A recent Frost & Sullivan study commissioned by Microsoft reported that cyber security incidents could cost Malaysia as much as US$12.2 billion – more than 4% of Malaysia’s total GDP.
To calculate the economic impact of cyber attacks in Malaysia, the study assumed three types of losses as a result of a cyber attack: direct (e.g. penalties), indirect (e.g. lost opportunity) and induced (the impact to the broader ecosystem and economy, e.g. consumers generally spending less).
Key findings of the study
The report, based on 100 responses from business and IT decision makers in medium to large organisations (250 or more employees) in Malaysia, also found that:
- 17% of organisations have experienced a cyber security incident;
- 36% are not sure if they experienced an incident, as they have not performed a proper forensics or data breach assessment;
- Large organisations in Malaysia could incur an economic loss of US$22.8 million because of cyber security incidents.
- 61% of organisations have experienced job losses in the past year as a result of cyber security attacks.
Dato’ Dr. Haji Amirudin Bin Abdul Wahab, CEO of CyberSecurity Malaysia, said: “Cyber-attacks have become a common occurrence not just in Malaysia but around the globe […] The findings of this study provide businesses with a greater understanding of the economic impact of cyber threats”.
The importance of ISO 27001 certification in Malaysia
Microsoft highlighted that “for a cybersecurity practice to be successful, organizations need to consider People, Process and Technology, and how each of these contributes to the overall security posture of the organization”.
An ISMS (information security management system) encompasses these key elements. If your organisation chooses to implement an ISMS that is certified to its international standard, ISO 27001, you can better manage, monitor, audit and continually improve your organisation’s information security.
ISO 27001 certification in East Asia and Pacific is growing rapidly, reaching almost 15,000 – the highest number worldwide – in 2016 (ISO Survey). Certifications in Malaysia have grown by 261% since 2011.
How ISO 27001 helps prevent cyber attacks
An ISO 27001-conformant ISMS is a proven framework that help organisations protect their sensitive and confidential information with a combination of effective technology, auditing and testing, organisational policies and processes, and staff awareness programmes.
Malaysian organisations can be better prepared for cyber attacks by implementing an ISMS aligned to the Standard.
Learn how to achieve ISO 27001 compliance
IT Governance’s ISO27001 Certified ISMS Foundation (Distance Learning) training course provides a complete introduction to the key elements required to achieve compliance with the Standard.
Delivered by ISO 27001 experts, this recorded training session is built on the foundations of our practical experience helping organisations across the world achieve ISO 27001 certification.
It is an ideal training option for Malaysian organisations, as participants can study at their own pace and take the first steps towards a career in information security management.