As more of the Malaysian economy moves online, digital protection is as important as revenue growth
In partnership with TM ONE
Over the past 15 months, digitalisation has seen a big spike around the world including in Malaysia. Enterprises of all sizes invested in moving their services, touchpoints and business operations online and set up work-from-home networks for their employees.
With this growing digitalisation comes a new challenge: Interpol’s ASEAN Cyberthreat Assessment 2020 reported that the first half of 2019 saw a rise in botnet infections, phishing scams, ransomware and other types of attacks. In fact, Malaysia ranked among the top three countries in ASEAN for mobile banking malware detection. In the US, growing ransomware attacks and their ransom value have had serious implications for critical industries and their impacted customers.
These facts suggest that digitalisation must go hand-in-hand with a transformation of attitudes and resourcing around cybersecurity. Even for small businesses and e-commerce platforms, these measures are not only necessary but within reach. Here are some key points for decision-makers to note.
More digitalisation means increased threat exposure
Digitalisation doesn’t just mean working from home and moving important files into the cloud. Restaurants have had to adopt digital ordering and delivery platforms; clinics have had to set up telemedicine services; retailers have rushed to transition to e-commerce, to name just a few examples. There are now 25 million social media users in Malaysia, and last year MDEC forecasted the value of e-commerce at RM170 billion. Even prior to 2020, the use of e-wallets has seen a 42% compound annual growth rate in the country, according to IDC Financial Insights.
While widespread digitalisation is great for the economy and has brought positive changes to people’s lives, it means more personal data and important operational frameworks, without sufficient and continuous cybersecurity protections, are vulnerable to cyberattacks. These have the potential to grind business to a standstill.
Cyberattacks are more regular and sophisticated than ever
Most of us have encountered some form of cyberattack, be it a fraudulent charge on our credit card or an email from someone in a faraway country asking for money. These daily scams are only a miniscule representation of the scale and sophistication of cyberattacks out there today.
Cyberattacks can range from phishing emails asking for sensitive personal information about your bank account and business email compromises resulting in fraudulent payments, all the way to huge-scale data breaches at some of the largest companies in the world. Ransomware can prevent enterprises from accessing their own networks, and cryptojacking allows cybercriminals to steal computing resources.
The increased sophistication and frequency of cyberattacks mean that cybersecurity professionals have to be proactive as well as reactive, constantly on the lookout for new threats and potential vulnerabilities. In fact, running vulnerability scans every couple of months is no longer sufficient.
Statistics from PwC’s recent 24th Global CEO Survey, says that nearly half of the CEOs globally — and 56% of CEOs in Malaysia — plan to increase their investment in digital transformation by 10%. However, only 38% of CEOs in Malaysia plan to increase their investment in cybersecurity by 10%.
Breaches hurt customer trust – and revenue
While short-sighted leadership may see increased cybersecurity spending as an unnecessary expense, the investment is closely tied to revenue and delivers strong returns. For starters, inadequate cybersecurity measures may lead to inadvertent non-compliance with Malaysia’s existing regulatory requirements, such as the Personal Data Protection Act 2010, National Security Council’s Directive 24 and Bank Negara’s Risk Management in Technology – that can lead to hefty fines for enterprises who can ill-afford such expenses.
According to a report, a quarter of Malaysian enterprises reported that cyberattacks cost them a total of RM4.1 billion in 2019, as well as downtime of 24 hours. Another study, by Allianz, placed cyberattacks as the number one risk for enterprises, followed by business interruption.
Money aside, breaches significantly erode customer trust which quickly leads to diminished revenue. And far from a soft, unquantifiable concern, customer trust is a top priority among business owners. In IDC’s CxO View of the Future Enterprise in the Digital Economy Study 2020, 73.7% of C-suite leaders said “engendering trust with customers” was their top priority.
In-house IT teams can’t do it all
Though more and more enterprises recognise the need for full-time cybersecurity measures, the fact still remains that few are resourced to keep these roles in-house. In most companies, there is a shortage of in-house digital security skills, and in 80% of organisations, cybersecurity is merely an add-on role for the IT director.
The good news is that companies don’t actually have to increase their in-house cybersecurity capacity. IDC advises that enterprises should only operate tech that is critical to giving them competitive distinction – this would only be the case for actual cybersecurity firms. For the rest of us, outsourcing the heavy lifting to organisations that specialises in cybersecurity makes sound business sense.
Cybersecurity is easy, affordable to outsource
TM ONE, the enterprise and public sector business solutions arm of Telekom Malaysia Berhad (TM), with its TM ONE CYDEC, is the leading cybersecurity partner in Malaysia and protects data, identity, networks and devices. Working closely with private enterprises and government institutions, the company provides continuous, real-time and predictive security. Its key services include Digital Risk Protection, Managed Security Services (MSSP), Managed Detection and Response (MDR) and Managed Unified Threat Management (MUTM).
Not only does TM ONE CYDEC stay ahead of the curve when it comes to new cyber threats, it can ensure organisations are compliant with the latest regulations. For larger companies with in-house IT teams, TM ONE CYDEC integrates with existing IT frameworks, leaving staff to focus on daily business-critical issues. For enterprises new to these concerns, the company covers everything from design and planning to implementation and optimisation.