MALAYSIANS must beef up their cybersecurity when using Cloud-based applications to prevent security threats, say cybersecurity consultants.

Forcepoint Overseas Limited principal technical consultant Brandon Tan said it was crucial for governments and organisations to take steps to minimise cybersecurity risks.

“Some organisations realise the value of the Cloud but don’t dare use the platform.

“Banks in Malaysia are not allowed to use the Cloud. The fear is jeopardising the confidentiality and security of their clients. There are solutions out there when it comes to the Cloud but using the platform without security in place will invite risks,” he said after a media briefing called Forcepoint Uncovers Range of Security Threats for 2018 in Kuala Lumpur.

The Sun reported that Prime Minister Najib Razak said Putrajaya would introduce the “Cloud-First” strategy in the national agenda to accelerate the digital economy to target key communities, such as youth, the B40 group, SMEs and digital entrepreneurs.

Najib said the Cloud was fundamental to an organisation’s digital transformation, and the Cloud First strategy would begin with the public sector. 

The Cloud First strategy is defined as a method of faster delivery of information technology services, like data sharing and online transactions, in which resources are retrieved from the internet through Web-based tools and applications, as opposed to a direct connection to a server.

Brandon said that while Najib’s encouragement on Cloud adoption was a positive move, the government still had to exercise caution. 

“It is very good and they should realise the benefit, but security measures should be put in place. Don’t adopt the Cloud strategy and then think about security as it will be too late. The government has to plan it out early,” he said.

Brandon said that Cloud users were more vulnerable to attacks as opposed to using traditional applications hosted in an organisation.

“Traditional applications would be things like the client server application, which is just within the organisation.”

Forcepoint Channel and Alliance director Alex Lim said that if data is in the Cloud, all it would take is a username and password to breach the application.

“Why do more organisations adopt the Cloud? Because it is more convenient and flexible, and you can have massive data centres to launch an application to a business’ benefit.  

“But by going for the Cloud, you invite more risks and will be more vulnerable to attacks.”

The Pricewaterhouse-Cooper (PwC) Malaysia Globla Economic Crime Survey 2016 has found that almost half of Malaysians (42%) see increased risks or cyber threats, yet more than half (54%) are unsure whether they are at risk or not.

However, Alex said there were ways to mitigate risks.

“One way is by using the Cloud Access Security Broker (CASB) and Data Loss Protection (DLP). Next year, more companies will be adopting the Cloud and these will allow them to adopt the platform in a secure manner.

“Our predications is that as more organisations adopt the Cloud, the attack surface gets bigger.” 

Alex said that government agencies across the world were vulnerable to cyber threats as they had such a vast network of information. 

“As for the Malaysian government, it is very proactive on cybersecurity aspects.

“The maturity and awareness is there. However, threats are always evolving. The government must look at ways to strengthen its cybersecurity.” – November 28, 2017.