BlackBerry’s latest research reveals that 79% of Malaysian organizations have faced software supply chain vulnerabilities in the past year, highlighting the critical need for secure-by-design practices and robust regulatory measures in line with Malaysia’s new Cyber Security Act 2024.
13 August 2024 – At the NACSA Cybersecurity Summit, BlackBerry Limited unveiled new research highlighting the significant cybersecurity vulnerabilities within the software supply chains of Malaysian organizations. The research, which surveyed global IT decision-makers and cybersecurity leaders in April 2024, revealed that 79% of Malaysian IT leaders had been alerted to an attack or vulnerability within their software supply chain in the past year, surpassing the global average of 76%. Alarmingly, nearly 40% of these organizations required up to a month to recover from such incidents.
This study coincides with Malaysia’s recent enactment of the 2024 Cyber Security Act (Act 854) and the launch of the National Semiconductor Strategy (NSS), aiming to position Malaysia as a global leader in semiconductor manufacturing. The findings underscore the critical need for secure-by-design software practices, particularly for IoT components, and robust regulatory measures to safeguard the IT supply chain, aligning with Malaysia’s broader goals of technological advancement and economic growth.
The BlackBerry survey revealed that nearly one-third of Malaysian respondents identified operating systems (30%) and IoT/connected components (19%) as the most at-risk areas within their organizations. The consequences of these vulnerabilities are severe, with financial losses (71%), reputational damage (66%), and data breaches (59%) being the most common impacts following a supply chain attack.
Dr. Megat Zuhairy bin Megat Tajuddin, Chief Executive of NACSA, emphasized the importance of the Cyber Security Act 2024 in bolstering Malaysia’s cyber resilience, particularly in critical sectors like semiconductor manufacturing and AI. He noted that Malaysia is committed to protecting its software supply chain through enhanced compliance, technology adoption, and workforce development initiatives such as the Cybersecurity Center of Excellence in collaboration with BlackBerry.
Christine Gadsby, BlackBerry’s Cybersecurity CISO, echoed these sentiments, highlighting the need for a comprehensive cybersecurity approach that includes skilled workers, secure-by-design products, and advanced AI monitoring tools to build trust and ensure the protection of Malaysia’s key industries.
The study also found that Malaysian organizations are highly compliant with certification standards, with 60% of IT leaders requesting compliance certification from their suppliers, surpassing global averages. However, the research also pointed out significant gaps, such as the discovery of previously unknown entities within software supply chains and irregular software inventory practices due to a lack of technical understanding and skilled talent.
As Malaysian companies continue to face challenges in monitoring their software environments, over three-quarters of respondents expressed a desire for improved tools to enhance visibility and manage vulnerabilities more effectively. Gadsby concluded by stressing the importance of modern AI-powered technologies and ongoing training to help organizations address emerging threats and maintain robust cybersecurity defenses.