Written by : Kavitha Muthy
Dr Solahuddin Shamsuddin, Chief Technology Officer of CyberSecurity Malaysia is one of the most self-confident CTO who has been interviewed. He is an involved, intelligent, and focused CIO who is the first batch of C-level professional got Certified Chief Information Security Officer (C|CISO) by EC-COUNCIL. He is ever ready to hit the ground running for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected upon certifying himself.
Prior to joining CyberSecurity Malaysia, he was serving the Malaysian Armed Forces for a decade. He then decided to explore information security arena to take a tour, and become an asset to CyberSecurity Malaysia. A PhD holder, Dr Solahuddin always puts information security on top of his duty list by having his care to the nation.
He further explains that in principal the objective of the military (or army, navy and air force) is to defend the country with the interests in strengthening peace and stability. However, cyber security should be the responsibility of everyone in an organization under the leadership of a CISO . If one wants to specialize security, he or she should then understand the fundamentals information security.
He is proud to be part of CyberSecurity Malaysia , an agency that plays a critical role to protect our national critical infrastructure. He further explains that CyberSecurity Malaysia provides guidelines for Critical National Information Infrastructure with a framework addressing the cyber work force matter. He acknowledges that there is a shortage of cyber security professionals in Malaysia. In order to address this issue, every company should have at least one dedicated security professional. He or she needs to be trained and certified for continuous and efficient security implementation. All security experts agree that human is the weakest link, thus level of cyber awareness also needs to be increased. Without appropriate security knowledge, the process and technology alone are not sufficient for an effective implementation of security in any company. Literally, training and awareness is essential for everyone.
He wants to continue on this vein of cyber security field and strongly recommends that every organization including SME, should have a minimum of one trained and certified security professional. They too need the right technology, process and people to run their business.
He strongly emphasizes that, SME’s must know what to do and who should do, when a system is being compromised or data being breached, or in any sort of cyber-attacks. Most importantly, getting the right person to do the right thing is crucial.
Dr Solah feels it is fabulous way to give back to the nation while doing something that he adores. Being in cyber security field, he further recommends that all organizations under the CNII category, must ensure his cyber security officer is a Certified Chief Information Security Officer by EC-Council. The certification covers the crucial areas for C-Level executives to understand in order to succeed and drive information security throughout their organizations. He believes that cybersecurity issues shall be discussed and solved at board level because an organization needs critical decision with relevant inputs form top management.
He further shares his concerns that, the usage of social media has increased which is linked to the increase in security incidents. All social media users share much sensitive information online without understanding the danger and consequences of their actions. The severity of cyber threats in Malaysia is very high and it will eventually increase due to better telecommunication infrastructure and increased internet users. Users need to know the do and don’ts when they are online. Cybersecurity incidents reported to MyCERT (a department under CyberSecurity Malaysia), indicated that internet fraud is one of the highest incidents in Malaysia. Users easily become the victims to scam as not many of them know the consequences. Users must validate information that they receive online or even on their mobile devices. He adds that CSM is actively promoting the CyberSAFE programs, identifying and training CyberSAFE Ambassadors where most of the programs are targeting school students.
“Cyber security is my passion and I want to develop sufficient cyber security professionals at national level who can protect our nation against any cyber attacks that include cyber war” said Dr Solah. He believes that after achieving the Certified CISO, he gained extreme level of knowledge and better understood the crucial role of CISO. He feels that the CCISO program is an excellent program as it is conducted by an experienced trainer who comes with extensive knowledge and skills.
“CCISO requires to be at highest level with management skills as he makes critical decisions and looks into key domains of technology as well as solutions in an organization. It measures the level of professionalism”, he said.
Dr Solah would not only enjoy his cyber security experience, but would be an excellent addition to the Cybersecurity Community. He is very involved, bright, and driven.