Target the world: Malaysian companies need to have a global mindset when developing ICT security products and services. — CyberSecurity Malaysia

Local ICT security solutions companies in Malaysia are often lured by the bright lights of international expansion and by the vision of vast untapped markets overseas.

Most seek to gain a strong foothold in both the domestic and international markets. Unfortunately, not all are successful.

Perhaps this may be due to various factors such as lack of quality control and market development.

According to research firm Gartner Inc, international spending on cyber security in 2018 will hit US$101bil (RM443.7bil). A separate report by Markets & Markets estimates that the global cyber security market is set to reach US$170bil (RM747bil) by 2020. This is at a compound annual growth rate of 9.8% from 2015 to 2020. Some of the major industries that are expected to increase the demand for cybersecurity solutions are aerospace, defense, and intelligence industries.

In our region, the Asia Pacific’s cyber security market is expected to grow to US$32.95bil (RM144.7bil) by 2019, according to Micro Market Monitor, with an expected compound annual growth rate of 14.1% for the period 2013-2019.

The Asia-Pacific market represents 17.21% of the global market and this will increase to 21.16% by 2019.

The figures all point to the tremendous global business potential in ICT security-related products and services. But it is one that would be very competitive.

As the world engages in a cyber-arms race in efforts to combat cybercrime, how can Malaysia stand to compete? How would our home-grown cyber security companies break into the international markets?

Common Criteria Standards

To ensure that local companies have a competitive edge, we need to stress the importance of standards certification. In this regard, CyberSecurity Malaysia has been at the forefront as an authorising participant member of the internationally recognised Common Criteria Recognition Arrangement (CCRA) Certificate since 2011.

CyberSecurity Malaysia through its Malaysian Common Criteria Evaluation and Certification (MyCC) Scheme has been helping local companies obtain Common Criteria (ISO15408) certificates on ICT products.

These certificates are recognised by all 26 member countries of the Common Criteria Recognition Arrangement (CCRA) member countries. A Common Criteria evaluation provides an independent assessment of a product’s security against an accepted set of assurance requirements.

This security evaluation determines the quality of security and assurance of various ICT products such as software, firmware and hardware.

The recognition of CyberSecurity Malaysia’s certification role proves the capability of Malaysia in international information security.

This further enhances Malaysia’s competitiveness in quality assurance of information security based on the Common Criteria standard through building end-user confidence towards Malaysian information security solutions.

I am pleased to note that to date, 38 companies have successfully completed their certification with  MyCC. CyberSecurity Malaysia will certify at least another four projects in 2016, thereby preparing more local ICT security solutions providers to venture into lucrative overseas markets.

The certification will certainly give manufacturers of IT solutions and software a huge boost when marketing their products. It will also help local ICT organisations deliver quality products and services to an increasingly demanding, competitive and sophisticated global market.

State-of-the-art cyber forensics lab

Over the past few years, there has been an alarming rise worldwide in cyber-attacks. These attacks range from Distributed Denial of Service (DDoS) and Advance Persistent Threats (APT) at corporate network level to cyber vulnerabilities and malware in personal computers and mobile devices.

This risk of cyberattacks is greatly multiplied by the introduction of e-governance and usage of the web across countries in the Asia Pacific region. And with Internet of Things (IoT) trends that enable device interconnectivity across all sectors as the future of Internet, cyber-attacks would escalate exponentially.

CyberSecurity Malaysia recently embarked on a Cyber Forensics X Lab, a state-of-the-art R&D laboratory for developing facial recognition technologies. Launched in 2015, the Cyber Forensics X Lab serves also as a platform whereby law enforcement agencies, regulatory bodies, and other cyber security industry players will work together with CyberSecurity Malaysia to produce solutions, tools or products to improve security in cyber space.

I am confident that the lab will spur local companies to enhance collaboration with CyberSecurity Malaysia and to develop jointly cutting-edge cyber surveillance and security solutions for the international markets.

A Global Mindset

To enter successfully into the international market, Malaysian companies need to have a global mindset when developing ICT security products and services. CyberSecurity Malaysia itself is setting the example when it attained leadership position within the global cyber security community.

In the recently concluded APCERT AGM on September 2015, Malaysia through CyberSecurity Malaysia was elected deputy chair. This underscores our commitment to turn Malaysia into a global reference centre for cybersecurity within the Asia Pacific region.

To tap into the vast international market, Malaysian ICT security companies must advance their R&D and to work closely with government agencies such as Matrade, MDeC and Mosti. According to the United Nations e-Government Survey of 2010, Malaysia is ranked sixth in the list of 25 developing countries after the Republic of Korea, Singapore, Bahrain, Israel and Colombia for e-Government development.

Major achievements of Malaysia were in Public Key Infrastructure (PKI), e-passport management system, public database management solutions, human resource management system, electronic counter services and web based e-services, e-procurement and e-payment.

Already, Malaysian ICT products have made great strides and impact in the international market, and these include software development, system integration and solutions for construction and project management, banking, finance, insurance, healthcare and education.

At the same time, Malaysian creative talents are highly regarded internationally for their top  quality work in 3D animation and visual-effect, post-production work for films and TVs, video games development and also mobile applications and games.

Looking ahead, Big Data & Analytics (BDA) is expected to form a significant part of ICT services in Malaysia with projected revenue expected to reach RM720mil by 2020. The applications of BDA are designed for retail, crime prevention and citizen data analysis, just to name a few.

Malaysia is one of the leading countries in the ASEAN region to adopt BDA and many of our ICT players are well established in this sector.

The Common Criteria (CC) recognition has certainly placed Malaysian ICT products with certification in a strong position to penetrate and expand into the international ICT market.

Malaysian ICT products today can leverage on their CC benchmark to compete effectively against similar categories of products on the global ICT market particularly in government sectors which insist on rigorous independent and stringent certification process.

We, at CyberSecurity Malaysia, therefore urge Malaysian ICT companies to learn about our Common Criteria Certification and how it can ultimately benefit their product marketing edge.

Dr. Amirudin Abdul Wahab is the chief executive officer of CyberSecurity Malaysia.