KUALA LUMPUR: The Securities Commission Malaysia (SC) intends to release the new regulatory framework on technology risk management by early next year to enhance the capital market's ability to detect and mitigate cyber risks.
Chairman Datuk Seri Awang Adek Husin said cybercrime had become big business, and organisations and governments worldwide are paying more attention to cyber risks.
"Hackers choose to attack for a variety of reasons. Some do so to steal money or intellectual property.
"Others are driven to undermine our financial system, disrupt economies, or simply show off their capabilities," he said in his closing remarks at the Capital Market Cyber Simulation 2022.
The economic cost of cyberattacks globally is estimated to be in the billions of dollars, said Awang, whereby Malaysia recorded over 20,000 cybercrime cases with losses amounting to RM560 million last year.
Throughout the year, he said a spate of high-profile cyber-attacks, including those carried out on Ipay88 and most recently on Air Asia, has provided a grim picture of the current state of cyber threats.
"To safeguard investors and markets, we cannot afford to be complacent about cybersecurity.
"In addition, its importance to national security should not be overlooked," he said.
As cyber threats increase in volume and sophistication, Awang said cybersecurity requires a holistic approach that addresses both cyber and technology risks.
He added that cyber resilience is imperative for all capital market participants and a significant priority for the SC.
In this regard, Capital Market Masterplan 3 outlined several strategic initiatives that need to be undertaken to mitigate the risks.
The initiatives outlined were strengthening the SC's and the industry's intelligence capabilities to enhance readiness against potential breaches and imminent threats, developing an approach to bolster the industry's cyber defence capabilities, and developing a framework to regulate technology risks holistically.
"It is important for the industry to continue elevating its cyber resilience and readiness in light of evolving threats," he added.