On 17 April, The Agents of Tech hosted ‘The Cyber Initiative’, a one-day panel discussion to cordially welcome those who are looking to learn a thing or two about cybersecurity.

To provide insights on the day’s topic, a total of six Malaysian-based tech strategists were brought in to freely exchange their views on several different aspects regarding the importance of cybersecurity.

The featured panelists began the session by introducing themselves and explaining their motivations for entering the cybersecurity industry.

“The idea of being a hacker actually helped me think of how to secure my company. I would need to think strategically like a bad guy to see the things I can do to get around security measures to try to mitigate any present threats,” said Law Shyh Haur, Chief Information Security Officer (CISO) of Touch ‘n’ Go Malaysia.

Alan See, co-founder and CEO of Firmus, also shared that his past experience of working in the operation sector robbed him of a good work-life balance. This was one of the reasons why he switched to pursuing security consultation, which emphasized more freedom in formulating strategies rather than operations. Overall, this led him to adapt to a more comfortable lifestyle.

Col(R) Dato’ Ts Dr Husin Jazri, the Senior Vice President of Cybersecurity at Serba Dinamik Holding Berhad and founder of Cybersecurity Malaysia, mentioned that starters will need to venture out into a profession that appeals to them the most. It should be an area that kindles their inquisitive desire to learn and encourages persistent experimentation.

Alan and Law, who both share similar spirits, noted that people who hold a strong passion will land better chances in earning their stripes in whatever profession they choose.

“The passion of cybersecurity lies within the heart. If you are someone who loves to explore new technology, I’m sure you will be very successful,” said Alan.

For those who are looking to pursue further, he also added that there is no single cybersecurity company that can encompass every single aspect.

“Connect with a profession that mirrors your capabilities so that you will be able to do well. One does not need to secure a full competence in all areas of expertise, therefore, it is important to specialize in a particular field that you are skilled in,” said Alan.

Professor Jazri also recommends students to secure a formal certification to show that one is equipped with a proper skill set. It is no doubt that the proliferation of higher qualifications has instilled tighter boundaries over certain professions, where it may either come with a heavy price tag or just be plainly absurd. Therefore, any students who plan to pursue a career in cybersecurity will need to have a recognizable (and hopefully, affordable) certification under their belt. This will show that one has decent employability to fulfill the expected criteria.

However, earning just the certificate may not guarantee an occupation as it merely suggests how well one can do the work. Another important factor is creativity. Without a mind that is fueled by creative juices, one may find it difficult to look at things from different perspectives to tackle distinct challenges.

Moving on, Ong Yew Seng, Founder and Managing Director of Myinfoman Sdn Bhd, sparked a newfound discussion regarding the way the COVID-19 crisis has shaped cybersecurity. Ong observed a positive side to the pandemic, where the changes have encouraged digitalization. Before stringent regulations were implemented to limit on-ground activities, most Malaysians back then hardly relied on e-wallets for day-to-day transactions and seldom shopped online.

However, we must not forget that cyber attackers are still on the loose. Many healthcare records have been compromised and as a result, healthcare industries have been negatively affected. Virtual communication mediums have also been a specified target, with attackers knowing that everyone now is highly dependent on apps like Zoom or Microsoft Teams to host their activities. Online retailers may also be subjected to the hit list, where the risk of financial gains being in the hands of the attackers themselves could be an alarming issue as well.

“SMEs are sectors that practice low budgets and involve workers who retain low-level expertise. They also carry insufficient resources to deal with cybersecurity breaches. Thus, cyber attackers are more likely to target SMEs instead of larger organizations, like banks, since it will require a lot more effort to unfasten the strict security in large companies,” Alan explained.

Phishing and spoofing emails are also common tactics that attackers use to take advantage of a business. Typically, incidents like these are becoming increasingly prominent since the majority are working from home.

In an attempt to minimize our footprint on the Internet, we should carefully consider the choices we make when it comes to feeding in personal information on any platform. Passwords should be created on a more sophisticated basis and altered from time to time.

Creating an online account is the equivalent of sharing a chunk of our personal lives onto the worldwide web. Hence, there could be a slight chance that some of our personal information may get passed around without our notable consent.

“Has it come to your mind why we are being charged nothing to use Gmail or Facebook? Instead, we provide our personal data for businesses to keep their services up and running. They conduct big data analyses to make advertisements,” said Avis Yu.

Avis also pointed out that the more we engage through a screen, the more data is being fed into the system for creating more matured predictions. At times, we may not even acknowledge the number of hours we spend doing so. Hence, Professor Jazri advised us to inculcate the importance of privacy and to start taking these measures more seriously. This will pave the way for suitable cybersecurity regulations to be enforced by legal figures.

However, this does not mean that we should put a permanent halt to this routine. As long as we are consciously aware of what is and isn’t appropriate to share online, we do not have to give up sharing snippets of our life on Instagram or having shopping sprees on Lazada.

A glimpse into a soon-to-be AI-dominated future can seem scary at first glance. For instance, an artificial intelligence patented technology known as Overdub can generate up to a 95% accurate speech clone for anyone who lends a voice. From this, we can already picture how cyber attackers can use this tool to wreak havoc.

In 2019, a UK-based energy firm had been scammed into completing a fraudulent transfer worth over €220,000. The CEO thought that he was speaking on the phone with the Chief Executive of the firm’s parent company in Germany, who instructed him to quickly perform the transaction.

“AI can be used by anyone; it can be used for good but also bad,” said Clement Arul, the CEO of Cybertronium.

Alan, on the other hand, foresees that this year will lead the cybersecurity industry to thrive as more people are starting to develop online personalities. He also predicts the following:

Arguably, AI complements the efforts of human intervention rather than replacing it entirely. With past defenses deemed static and attacks becoming increasingly dynamic, machine-learning technology can be used to detect any form of unusual activity on our devices. Through this, immediate action can be taken to deal with the threat.

By being more vigilant and informed about the dangers that could happen on the web, we can certainly achieve a less worrisome yet effective user experience. Let’s all stay safe and be careful!