impact of the floods in Thailand and the tsunami in Japan in 2011.
“Business continuity and disaster recovery is of paramount subject to businesses, now not handiest because of the potential loss of facts and records but also the detrimental effect it'll have at the business,” Fong introduced.
Over three hundred delegates from around the region are expected to attend CSE-ACE 2012, slated to be held at Double Tree Hilton Kuala Lumpur from Nov 6-7. For more statistics, click on here.
Related Stories:
Disaster: Malaysian corporations not assured they could get better
M’sian SMEs unprepared for natural disasters: Symantec