by Zaliha binti Idris
The cyber risk landscape is growing rapidly in many fields. The government faces an unprecedented level of cyber-attacks and threats with the potential to undermine national security and critical infrastructure, while businesses that store customer information and confidential client’s online struggle to maintain their reputation amid massive data violations.
The potential economic impact of cyber threats cannot be underestimated. Economic have been warned of digital disintegration (The Global Risks 2014 report, 2014). A scenario in which cyberspace can be truly undermined because it strengthens attacks where the internet is no longer a trusted medium for communication or trade, at a high cost to the economy and society.
Cyber-attacks are now happening all over the world at an increasingly fast pace. Recently, the Office of Personnel Management in United States of America announced that hackers stole social security numbers and other sensitive information for more than 21 million people. Sony Pictures has a company and hacked personal email and also salary information for vice presidents and executives. Stuxnet is a US and Israeli computer virus that has been rumoured to attack centrifuges that are used to control machines that are important for the manufacture of nuclear weapons. As more companies and governments rely on the internet, this makes them vulnerable to malicious cyber-attacks from groups of hackers and countries that use hackers to infiltrate countries with sensitive computer systems (Mike & Jack, 2015).
There is a very urgent need for cyber security professionals to fill the many white-collar loopholes that have sprung up when companies struggle to protect their programs from outside attacks. Recent casualties include well-known brands such as eBay, Target, Neiman Marcus, Michaels Stores, NATO, JPMorgan Chase, Adobe, Social life and the list continues.
For our country, the government is seriously considering the threat of cyber-attacks in line with the rapid development of information and communications technology in the country. The reliance on the use of information technology for socio-economic development could pose a threat and cyber-attacks if not protected. Based on statistics produced by Malaysia Computer Emergency Response Team (MyCERT), 7,962 cyber threats were reported over the last year. Malaysia was no exception to the threat of cyber-attacks and the country ranked third among 193 countries in the world in terms of commitment to cyber security based on the Global Cyber Security Index (GCI) 2017. This is because of today’s industrial development is based on the digital economy and the challenges to tackle this threat are increasingly difficult.
Ministry of Science, Technology and Innovation claimed that they will help to develop research and development of cyber security incubation to remain competitive. Cyber Security is information technology security, focusing on the protection of computers, networks, programs and data from unwanted or illegal access, change or destruction. Cyber security affects us all when we are online, using a mobile device or tablet, or using cloud-based services. We all interact with various tools designed to protect your personal information, similar to the tools used to protect our country’s infrastructure. It’s important for everyone to understand cyber security and our role in being safe while staying connected to minimize the possibility of incidents (CHIPS Magazine, 2014).
Cyber Security can be defined as activities or processes, capabilities or capabilities, or countries where information and communication systems and information contained in them are protected from or defended against unauthorized damage, use or modification, or exploitation. Cyber Security focuses on protecting computers, mobile devices, tablets, networks, programs, and data from unauthorized access or manipulation. Understanding cyber security is the first step to protecting yourself, your family and your organization (Melike, Ali, Ihsan, Aysenur, & Murat, 2019).
Cyber threats are real a danger and the government should be worried on this issue. The economy, financial, and national security can be breached by the cyber-attacks. For example, we discussed on Malaysia’s scenario in economics. The study reveals that the potential economic loss in Malaysia due to cyber security incidents can hit a staggering US$12.2 billion (RM 49.6 billion). This is more than 4 per cent of Malaysia’s total GDP of US$296 billion (RM1.2 trillion) (based on studies by Microsoft in collaboration with Frost & Sullivan). The study revealed that a large-sized organization in Malaysia can possibly incur an economic loss of US$22.8 million (RM92.6 million), more than 630 times higher than the average economic loss for a mid-sized organization (US$36,000) and the cyber security attacks have resulted in job losses across different functions in three in five (61%) of organizations that have experienced an incident over the last 12 months (Sugriiva, 2018).
To calculate the cost of cybercrime, Frost & Sullivan (2018) has created an economic loss model based on macro-economic data and insights shared by the survey respondents. This model factors in three kinds of losses which could be incurred due to a cyber-security breach. There are direct, indirect and induced. Firstly, direct is a financial losses associated with a cyber-security incident which included loss of productivity, fines, remediation cost, etc. Second, indirect is the opportunity cost to the organization such as customer churn due to reputation loss and lastly, induced in which that was the impact of cyber breach to the broader ecosystem and economy, such as the decrease in consumer and enterprise spending. There are many other hidden losses that we have to consider from both the indirect and induced perspectives, and the economic loss for organizations suffering from cyber security attacks can be often underestimated. In addition to financial losses, cyber security incidents are also undermining Malaysia organizations’ ability to capture future opportunities in today’s digital economy, with more than three in five (62%) respondents stating that their enterprise has put off digital transformation efforts due to the fear of cyber-risks based on the studies by Frost and Sullivan (Sugriiva, 2018).
Although high-profile cyber-attacks, such as ransom ware, have been garnering a lot of attention from enterprises, the study found that for organizations in Malaysia that have encountered cyber security incidents, data exfiltration and data corruption are the biggest concerns as they have the highest impact with the slowest recovery time (Sugriiva, 2018).
In a world where cyber threats are a constant danger, companies find themselves in a continuing battle to keep their data safe. A large amount of risk now exists because cyber criminals are constantly looking for new ways to break our boundaries and get our vital information. However, did you know that 99.9% of exploitation is possible because the organization does not handle basic security cleanliness? The fact is that many industries focus on the wrong things, often using basically defective security strategies and ultimately not providing the right protection that they need (Andy, 2016-2017).
Andy, G. (2016-2017). Breaking Into Information Security: Learning The Ropes 101. Retrieved March 26, 2019, from Leanpub: https://kyhwana.keybase.pub/books/breaking%20into%20infosec%20.pdf
CHIPS Magazine. (2014, October 16). Cybersecurity or Convenience? Retrieved mARCH 26, 2019, from CHIPS: https://www.doncio.navy.mil/CHIPS/ArticleDetails.aspx?ID=5594
Melike, E., Ali, K., Ihsan, K., Aysenur, B., & Murat, C. (2019). A Fuzzy Based MCDM Methodology for Risk Evaluation of Cyber Security Technologies. International Conference on Intelligent and Fuzzy Systems (INFUS 2019: Intelligent and Fuzzy Techniques in Big Data Analytics and Decision Making) (pp. 1042 – 1049). Switzerland: Springer, Cham.
Mike, L., & Jack, D. (2015, July 9). 22 Million Affected by OPM Hack, Official Say. Retrieved March 25, 2019, from abc News: https://abcnews.go.com/US/exclusive-25-million-affected-opm-hack-sources/story?id=32332731
Sugriiva, P. (2018, July 12). Cybersecurity threats to cost organizations in Malaysia US$12.2 billion in economic losses. Retrieved March 26, 2019, from Microsoft Malaysia News Center: https://news.microsoft.com/en-my/2018/07/12/cybersecurity-threats-to-cost-organizations-in-malaysia-us12-2-billion-in-economic-losses/
The Global Risks 2014 report. (2014). Part 2: Risks in Focus:2.4 Digital Disintegration. Retrieved March 25, 2019, from World Economic Forum: http://reports.weforum.org/global-risks-2014/part-2-risks-in-focus/2-4-digital-disintegration/?doing_wp_cron=1564101657.5671370029449462890625