We are of the view that stakeholders in critical industries across the world, and also in Malaysia are not doing enough to protect against potential damages.
Why we conclude so? Despite the cyberattack in Ukraine in 2015 that left the country without electricity for 6 hours and the cyberattack in 2016 against Burlington Electric in Vermont in the US that left the area without electricity, countries and stakeholders in critical industries still haven't learned.
With the impending end of support for Windows 7, where most of these critical industries are on presently, and with ongoing issues remaining unresolved with Windows 10, the risks to most of these critical industries is expected to escalate further.
We are calling on the government of Malaysia to manage cyber risks at the highest level and proactively change the culture with the operators of the critical industries and their extended supply chains. If it is based on present efforts demonstrated todate, all the government's efforts will likely remain long on aspiration and short on delivery.
Given the range of geopolitical interests playing out in the world currently, and with Malaysia playing an important role in the Belt & Road initiative promoted by China, other bigger nation state cyber actors would highly likely use their capabilities to target our critical industries as a bargaining chip against us.