Cyberjaya, June 11, 2005 - The Malaysian Communications and Multimedia Commission (MCMC) today issued a statement on the need for enhanced security measures to prevent and manage network security threats.
According to Adelina Iskandar, Head of Corporate Communications MCMC, "Security Management in communication infrastructure is an ever evolving science. The knowledge that we have months ago may not be adequate for us to manage our infrastructures of tomorrow. The MCMC views Security Management as being one of the critical areas that needs to be managed well as identified in the CMA 1998."
She added, "In 2005, MCMC sees the current growth of the number of hosts connected to be at 140,000 and broadband growth to be at 300,000. Domains being registered are at 12,000 to date as opposed to 10,000 for 2004. This in turn means that more organizations are getting themselves on the Net. We have also seen a rise in the number of WiFi established networks leveraging on existing or other broadband connections. Along with this, the use of Voice over Internet Protocol (VoIP) has become prevalent and dependency in Internet protocol will grow as 3G comes into play as well."
To this date, the MCMC has initiated and established the Information Sharing Forum or ISF. The ISF was formed in June 2004 and comprises various Internet Service Providers and other public and private agencies in order to address information and network security issues in Malaysia. The ISF was also formed to help its members and constituency by sharing and disseminating critical information to minimize and reduce risks and thereby strengthening the Security Posture of the Communications industry as a whole.
The MCMC is also in the midst of establishing the necessary framework for licensees to the Communications and Multimedia Act 1998 to comply with the minimal level of Security Assurance. While best practices for the management of security is readily available (e.g. ISO 17799), successful proactive security management involves more than just following a set of guidelines. It is important that organizations know and understand what threats and vulnerabilities that can affect them and formulate appropriate policies and practices to mitigate this.
A very important part of a security policy and framework is to expose the security personnel of an organization to current technologies and tools through comprehensive training and education programs. It is thus important that the people entrusted with the implementation and enforcement of an organizations' security have the opportunity to learn and understand how these security breaches are carried out and what can be done to prevent them or minimize their impact.
The MCMC views that being proactive in Security Management and education is the key to strengthening the posture of the country's infrastructure. On this note, MCMC is pleased to support the Hackinthebox Security Conference 2005 which will be held from 26-29 September 2005. The overall theme and objective of HITB 2005 works well and is in tune with MCMC's vision of ensuring network security and to build on the human capacity of network security practitioners and ICT users in Malaysia.