More than 79 percent of the software supply chain in Malaysia is vulnerable to cyber attacks
KUALA LUMPUR: More than 79 percent of the software supply chain in Malaysia was exposed to cyber attacks in the last 12 months compared to 76 percent on average globally, according to research by BlackBerry Ltd.
The Canadian software firm unveiled its research at the National Cyber Security Agency’s (NACSA) Cyber Security Summit taking place here today, revealing that nearly 38 percent of organizations took up to a month to recover from an attack.
A survey conducted in April 2024 by Coleman Parkes, following the Malaysian government’s gazettement of the Cyber Security Act 2024 (Act 854) and the announcement of the National Semiconductor Strategy (NSS) last May..
The initiative aims to strengthen Malaysia’s position as a global semiconductor power and emphasizes the need for secure software design practices and strong regulations to protect the information technology (IT) supply chain.
The report highlights the critical importance of these measures in supporting Malaysia’s ambitions in sectors such as semiconductor manufacturing and artificial intelligence (AI).
The study aims to identify current procedures for managing security breaches in the software supply chain.
It revealed that nearly a third of Malaysian respondents identified operating systems (30 percent) and Internet of Things (IoT)/connected components (19 percent) as the most risky areas, causing significant financial loss (71 percent), reputational damage (66 percent ) and data loss (59 percent) after an attack.
Meanwhile, Chief Executive of NASCA, Dr Megat Zuhairy Megat Tajuddin said the findings from the study highlight how critical the Cyber Security Act 2024 or Act 854 is which is designed to increase the cyber resilience of the National Critical Information Infrastructure.
He said Malaysia also shares the global responsibility to protect the software supply chain and ensure safe design practices through better compliance, use of technology and skills and training initiatives.
“This can better protect key infrastructure, increase business confidence and help economic growth through smoother international trade and cooperation,” Megat Zuhairy said in a statement today.
BlackBerry Chief Cyber Security Information Security Officer Christine Gadsby said Malaysia has increased regulatory measures and investment in skills and technology to protect critical infrastructure and key industries from cyber attacks.
He said widely distributed sectors such as semiconductor manufacturing continue to be lucrative targets for cyber threat actors seeking maximum global impact in an uncertain geopolitical climate.
Gadsby found that Malaysian information technology (IT) leaders indicated in the survey that human factors such as a lack of skilled workers and technical understanding continue to challenge the industry.
However, it is very encouraging to see a high standard for demanding compliance certification when dealing with suppliers.
“Along with training and upskilling efforts, modern artificial intelligence (AI)-powered and managed detection and response technologies can also support organizations by monitoring any threat 24 hours a day, seven days a week, helping IT teams with few resources deal with emerging threats in their software supply chain and manage complex security incidents,” he said.
The NASCA Cyber Security Summit runs until this Thursday (August 1) at the Putrajaya International Convention Centre.