Welcoming Remarks at The CEO Engagement - SCxSC: C-Suite Forum on Managing Technology and Cyber Risks
Speaker: Dato’ Seri Dr. Awang Adek Hussin, Chairman SC Malaysia
Location: Bukit Kiara, Kuala Lumpur 
Delivered: 10 May 2024

Key Highlights:
In his welcoming remarks, SC Chairman, Dato’ Seri Dr. Awang Adek Hussin, stressed on the need for effective leadership to navigate the complexities of technological advancements. He was deeply concerned that many industry players continue to fall short in their cyber hygiene practices. Many organisations are also failing to adhere with key security practices.

Here are highlights from his keynote speech:

  1. The SC's commitment to driving fintech development through upcoming initiatives like the Innopolicy Roundtables, Pitch and Match sessions, and the SCxSC Fintech Summit underscores the importance of collaboration between regulators and industry stakeholders in addressing emerging challenges.
  2. Cyber hygiene practices are fundamental to an organisation’s ability to defend itself from cyber-attack, ransomware, and even data loss events.
  3. It is important to ensure a comprehensive technology risk management framework is in place for leaders of organisations.
  4. The SC is preparing the industry to face challenges that may arise through intiatives such as the Guidelines on Technology Risk Management (GTRM) and the Capital Market Cyber Simulation (CMCS).
  5. Guidelines on Technology Risk Management will take effect on 1 August 2024.
  6. Entities are expected to submit a declaration of compliance to the GTRM to the SC by the first quarter of 2025.
Full Text

Tuan-Tuan dan Puan-Puan Yang Dihormati Sekalian

Assalamualaikum warahmatullahi wabarakatuh, salam sejahtera dan selamat pagi.

  1. Welcome to today’s SCxSC: C-Suite Forum on Managing Technology and Cyber Risks.
  2. First and foremost, I wish to express my sincere apologies for not being able to join you in person this morning.
  3. Despite my physical absence, I am truly honoured to address such an esteemed gathering and would like to express my heartfelt appreciation for your participation.
  4. Your presence here this morning represents your strong commitment to managing the technology and cyber risks within the Malaysian capital market.
  5. As such, I eagerly anticipate the invaluable insights and discussions that will unfold today.

    Ladies and gentlemen,

  6. The pace of technological advancement, both globally and locally is unprecedented. Cloud computing, big data, blockchain and artificial intelligence (AI) offer opportunities to redefine our market and optimise operations like never before.
  7. Additionally, we have observed a growing reliance on third-party service providers, particularly in areas like Cloud Services and artificial intelligence, among others.
  8. But with every advancement, there are inherent risks – from cybersecurity vulnerabilities to regulatory compliance concerns.
  9. We need effective leadership to navigate the complexities of technological advancements.
  10. Effective leadership sets the tone on technology governance and cybersecurity culture. This would also bridge conversations between business, IT, and security functions and ensure organisational alignment and adaptability.
  11. Today’s forum holds special significance. Against the backdrop of ever-evolving landscape of technology and cyber risks, it is crucial for us to come together to enhance our understanding and find effective solutions that can strengthen our resilience.
  12. The SC’s commitment to driving fintech development through upcoming initiatives like the Innopolicy Roundtables, Pitch and Match sessions, and the SCxSC Fintech Summit underscores the importance of collaboration between regulators and industry stakeholders in addressing emerging challenges.
  13. Similarly, this event aims to keep the industry abreast with the latest technology trends and shed light on prevalent industry technology audit findings and incidents that may impact business operations. The SC would also like to align leadership role expectations, reinforcing what is expected of the top brass regarding managing technology risk.
  14. I have been informed that many industry players still fall short in their cyber hygiene practices even in terms of basic controls to critical systems. This is highly concerning because such basic hygiene is fundamental to an organisation’s ability to defend itself and our analysis suggests that inadequacies lead to cyber-attacks, ransomware, and even data loss.
  15. Many organisations also are not keeping up with key security practices like penetration testing, vulnerability assessment, hardening practice, privileged access management and regular review on user ID, to name a few. This is alarming especially with cyber incidents, such as ransomware and data breaches becoming more common.
  16. In today’s business landscape, use of third-party services such as cloud services is increasingly predominant. We find that organisations can do better in managing risks related to third-party service providers by putting proper frameworks in place.
  17. For leaders of organisations such as yourselves, it is important to ensure a comprehensive technology risk management framework is in place. This guides organisations to identify key risks and put the right controls in place.
  18. Through initiatives like the Guidelines on Technology Risk Management (GTRM) and the Capital Market Cyber Simulation (CMCS), we are preparing the industry to face any challenges that arise.
  19. Please note that the Guidelines on Technology Risk Management will take effect on 1 August 2024. It is designed to guide the market participants to establish a sound and robust technology risk governance and oversight.
  20. In addition to that, entities are expected to submit a declaration of compliance to the GTRM to the SC by quarter 1, 2025. More information regarding this will follow closer to the Guidelines taking effect.
  21. Meanwhile, the Capital Market Cyber Simulation serves as a testament to the SC’s proactive approach in preparing the industry for cyber incidents. By simulating real-world scenarios, organisations can test their response and recovery strategies, thereby strengthening their resilience against potential cyber threats.

    Ladies and gentlemen,

  22. In conclusion, today’s forum marks the beginning of an ongoing partnership aimed at shaping the future of our industry.

  23. Your attendance here today underscores your commitment to fortifying our collective resilience in the face of technological challenges.
  24. Together, let us embark on this journey towards a brighter future, defined by innovation and collaboration, with resilience.
  25. Thank you. Sekian, terima kasih

SC AFFILIATES
RELATED SITES
about the SC
The Securities Commission Malaysia (SC) was established on 1 March 1993 under the Securities Commission Act 1993 (SCA). We are a self-funded statutory body entrusted with the responsibility to regulate and develop the Malaysian capital market.

General Line: +603-6204 8000
General Email: [email protected]
© Copyright Securities Commission Malaysia.  Contact Us   |    Disclaimer   |   The site is best viewed using Microsoft Edge and Google Chrome with minimum resolution of 1280x1024
Ooops!
Generic Popup