KUCHING: A more closely aligned regional – and eventually, international – approach is urgently required to tackle cyber threats, according to experts.
They said the move was crucial as advances and evolution in technology demanded more sophisticated solutions.
Sharing their views and discussing insights into the various approaches to cyber security in the region at the first Asia-Pacific Cyber Security Salon, which was held virtually on June 15, they advocated unified cyber security standards.
The Asia-Pacific Cyber Security Salon, the first of four brought together regulators as well as industry and cyber security experts from across the region.
The Salon was organised by Forum Global in collaboration with Cullen International and Huawei Technologies. During the session, panellists explored, discussed and shared meaningful insights to the various approaches to cyber security in the region, drawing from the vast experiences they have had representing established names in the industry.
They also shared their views on cyber policies and best practices developed at both the industry and national level, in the spirit of regional collaboration.
Among others, the Network Equipment Security Assurance Scheme (NESAS) was highlighted as a key mechanism to facilitate collaboration and form a unified cyber security standard.
NESAS, which is a security assurance framework for the mobile industry, is now used and recognised across the globe, by industry leaders such as Huawei, as a security baseline, and includes common requirements for security evaluations of network equipment and assessment of equipment vendors.
A joint effort between the Third Generation Partnership Project (3GPP) and Global System for Mobile Communications Association (GSMA), NESAS also includes standard-based assessments for 5G security as part of the Security Assurance Specifications (SCAS).
Speaking during the panel discussion, Mohamed Anwer Mohamed Yusoff, head of industry engagement and collaboration, CyberSecurity Malaysia highlighted the need for industry players to collaborate on raising fundamental awareness of digital risks.
“Standards are important. Certainly, when it comes to 5G, mechanisms like NESAS come into play. But more than that, we need to look into joint collaborations to share information and threat intelligence…bottom line is, it is a joint effort,” he said.
Wu Rong, Huawei 3GPP SA3 chief representative, Huawei Technologies, pointed out that a unified certification scheme is the best way to ensure mobile network security.
“Cyber security is more popular than ever before. Different groups are now (discussing) the various security features that are needed,” she said, emphasising that standards like NESAS, which have been widely recognised and adopted, provide a way forward for more robust security in this digital era.
In March this year, CyberSecurity Malaysia, Celcom Axiata Bhd and Huawei Malaysia inked a memorandum of understanding (MoU) to establish the first 5G Security Test Lab in Southeast Asia with the goal of reducing and mitigating 5G-related threats.
The 5G Cyber Security Test Lab will not only execute test cases pertaining to IoT and the telecommunications security but will also function to enhance Malaysia’s preparedness in responding to cyber-attacks related to 5G.
In accordance with the MoU, all three parties will jointly identify strategic core areas in managing, mitigating and reducing threats to cyber security and introduce the NESAS or other equivalent standards and requirements into Malaysia’s 5G network industry.
Atsuko Okuda, regional director, International Telecommunication Union (ITU); Intan Rahayu, director of identification on vulnerability and risk assessment of Critical Information Infrastructure, BSSN Indonesia; and Dr Pongpisit Wuttidittachotti (PhD) of the Thailand Information Security Association (TISA) committee, King Mongkut’s University of Technology North Bangkok, also presented their views at the Salon.