Page 23 - 20v•Cyber Security Strategy 2020-2024
P. 23

Malaysia Cyber Security Strategy 2020-2024  23



                                                      necessary controls over system
                                                      and data access by employees
                                                      and vendors. The implementation
                                                      of a proper Bring Your Own
                                                      Device (BYOD) policy should be
                                                      deployed by organisations and
                                                      institutions. Again, awareness also
                                                      plays an important role here in
                                                      mitigating incidents due to insider
                                                      threats, especially for those at the
                                                      management tier.

                                                      Additionally, the correct posture
                                                      and approach are needed in
                                                      dealing with the selection of
                                                      third   parties/vendors,   planning,
                                                      development and implementation
                                                      of  ICT  projects,    especially  those
                                                      that  involve  or  intended  for  critical
                                                      establishments such as an Industrial
                                                      Control   System    (ICS)  for  CNII
                                                      agency. Security-by-Design should
                                                      be  the  flagship  approach  in  ICT
                                                      project development in order to
                                                      ensure that the end products and
                                                      systems are free of vulnerabilities
                                                      and not susceptible to cyber
                                                      threats. This can only be achieved
                                                      through      continuous      testing,
                                                      authentication    safeguards    and
                                                      adherence to best practices.


                                                      Malaysia has also been facing
                                                      threats  of  terrorism  and  violent
                                                      extremism. Terrorists and violent
                                                      extremists have been using various
                                                      web  services  and  social  media  as
                                                      a breeding ground to entice new
   18   19   20   21   22   23   24   25   26   27   28