Overcoming Malaysia’s Acute Shortage Of Cybersecurity Professionals

Career opportunities at high as online fraud looms larger across various industries, says APU's Dr Julia Juremi
BY Dharshini Ganeson

Dr Julia Juremi (left) cautions that phishing attacks are on the rise, creating a high demand for skilled professionals to counter the rising incidences of cyber-related crimes.
KUALA LUMPUR – Many people in Malaysia are falling prey to scams and other forms of virtual robberies daily. 
The perpetrators often trap victims using fake identities and posing as some sort of authority, threatening the gullible with prosecution over supposed illicit activities such as money laundering or transactions of prohibited items.
There are also depositors in financial institutions who claim their money went missing from their savings and current accounts, after their passwords were taken through the hacking of their phones or other devices.
In many cases, banks deny any wrongdoing on their part and depositors are left with few remedies, including seeking expensive and time-consuming legal recourse.
The rising incidences and the ease with which money is being pilfered from the accounts of Malaysians has raised alarm bells, with banks and other financial institutions warning their customers of scams.
The warnings alert Malaysians not to fall for fake stories by scammers, and not to release bank account passwords and confidential information related to their identity cards.
The rising numbers of victims is testimony to the sophisticated systems used to scam the victims. 
Dr Julia Juremi, head of the Forensic and Cyber Security Research Centre (FSEC) at Asia Pacific University of Technology and Innovation (APU) here, has cautioned that phishing attacks are on the rise.
“This type of online criminal activity is specialised, a form of social engineering where the attacker sends a fraudulent message designed to trick a person into revealing sensitive information or deploys malicious software known as ransomware on the victim’s infrastructure,” she said.
Social engineering refers to manipulating humans into giving personal information or  credentials. Phishing and scamming are examples of social engineering, she explained.
“The need to protect financial data, health information, intellectual property, and countless forms of other sensitive data is paramount,” she said.
In this light, there is a high demand for skilled professionals to counter the rising incidences of cyber-related crimes, paving the way for career opportunities for those pursuing a qualification in cybersecurity.

Dr Julia Juremi says Asia Pacific University of Technology and Innovation’s top facilities, which includes a cyber range, allow APU to create a hyper-realistic environment so students can study the various methods to neutralise a cyberattack on systems.
Vulnerability due to lack of preparedness, qualified professionals
Raymon Ram, managing principal of Graymatter Forensic Advisory, which offers consultancy services in cybercrime, said that the level of preparedness of institutions to prevent and withstand the threat of modern cyberattacks must be high.
“The human factor is one aspect. The second is the level of preparedness of financial institutions to prevent and withstand the threat of modern cyberattacks. 
“Both human and system-based factors must be evaluated, as one cannot work without the other,” he said.
Dr Julia feels that the current needs of the market are not being adequately met by the available supply of cybersecurity professionals, leading to financial institutions and banks being left in vulnerable positions.
“At APU, our cybersecurity courses are designed to cover all aspects, including defensive and offensive tactics in cybersecurity warfare. 
“We have a team of 17 academicians with various specialities such as in ethical hacking, digital forensics, network security, and cloud security who teach and guide students on how best to detect and neutralise the threats,” she said.
“The top facilities, which include a fully functional Security Operational Centre (SOC) and a cyber range, allow APU to create a hyper-realistic environment so students can study the various methods to neutralise a cyberattack on systems,” she said.
Dr Julia stressed that the issue of cyberattacks has become global. If it is not addressed at national level, it could threaten national security with the possibility of hackers breaching the country’s government agencies and defence systems.
Talents in cybersecurity urgently needed

Chaatish Rajandain, 26, currently works as a cyberthreat engineer with a cybersecurity solutions network company, focusing on what he terms as “threat hunting” and malware tactics.
With a Bachelors (Hons) degree in Information Technology from APU, specialising in information systems, Chaatish feels that this type of a career is a career of the future, with high salaries and good prospects of employment.
“Being exposed to the working environment, it was an eye-opener to face the growing number of cyberthreats and how Malaysians are an easy target.  Most Malaysians are trusting and honest, releasing confidential information.
“This means new talents in the form of highly trained professionals are badly needed to expose the threats and protect the organisations and the people at risk,” he said.
Teng Chee Yuen, 26, who leads a local bank’s forensic and incident response unit, shared how his undergraduate degree at APU stirred his interest in forensics and hacking in general. 
“My undergraduate degree in Forensic Computing from APU was challenging but satisfying, as the exposure to data breaches and how to deal with them opened new work opportunities in financial institutions,” he said.
On whether there is a shortage of cyber professionals in Malaysia, he said the shortage is visible not just in Malaysia but also globally. “There is a need for such specialists, trained and ready to face cyber-manipulation,” he said. 
Teng said students need to experience real-life case studies to prepare for future scenarios so they are able to deal with these occurrences of security breaches and cyberattacks in different environments.
“With top facilities at APU equipped with research labs and a cyber range which simulates cyberattacks, students have the opportunity to experience first-hand what a real attack would take and how long is needed to neutralise it,” he said.
Highlighting the urgency of the matter, the Anti-Phishing Working Group (APWG) had reported in September 2021 the existence of as many as 214,345 unique phishing sites targeting social media, financial e-commerce, logistics/shipping, and cryptocurrency sectors.

– Featured by The Vibes, May 11, 2022.