Digital Economy Blueprint (MyDIGITAL) specifically sets out to map the importance of cybersecurity, listing it under one of the six main thrusts of the blueprint; to build trusted, secure and ethical digital environment. Cybersecurity sets the foundation from which businesses and enterprises can operate and grow in a safe and secure digital environment.
New working arrangement in the new norm, i.e. working from home, has also contributed to the surge in cyberattacks. Most SMEs utilise a “Bring Your Own Device” (BYOD) approach, which significantly exposes valuable data and information to cyberattacks and various malicious forms of intrusion. SMEs bear a brunt of these attacks.
In 2020, Malaysia recorded 6,512 cybersecurity incidents. In the period between January to May 2021, the number of incidents recorded stood at 4,615, representing an almost one-fold increase in threats and incidents comparatively. Cyber crimes have also shown an upward trend.
According to the Royal Malaysian Police statistics, in 2019, the number of cyber crimes reported was 11,875 cases, with RM498 million in terms of losses. Last year, the number of cases increased to 14,229, with total losses of RM413 million. In the first quarter of this year, the number of cases reported was 4,327 and the losses involved were RM 77 million.
As the world grapples with the effects brought about by the pandemic, malicious attacks and serious data breaches are also increasing at an alarming rate, compounding the situation and putting into sharp focus the criticality of having a robust cybersecurity system in place. According to Deloitte, unseen (previously undocumented) malware or methods employed by hackers and cyber attackers have risen 30 percent during the pandemic as opposed to 20 percent pre-pandemic.
SMEs contribute a large percentage to our overall GDP, 38.9 percent in 2019 while the digital economy contributed 19.1 percent in the same period. Thus it is imperative that we must ensure that the appropriate safeguards are in place. Cybersecurity adoption for SMEs and as a whole, is no longer an option but a necessity.
To put it in numbers:
• 84 percent of SMEs in Malaysia have been compromised in one way or another by cyber threat incidents.
• 76 percent SMEs have suffered more than one attack.
Cognizant of this situation, the Malaysia Digital Economy Corporation (MDEC), the nation’s lead agency in digital transformation, in collaboration with the National Cyber Security Agency (NACSA) and SME Corporation Malaysia (SME Corp) have set out to develop and implement the MATRIX Cybersecurity for SMEs (MATRIX). This programme, launched on 28 June 2021 by Senior Minister for Security and Minister of Defence YB Dato’ Seri Ismail Sabri bin Yaakob during Cyber Defence & Security Exhibition And Conference (CYDES) 2021, aims to boost cybersecurity adoption and implementation amongst SMEs from all sectors in Malaysia.
MATRIX is the first-of-its-kind in Malaysia and the region as it is designed specifically to facilitate acceleration of SME cybersecurity adoption. This collaborative programme between MDEC, NACSA, SME Corp and Malaysia’s cybersecurity industry partners is a customised programme that is designed to fit with the DNA of SMEs. MATRIX will bridge the gap in cybersecurity adoption and as a result, ensures that businesses can continue to operate in a mitigated and safer environment.
Echoing the importance of this initiative, NACSA, the national lead agency for cyber security, via its Chief Executive, Ir. Md Shah Nuri Md Zain, said, “The MATRIX programme is established to address current cybersecurity challenges faced by the SMEs. MATRIX will be supporting one of its five strategic pillars and protecting SME businesses which is the foundation of national economy and future economy. With the vast growing digital economy, cyberattacks will multiply with higher business impact. SMEs will be the biggest target due to the preparedness with lack of resources and expertise to manage cybersecurity operation. MATRIX can definitely manage those challenges and it will be a sustainable approach as digital adoption will be a journey.”
A robust cybersecurity system will integrate the virtual and physical spaces securely, resulting in a balanced economic advancement which resonates with our vision of Malaysia 5.0, a nation that is deeply integrated with technology, providing equitable digital opportunities to the people and businesses. It is also in line with Malaysia’s National Cybersecurity Strategy.
The MATRIX programme will also accelerate the journey of digital transformation and enhance the cybersecurity experience through two key value propositions:
• Simple – Easy to adopt and cost-effective with minimum supervision
• Smarter – Visibility by staying ahead of threats and scalable with business
The MATRIX programme has also taken into consideration the challenges faced by SMEs when it comes to adoption of cybersecurity measures i.e. lack of funds and resources, limited access to expertise and tools, and the complexity of deployment and operation. It sets out to assists SMEs end-to-end, identifying the potential gaps in cybersecurity, the priorities and offering a cost-effective measure.
MATRIX utilises a three-pronged strategy to mitigate and prevent instances of cyberattacks. First, it provides a 24-hour cybersecurity surveillance to discover and flag attacks to critical business operations. Secondly, it will provide critical asset protection, deploying the measures against attacks on servers. And thirdly, it continuously assesses the vulnerability and gaps as the threat of cyberattacks evolve.
The rapid growth of ICT and technology sovereignty bring with it a tremendous opportunity for Malaysia’s cyber-security industry. IDC reported that cybersecurity spending for Malaysia reached RM2.6 billion (US$627 million) in 2019 and is expected to exceed RM4 billion (US$1 billion) mark by 2024.
For the next five years, it is expected to remain robust and will see steady growth at the rate of 12.5 percent (CAGR). This is more than twice of the overall ICT spending in the country which stood at 5.7 percent for the same period.
As cybersecurity is a domain that is continuously evolving and improving, with new technologies, processes, and methods, it will continue to expand the in-flow of investments and accelerate the growth of Malaysia’s cybersecurity ecosystem. At present, the local cybersecurity industry partners that have joined the MATRIX programme include TIME dotcom Berhad, NetAssist (M) Sdn Bhd, PERNEC Technologies Sdn Bhd, DNSVault Sdn Bhd, Securemetric Technology Sdn Bhd and Tecforte Sdn Bhd.
With so much at stake, not only must we be vigilant but also have the corresponding countermeasure in place.