Professional Documents
Culture Documents
1
Copyright © 2020 CyberSecurity Malaysia
PEOPLE CERTIFICATION:
THE NEED FOR CYBER SECURITY EXPERTS
2
Copyright © 2020 CyberSecurity Malaysia
CYBER SECURITY BREACHES IN MALAYSIA
Earlier in September 2019, CIMB systems has been allegedly hit by data breach. Some IT security services provider are of the view that systems
are vulnerable to cyber attacks usually from within the organisations.
In same month, the media reported that budget airlines such as Malindo Air and Thai Lion Air acknowledged massive data breaches which began
in August, with the airlines eventually addressing them.
Recently, several universities have been hit by data breaches including Universiti Sabah Malaysia (UMS) and Universiti Malaya (UM).
In October 2019, University of Malaya ‘s (UM) e-payment page A hacker group known as BreachDB stole personal data of thousands
was defaced by hackers resulting in personal data of UM students from UMS in November 2019, and put up a post on Twitter
academic and non-academic staff leaked on an anonymous file offering for sale 50,000 of the personal data for US$50 (RM210) in
sharing site. bitcoin.
3
Copyright © 2020 CyberSecurity Malaysia
BACKGROUND
CYBER SECURITY WORKFORCE SHORTAGE
4
Copyright © 2020 CyberSecurity Malaysia
PROBLEM STATEMENTS
5
Copyright © 2020 CyberSecurity Malaysia
6
Year 2020
Cyber
security
Incident
Statistics
(MyCERT) Year 2021
Top 3 highest incidents reported for the past 5
years :
- Social Engineering
1. Fraud
2. Intrusion
Technology
3. Malicious Code
6
Copyright © 2020 CyberSecurity Malaysia
CYBERSECURITY TALENT DEVELOPMENT METHODOLOGY
IHL Students
Through alignment with industry
requirements, professional
development, certifications & practical.
7
Copyright © 2020 CyberSecurity Malaysia
CYBER SECURITY CAPACITY BUILDING FRAMEWORK
CyberGuru
https://www.cyberguru.my
CyberSAFE
https://www.cybersafe.my
8
Copyright © 2020 CyberSecurity Malaysia
CYBER SECURITY CAPACITY BUILDING ASPIRATIONS
Professional
Associate
Student
8
▪ Evolving in parallel with technology
▪ Adopting holistic strategy and through the use of new cyber tools 9
▪ Effectively applying cyber security fundamentals with innovative features and techniques
▪ Strengthening Public-Private-Academia Partnership and International Collaboration
9
Copyright © 2020 CyberSecurity Malaysia
CYBERSECURITY PROFESSIONAL
10
Copyright © 2020 CyberSecurity Malaysia 10
1
MALAYSIA SCENARIO
ITU GLOBAL CYBER SECURITY INDEX 2020 - Malaysia is ranked 5th. in Global Ranking
CAPACITY
COUNTRY GCI SCORE LEGAL TECHNICAL ORGANIZATIONAL COOPERATION
BUILDING
11
Copyright © 2020 CyberSecurity Malaysia
CYBERSECURITY MALAYSIA
12
Copyright © 2020 CyberSecurity Malaysia
ABOUT CYBERSECURITY MALAYSIA
• A technical cyber security agency under the Ministry of Communications and Multimedia Malaysia
• Started operation as the Malaysia Computer Emergency Response Team (MyCERT) in year 1997
and later “rebranded” as CYBERSECURITY MALAYSIA in 2007
MINISTRY OF COMMUNICATIONS
AND MULTIMEDIA MALAYSIA
14
Copyright © 2020 CyberSecurity Malaysia
GLOBAL ACE CERTIFICATION
15
Copyright © 2020 CyberSecurity Malaysia
GOAL & OBJECTIVES
GOAL
OBJECTIVES
1 To establish a 2 To provide cyber security 3 development
To promote the
professional certification professionals with the right of cyber
programme that is knowledge, skills, attitude security professional
recognized globally (KSA) and experience programmes globally
16
Copyright © 2020 CyberSecurity Malaysia
GLOBAL ACCREDITED CYBERSECURITY EDUCATION
CERTIFICATION (GLOBAL ACE CERTIFICATION) SCHEME
2 Independent assessments
3 Impartiality of examinations
4 Competencies of trainers
The requirements of
5 professional memberships
17
Copyright © 2020 CyberSecurity Malaysia
PARTICIPATIONS IN THE GLOBAL ACE CERTIFICATION
PROGRAMMES
Universities:
Strategic Partners:
18
Copyright © 2020 CyberSecurity Malaysia
GLOBAL ACE CERTIFICATION RECOGNITIONS
19
Copyright © 2020 CyberSecurity Malaysia
JABATAN PEMBANGUNAN KEMAHIRAN
CYBERSECURITY INDUSTRY LEAD BODY (ILB)
20
Copyright © 2020 CyberSecurity Malaysia 20
KSA DESCRIPTORS
No KSA Descriptors No KSA Descriptors
6 Intrusion Detection, Monitoring and Prevention Analyst 19 MyCC Certifier and Evaluator
STUDENT
Working
ASSOCIATE Experience: 20 CPD
To maintain
MEMBER Below 5 points/year
Years
Working
PROFESSIONAL Experience: 40 CPD
To maintain
MEMBER More than 5 points/year
years
23
Copyright © 2020 CyberSecurity Malaysia
MUTUAL RECOGNITION THROUGH
GLOBAL ACE CERTIFICATION RECOGNITION ARRANGEMENT
Global ACE Certification Recognition Arrangement allow mutual recognition of certified cyber
security professionals, which create value for cyber security industry and participating countries. 12
countries have shown interest to join the scheme as country chapters.
AZ Chapter IR Chapter
EG Chapter AE Chapter
NG Chapter BN Chapter
OM Chapter ID Chapter
SD Chapter BD Chapter
PK Chapter KZ Chapter
25
Copyright © 2020 CyberSecurity Malaysia
INTIATIVES BY CYBERSECURITY
MALAYSIA AS INDUSTRY LEAD BODY
ENDORSED BY JPK
26
Copyright © 2020 CyberSecurity Malaysia
CYBERSECURITY MODULAR PROFESSIONAL
CERTIFICATION
Objective:
1. Produce cyber security professionals with multiple skill sets to
address the industry needs and support the government’s TVET
Initiative
2. Enhance cyber security professionals’ capabilities in mitigating cyber
threats
3. Provide a fast-track pathway to obtain the Malaysian Skills Advanced
Diploma (DLKM) under the Malaysia Act 652
4. Create a common platform of cyber security capacity building and
lifelong learning
27
Copyright © 2020 CyberSecurity Malaysia 27
Modular Professional Certification
a) The Cyber Security Penetration Testing and Assessment Competency Unit (CU) syllabus are aligned
with the relevant Global ACE Certifications during design.
b) Embed Global ACE Certification certified examinations with JPK’s PPA assessment requirements.
c) Acquired Global ACE Certification training programmes namely CIPA, CITA and CPT to fulfil 5 Core
CUs and either CSAP or CCDA certification to fulfill the elective CUs.
d) Upon passing the relevant Global ACE Certifications certified examinations, candidate is eligible to
apply for JPK’s Partial Certification leading towards the full DLKM (Advanced Diploma) certification
of in Penetration Testing & Assessment.
No Competency Unit Global ACE Scheme Certified Exam with PPA JPK Certifications
29
Copyright © 2020 CyberSecurity Malaysia
CYBERSECURITY MODULAR PROFESSIONAL CERTIFICATION STRUCTURE
requested module/
CUs
Participants can obtain the Advance Diploma in about 3 months’ time as compare with the usual pathway that requires at least 2
years full-time study. Target audience is working adults from industry and academia
30
Copyright © 2020 CyberSecurity Malaysia
CYBERSECURITY MODULAR PROFESSIONAL CERTIFICATION
WAY FORWARD
2. Benefits
1. Validate professional competence through Global ACE Certification
2. Opportunity to obtain:
• Cyber security Certifications, MBOT Recognition & TVET Credentials
• Professional Membership
3. Equip yourself with a variety of skills
4. Obtain Advanced Diploma within a short period
6. Increase marketability through the recognition by JPK, CyberSecurity Malaysia and MBOT along with support from
government and industry.
31
Copyright © 2020 CyberSecurity Malaysia
MODULAR PROFESSIONAL CERTIFICATION
(MPC) ROAD SHOWS IN 2019
32
Copyright © 2020 CyberSecurity Malaysia 32
CYBERSECURITY MODULAR PROFESSIONAL
CERTIFICATION ROAD SHOW IN 2019
33
Copyright © 2020 CyberSecurity Malaysia 33
(CYBER SECURITY PENETRATION TESTING & ASSESSMENT
AWARENESS PROGRAMME AND REFRESHER COURSE IN 2020
34
Copyright © 2020 CyberSecurity Malaysia 34
CYBER SECURITY PENETRATION TESTING & ASSESSMENT
AWARENESS PROGRAMME AND REFRESHER COURSE
➢ 1,691 attendees participated in both Cyber Security Penetration Testing and Assessment
Awareness and Refresher Course Webinar (26-27 Nov 2020)
➢ 3 refresher courses conducted on second day.
➢ Received positive feedback from participants.
35
Copyright © 2020 CyberSecurity Malaysia 35
MALAYSIA DIGITAL ECONOMY BLUEPRINT
36
Copyright © 2020 CyberSecurity Malaysia
CYBERSECURITY MALAYSIA INVOLVEMENT IN DIGITAL TALENT
CLUSTER
THRUST 6 : SECTOR :
THRUST 4 :
Building trusted, secure and ethical Professional Services
Developing agile digital talent
digital environment
STRATEGY 3:
Retrain current workforce with the
digital skills needed to remain
relevant
37
Copyright © 2020 CyberSecurity Malaysia
CYBERSECURITY RELATED JOB AREAS
Compliance
Risk & Governance