Regional Experts Advocate Unified Cyber Security Standards At The First Asia Pacific Cyber Security Salon

---

The threat of cyber security is a global one. Yet, mitigation and defence mechanisms remain national, and at best, regional. As advances and evolution in technology demand more sophistication in how we tackle cyber threats, there is also a pressing need for a more closely aligned regional – and eventually, international – approach.

As the Asia Pacific region collectively moves towards boosting economic recovery in the wake of the pandemic, and in line with the goals for digital transformation in a 5G era, it is increasingly crucial for all parties to come together to establish and promote common security standards, as well as build frameworks for risk management while advancing technology and economic development.

Anwer Mohamed YusoffWith this in mind, the Asia-Pacific Cyber Security Salon, the first of four regional sessions in the 2021 Cyber Security Salons, was held virtually on Tuesday (15 June), bringing together regulators as well as industry and cyber security experts from across the region.

Held by Forum Global in collaboration with Cullen International and Huawei Technologies, the panellists at the Salon explored, discussed and shared meaningful insights to the various approaches to cyber security in the region, drawing from the vast experiences they have had representing established names in the industry.

At the Salon, the panellists also shared their views on cyber policies and best practices developed at both the industry and national level, in the spirit of regional collaboration.

Among others, the Network Equipment Security Assurance Scheme (NESAS) was highlighted as a key mechanism to facilitate collaboration and form a unified cyber security standard.

NESAS, which is a security assurance framework for the mobile industry, is now used and recognised across the globe, by industry leaders such as Huawei, as a security baseline, and includes common requirements for security evaluations of network equipment and assessment of equipment vendors.

A joint effort between the 3rd Generation Partnership Project (3GPP) and Global System for Mobile Communications Association (GSMA), NESAS also includes standard-based assessments for 5G security as part of the Security Assurance Specifications (SCAS).

Speaking during the panel discussion at the Salon, Mohamed Anwer Mohamed Yusoff, Head of Industry Engagement & Collaboration, CyberSecurity Malaysia highlighted the need for industry players to collaborate on raising fundamental awareness of digital risks.

“Standards are important. Certainly, when it comes to 5G, mechanisms like NESAS come into play. But more than that, we need to look into joint collaborations to share information and threat intelligence…bottom line is, it is a joint effort,” he said.

Wu Rong
In her comments during the panel session, Wu Rong, Huawei 3GPP SA3 Chief Representative, Huawei Technologies, pointed out that a unified certification scheme is the best way to ensure mobile network security.

“Cyber security is more popular than ever before. Different groups are now (discussing) the various security features that are needed,” she said, emphasising that standards like NESAS, which have been widely recognised and adopted, provide a way forward for more robust security in this digital era.

In March 2021, CyberSecurity Malaysia, Celcom Axiata Bhd and Huawei Malaysia inked a memorandum of understanding (MoU) to establish the first 5G Security Test Lab in Southeast Asia with the goal of reducing and mitigating 5G-related threats.

The 5G Cyber Security Test Lab will not only execute test cases pertaining to IoT and the telecommunications security but will also function to enhance Malaysia’s preparedness in responding to cyber-attacks related to 5G.

In accordance with the MoU, all three parties will jointly identify strategic core areas in managing, mitigating and reducing threats to cyber security and introduce the NESAS or other equivalent standards and requirements into Malaysia’s 5G network industry.

Atsuko Okuda, Regional Director, International Telecommunication Union (ITU); Intan Rahayu, Director of Identification on Vulnerability and Risk Assessment of Critical Information Infrastructure, BSSN Indonesia; and Dr. Pongpisit Wuttidittachotti (Ph.D) of the Thailand Information Security Association (TISA) committee, King Mongkut’s University of Technology North Bangkok, also presented their views at the Salon.

---