PETALING JAYA: The government should consider working with cybersecurity experts in the private sector to better protect critical data in the Central Database Hub (Padu), says a top tech industry trade group.
The National ICT Association of Malaysia (Pikom) said security vulnerabilities which had been recently highlighted could have been identified at the development and testing phases of the platform.
“Such assessments, conducted by real-world threat actors and penetration testers would significantly bolster the platform’s resilience against cyber attacks. Utilising internal talent for such projects fosters self-reliance and knowledge retention within the public sector,” Pikom said in a statement yesterday.
“However, when it comes to complex technological initiatives, particularly those involving sensitive data, striking a balance between leveraging existing resources and engaging external expertise is crucial.”
Launched on Jan 2, Padu is the government’s central hub for data on its citizens which is aimed at distributing aid and subsidies efficiently and accurately.
Pikom’s comments follow concerns raised by former deputy minister Dr Ong Kian Ming that someone could register on Padu using another person’s IC and postcode.
Ong, a former MP, had claimed that he was able to do this with the details of four of his friends who are currently MPs in the unity government.
In response to this, Pikom urged the government to consider collaborating with the private sector to up-skill civil servants in cybersecurity.
“Industry attachments, where public officers spend time working within established private companies can provide invaluable real-world experience and exposure to cutting-edge security practices.
“We believe that by adopting a collaborative approach, including leveraging independent expertise, promoting knowledge sharing, and fostering upskilling initiatives, we can build a more secure and robust digital infrastructure for our nation,” it said.
