Building Digital Trust in Malaysia: Essential Steps Every Organisation Should Take
by Sandra Lee, Managing Director, ASEAN and Greater China Sophos
In today’s interconnected world, digital trust has become an essential component of any successful digital transformation. Digital trust is the confidence that users place in a company’s digital infrastructure to keep their data and interactions safe, confidential, and reliable. Digital trust is essential to building a safer and peaceful society as it combats misinformation, protects privacy, and promotes social cohesiveness, in addition to improving security and resilience through teamwork and the sharing of threat intelligence.
Malaysia’s Cyber Security Act 2024, which was officially published in June, reinforces the importance of prioritising digital trust. This legislation serves as a comprehensive legal framework designed to safeguard the nation’s critical information infrastructure (CII), ensuring that organisations meet stringent cybersecurity requirements to protect the digital environment from increasingly complex cyber threats. Additionally, the Act introduces regulations that require organisations to meet stringent cybersecurity protocols by conducting regular risk assessments and audits and promptly reporting any cybersecurity incidents to the National Cyber Security Agency (NACSA).
Malaysia’s Minister of Digital Affairs has underlined the importance of prioritising digital trust to combat cyber threats. Additionally, by improving digital trust, Malaysia can remain a competitive player in the global economy and offer more opportunities for businesses and citizens. Strengthening this digital trust also aligns with the United Nations’ zero draft on the ‘Global Digital Compact’ that aims to establish an inclusive, open, safe, and secure digital environment for all. Technology that safeguards, informs and empowers businesses requires a reliable digital environment.
How can organisations support this objective? Here are five essential actions:
- Prioritising Data Security and Privacy
- Implement advanced security protocols: Organisations should use robust security measures like encryption and multi-factor authentication to safeguard sensitive data. Weak passwords, insufficient encryption, out-of-date software, and other security flaws are frequently discovered during a cyber security audit. These flaws pose a significant risk to an organisation’s data and frequent cybersecurity audits can assist in identifying these risks and tackling these security weaknesses.
- Develop transparent privacy policies: Clear and concise communication of privacy policies that explain how data is collected, used, stored, and shared is essential. This builds trust and shows users that you respect their privacy and are committed to protecting their data, users are also more likely to trust an organisation that openly communicates their data handling practices.
- Ensure compliance with regulations: Organisations should adhere to data protection laws, such as Malaysia’s Personal Data Protection Act (PDPA), which is not just about legal compliance but it’s also about earning and maintaining user trust.
- Ensuring Reliability and Performance
- Maintain system reliability: Digital trust hinges on the consistent performance of digital systems. System reliability is like a promise to its users, when a system consistently delivers on its promise by working as expected, users develop more trust in the system. Organisations should ensure their systems are reliable, with minimal downtime, and can recover quickly from any outages. Reliable systems are crucial for ensuring business continuity.
- Embracing Transparency and Accountability
- Communicate openly about security issues: In the unfortunate event of a data breach or security issue, transparency is key. Promptly informing stakeholders about what happened, what is being done to address the issue, and how similar incidents will be prevented in the future is essential. Attempting to downplay or conceal the incident can severely damage the organisation’s reputation. Transparency helps build and maintain trust. Open communication during a security issue is not just about damage control – it’s about demonstrating integrity and responsibility.
- Simplify user agreements: Avoid using complex legal jargon or technical terms when it comes to terms of services and user agreements. Clear, straightforward language helps users understand their rights and the company’s responsibilities, fostering trust and avoiding misunderstandings.
- Developing a Robust Crisis Management and Response Strategy
- Prepare for the worst: A comprehensive incident response plan is crucial. With cyber threats becoming more prevalent, being prepared to respond swiftly and effectively to any potential breach is important. It should outline steps to quickly address and mitigate any digital threats or breaches, minimising the impact on users and operations. By being proactive and well-prepared, organisations can build resilience against cyber threats and maintain the digital trust that is crucial for long-term success.
- Proactive communication during crises: During a digital crisis, being proactive in communication is essential. Providing stakeholders with clear, accurate, and timely information helps maintain trust, even in challenging situations. By being timely, transparent, and empathetic in its communication, an organisation can not only manage the immediate crisis but also strengthen its long-term relationship with stakeholders. In an era where digital trust is fragile and easily lost, how an organisation communicates during its most challenging times is critical to maintaining its digital trust.
By focusing on data security, reliability, transparency, and effective crisis management, organisations can build strong foundations of digital trust. This not only protects users and their data but also fosters long-term relationships with stakeholders, setting the stage for sustainable success in Malaysia’s digital future. As Malaysia continues to advance its digital infrastructure, focusing on compliance with laws like the Cyber Security Act 2024 and maintaining an emphasis on digital trust is essential to navigating the complexities of the digital landscape and ensuring a safer digital future for all.