MY BIODATA

Edit

Zahri started his career in 1988 as a computer analyst at the Ministry of Defence Malaysia. After 7 years of service in the public sector, he took a leap of faith and work with several information technology companies in the private sector. He then joined CyberSecurity Malaysia in 2001 (formerly known as National ICT Security and Emergency Response Centre - NISER), an agency under the Ministry of Communications and Multimedia Malaysia and was appointed as Chief Operating Officer in 2006. 
 
During his tenure in CyberSecurity Malaysia, Zahri actively sat in several committees at national level. He participated in the establishment of NISER’s Panel of Experts (POE) in 2001, which then entrusted to develop the National Infostructure Protection Agenda (NIPA) Report. The NIPA Report is a strategic document, which was later referred to during development of the National Cyber Security Policy in 2006, which boosted Malaysia’s reputation in cybersecurity worldwide. He is also committed towards development of the Global Accredited Cybersecurity Education (ACE) Certification (https://globalace.org), a holistic cybersecurity professional certification program in Malaysia. The Scheme was developed in collaboration with government agencies, industry partners and academic institutions. In addition, he leads implementation of 10th Malaysia Plan (2011-2015), 11th Malaysian Plan (2016-2020) and 12th Malaysia Plan (2021-2025). 

In 2008 to 2012, Zahri contributed his thoughts to implement cybersecurity policy in Malaysia by becoming a Secretariat Head for National Cybersecurity Coordination Committee (NC3) and Cyber Law Review. As the Chief Operating Officer of CyberSecurity Malaysia, he led the team in outlining National Cyber Security Awareness Master Plan chaired by the National Security Council in 2014, National Cyber Drill Committee chaired by National Security Council in 2011-2017 and Cybersecurity Framework for Public Sector chaired by Malaysian Administrative Modernisation and Management Planning Unit (MAMPU) in 2016. He participated as a Working Group Member to develop Malaysia Standard 1970 Business Continuity Management, completed in 2008.

Zahri also expands his network in the academic field by participating in universities academic programs as Industry Advisor, Associate Fellow, Visiting Expert and Adjunct Professor. In 2016 to 2018, UTM Advanced Informatics School appointed Zahri as visiting expert. He was also recognized as Industry Advisor for Master programmes in University Teknologi Malaysia (2012), Universiti Utara Malaysia (2018), Universiti Teknikal Melaka Malaysia (2018 to 2021) and Universiti Putra Malaysia (2020). He became an Associate Fellow for Universiti Kebangsaan Malaysia in 2020-2021. 

In recognition of his expertise in cybersecurity, Zahri was appointed as Adjunct Professor at Universiti Teknikal Melaka Malaysia (UTeM) in 2016-2018 and Universiti Tun Hussein Onn in 2020-2021. Alumni UTeM publication featured him in their publication entitled “Anjakan Paradigma Mendepani Cabaran Alumni UTeM”, that reveals his journey fostering cybersecurity in Malaysia, then he was appointed as UTeM Board Member for the term 2020-2023. 

Passionate about giving back to the society, Zahri became a speaker to deliver talks to promote cybersecurity awareness towards secondary schools, university students and corporate organisations. He engaged in public events such as Ops Jelajah Siber, Cyber Security Malaysia – Award, Conference and Exhibition (CSM-ACE) and CyberSAFETM in Schools Program. On top of that, he was handpicked as Chief Judge for National ICT Security Discourse (NICTSeD) – CyberSAFETM Challenge Trophy in 2015-2019. 

At international front, Zahri’s expertise and experience are significant in sustaining nation’s prominence in cybersecurity, particularly in the Asia Pacific region and the Organisation of Islamic Cooperation (OIC) countries. He is a central figure in the establishment of OIC Computer Emergency Response Team (OIC-CERT – www.oic-cert.org ), a collaborative effort of CERTs amongst the OIC countries in 2019. He managed research collaboration project on malware amongst OIC-CERT and Asia Pacific Computer and Emergency Response Team (APCERT – www.apcert.org ) in 2017. 

Zahri was again selected as an expert in working groups such as Confronting Threats and Violent Extremism on Cyberspace Workshop by the OIC in 2015. He shared his experiences in Dialogue for Asia Pacific Perspectives on the Hague Global Conference on CyberSpace by the International Cyber Policy Centre, Australian Strategic Policy Institute in 2015. In addition, he was recognized as a subject matter expert in cybersecurity for United Nations Group of Government Experts in 2014-2015 and for OIC Standing Committee on Science and Technology Cooperation (COMSTECH) in 2015. Due to his outstanding achievement globally, Zahri was appointed as Scientific and Industrial Advisory Board for National Centre of Cyber Security, Pakistan in 2019 and Advisory Board Member for CyberCyte United Kingdom in 2021. 

Zahri continuously contribute his ideas through various publications and presentations on topic related to cybersecurity, cyber terrorism and business continuity management. He holds a PhD in Information Security from UTeM (Malaysia) in 2015, MSc in Electrical Engineering from Universiti Teknologi Malaysia (Malaysia) in 1992 and BSc in Computer Science from the Fairleigh Dickinson University (New Jersey, USA) in 1987.

He is registered with the Malaysia Board of Technologists (MBOT) as Professional Technologist in 2018 and was awarded Senior Information Security Professional by the (ISC)2, USA in 2010.

In 2019, Zahri was conferred Paduka Mahkota Perak (P.M.P) in conjunction with Perak Ruler Sultan Nazrin Muizzuddin Shah’s 63rd birthday, for his exceptional role in cybersecurity at national and international level.
Read More»

SEMINARS/WORKSHOPS/CONFERENCE SPEAKERS

Edit


Seminars/Workshops/Conference Speakers
  1. “Program Sembang AUTeM @ Memori Korporat”. Universiti Teknikal Malaysia Melaka, Malaysia, 21 Dec 2022
  2. “Documentations, Procedures and Testing Profiles in Common Criteria”. 3rd International Conference on Cyber Warfare and Security (ICCWS), Islamabad, Pakistan, 7-8 Dec 2022
  3. “Program Wacana Ilmu: Forum Kebersamaan Memperteguh Kecemerlangan”. Universiti Teknikal Malaysia Melaka, Malaysia, 30 Nov 2022
  4. “Roles of States in Cyber Security: Creating Trust in Cyber Environment”. 2022 International Conference on IT and Industrial Technologies (ICIT 2022), Faisalabad, Pakistan, 3-4 Oct 2022
  5. “CERT Training - Incident Response and MDR". Cyber Secure Pakistan 2022, Islamabad, Pakistan, 22-24 Aug 2022
  6. “Common Criteria for ICT Security Evaluation: Malaysia’s Case Study”. 19th International Bhurban Conference on Applied Sciences and Technology, Islamabad, Pakistan, 16-20 Aug 2022
  7. “CERT Establishment: Case Study of Malaysia Model”. 19th International Bhurban Conference on Applied Sciences and Technology, Islamabad, Pakistan, 16-20 Aug 2022
  8. “Digital Forensics Case Studies in Malaysia”. Korean Digital Forensics Society, Republic of Korea (Virtual), 20 June 2022
  9. “Cybersecurity Capacity Building: Towards A Secured Digital Community”. OIC-CERT 13th Annual Conference and 9th Arab Regional Summit Annual Conference, Saudi Arabia (Virtual), 23-24 Nov 2021
  10. “APT Malware Threat: Case Studies In Malaysia”. 2nd IEEE International Conference on Cyber Warfare and Security, Islamabad, Pakistan, 23-25 Nov 2021
  11. “Cyber Securty Essential”. Program PEMULIH SiberKASA Latihan Kemahiran Keselamatan Siber, Cyberjaya, Malaysia, 20 Sept 2021
  12. “Implementation of Cybersecurity Initiatives in Malaysia: Reflection on Progress and the Way Forward”. ASAS Digital Banking Series Webinar, Malaysia, 27 Jul 2021
  13. “Protecting CNII Against Cyber Threats: Malaysia Experience”. National Forum for Information Security "Infoforum", Khanty-Mansiysk, Russia , 15 June 2021
  14. “Protecting CNII Against Cyber Threats: Malaysia Experience”. ISMS: Theory and Practice of Implementation of Critical Infrastructure at Facilities, Ukraine, 24-25 May 2021
  15. “Combating Cybersecurity Threat: Strategic Solution”. Industry Talk - Cyber Security, Fakulti Pengurusan dan Perniagaan, Universiti Teknologi Mara, 7 Apr 2021
  16. “People Certification: The Need For Cybersecurity Professional Towards IR 4.0”. Webinar IR4.0ME - Industri Revolution 4.0 for MARA Educators and Entrepreneur, Malaysia, 3 March 2021
  17. “Cyber Resiliency in Critical Infrastructure Environment”. 18th International Bhurban Conference on Applied Sciences and Technology, Islamabad, Pakistan, 12-16 Jan 2021
  18. "Cyber Resilience and CSIRT/ISAC Role". CSIRT.ID Webinar, Jakarta, Indonesia, 22 Dec 2020
  19. "Certifying Cybersecurity Professionals towards the Industrial Revolution 4.0". Global ACE Certification Webinar, Cyberjaya, Malaysia, 25 Nov 2020
  20. "Digital Disruption and Challenges Towards CyberSecurity". MIDF Cybersecurity Week 2020, Kuala Lumpur, Malaysia, 5 Oct 2020
  21. "OIC-CERT Initiatives in Securing the Muslim Ummah". Post OIC-CERT Cyber Drill by PISA-CERT Pakistan, 25 Sept 2020
  22. "People Certification: The Need For Cyber Security Experts". Mesyuarat Majlis Dekan-Dekan ICT Malaysia, Cyberjaya, Malaysia, 23 Sept 2020
  23. "Implementation of National Cyber Security Strategy: Malaysia’s Experience". Lecture on the Review of National Cybersecurity Policy and Strategy 2014 (Virtual), Office of the National Security Advisor, Nigeria, 18 Sept 2020
  24. "The Reality of Cyber Threats Today". Universiti Tun Hussein Onn Malaysia, Malaysia, 17 Aug 2020
  25. "5th ACMOI Meeting". Jeddah, Saudi Arabia, 4-5 Dec 2019
  26. "Future of Works towards IR 4.0: TVET Pathway for Cyber Security Professionals Toward Industry Recognition”. MBOT Townhall Session Towards 2020, Shah Alam, Malaysia, 25 Nov 2019 
  27. "Role of Cross-Domain Technologies In Compounding And Mitigating Cybersecurity Threats". Margalla Dialogue on Peace & Development in SAMECA, Islamabad, Pakistan, 13-14 Nov 2019 
  28. "Cybersecurity In 4IR: Reaping Benefits and Mitigating Drawbacks". 11th OIC-CERT Annual Conference 2019, Muscat, Oman, 27-30 Oct 2019 
  29. "Securing Digital World Against Cyber Threats: Malaysia Experience". Guanchao Cyber Forum 2019, Beijing, China, 21 Aug 2019 
  30. "YAKSHA Ambassador Program". Menara Cybe Axis, Cyberjaya, Malaysia, 29 Jul 2019
  31. "Instilling Digital Citizenship Skills through Education: A Malaysian Perspective". 18th European Conference on Cyber Warfare and Security 2019, Coimbra, Portugal, 4-5 Jul 2019
  32. "Cyber Threats Incident Response Model for CNII Organizations". 31st FIRST Annual Conference 2019, Edinburgh, Scotland, 17-21 June 2019
  33. "Safeguarding Malaysia CNII Against Cyber Threats". 11th International IT-Forum / 3rd International Conference on Information Security Conference (InfoForum), Khanty-Mansiysk Autonomous Okrug - Ugra, Russia, 10-11 June 2019
  34. "Cyber Threats Intelligence". 16th International Bhurban Conference on Applied Sciences & Technology (IBCAST) 2019, Islamabad, Pakistan, 8-12 Jan 2019 
  35. “Where is Security in Social Media?”. OIC-CERT Annual Conference 2018, Shiraz, Iran, 26–29 Nov 2018 
  36. "Cyber Emergency Response Model for CNII Organizations". CodeBali 2018, Bali, Indonesia, 9-12 Oct 2018 
  37. "The Reality of Cyber Threats Today". Bank Islam Malaysia Information Security Day, Kuala Lumpur, Malaysia, 18 Sep 2018 
  38. "National Key Information Infrastructure Emergency Response Model". Information Security Conference 2018, Beijing, China, 4-6 Sep 2018 
  39. "Regulating Cyber Security Professional Towards the Industrial Revolution 4.0". Global ACE Scheme Soft-launching, Putrajaya, Malaysia, 7 Aug 2018 
  40. "Cyber Force Establishment: Defence Strategy for Protecting Malaysia’s Critical National Information Infrastructure against Cyber Threats". 17th European Conference on Cyber Warfare and Security, Oslo, Norway, 28-29 June 2018 
  41. "Addressing Cyber Terrorism Threats". 10th International IT-Forum / 2nd International Conference on Information Security Conference (InfoForum), Khanty-Mansiysk Autonomous Okrug - Ugra, Russia, 5-7 June 2018 
  42. "Cyber Threats: Impact and Readiness". Bengkel Semakan Semula NCSP dan Pembangunan MCSS, Bangi, Selangor, 3 Apr 2018 
  43. "Cyber Parenting Module Development For Parents". 12th Annual International Technology, Education and Development Conference, Valencia, Spain, 5-7 March 2018 
  44. "Roundtable with Malaysian Participants in EU-funded Research Consortia: Tips and Advice". European Research Funding and Collaboration Opportunities Horizon 2020 Info Days, Kuala Lumpur, Malaysia, 29-30 Jan 2018 
  45. "CTI: What is the Real Added Value". The International Cybersecurity Forum (FIC) 2018, Lille, France, 22-24 Jan 2018 
  46. "People Certification: The Need for Cyber Security Experts". 15th International Bhurban Conference on Applied Sciences & Technology (IBCAST) 2018, Islamabad, Pakistan, 9 - 13 Jan 2018 
  47. "OIC-CERT Strategic Initiatives". Annual Coordination Meeting of OIC Institutions, Jeddah, Saudi Arabia, 3-4 Dec 2017  
  48. "People Factors In Cyber Resilience: Creating The Need For Cybersecurity Experts". The 6th Regional Cyber Security Summit, Muscat, Oman, 20 - 21 Nov 2017 
  49. "Malware Mitigation Project". APCERT AGM & Conference 2017, New Delhi, India, 12 - 15 Nov 2017 
  50. "OIC-CERT Capacity Building Strategic Pillar". OIC-CERT 9th Annual General Meeting, Baku, Azerbaijan, 6 - 9 Nov 2017 
  51. "Control Your Technology.. Don’t Let It Control You". MARA Luncheon Talk, Kuala Lumpur, Malaysia, 25 Oct 2017 
  52. "Managing Cyber Security in the Information Age: The Role of National Cyber Security Policy". International Workshop on Big Data Analytics (IWBDA 2017), UTM Johor, Malaysia, 23 Aug 2017 
  53. "Panel Discussion - IOT and the Boardroom". MINDA-RSOG International Directors Summit (IDS) 2017, Kuala Lumpur, Malaysia, 21 Aug 2017 
  54. "Cyber Terrorism & Internet Radicalization". Malaysia Technical Cooperation Program, Kuala Lumpur, Malaysia, 15 Aug 2017 
  55. "The Ethos of Cyber Defence through Industry Collaboration". BAE Malaysia Cyber Defence Talk, Intercontinental Hotel, Kuala Lumpur, 18 Jul 2017 
  56. "Understanding Cyber Terrorism from Motivational Perspective: A Qualitative Data Analysis". 16th European Conference On Cyber Warfare And Security (ECCWS) 2017, University College Dublin, Dublin, Ireland, 28-30 June 2017 
  57. "Protecting CNII Against Cyber Threats: A Coherent Response Through CSIRT". Critical Infrastructure Protection Europe, The Hague, Netherlands, 9-11 May 2017 
  58. "Protecting CNII Against Cyber Threats: Malaysia Experience". University of Sharjah, UAE, 7 May 2017
  59. "Cyber Terrorism: How to Train Awareness". Cyber Intelligence Asia 2017, Kuala Lumpur, Malaysia, 15-16 March 2017 
  60. "Protecting And Educating Businesses Against Cyber Attacks". Cyber Intelligence Asia 2017, Kuala Lumpur, Malaysia, 15-16 March 2017 
  61. "The Reality of Cyber Threats Today". CEO Talk, Universiti Teknikal Malaysia Melaka, Malaysia, 27 Feb 2017 
  62. "The Concept of Cyber Terrorism: How It Can Be Applied". Cyber Security: Protection Of Critical Sectors Workshop, Kuala Lumpur, Malaysia, 6-8 Feb 2017 
  63. "Building SOC V2.0". 9th International Cybersecurity Forum, Lille, France, 24-25 Jan 2017 
  64. "Cyber Security Today - How Far, How Much?". International Conference on Cyberlaw, Cybercrime & Cybersecurity, New Delhi, India, 17-18 Nov 2016 
  65. "Innovative Approach Towards Creating A Safer Cyber Environment". Hari Inovasi PDRM Tahun 2016, Melaka, Malaysia, 27 Oct 2016 
  66. "National Strategy for Protection of CNII In Malaysia". Critical Infrastructure Protection & Resilience Asia, Bangkok, Thailand, 5-6 Oct 2016 
  67. "Cyber Security Strategy In Securing Critical Infrastructure". Codebali Conference, Bali, Indonesia, 28 Sept 2016 
  68. "CSIRT Management Workflow: Practical Guide for Critical Infrastructure Organisations",10th European Conference on Information Systems Management, University of Evora, Portugal, 8-9 Sept 2016
  69. "CSIRT Management Workflow: Practical Guide For Critical Infrastructure Organizations". 28th FIRST Annual Conference, Seoul, South Korea, 12-17 June 2016 
  70. "The Influence of Social Media In Radicalization". SEARCCT's Regional Workshop on Undergraduates and Radicalisation, Kuala Lumpur, Malaysia, 31 March 2016 
  71. "Module II Expert Panel: Private Sector Cyber Incident Response Involving Critical Infrastructure Sectors". ARF Workshop, Kuala Lumpur, Malaysia, 2-3 March 2016 
  72. "APCERT SC Meeting". Auckland, New Zealand, 22-24 Feb 2016 
  73. "Media Sosial: Positif atau Negatif?". Program Advokasi Ilmuwan Majlis Profesor Negara Bersama Utusan Malaysia Dan Radio Televisyen Malaysia (RTM) Dengan Kerjasama Universiti Teknikal Malaysia Melaka (UTeM), 17 Dec 2015 
  74. TV Interview. "Addressing the Cyber Terrorism Threats". Astro Vinmeen HD 231, 8 Dec 2015 
  75. "The Art of Terrorism in the Cyberspace". CYBERABUJA 2015, Abuja. Organized by Nasarawa State University, Keffi, Nigeria, 5-6 Nov 2015 
  76. "The Role of Media In Influencing Terrorism and Extremism". Talking ASEAN by Habibie Centre Jakarta and IMAN Research Malaysia, Kuala Lumpur, 30 Oct 2015 
  77. "Cyber Security Center of Excellent for OIC Countries". OIC-CERT Annual Conference 2015, 7th AGM, Kuala Lumpur, 9 Sept 2015 
  78. "Cyber Terrorism & Internet Radicalization". Malaysia Technical Cooperation Program, Cyberjaya, Malaysia, 18 Aug 2015 
  79. "Role of Governmental & Non-governmental Actors on Capacity Building". ASEAN Regional Forum Workshop on Cyber Security Capacity Building, Beijing, China, 29-30 Jul 2015
  80. "Live Simulation of Post Cyber Attack". Seminar on Cyber Security and Live Simulation, Malaysian Institute of Defence & Security, Kuala Lumpur, Malaysia, 26 May 2015
  81. "Understanding the Element of Cyber Terrorism". Cyber Intelligence Asia, Manila, The Philippines, 21-24 Apr 2015
  82. "Internet Radicalization & Cyber Terrorism". ASEAN Regional Forum Workshop on Counter Radicalization, Kuala Lumpur, Malaysia, 25-26 Mar 2015
  83. "Cyber-Terrorism". Cyber Security: Protection of Critical Sectors Workshop, Southeast Asia Regional Centre for Counter-Terrorism (SEARCCT) and CyberSecurity Malaysia, Malaysia, 10-11 Feb 2015
  84. "The New Facet Of Cyber Threats And Its Implications For Global Security", Universiti Utara Malaysia, Kedah, 2 Dec 2014
  85. "Issues and Challenges in Today's Cyberspace Environment", Multimedia University ICT Security Talk, Cyberjaya, 28 Nov 2014
  86. "Malaysia’s National Cyber Security Policy" and "Cyber Security For OIC Countries", OIC Standing Committee on Scientific and Technological Cooperation (COMSTECH), Islamabad, Paksitan, 21 - 22 Nov 2014
  87. "Cyber Terrorism: The New Facet Of Cyber Threats", Cyberjaya Infra Conference & Exhibition 2014, Cyberjaya, 18 Nov 2014
  88. "A Space of Oddity | Somebody’s Watching". Moderator at the OIC-CERT Annual Conference 2014 & 6th AGM, Brunei Darussalam, 20 - 22 Oct 2014 
  89. "Cyber Terrorism: The Rising Threat in Cyber Dimension?" Presentation at the APSA Security Forum, Kuala Lumpur, Malaysia, 4 Sep 2014 
  90. "Grounding the Component of Cyber Terrorism Framework Using the Grounded Theory." Presentation at the Springer and IEEE Technically Co-Sponsored Science and Information Conference 2014, London, 27 Aug 2014 
  91. "Cyber Terrorism: Local and Global Perspectives." Presentation at the SEARCCT Cyber Terrorism Workshop, Kuala Lumpur, 14 May 2014 
  92. "An Integrated Approach in Protecting CNII against Cyber Threats: Malaysia’s Perspective." Presentation at the Regional Cybersecurity Summit 2014, Muscat, Oman, 20-21 Apr 2014 
  93. "An Integrated Approach in Responding to Threats and Challenges in Cyber Security." Presentation at the Defense Services Asia, Kuala Lumpur, Malaysia, 16 Apr 2014 
  94. "Building a Regional Network." Moderator at the ASEAN Regional Forum Cyber Confidence Building Measures Workshop, Kuala Lumpur, Malaysia, 25-26 Mar 2014 
  95. "Cyber Terrorism: The Arising Threat in Cyber Dimension." Presentation at the Commonwealth Cybersecurity Forum, London, 5-6 Mar 2014 
  96. "Roles of States in Cyber Security." Presentation 11th International Bhurban Conference on Applied Sciences & Technology (IBCAST), National Center for Physics, Islamabad, Pakistan, 14-18 Jan 2014 
  97. "An Integrated Approach for Cyber Security and Critical National Information Infrastructure Protection." Presentation at the Curtin University, Miri, Sarawak, 20 Sep 2013 
  98. "Roles of States in Cyberspace." Presentation at the ASEAN Regional Forum, Beijing, China, 12-13 Sep 2013 
  99. "Child Online Protection - CyberSecurity Malaysia Initiatives (webcast)." Child Online Protection in MENA & South East Asia, World Summit in Information Society 2013, Geneva, 16 May 2013 
  100. "Malaysia’s National Cyber Security Policy - An Integrated Approach for Cyber Security and Critical National Information Infrastructure Protection." Presentation at the Cyber Secure Pakistan 2013, Islamabad, Pakistan, 18 – 20 Apr 2013 
  101. "Mobile & Cloud Security (Moderator)." Asia Pacific Computer Emergency Response Team (APCERT) Public Conference Panel Discussion, Brisbane, Australia, 24 - 27 Mar 2013 
  102. "Cyber Terrorism." Presentation at the Cyber Intelligence Asia, Kuala Lumpur, Malaysia, 12 - 15 Mar 2013 
  103. "Cyber Terrorism: Threat to Critical National Information Infrastructure." Presentation at the Cyber Defense Summit, Muscat, Oman, 4 - 5 Mar 2013. 
  104. "Cyber Terrorism Conceptual Framework." Presentation at the Organization of Islamic Cooperation - Computer Emergency Response Team (OIC-CERT) Conference, Muscat, Oman, 29 - 31 Dec 2012 
  105. "Countering Cyber Terrorism in Malaysia." Cyber Security Forum Asia, Mandarin Orchard, Singapore, 3 - 4 Dec 2012 
  106. "Understanding Cyber Terrorism: The Grounded Theory Method Applied." Presentation at the CyberSecurity Malaysia 2nd Technical Colloquium, Kuala Lumpur, 16 Oct 2012 
  107. "Malaysia’s National Cyber Security Policy - An Integrated Approach for Cyber Security and Critical Information Infrastructure Protection." Presentation at the Family Safety and Child Protection in Cyberspace Pavilion, Tehran, Iran, 14 Oct 2012 
  108. "Towards Ensuring a Safe and Secure Electronic Identity." Presentation at the National eID & ePassport Conference Kuala Lumpur 2012, Sunway Resort Hotel & SPA, 10 Oct 2012 
  109. "Internet Radicalization." Presentation at the SEARCCT's Dynamic of Youth and Terrorism: Understanding and Countering the Issue, Seri Pacific Hotel Kuala Lumpur, 3 Oct 2012 
  110. "Collaborative Model toward Achieving Security and Safety in the Cyber Environment." Presentation at the ASEAN Regional Forum, Seoul, Korea, 11-12 Sep 2012 
  111. "Maintaining Operability and Resiliency in the Administration of Global Architecture for Cybersecurity." Workshop on "The Future of Sovereignty in Cyberspace: Understanding the Challenges of International Cybersecurity," a workshop jointly organized by the Centre of Excellence for National Security (CENS), S. Rajaratnam School of International Studies, Nanyang Technological University, Singapore and The Global Futures Forum (International), US Dept. of State, 15 - 18 Jul 2012 
  112. "A Dynamic Cyber Terrorism Framework." Presentation at the Cyber Defense Conference, London, 18-19 June 2012 
  113. "A Dynamic Cyber Terrorism Framework." INSFORLAB Seminar Series, Fakulti Teknologi Maklumat dan Komunikasi, UTeM, 15 June 2012 
  114. "Internet Radicalization." Presentation at the Management and Rehabilitation of Terrorism Offenders Seminar, Correctional Academy of Malaysia, Langkawi, 7-11 May 2012 
  115. "Cyber Terrorism Conceptual Framework." Presentation at the SEARCCT-CyberSecurity Malaysia Cyber Terrorism Workshop, Kuala Lumpur, 24-26 Apr 2012 
  116. Seminar Pengurusan Keselamatan Sasaran Penting Peringkat Kebangsaan 2011. Jointly Organized by the Ministry of Internal Affairs, Pejabat Ketua Pegawai Keselamatan Kerajaan Malaysia (Jabatan Perdana Menteri) and CyberSecurity Malaysia. Moderator for the Dialogue/Plenary Session, Kuala Lumpur, 29 Nov 2011 
  117. "Cyber Defense Response in Malaysia." Presentation at the Cyber Defense Conference, Istanbul, Turkey, 16-17 May 2011 
  118. "Cyber Terrorism and the use of ICT & Cyberspace by Terrorists." Presentation at the International Seminar on Cyber Crime, Universiti Teknikal Malaysia Melaka, 30 Dec 2010 
  119. "Safeguarding Malaysia’s Critical National Information Infrastructure (CNII) Against Cyber Terrorism: CyberSecurity Malaysia’s Perspective." Presentation at the World Engineering Congress, Kuching, Sarawak, 2-5 Aug 2010 
  120. "Safeguarding the Critical National Information Infrastructure (CNII) Against Cyber Terrorism: CyberSecurity Malaysia's Perspective." Workshop on "Towards a Secure and Resilient Cyberspace," a workshop jointly organized by the Centre of Excellence For National Security (CENS), S. Rajaratnam School of International Studies, Nanyang Technological University, Singapore and The Global Futures Forum (International), US Dept. of State, 12-13 Jul 2010 
  121. “OIC-CERT Strategic Agenda”. 3rd OIC-CERT Meeting and Conference, Tunis, Tunisia, 1-2 Apr 2008 
  122. “Malaysia Strategy and Action in Securing Cyberspace”. The 3rd ICT Security Forum, Damascus, Syria, 30-31 Jul 2007 
  123. “Securing Malaysia Cyberspace”. Urban Terrorism Seminar, Kuala Lumpur, 19 Jan 2006 
  124. “Cyber Security Initiatives in Malaysia”. Global Business Dialogue on e-Commerce 2006 Summit, Grand Hyatt Taipei, 8-10 Nov 2006 
  125. “Establishing an Effective Crisis Management Plan for CERT: A Case Study”. 2nd Annual Integrated Business Continuity Conference, Singapore, 24-25 Jan 2005 
  126. “Measures in Combating Spam: Local Case Studies”. APRICOT 2005, Kyoto, Japan, 21-24 Feb 2005 
  127. “Internet Security and Threats”. Kursus Analisis Strategik Antarabangsa, Institut Diplomasi dan Hubungan Luar Negeri, Kementerian Luar Negeri, Kuala Lumpur, 15 Aug 2005 
  128. “Cyber Threats in Malaysia”. Seminar on Seaport Information Infrastructure and Cyber Attack, Maritime Institute of Malaysia, Kuala Lumpur, 16 Aug 2005 
  129. “Proposal on Information Security Collaboration with Korea”. Korea - Malaysia ICT Cooperation & Business Seminar, Kuala Lumpur, 13 Dec 2005 
  130. “Development of BCM Standard in Malaysia: Issues and Challenges”. Customer Contact World 2004 Conference, Kuala Lumpur, 1 Apr 2004 
  131. “Cyber Threats to Critical Information Infrastructure: Local Case Studies". Australian CERT Conference, Gold Coast, Australia, 24-28 May 2004 
  132. “Protection of Malaysian Cyberspace: An Agenda for Action”. 2nd Electronic Warfare Conference 2004, Kuala Lumpur, 27 Sep 2004 
  133. “BCM Standard and Best Practices for the Malaysian Environment - a National Initiative”. BCM World 2004, Kuala Lumpur, 7-8 Dec 2004
Read More»

Malaysia's prominence in cyber security sector drawing foreign companies, investments

Malaysia's prominence in cyber security sector drawing foreign companies, investments
Edit


PUTRAJAYA: Malaysia's strong presence in the cyber security sector has attracted many foreign companies to invest here.
The latest international player to set up shop in Malaysia is Turkish company May Cyber Teknoloji, which is establishing its regional office in the country.
Slated to begin operations early next year, the office will be the company’s first major presence outside of Turkey.
A leading company based in Ankara, May Cyber Teknoloji develops and manufactures cyber security products, especially in the fields of network access control, security incident management, network monitoring, encryption and compliance management.
"We look forward to… expanding our services and technological expertise to Asean countries, including members of the Organisation of Islamic Cooperation (OIC).
"Therefore, we (are) setting up our first regional office in Malaysia and will collaborate with local company Nexagate Sdn Bhd to promote technology transfer," said the company’s chairman, Mehmet Ali Yalcindag, after the Monday signing of a memorandum of understanding (MoU) with CyberSecurity Malaysia on strengthening cyber security infrastructures.
CyberSecurity was represented by its chief executive officer Datuk Dr Amirudin Abdul Wahab.
The MoU identifies three areas of collaboration: research and development covering the areas of cyber security technical tools, methods and processes; capacity building through competency training programmes and cyber security skills; and developing marketing strategies to promote cyber security.
An action plan will be developed to assist and monitor the implementation of activities and promote information sharing between the two parties in order to realise the collaboration areas.
The MoU signing was witnessed by CyberSecurity Board of Directors chairman General Tan Sri Mohd Azumi Mohamed.
"Through this partnership, CyberSecurity Malaysia will contribute to the foreign direct investment of the national cyber security industry, as it has successfully convinced foreign cyber security players to invest in Malaysia.
"We have always been at the forefront of encouraging investments that can provide Malaysia with advanced technologies which help ensure that our cyber environment is reliable, safe and trustworthy," Azumi said.
Malaysia is an attractive destination for foreign players in the cyber security sector, as companies from as far away as Russia have set up their regional hub here, CyberSecurity’s Amirudin said.
It was reported that the Information Communication Technology (ICT) sector is expected to contribute 18.2 per cent, or approximately RM34.9 billion, to the country's gross domestic product by 2020.



Read More»

Addressing Cyber Terrorism Threats {By Zahri Bin Yunos, Cybersecurity Malaysia}

Edit





URL: https://www.observatoire-fic.com/addressing-cyber-terrorism-threats-by-zahri-bin-yunos-cybersecurity-malaisia/
Publié par 

What is Cyber Terrorism? 
Cyber terrorism is the convergence of cyberspace and terrorism. It refers to the unlawful attacks and threats of attacks against computers, networks and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives [1] [2]. Further, to qualify as cyber terrorism, an attack should result in violence against persons or property, or at least cause enough harm to generate fear. Attacks that lead to death or bodily injury, explosions, or severe economic loss would be examples. Serious attacks against critical infrastructures could be acts of cyber terrorism, depending on their impact. Attacks that disrupt nonessential services or that are mainly a costly nuisance would not be considered as cyber terrorism.
Elements of Cyber Terrorism Attacks
Cyberspace is a virtual place that has become as important as physical space for social, economic and political activities. Many countries in the world are increasing their dependency on cyberspace when they use Information and Communication Technology (ICT) [3] [4]. This dependency places these countries in an insecure position because cyberspace is borderless and vulnerable to cyber attacks. Individuals have the ability and capability to cause damage to a nation through cyberspace. Cyber attacks are also attractive because it is a cheap in relation to the costs of developing, maintaining and using advanced as well as sophisticated tools. Many have declared that cyberspace is the fifth domain along with land, air, sea and space, and it is crucial to battlefield success.
In general, to understand cyber terrorism, we can break it down to at least five elements in order to construe cyber terrorism [5] [6]:
  1. Politically-motivated cyber attacks that lead to death or bodily injury;
  1. Cyber attacks that cause fear and/or physical harm through cyber attack techniques;
  • Serious attacks against critical information infrastructures such as financial, energy, transportation and government operations;
  1. Attacks that disrupt non-essential services are not considered cyber terrorism;
  2. Attacks that are not primarily focused on monetary gain.
How serious is Cyber Terrorism?
Cyber terrorism is real and extant. It is consider as an attractive option for modern terrorists, who value its anonymity, its potential to inflict massive damage, its psychological impact, and its media appeal. It includes warfare attacks against a nation’s state and forcing ICT infrastructure (including the critical national infrastructure) and assets to fail or to destroy them. Not only are cyber criminals not slowing down, but they keep upgrading and innovating the ways they hack into systems, steal identities and data, hijack computers and much more.
Way forward to mitigate cyber attacks and terrorism are:- 
  1. Strengthening domestic cyber security through inter-agency cooperation and Public-Private Partnership;
  2. Global collaboration & strategic alliances to strengthen regional cyber security in addressing cross-border cyber attacks and cyber crimes;
  3. Adoption of more innovative, aggressive and proactive approaches in order stay ahead of cyber threats – possessing both defensive and offensive capabilities;
  4. Enhancing the triad of People-Process-Technology.
Preventive Measures Taken by the Government – Malaysia Initiatives
In Malaysia, the Government has taken initiatives to mitigate and combat cyber attacks. One of the initiatives taken is developing National Cyber Security Policy (NCSP), which was endorsed by the Government in May 2006 [7] [8]. NCSP consists of eight (8) policy thrusts; Effective Governance, Legislative and Regulatory Framework, Cyber Security Technology Framework, Culture of Security and Capacity Building, Research and Development Towards Self Reliance, Compliance and Enforcement, Cyber Security Emergency Readiness and International Cooperation.
The NCSP was formulated to address threats and risks to the Critical National Information Infrastructure (CNII) and developed action plans to mitigate such risks. CNII consists of assets (real and virtual), systems and functions that are vital to the nation that their exploitation, damage or destruction would have a devastating impact on national economic strength, image, defense and security, government capabilities to function efficiently and public health and safety. The NCSP is focused particularly on the protection of CNII against cyber threats [9] [10].
 Alongside clear and effective governance, NCSP provides mechanisms for improving the trust and cooperation among the public and private sectors. NCSP also focuses on enhancing skills and capacity building as well as enhancing research and development initiatives towards self-reliance. It also maps out emergency readiness initiatives and dictates a programme of compliance and assurance across the whole of the CNII. The NCSP also reaches out to Malaysia’s international partners and allies. The policy describes methods that Malaysia can share knowledge with the region and the world on cyber security related matters. Malaysia developed NCSP as a proactive step in protecting critical sectors against cyber threats.
 Other actions taken against cyber attacks are:-
  1. Layered approach for defense mechanisms: By having combination of email filtering, installation of anti-virus software, pro-active malware protection, security policies and keeping protection software up to date along with the operating system and applications can help to tackle security related issues such as spam, malware attacks.
  2. Awareness: Constantly give cyber security awareness to Internet users and organizations on current security threats and how to protect against the threats by practicing best practices and safeguarding their system/networks from attacks.

The Roles of CyberSecurity Malaysia in Combating Cyber Terrorism 
CyberSecurity Malaysia, an agency under the Ministry of Communications and Multimedia Malaysia is structured to be able to mitigate cyber threats. One of the major characteristics of such threats is the cross border because Internet crimes do not conform to the physical boundary of a nation. Because of this, CyberSecurity Malaysia rigorously pursues international relations by establishing collaborative efforts with foreign government agencies and international organizations through bilateral and multilateral engagement. CyberSecurity Malaysia is also heavily involved in the establishment of cyber security multilateral engagement platforms such as the Asia Pacific CERT (APCERT) and the Organization of Islamic Cooperation-CERT (OIC-CERT). These platforms see the collaboration of similar organizations in mitigating international cyber threats.
In addition, other departments such as Digital Forensics, the Malaysia Computer Emergency Response Team (MyCERT) and Security Assurance have specific arrangements with their counter parts overseas. Since 2001, CyberSecurity Malaysia has been actively participated in various cyber security events locally, regionally and also internationally. All those conferences, seminars and workshops have been of great benefit not only to the target audiences (who attended the event) but also to the country. All those conferences, seminars and workshops have been of great benefit not only to the target audiences, but also to the country.
CyberSecurity Malaysia also organises its own event, known as Cyber Security Malaysia – Awards, Conference and Exhibition (CSM-ACE) yearly in Kuala Lumpur. CSM-ACE has stood out as the biggest and most talked-about public-private-community partnership event in Malaysia. We provide assistance in terms of detection, containment, analysing, eradication and recovery of incidents during national cyber crisis. We also produce Security Advisory/Alert during the national cyber crisis.
An awareness program known as CyberSAFE – Cyber Security Awareness For Everyone, is CyberSecurity Malaysia’s initiative to educate and enhance the awareness of the general public on the technological and social issues facing internet users, particularly on the dangers of getting online. CyberSAFE in Schools, is a program with the cooperation of the Malaysia’s Ministry of Education (MOE) aims to reach to young generation in schools, which comprises the major portion of Internet users in the country and the most vulnerable group.

References:
[1]      R. Ahmad and Z. Yunos, “A Dynamic Cyber Terrorism Framework,” Int. J. Comput. Sci. Inf. Secur., vol. 10, no. 2, pp. 149–158, 2012.
[2]      Z. Yunos, “Putting Cyber Terrorism into Context,” Published in the STAR In-Tech, p. IT11, 2009.
[3]      Z. Yunos and R. Ahmad, “The Application of Qualitative Method in Developing a Cyber Terrorism Framework,” in Proceedings of the 2014 International Conference on Economics, Management and Development (EMD 2014), 2014, pp. 133–137.
[4]      R. Ahmad, Z. Yunos, and S. Sahib, “Understanding Cyber Terrorism : The Grounded Theory Method Applied,” in IEEE International Conference on Cyber Security, Cyber Warfare and Digital Forensic, Malaysia, 26-28 June, 2012, pp. 334–339.
[5]      Z. Yunos, R. Ahmad, and N. A. A. Abd Aziz, “Definition and Framework of Cyber Terrorism,” Proceeding Southeast Asia Reg. Cent. Count. Terror. Sel. Artic., vol. 1/2013, pp. 67–79, 2013.
[6]      R. Ahmad, Z. Yunos, S. Sahib, and M. Yusoff, “Perception on Cyber Terrorism: A Focus Group Discussion Approach,” J. Inf. Secur., vol. 3, no. 3, pp. 231–237, 2012.
[7]      Z. Yunos, “Illicit Activities and Terrorism in Cyberspace,” in Proceeding of CENS-GFF CyberSecurity Forum – The Geostrategic Implications of Cyberspace, 2011, pp. 12–13.
[8]      Z. Yunos, R. Ahmad, S. M. Ali, and S. Shamsuddin, “Illicit Activities and Terrorism in Cyberspace : An Exploratory Study in the Southeast Asian Region,” in Pacific Asia Workshop on Intelligence and Security Informatics (PAISI 2012), Malaysia, 29 May, Springer Lecture Notes in Computer Science, Volume 7299/2012, 2012, pp. 27–35.
[9]      Z. Yunos and S. H. Suid, “Protection of Critical National Information Infrastructure (CNII) Against Cyber Terrorism: Development of Strategy and Policy Framework,” in IEEE International Intelligence and Security Informatics (ISI) Conference, Vancouver, Canada, 23-26 May, 2010, p. 169.
[10]    Z. Yunos, S. H. Suid, R. Ahmad, and Z. Ismail, “Safeguarding Malaysia’s Critical National Information Infrastructure (CNII) Against Cyber Terrorism: Towards Development of a Policy Framework,” in IEEE Sixth International Conference on Information Assurance & Security, Atlanta, GA, 23-25 Aug, 2010, pp. 21–27.
- See more at: https://www.observatoire-fic.com/addressing-cyber-terrorism-threats-by-zahri-bin-yunos-cybersecurity-malaisia/#sthash.PifmJJ92.dpuf
Read More»

PAPER CUTTING

Edit
Headline: 38 orang sertai Program Latihan Peningkatan Kecekapan Keselamatan Siber dan Maklumat
Media Title: New Sabah Times Bahasa (KK)
Date: 30 Jan 2016


Headline: Kita sendiri tentukan baik buruk media sosial
Media Title: Utusan Malaysia
Date: 6 Januari 2016

Headline: Undang-undang sedia ada memadai, menyeluruh
Media Title: Utusan Malaysia
Date: 18 Dec 2015
Headline: Kaji baik, buruk media sosial
Media Title: Utusan Malaysia
Date: 18 Dec 2015



Headline: Ancaman Keselamatan Siber
Media Title: Utusan Malaysia
Date: 6 Oct 2014



Read More»

PERSONAL PARTICULARS

Edit
DR. ZAHRI HJ YUNOS is a cybersecurity specialist and has been working in ICT field since year 1988. His last position was as the Chief Operating Officer of CyberSecurity Malaysia. Zahri has served the Government of Malaysia as well as other private organisations. Zahri is a certified Business Continuity Professional by the Disaster Recovery Institute International, USA and has been awarded Senior Information Security Professional by the (ISC)2, USA. Zahri also has contributed various publications and presented papers on topics related to cyber security, cyber terrorism and business continuity management.

Zahri holds a PhD in Information Security from the Universiti Teknikal Malaysia Melaka (UTeM), Malaysia. Zahri also holds a Master’s degree in Electrical Engineering from the Universiti Teknologi Malaysia, Malaysia and a Bachelor’s degree in Computer Science from the Fairleigh Dickinson University, New Jersey, USA. Zahri was appointed as Adjunct Professor of UTeM (2016 - 2018) and Adjunct Professor of Universiti Tun Hussein Onn Malaysia (2020 - 2021). In recognition of his expertise in cybersecurity, Zahri has been appointed as Board Members and Industry Advisers to several organisations/research institutions in Malaysia and abroad.

 Zahri expertise and experience has been critical in establishing and sustaining the nation’s prominence in cyber security, particularly in the Asia Pacific region and the Organization of Islamic Cooperation (OIC) countries. Indeed, Zahri was a central figure in the establishment of the OIC Computer Emergency Response Team (OIC-CERT), a collaborative effort of CERTs amongst the OIC countries. Zahri was actively involved in the establishment of NISER (National ICT Security and Emergency Response Centre)’s Panel of Experts (POE) and implementation of the National Cyber Security Policy, which boosted Malaysia’s international image in cyber security.

E-mail: zahriyunos[at]gmail.com
Read More»
Subscribe to: Posts ( Atom )