Cybersecurity Experts Give Penang’s Manufacturers Hard Truths and Awakenings

Cybersecurity Asia (CSA) and the Federation of Malaysian Manufacturers (FMM) successfully held their second “Cybersecurity in Manufacturing: Making Things Secure” event this year. The event highlights the importance of cybersecurity for Malaysia’s smart manufacturers—one of the top concerns according to FMM’s audience and members. Earlier this month, we took this event to Malaysia’s hub of manufacturing, Penang, which is the preferred base of operations for numerous electronics, machinery, and textile manufacturers. Yes, Penang provides more than just the best Char Kuey Teow in the country.

CSA Group Publisher Andrew Martin headlined the attendees and gave a keynote. We also brought with us four key experts with knowledge on cybersecurity, some of whom had made their first appearance as speakers at an event in Penang. These four speakers came from Sophos (Kevin Goh), Veeam Software (Yoong Seng Lai), Ruckus Networks (Khoo Boo Leng), and Sangfor Technologies (MK Lim). These sponsors brought their teams to engage with the event’s attendees—most of whom were IT authorities from their manufacturing companies.

Sophos Tackles Cybersecurity Issues in Manufacturing

Kevin Goh, Senior Sales Engineer for Sophos, was the first speaker to share insight on cybersecurity issues in manufacturing. He shared important figures about the manufacturing industry. He noted in his speech that from Sophos’s own research, the percentage of manufacturers affected by ransomware attacks rose to 65% in 2024—an increase from 56% in 2023. Goh also noted that active adversaries have been observed speeding up their numerous approaches for these attacks.

With manufacturers, there is additional pressure to protect their IT & OT environments from bad actors. On this point, Goh introduced Sophos’s vertical Secureworks and their products—Taegis MDR and Taegis NDR—for OT as a specialised solution for industries heavily reliant on OT environments such as manufacturers. Aside from Secureworks, Sophos also have the Sophos Central Platform and MDR solutions to also aid in fraud prevention and stopping active threats.

Tackling Hard Truths and Rude Awakenings with Veeam

Shortly after, Yoong Seng Lai, Solution Architect, Southeast Asia & Korea (SEAK), at Veeam Software, delivered his keynote. Lai did not shy away from giving a room of Malaysian manufacturers some hard truths and eye-opening facts. According to him, the manufacturing industry is the most targeted sector for cyber threats in Malaysia—something noted even by other vendors such as Palo Alto Networks.

In fact, Malaysia ranked 8th globally in the volume of breaches experienced. In Southeast Asia, there was a recorded 47% increase in malware attacks. With statistics such as these, it might not be at all controversial to say that those who think a cyberattack has not happened can wait a bit before spending more or putting effort into upgrades. Unfortunately, these are exactly who cyberattackers are looking for. This underscores that in this era full of cyber adversaries, there is also a cost to doing nothing.

Lai Yoong Seng of Veeam came next and pointed out that data protection is not the only factor for manufacturers. He emphasised that data resilience is paramount for manufacturers as well. The good news is that Veeam has bundles of end-to-end offerings for that via their versatile Veeam Cybersecure Programme. Additionally, Veeam promotes their Data Resilience Maturity Model (DRMM), which they say provides a very effective approach to data resilience.

Ruckus Networks: Improperly Managed Network Access Is Risky

Khoo Boo Leng, ASEAN Systems Engineering Manager at Ruckus Networks, focused on the risks around improperly managed network access. When managing production lines, warehousing, logistics and offices, it is crucial to have a reliable network that does not have weaknesses and vulnerabilities. Security risks in this case include unencrypted data traffic, unsecured devices, rogue access points, and lack of network visibility. These are all serious security risks that can cost manufacturing companies massively in downtime and recovery if they are exploited.

To this point, Leng talked about Ruckus CloudPath, which handles automated onboarding, broad device support, Wi-Fi reliability, and solid policy control. With Ruckus Networks, users also benefit from AI Analytics over security incidents to stay vigilant. Ruckus Networks’ Secure Architecture and Ruckus Powered Secure Solutions are also services on offer to maximise staying vigilant for industrial enterprises.

Sangfor Technologies Ends the Show

MK Lim, Pre-sales Consultant at Sangfor Technologies, gave the final presentation to bring the event to a close. Sangfor Technologies can be described as a one-stop shop, offering cybersecurity and cloud computing solutions for their clients. Lim’s take on cybersecurity in manufacturing includes a stance that resonated with the crowd and which IT professionals can really appreciate. According to him, besides the upgrades and infrastructure that Sangfor and other companies can provide, security is also heavily reliant on the people that make up an organisation. This includes talent, obviously, and also the standardised process in which all employees should be trained.

Lim stressed that while adopting and upgrading IT, OT, or even IoT security infrastructure is, indeed, necessary, it should be implemented with the understanding that IT talent is always at the helm. This is not a matter of upgrading and forgetting with no worries. Security Operation Teams should be utilising the newest technology at their disposal to properly analyse and investigate incidents or activity. This ideology is what Sangfor XDR is built around. Additionally, Sangfor’s LLM solution—Security GPT—is refined for IT security talents to work and develop operations at a faster rate.

Indeed, the second “Cybersecurity in Manufacturing: Making Things Secure” event of the year tackled some hard, uncomfortable truths in this digital age full of cyber threats. But it was also informative and eye-opening and provided critical insights that Penang’s and Malaysia’s manufacturers can keep in mind as they try to safely navigate this cyber landscape.

To that point, we at CSA thank these cybersecurity experts for caring and for engaging directly with Penang’s manufacturers. We also thank FMM for helping to identify these concerns from manufacturers and being able to connect their audience with the event sponsors (Sophos, Veeam Software, Ruckus Networks, and Sangfor Technologies).