Malaysia #1 in APAC for cybersecurity preparedness: Global CyberSecurity Index


CyberSecurity Malaysia certification 

Photo - (From left) YABhg General Tan Sri Dato' Seri Panglima Mohd Azumi Mohamed (Retired), Chairman of the Board of Directors, CyberSecurity Malaysia; YB Datuk Dr Abu Bakar Mohamad Diah, Deputy Minister of Science, Technology & Innovation'; and Dr Amirudin Abdul Wahab, Chief Executive Officer, CyberSecurity Malaysia.


According to ITU Global CyberSecurity Index published December 2014, Malaysia holds the top spot in Asia Pacific for cybersecurity preparedness and is also ranked third globally, a position shared with Australia and Oman.

National cybersecurity specialist CyberSecurity Malaysia's chairman General Tan Sri Dato' Seri Panglima Mohd Azumi bin Mohamed (Retired) made the announcement during a recent awards ceremony at KL Hilton where companies in Malaysia were awarded information security certificates from CyberSecurity Malaysia.

The Global Cybersecurity Index examined the cyber security engagement of sovereign nation states and cybersecurity preparedness and the level of commitment in five critical components in cyber security capabilities namely legal, technical and organisational measures as well as capacity building and cooperation, said Mohd Azumi.

"Malaysia achieved third position in global ranking among 193 ITU member countries (alongside Australia and Oman) as a nation with highest levels of commitment in cyber security in the latest Global Cybersecurity Index published in December 2014," he said.

"In the Asia Pacific region, Malaysia is number one in cybersecurity preparedness, having achieved the top ranking alongside Australia. This latest ranking is a testament of the level of commitment shown by CyberSecurity Malaysia in raising our nation's cyber security capability and preparedness," he said, adding that Malaysia was also among the top scorers in the Technical Performance Index of the Global Cybersecurity Index 2014.

 International standards

Up to 31 December 2014, 92 companies in Malaysia have now achieved international security accreditation, said Mohd Azumi.

As an agency under the Ministry of Science, Technology, and Innovation (MOSTI), CyberSecurity Malaysia completed inspection and audit before directing its Information Security Certification Body (ISCB) to issue certificates to the organisations for successfully complying with international standard of information security either the Common Criteria ISO/IEC 15408, the Information Security Management System (ISMS) ISO/IEC 27001, or the Malaysia Trustmark.

"This afternoon we stand as witnesses that International Standards are indeed implemented in Malaysia. Seated among us today are representatives from leading organisations who are here to receive their certificates for having successfully implemented internationally-recognised cybersecurity standards in their respective," he said.

YB Datuk Dr. Ewon Ebin, the MOSTI minister, said, "CyberSecurity Malaysia has embarked on several key national initiatives to help strengthen Malaysia's Information Security certification standards. Last year, CyberSecurity Malaysia was re-appointed as Chair of the World Trustmark Alliance (WTA), a global organisation of Trustmark Operators comprising 37 members from 30 countries all over the world."

"To further improve the standard and sustainability of cyber security evaluation, information security certification conducted by CyberSecurity Malaysia is extremely critical in ensuring business information is adequately protected. CyberSecurity Malaysia's certification services support the pillars of 'National Security and Public Safety' and 'Catalyst of growth for Industry' under the Economic Transformation Program by building resilience in both the Critical National Information Infrastructure (CNII) and the industry," he said.

 CyberSecurity Malaysia's Certification, Audit and Accreditation Services

To date, CyberSecurity Malaysia's certification services have certified 41 ICT products under the MyCC Scheme and 22 Critical National Information Infrastructure (CNII) organisations under the CSM27001 Scheme; while 29 e-Business websites have been validated under the Malaysia Trustmark Service.

CyberSecurity Malaysia was appointed as Certificate Issuing Member of the Common Criteria Recognition Agreement (CCRA) in September 2012, allowing it to produce internationally recognized Common Criteria ISO/IEC 15408 Certificates.

CyberSecurity Malaysia also offers Information Security Management System Audit and Certification (CSM27001) Scheme based on ISO Standard ISO/IEC 27001, which was established in May 2011 in support of the National Cyber Security Policy (NCSP). It offers independent security audit and certifies an organisation's Information Security Management System (ISMS). Being ISMS certified, it provides a degree of assurance that business process are evaluated to ensure improved performance; while reducing the likelihood of security risks being present.

The Malaysia Trustmark service was launched in July 2013 to audit and validate e-Business websites with the aim to promote 'trust' in e-Business in Malaysia.