Table of Contents Table of Contents
Previous Page  32 / 60 Next Page
Information
Show Menu
Previous Page 32 / 60 Next Page
Page Background

28

Cybersecurity in ASEAN: An Urgent Call to Action

3.1.1 Steer the implementation of aRapidActionCybersecurity Framework

As highlighted earlier, a few ASEAN countries have already defined their national strategy

around cybersecurity together with an implementation road map. However, the pace, urgency,

and level of harmonization of policy thrusts around cybersecurity across the rest of the region

remains too slow.

The AMCC has taken steps to extend collaboration on cybersecurity across the region.

However, a system based on loose collaboration of national agencies and voluntary

exchanges is unlikely to go far enough to make ASEAN safe. To be effective, a tighter

coordination mechanism is needed. A Rapid Action Cybersecurity Framework focused

on addressing current weaknesses in cyber resilience in each country across the region is

the first step in establishing some degree of harmony in terms of readiness across the region

(see figure 19). This is a threshold requirement for countries such as Laos, Cambodia, and

Myanmar to speedily implement the institutional frameworks needed to govern cybersecurity

and interface with the rest of the region. The Rapid Action Cybersecurity Framework

envisages 12 strategic imperatives, aimed at fixing the basics related to cybersecurity

across the region. National governments should take the lead in implementing the

Framework with support and guidance from the AMCC.

Source: A.T. Kearney analysis

Figure

Rapid Action Cybersecurity Framework

Governance

Cybersecurity

Strategy

Cybercrime Law

Cybersecurity Law

Capacity and Capability Building

Standards

Adoption

Awareness

Building

Information Sharing

& Incident Response

Develop a

coherent

national strategy

with an

implementation road map

3

Enact

or update

cybersecurity

legislation

6

Establish

incident

reporting

mechanisms

8

Raise community

awareness

10

Identify

global

standards and

soft-steer

regional

adoption

11

Establish

incident

response

capability

9

Establish

sector-level

dialogue

2

Develop a

law to

address cybercrime

7

Adopt sector-level risk assessment

and maturity profiling

5

Identify

critical information

infrastructure

4

Identify and address

skills gaps

around

cybersecurity through

a national talent strategy

12

Establish a

national-level agency

to drive the cybersecurity agenda

1

1 27 28 29 30 31 32 33 34 35 36 37 38 60  FlippingBook