SPEAKING at the Cyber Security Forum, Permanent Secretary (Security and Enforcement) at the Prime Minister’s Office Dato Paduka Hj Hamdan bin Hj Abu Bakar yesterday highlighted that more proactive measures must be taken to ensure a cleaner cyberspace.
He believes education and awareness on cyber threats and cybersecurity should be part of continuous HR development and capacity-building programmes. Additionally, policies and frameworks must also be communicated to employees effectively.
The recent attacks on Sony and Microsoft serve as a strong reminder of the need to come up with a more encompassing approach to cybersecurity – involving people, process and technology. It is imperative the business community and government utilise the existing skills available among them and collaborate more to ensure effective measures in combating cyber threats and cybercrimes, he said.
“Both the private and public sectors must work together to combat cybersecurity threats. It is our responsibility to implement appropriate measures and shield our data and systems from being exposed and exploited,” he urged.
ITPSS Sdn Bhd/BruCERT has consistently identified that organisations – both government and non-government – and citizens in general have vulnerabilities in their IT system or computer, albeit unknown to the owners. Consistently, these systems or computers are taken over by cyber criminals as botnets and then used as launch pads to attack other systems both inside and outside Brunei.
The Cyber Security Forum Brunei held at Rizqun International Hotel underlines the importance of the need to be aware of these threats and what needs to be done to protect ourselves from the many vulnerabilities coming from our growing engagement with the cyberworld.
The borderless threats emerging from cyberspace, by default, dictates that cross border cooperation must take place involving business constituents, government agencies, national and government CERTs (Computer Emergency Response Teams), industry regulators, Telcos and Internet Service Providers (ISPs).
In this day and age of mass globalisations, the world has experienced numerous cybersecurity threats. Year after year, the number of threats and attacks in cyberspace increase exponentially and 2014 was no exception.
“Data breaches, politically motivated attacks, zero days and targeted malware, ransom ware, as well as Distributed Denial of Services (DDOS) attacks made last year the ‘Year of Cyber Breach’,” he explained.
“Cyber threats targeting the private sector, critical infrastructure and the government demonstrate that no sector, network or system is immune to infiltration by those seeking to steal commercial or government secrets and property, or perpetrate malicious and disruptive activity.
“The trend is expected to continue in 2015 due to increasing prominence and importance of online interactions involving either confidential or sensitive information or financial transaction, he said.
“New business channels have evolved incorporating not just the social media but also cloud technologies, the Internet of Things (IOTs) and digital payments.
Dato Paduka Hj Hamdan is of the belief that with the increasing complexities that IT and cybersecurity personnel have to deal with, inevitably cyber criminals will also adapt their tactics accordingly.
He also highlighted the shortage of cybersecurity professionals in most countries, quoting a report from Sophos (an IT and cybersecurity company) as saying, “As technology becomes more integrated in our daily lives and a supporting pillar of the global economy, the cybersecurity skills shortage is becoming more critical and broadly recognised by governments and industry.”
Meanwhile, Royal Brunei Technical Services (RBTS) CEO Hjh Rosmawati binti Hj Manaf noted that while they may bring endless possibilities, cyber technologies are also making us vulnerable to threats such as breaches, attacks and thefts – all of which have the potential to affect our business operations and leave us exposed to various business risks, be it financial, reputational or regulatory.
With the advent of Information Technology and the ever increasing capacity and capability of today’s broadband technologies, we hold in our hands a very powerful tool, one that empowers us both as an individual and as an organisation/business… a tool that boosts our employees productivity, revolutionises business analysis and enables us to reach out to bigger markets – beyond our national borders: all at the tap of a trackpad, she explained.
That power, however, comes with a huge threat: the threat of cybersecurity.
“The very tools that provide us with the convenience and promise endless possibilities are the very same ones that are being hijacked and used against us.”
Our reliance on such technologies makes us very vulnerable to these threats of breaches, attacks and thefts. It is thus our responsibility to join in the fight to combat these ever growing cybersecurity threats – as many others have done in the global arena.
“For this reason, RBTS has put together this forum and invited several notable speakers from various fields of expertise to share their insights into the issue.
Themed ‘Combating Cyber Security Threats’, it is hoped that through the sessions we will be having throughout the day, we will be able to achieve the forum’s objective of creating corporate awareness on cybersecurity and ensuring that businesses are equipped with sufficient knowledge of being safer online,” she said.
The forum was organised by RBTS, with partners and sponsors that include Baiduri Bank; Borneo Bulletin (Brunei Press Sdn Bhd); Aewon Professional PPE Store; Cityneon Displays & Construction Sdn Bhd; Brunei Accenture Group (BAG) Networks Sdn Bhd; and Lailatul Shazana’s Studio.
The event was supported by Security Resilience Intelligence (SRI) Professionals; Raytheon Company; FireEye; BAE Systems; Attorney General’s Chambers; and Institut Teknologi Brunei (ITB).