Following its series of multistakeholder consultations in the Philippines, Viet Nam, and Indonesia, Cyber ASEAN held its final closed-door in-person event in Kuala Lumpur, Malaysia last September 5, 2023. Esteemed participants in the high-level workshop included representatives from Malaysia’s National Cyber Security Agency, Ministry of Foreign Affairs, Malaysia’s Armed Forces, Axiata Group Berhad, Microsoft Malaysia, CyberSecurity Malaysia, Sunway University, and IO Foundation.
Cyber ASEAN gathers the Malaysian cybersecurity community to tackle the opportunities and challenges of the digital economy
His Excellency, Simon Fellows, Acting Australian High Commissioner to Malaysia, welcomed participants, noting Malaysia and Australia’s successful collaboration in cybersecurity, particularly in ASEAN. Mr. Fellows emphasized that the Cyber ASEAN project is a testament to Australia’s enduring commitment to enhancing cybersecurity in Malaysia, and Southeast Asia.
Echoing Mr. Fellow’s remarks, Amir Hamzah Mohd Nasir from the Multilateral Division of Malaysia’s Ministry of Foreign Affairs emphasized Malaysia and Australia’s efforts in the establishment of the Points-of-Contact Directory at the ASEAN Regional Forum, a confidence-building measure that enables ASEAN Member States and their dialogue partners, including Australia, to improve coordination in managing cybersecurity risks and vulnerabilities, and avoid any misinterpretation or escalation due to the borderless, and opaque nature of cyber incidents.
Pacific Forum’s Director of Cybersecurity and Critical Technologies Mr. Mark Bryan Manantan and Cyber ASEAN Malaysia expert Farlina Said co-chaired the four plenary sessions of the closed-door workshop to tackle Malaysia’s understanding of and approach to international collaboration, international technical standards, information-sharing and incident response, and inclusion.
During the overview, speakers and participants emphasized that cybersecurity is not just a policy or technical issue but a geopolitical issue. ASEAN member states are increasingly exposed to cyber incidents that may cripple the day-to-day operations of critical national infrastructure. The current pace and tempo of cyber incidents must persuade ASEAN to enact more collective and coherent responses fit for the changing security environment.
Representatives from the private sector shared that most Malaysian companies and businesses “adopt and customize” their approach to cybersecurity standards and frameworks. While large multinational companies have adequate resources to acquire ISO 270001 certification, smaller or medium-sized entities often use the NIST cybersecurity framework as their starting point of reference. But in most cases, most organizations use a hybrid approach by integrating elements present in ISO standard and NIST framework in drafting cybersecurity operational guidelines.
Discussions on inclusion emphasized that quantity is a poor indicator of narrowing the gender inequity in cybersecurity capacity. Malaysian experts also discussed the notion of being more inclusive not just in cyber capacity-building but generally in cyber policymaking, data-sharing arrangements, and learning environments. Such a holistic approach can help mainstream inclusion throughout cyber policy inception down to its implementation.
ASEAN is a capacity-building and development initiative to advance Southeast Asia’s proactive role in strengthening its overall cybersecurity and resiliency posture. Learn more about Cyber ASEAN and key updates of the project through: https://cyberasean.pacforum.org/.