On 27th July 2017, Petaling Jaya – University of Malaysia of Computer Science and Engineering (UNIMY), recently conducted a Cyber Security Seminar for a group of industry professionals and its own students. Speaking to the intimate crowd of close to 30 were Dr. Sean Brian Maynard and Dr. Atif Ahmad, both professors from Melbourne University. Dr. Sean Brian Maynard specializes in security policy, culture, and Sector Education & Training Authority (SETA) while Dr. Atif Ahmad focuses on secure risk management and security strategy.
Took place at Hotel Crystal Crown at Petaling Jaya, Selangor, the seminar aimed at educating the audience on the impact and consequences that arise from cyber attacks in the digital environment that we have become reliant on.
|Dr. Sean Brian Maynard specializes in security policy, culture, and Sector Education & Training Authority (SETA)|
1) Disagreement on the role of information security between management and IT team.
2) A compliance culture rather than investigate culture, and
3) Lack of awareness on information security and its threats
4) Lack of awareness and communication within an organization
|Dr. Atif Ahmad focuses on secure risk management and security strategy.|
He also suggested that to overcome those problems senior management must take charge of Information Security if risks were to be mitigated effectively and continuously.
After a short break, the second session resumed with topics on leveraging incident response teams for enterprise security management. In an interactive session, Dr Atif and Dr Maynard shared their experience in the setup and the responsibilities of Incident Response Teams along with the guidelines for security learning.
Dr. Atif highlighted that, “There are six phases in Incident Response Process: preparations (steady state), identification (declare an incident), containment (start clean-up), eradication (finish clean-up), recovery (back in production) and lessons earned.”
Dr. Atif pointed out that often companies use the Interactive Response Technology (IRT) System as their first line of defense. While it’s better than having no defence at all but the scope, mission and vision for IRTs prevent them from being an effective antidote to sophisticated attacks. This is due to the fact that IRTs is typically triggered by the occurrence of a potential incident. Or IRT system is created in ad hoc, reactive manner at the time an incident is detected.
|Vice Chancellor of UNIMY, Prof Datuk Dr Khairuddin Ab Hamid (center) pictured together with both professors, Dr. Sean Brian Maynard & Dr. Atif Ahmad and all the participants.|