Organisation Overview

CyberSecurity Malaysia, CSM is the national cyber security specialist agency which effect from 21 May 2018, under the purview of the Ministry of Communications and Multimedia Malaysia (KKMM). CSM aim to reduce vulnerability of digital systems and strengthen Malaysia’s self-reliance in cyberspace by providing a broad range of cybersecurity innovation-led services.

Business Challenges

Cyber threats are continuously evolving and represent potential threats to national security. Thus, CSM always exploring ways to optimise cyber threats detection and monitoring to increase the efficiency in responding rapidly to possible cyber threats.
The process of obtaining required data, performing analysis and reacting to cyber threats quickly is one of the challenges that CSM were facing. CSM was mainly rely on human resources to manually track insights from external sources and link them with available internal data. Due to the increasing volume and variety of data, it’s difficult for analyst to track insights and respond to threats in a timely manner especially to consolidate as much as relevant external online sources with internal data.

The Solution

Greater efficiency in data acquisition, processing and analysis from external online sources could enable security analysts to perform data exploration and discovery while increasing the ability to respond rapidly to possible cyber threats. Therefore, CSM decided to evolve their cyber security system with anomaly detection from KewMann to obtain timely insights by automating data acquisition, processing and analysis:

• External online sources are now crawled through automated spiders and mashup with internal data.
• Unstructured text data can be converted into meaningful format for in-depth analysis while the text is analysed using Natural Language Processing (NLP) to extract useful information.
• The processed data will be indexed, aggregated and stored from multiple sources for visual analysis to produce comprehensive cyber threats insights.

The Results

With the integration with anomaly detection, the cybersecurity agency has increased the efficiency of the entire cyber security work process and construct the data from external and internal into workflows. The solution addresses the cybersecurity agency’s requirement to:

• Execute new automated data processing workflow
• Enable proactive cybersecurity strategies based on timely internal and external insights
• Optimise workflows efficiency within minutes instead of weeks