Organizations Urged to Implement Comprehensive Technology Risk Management Framework, Says BERNAMA

The Securities Commission Malaysia (SC) has emphasized the importance of having a comprehensive technology risk management framework in place for organisations. Chairman Datuk Seri Dr Awang Adek Hussin highlighted the significance of initiatives like the Guidelines on Technology Risk Management (GTRM) and the Capital Market Cyber Simulation (CMCS) in preparing the industry to tackle challenges effectively.

Awang Adek stressed the need for organisations to improve their management of risks related to third-party service providers, especially with the increasing use of services like cloud services. He mentioned that the GTRM, aimed at establishing a sound technology risk governance and oversight, will come into effect on August 1, 2024. Entities are expected to submit a declaration of compliance to the SC by the first quarter of 2025.

The SC’s commitment to driving fintech development through initiatives like the Innopolicy Roundtables and the SCxSC Fintech Summit highlights the importance of collaboration between regulators and industry stakeholders in addressing emerging challenges.

Awang Adek also expressed concern over the industry’s lack of adherence to basic cyber hygiene practices, which could leave organisations vulnerable to cyber-attacks, ransomware, and data loss. He emphasized the need for organisations to keep up with key security practices like penetration testing, vulnerability assessment, and privileged access management to strengthen their resilience against potential cyber threats.

The CMCS was highlighted as a proactive approach by the SC to prepare the industry for cyber incidents by simulating real-world scenarios to test response and recovery strategies. Overall, the SC’s efforts aim to keep the industry informed about the latest technology trends and reinforce the importance of effective technology risk management at all levels of leadership.