Budget 2023 : Addressing The Gaps In Cybersecurity

Subang Jaya, 14 March - Joe Seah, Chief Commercial Officer at Innov8tif Solutions Sdn. Bhd. hopes that the recently-tabled budget could bridge the gaps within the country's digital security both for the public and private sector, especially when it comes to online frauds.

Seah says that the budget did double down on existing initiatives. For instance, the new budget highlights the strengthening of the National Scam Response Centre (NSRC). There is also an increased allocation towards CyberSecurity Malaysia (CSM) from RM 27 million in 2021 to RM 73 million.

Since the pandemic, Malaysia saw the value rise in e-commerce, from 8.5% in 2019 to 12% in 2020. With the help of the MYDigital Blueprint introduced in 2021, Malaysia witnessed another jump of 17.1% within its third quarter in the same year. However, this surge inadvertently opened doors of opportunity for hackers and fraudsters to exploit the innocent public.

“Although the budget has increased its focus in cybersecurity, they can look into employing 3A (Assurance, Authentication and Authorisation) for both public and private sectors. These two pillars form the second layer of infrastructure needed to grow the digital economy,” Seah suggests. “On top of the ramping of infrastructures, the government should revise their digital laws, as well as mandating digital ID solutions throughout all sectors of businesses.”

There has been a rise in cases in digital fraud, providing bad actors the necessary resources to increase the rate and severity of their attacks. Malaysia Computer Emergency Response Team (MyCERT) reported that the cyber-related incidents rose exponentially from 2017 and only showed signs of slowing down in 2021. In August last year, the Malaysian Royal Police announced RM 5.2 billion of losses due to scams in over 24 months.

Although efforts to combat cybercrime are highlighted in the 2023 Budget, scammers and fraudsters are still taking full advantage of the online collaborative tools and applications at their disposal to leverage on the weak security points for both private and public entities. This inadvertently creates fraud risk across databases, creating a double whammy to both economic loss and damaged trust towards the digital economy.

“The pandemic has shown that our government, rakyat and businesses are at constant risk towards cyber threats, frauds and scams. However, just like during the pandemic days, we should be employing more prevention efforts rather than the cure. Additional layers of 3A and cybersecurity protection will act as a deterrent, forcing hackers and fraudsters to commit more resources to conduct their attacks.” says Seah.

“We noticed increased initiatives from the government to educate the public on these digital threats, but awareness is still relatively low. There needs to be more collaboration between the government and  the private sector, leveraging each other to show its effectiveness. By adopting campaign taglines such as "Ingat 3 Saat OK" and hashtag #JanganKenaScam are great examples of these initiatives.”

For instance, the new budget will enforce Bank Negara Malaysia (BNM)’s “kill-switch” policy, providing customers with the ability to suspend accounts and cards if they suspect being scammed. In addition to that, awareness campaigns on the NSRC have also been implemented, describing the proper steps for the rakyat to initiate should they believe they have been scammed.

Seah hopes that future budgets will incentivise companies and institutions to enable anti-fraud preventive measures. A good example is BNM’s recent initiative to have banks transition away from SMS one-time-passwords (OTP), in favor of biometric-enabled, multi-factor & password-less authentication. Resources should also be allocated to assist high-risk industries in enforcing stricter monitoring and due diligence practices for suspicious transactions.

ASEAN counterparts of Malaysia such as Vietnam have started to roll out the concept of 3A. Vietnam has implemented and issued over 50 million digital identity cards (ID) since 2021. Furthermore, Thailand has also stepped up to be the players in 3A with the recent Royal Decree emphasised on the need to increase trust in electronic transactions amongst its people through machine learning and automation.

“By utilising the correct tools of security, Malaysia can increase the legitimacy of digital transactions amongst the rakyats, just like Vietnam and Thailand. With the increased use of digital transactions, this will spur more businesses to go digital,” says Seah.

“As a growing market, Malaysia needs to imitate the efforts from our counterparts to build towards a 3A nation. Verification and authorisation is the way towards building a resilient and legitimate system. We hope during the tabling of the 2024 Budget, more priority will be pushed towards a 3A society, providing the assurance and compliance that every business needs to keep cyber criminals at bay while increasing trust towards digital transactions.”

This content is provided by Innov8tif Solutions Sdn Bhd.