MalaysianUpdates

Tag: #Cybersecurity

  • Malaysian Businesses Accelerate AI Use Despite Growing Security and Governance Gaps

    Malaysian Businesses Accelerate AI Use Despite Growing Security and Governance Gaps

    TrendAI™, a global leader in AI security, has released new research revealing that organisations worldwide are continuing to accelerate AI deployment despite known security and compliance risks.

    In Malaysia, the study found that 75% of IT decision makers and 70% of business leaders feel pressured to approve AI initiatives even when security concerns exist. One in seven respondents described these concerns as “extreme,” yet said they were still overridden in order to keep pace with competitors and internal demand.

    AI adoption is clearly outpacing governance and control. Only 29% of Malaysian business decision makers reported being very or extremely confident in their understanding of legal frameworks governing AI, compared to 63% of IT decision makers. Around 52% of IT leaders said they already have comprehensive AI policies in place, while 39% are still developing them. Nearly half (51%) cited limited security or data expertise as the main barrier to safe AI adoption, followed closely by a lack of clear regulations and compliance standards (49%).

    According to Goh Chee Hoh, Managing Director for Malaysia at TrendAI™, organisations in Malaysia are deploying AI faster than they can manage the associated risks, creating a widening gap between ambition and oversight. He noted that this reflects a broader disconnect in governance maturity among business leaders. To close this gap, leadership must move beyond reactive security and focus on full visibility into how AI interacts with data, supported by a centralised framework that embeds accountability and risk oversight into system architecture. He added that initiatives such as the MY-AI Standards are a positive step in addressing risks like deepfakes and algorithmic bias. However, as Malaysia moves towards its goal of becoming an AI Nation by 2030, organisations must strengthen governance and defensive resilience to ensure AI adoption leads to a sustainable digital future.

    Rachel Jin, Chief Platform & Business Officer and Head of TrendAI, said that organisations are not lacking awareness of risk, but rather the conditions needed to manage it effectively. She explained that when AI deployment is driven by competitive pressure instead of governance maturity, systems are often integrated into critical infrastructure without sufficient controls, increasing exposure to risk. She emphasised that TrendAI remains focused on helping organisations achieve strong business outcomes while maintaining effective risk management.

    The research also highlights that pressure-driven AI rollout is being worsened by inconsistent governance and unclear accountability for AI-related risks. Security teams are often forced to react to top-down AI decisions, which can lead to workarounds and increased use of unsanctioned or “shadow” AI tools. TrendAI’s latest threat research further shows that attackers are already using AI to automate reconnaissance, scale phishing campaigns, and lower barriers to cybercrime, increasing both the speed and scale of attacks.

    Trust in autonomous AI systems remains at an early stage among business leaders. Fewer than half (44%) of Malaysian decision makers believe agentic AI will significantly improve cyber defence in the short term, citing concerns around data access, misuse, and lack of oversight.

    More than half of organisations (57%) identify AI agents accessing sensitive data as their biggest risk. Around 45% are concerned about malicious prompts compromising security, while 37% fear misuse of trusted AI systems and risks linked to autonomous code deployment. At the same time, 36% admit they lack sufficient observability or auditability over these systems, raising concerns about how they can be effectively monitored or controlled once deployed.

    Nearly half (48%) of organisations support the introduction of an AI “kill switch” to shut down systems in the event of failure or misuse, while more than half remain undecided. This highlights a broader lack of consensus on how to maintain control over increasingly autonomous AI systems.

    “Agentic AI is moving organisations into a new risk category,” added Rachel Jin. “The concerns are already clear, from sensitive data exposure to loss of oversight. Without visibility and control, organisations risk deploying systems they do not fully understand or govern, and that risk will continue to grow unless action is taken.”

    Read the full global report: Securing the AI-Powered Enterprise – Governance Gaps, Visibility Challenges and Rising Risk.

    *TrendAI commissioned SAPIO Research to survey 3,700 IT and business decision makers across 23 countries globally.

    About TrendAI™
    TrendAI™, the global AI security leader and enterprise business unit of Trend Micro, empowers organisations with full AI visibility and unified security to drive innovation while reducing risk. Trusted by leading enterprises and governments across 185 countries, TrendAI™ secures organisations from identities to infrastructure and data.

    Global Fortune 500 companies rely on TrendAI™ to reduce risk and detect threats up to three months earlier, powered by advanced threat intelligence.

    Through ecosystem partnerships with NVIDIA, Anthropic, AWS, Google, and Microsoft, TrendAI™ helps organisations adopt AI securely and at scale.

    AI Fearlessly.

  • Samsung Expands Mobile Security Rewards Program with $1 Million Payouts to Strengthen User Protection

    Samsung Expands Mobile Security Rewards Program with $1 Million Payouts to Strengthen User Protection

    Samsung Electronics has introduced significant updates to its Mobile Security Rewards Program, including an increase in the maximum reward amount to $1 million for reporting high-risk security vulnerabilities. This expansion highlights Samsung’s ongoing commitment to improving mobile security by fostering a deeper partnership with cybersecurity researchers, ethical hackers, and security experts worldwide. The program now covers a broader spectrum of vulnerabilities, including critical scenarios that could jeopardize users’ data and privacy, offering enhanced incentives for responsible disclosures.

    Since its initiation in 2017, the program has been central to Samsung’s strategy to stay ahead of rapidly evolving cyber threats. It encourages the global security community to identify weaknesses in Samsung’s mobile devices and services, helping to ensure that vulnerabilities are addressed before they can be exploited. With the rise of increasingly sophisticated cyberattacks, the updated program reflects Samsung’s dedication to proactive, collaborative efforts to secure its products and protect user data.

    The newly enhanced Important Scenario Vulnerability Program within the Mobile Security Rewards initiative focuses on the most severe vulnerabilities, such as those that enable unauthorized access to privileged system components, arbitrary code execution, or data extraction. For these high-impact issues, Samsung now offers rewards up to $1 million, underscoring the importance of swift action to resolve the most dangerous security risks.

    “We understand that the cybersecurity landscape is becoming more complex and harder to defend against,” said Justin Choi, Corporate Vice President and Head of the Security Team at Samsung Electronics. “By working closely with the security community, we can identify potential threats earlier, giving us the best chance to mitigate risks and protect our users.”

    These rewards not only encourage ethical hackers to participate but also align with Samsung’s overarching goal to ensure that its devices remain resilient against sophisticated attacks. The expanded program aims to quickly address vulnerabilities that could have a significant impact on users, from device protection bypasses to the potential exposure of sensitive personal data.

    Samsung has also made significant improvements to its Mobile Security Risk Classification system. This updated system now offers a more comprehensive and transparent framework for categorizing vulnerabilities, ensuring that the severity of each issue is evaluated based on its potential impact on user security.

    The classification system now includes five categories: Critical, High, Moderate, Low, and Ineligible. It also incorporates new factors such as downgrade criteria, which can lower a vulnerability’s risk level depending on the circumstances, and an Ineligible classification for vulnerabilities with minimal security impact. This added clarity enables both researchers and the broader security community to better understand how their findings are assessed and how they align with Samsung’s security priorities.

    This more structured approach also ensures that rewards are distributed based on the severity of the vulnerability and the level of risk posed to users, helping to streamline the entire process of vulnerability reporting and resolution.

    In addition to expanding the rewards program to include critical vulnerabilities in devices, Samsung has extended the scope to cover its growing suite of services. These include popular offerings like Samsung Wallet, Samsung Account, and Bixby, which are increasingly integrated into users’ everyday lives. As more users rely on these services for managing payments, personal information, and daily tasks, ensuring their security has become more important than ever.

    By covering vulnerabilities in both devices and services, Samsung is ensuring a holistic approach to security that protects the entire mobile experience, from hardware to cloud-based services. This approach allows Samsung to stay ahead of emerging risks in a rapidly changing digital landscape.

    The Mobile Security Rewards Program has proven to be a highly effective tool in strengthening Samsung’s cybersecurity. To date, the company has awarded over $4 million in rewards to researchers, with $800,000 allocated to 113 researchers in 2023 alone. These rewards reflect Samsung’s commitment to fostering collaboration and recognizing the value of external security experts who contribute to the company’s ongoing efforts to safeguard its products.

    By incentivizing the discovery and responsible reporting of vulnerabilities, Samsung has been able to address critical issues swiftly, reducing the potential for exploitation and improving the overall security of its devices and services.

    As the threat landscape continues to evolve, Samsung is determined to keep enhancing its Mobile Security Rewards Program. The company remains committed to collaborating with cybersecurity experts, ethical hackers, and security researchers worldwide to ensure its devices and services remain resilient against emerging threats. This partnership with the global security community is vital to maintaining the highest levels of protection for Samsung users.

    “Collaboration with the ethical hacking community has been instrumental in helping us identify and address vulnerabilities quickly,” said Choi. “Moving forward, we will continue to strengthen these partnerships to create a safer and more secure mobile environment for our customers.”

    By continually expanding its rewards program and making it more transparent, Samsung is setting a new standard for mobile security, one that emphasizes the importance of collaboration, proactive threat identification, and responsible vulnerability disclosure.