Most Read
Most Commented
mk-logo
Corporate Announcement
PADU Security Breach and Recommendations for Strengthening Cyber Resilience
Published:  Jan 8, 2024 3:20 PM
Updated: 7:20 AM

PIKOM, the National ICT Association of Malaysia, acknowledges the recent security breach affecting the PADU platform launched by the Malaysian government. While we commend the government's initiative in developing and deploying PADU utilizing internal public sector expertise, we believe the vulnerabilities discovered highlight the need for a more comprehensive approach to cybersecurity in critical government IT infrastructure.

We applaud the objective of PADU – streamlining public service delivery for citizens. Utilizing internal talent for such projects fosters self-reliance and knowledge retention within the public sector. However, when it comes to complex technological initiatives, particularly those involving sensitive data, striking a balance between leveraging existing resources and engaging external expertise is crucial.

The fundamental nature of the discovered vulnerabilities suggests that they could have been identified during the development and testing phases. This underscores the importance of involving independent, industry-expert security personnel in comprehensive security assessments throughout the entire software development lifecycle. Such assessments, conducted by real-world threat actors and penetration testers, would significantly bolster the platform's resilience against cyberattacks.

Furthermore, PIKOM urges the government to consider collaborating with the private sector in upskilling public officers in niche areas like cybersecurity. Industry attachments, where public officers spend time working within established private companies, can provide invaluable real-world experience and exposure to cutting-edge security practices. This knowledge transfer would then enhance internal capabilities and ensure future projects are developed with robust security considerations from the outset.

At PIKOM, we remain committed to working with the government and industry stakeholders to strengthen Malaysia's overall cybersecurity posture. We believe that by adopting a collaborative approach, including leveraging independent expertise, promoting knowledge sharing, and fostering upskilling initiatives, we can build a more secure and robust digital infrastructure for our nation.


This article is provided by PIKOM

The views expressed here are those of the author/contributor and do not necessarily represent the views of Malaysiakini.


Please join the Malaysiakini WhatsApp Channel to get the latest news and views that matter.

ADS