Celine Ting on Tailored Training in Tackling Cybersecurity Challenges

In this interview, Celine Ting, Co-Founder and Managing Director of OpenAcademy, highlights that Malaysian businesses face escalating cybersecurity challenges, with a significant rise in sophisticated threats like ransomware.

This has driven the need for robust cybersecurity training, as companies aim to protect their operations, reputation, and comply with regulations such as the Personal Data Protection Act (PDPA). OpenAcademy tailors its training to industry-specific needs through relevant case studies, hands-on simulations, and role-based scenarios.

Key learning objectives include preventing unauthorized access, avoiding information leaks, and ensuring secure data access, she says. OpenAcademy maintains relevance by collaborating with industry experts and regularly updating their content to reflect current trends and technologies.

Here are the questions and answers

Cybersecurity Challenges

How have you observed the challenges with cybersecurity evolving among Malaysian businesses in recent years?

In recent years, cybersecurity challenges among Malaysian businesses have evolved significantly. There has been a notable increase in sophisticated cyber threats targeting various sectors such as finance, healthcare, and telecommunications. For instance, statistics indicate a rise in ransomware attacks by 65 per cent over the past year alone, underscoring the urgency for robust cybersecurity measures.

Of course, we can pinpoint the factors that encourage Malaysian businesses to prioritise cybersecurity training for their employees including the growing threat landscape, regulatory requirements, as well as the imperative to protect customer data. Companies are also recognising that investing in cybersecurity training is not only important for compliance but also for safeguarding their daily operations, company’s reputation, and profitability.

What are the current factors influencing Malaysian businesses to prioritise investments in cybersecurity training?

With the recent data, the demand for cybersecurity professionals is very much increasing and Malaysia needs up to 30,000 skilled cybersecurity professionals by 2023, so this is a wake-up call for companies and business owners to invest in employee education and cybersecurity training programmes.

Adding on to that, several factors drive Malaysian businesses to prioritise investments in cybersecurity training. The escalating threat landscape is one of the main driving factors, coupled with stringent data protection regulations like the Personal Data Protection Act (PDPA), which necessitates proactive measures. Additionally, high-profile data breaches have highlighted the financial and reputational risks, prompting organisations to bolster their cybersecurity defences. So, business owners and leaders must prioritise cybersecurity training to mitigate these risks.

How are these training courses tailored to meet specific industry needs?

At OpenAcademy, customisation is very important in tailoring the training to the specific industry. Different sectors face unique cyber threats, so it is essential for training programs to incorporate relevant case studies and industry-specific scenarios. This approach ensures the training is highly pertinent to the participants.

Another key component is providing hands-on experiences – including simulations or exercises that mimic real-world situations allowing participants to apply their knowledge in a controlled setting. Role-based training is also beneficial, as employees may have different responsibilities during a cyberattack. Some roles require strategic planning and understanding, while others necessitate technical expertise and practical application. This specific approach ensures that all employees are well-prepared for their specific duties in the event of a cyber incident.

From your experience, what are the critical learning objectives of cybersecurity training that effectively prepare employees to address the evolving cyber threats Malaysian businesses face today?

In terms of the framework and the methodologies they are quite similar but there are always three components that cyber security training courses are all about. These are the main three learning objectives that should be in a cyber security course, and if you are taking a course you should look out for these three things.

Essentially, you want to make sure that you learn about how you can prevent access by hackers which is understanding ransomware, fishing, and insider threats. So, the basics must be honed in from the get-go.

Secondly, ensure that there are methods in the cybersecurity training to teach you how to prevent information leaks in general. Business owners need to ensure that their employees recognise the potential risks and leaking sensitive information. For example, case studies are a great way to show them what could potentially happen if there are cyberattacks or insider threats in the company.

The last one is for businesses to ensure restrictions to easily access data. For small businesses that use third-party tools, make sure they are using the right vendors and it is fully secure from the beginning. It is equally as important to understand that certain data may be restricted and not allowed to be accessed by third-party tools.

How does OpenAcademy ensure its cybersecurity courses remain relevant to the latest industry trends and technologies?

At OpenAcademy, we prioritise two key aspects of our learning content. Firstly, we collaborate exclusively with industry practitioners — experts actively engaged in implementing cybersecurity initiatives for clients. This is to ensure that our content is grounded in real-world experience and enriched with relevant case studies, while at the same time maintaining its practical relevance.

Another aspect is our connections with these practitioners also allow us to continuously review and update our learning materials. By staying informed about the latest cybersecurity trends, emerging threats, and technological advancements, we ensure our content remains current and effective.