23 companies get CSM security certification
By Digital News Asia January 21, 2014
- CSM also accredited with two international standards for certification bodies
- In MoU with TM subsidiary for Malaysia Trustmark e-business validation service
CYBERSECURITY Malaysia (CSM) has awarded certificates to 23 companies which had complied with security standards such as Common Criteria ISO/IEC 15408, Information Security Management System (ISMS) ISO/IEC 27001, and Malaysia’s Trustmark e-business validation.
CSM also received an accreditation certificate from Standards Malaysia for complying with the MS ISO / IEC 17021:2011 and MS ISO/IEC 27006:2011 international standards for certification bodies, the national security agency said in a statement after hosting an accreditation and certification awards ceremony in Kuala Lumpur.
“While efficiency and connectivity are clear advantages of the digital lifestyle, there is also a higher risk of cybercrime including data leakage, security breach, and fraud,” said Deputy Minister of Science, Technology and Innovation Dr Abu Bakar Mohamad Diah, who officiated at the event.
“If our country’s cyber-security is weak, our computer network and database will be easily hacked. Anyone can and will steal our R&D data and intellectual property, and all our hard work and investment in time and money will be wasted,” he added.
CSM chairman General Panglima Mohd Azumi Mohamed (Rtd) said that cyber-security evaluation and certification by a recognised body like CSM would contribute to the public’s peace of mind by reducing the cyber-crime rate and ensuring information is adequately protected.
“CSM’s certification services – MyCC Scheme, CSM27001 Scheme, and Malaysia Trustmark – are a proactive and adaptive approach where continuous monitoring and evaluation are done due to the ever-expanding technological advances which invite cyber security risks.
“To date, CSM has certified 39 ICT products under the MyCC Scheme and 10 Critical National Information Infrastructure (CNII) organisations under the CSM27001 Scheme. We have also validated eight e-business websites under the Malaysia Trustmark service,” Mohd Azumi added.
CSM offers the Information Security Management System Audit and Certification (CSM27001) Scheme, which was established in May 2011 in support of the National Cyber Security Policy (NCSP).
It offers independent security audit and certifies an organisation’s Information Security Management System (ISMS). Being ISMS-certified provides a degree of assurance that business processes are evaluated to ensure improved performance, while reducing the likelihood of security risks being present, CSM claimed.
“Conformance to the ISMS standard means that an organisation has a system in place to ensure information under its control remains confidential, its integrity preserved and it is available when needed,” said Fadilah Baharin, director general of Standards Malaysia, the national standards body.
“Foreign companies and potential trading partners will have more trust in the capability of their Malaysian counterparts in safeguarding their data and information [with suich conformance],” she added.
At the accreditation and awards ceremony, CSM also signed a Memorandum of Agreement (MoU) with Telekom Applied Business Sdn Bhd (TAB) for the Malaysia Trustmark e-business validation service.
The MoU formalises the collaboration between the two where TAB will provide the Telekom Malaysia Certification Authority service and CSM would provide the Malaysia Trustmark service.
“The Malaysia Trustmark service was launched in July 2013 to audit and validate e-business websites, with the aim of promoting trust’ in e-business in Malaysia,” said CSM chief executive officer Dr Amirudin Abdul Wahab (pic).
“The collaboration will enable the Malaysia Trustmark service to benefit and add value to the e-business merchants and also to the consumers,” he added.
The day Malaysia painted a bull’s eye on itself
Malaysia Trustmark for private sector launched
Malaysian Government formulates national cyber-crisis policy