CyberSecurity Malaysia addresses cyber-threats faster, protecting critical infrastructure


Forecast and prevent future cyberattacks
Improved data quality to accurately predict cyberattacks
Identify patterns to profile threat actors

CyberSecurity Malaysia is a national cyber security specialist and technical agency under the Malaysia’s Ministry of Science, Technology and Innovation. The agency tracks and responds to cyber-threats to prevent disruptions to the critical information infrastructures. With Tableau, the analyst team can profile threat actors, forecasting and minimizing future attacks. And with mobile dashboards, the executives can track industry trends on the go. As a result of improved analytics processes, the agency helps Malaysian law enforcement agencies formulate new policies around cyberattacks within the country.

We are so grateful that we take less time to revise our dashboards if we need to add new data sets. Without Tableau, we would probably need several days to make changes.

Resolving cyber-threats in hours instead of days

CyberSecurity Malaysia provides cybersecurity services to help prevent and minimize disruptions to critical information infrastructures to protect the public, the economy, and government services.

With over 70 different threat feeds and online news sources, fast insights are crucial to threat response. Prior to Tableau, CyberSecurity Malaysia’s analyst team relied on development efforts to display data to the rest of business in a digestible format. To create an agile analytics program, the team adopted Tableau. Today they can slice, filter, and aggregate data within a few clicks.

The team collects data sets from various threat feed sources, which are then stored in a Hadoop data lake. They then bring this data into Tableau for analysis.

“Tableau makes it faster and easier to identify patterns that give us the ability to resolve data quality problems instantly,” said Dato' Dr. Haji Amirudin bin Abdul Wahab, CEO of CyberSecurity Malaysia. “We can also blend various data easily.”

Today, the team updates existing dashboards instead of building a new view for every request, leading to massive time savings. For example, developing the cyber-attack landscape dashboard now takes a matter of hours compared to the days it would take using D3.js.

“We are so grateful that we take less time to revise our dashboards if we need to add new data sets. Without Tableau, we would probably need several days to make changes,“ added Dato' Dr. Amirudin.

Executives drive defense strategy with mobile dashboards

The analyst team optimized these dashboards for mobile devices, allowing stakeholders to track recent data surrounding the cyber-threat landscape on the go—including industry trends. At the industry level, trend dashboards provide a general view of industry verticals that need to be addressed in order to formulate new defensive strategies. “It is really a paradigm shift for us from a simple report to insightful reporting,” said Dato' Dr. Amirudin. Other mobile dashboards show data around cyber-attacks over a certain time period, categorized by common vulnerabilities.

Tableau has simplified our tasks. We are no longer spending time developing charts and graphs; we can just concentrate on our security data. It now takes a matter of hours or days, not weeks or months.

Tracking cyber-attack patterns to prevent future incidents

With Tableau, CyberSecurity Malaysia can analyze open and closed threat feeds to identify relationships between threat actors, cyber-attacks, and certain industries. For example, CyberSecurity Malaysia analysts can differentiate cyber-attack patterns against various industry verticals, enabling them to profile specific threat actors and identify their preferred hacking methods. Tableau also allows them to find relationships between critical vulnerabilities against end-user devices.

In addition to cyber-attacks, the analyst team recently started to analyze cybercrimes, scanning for scams and fraudulent websites that target Malaysian internet users. This analysis is then circulated amongst security advisors for respective security administrators—particularly those in the critical sectors.

“Tableau has simplified our tasks. We are no longer spending time developing charts and graphs; we can just concentrate on our security data. It now takes a matter of hours or days, not weeks or months,” explained Dato' Dr. Amirudin.

They can profile specific threat actors to understand typical hacking methods. They can also find relationships between critical vulnerabilities and end-user devices—helping forecast and prevent potential attacks. “It’s an enjoyable moment when encountering another insight that we have never seen before.”

Due to improved data quality and reporting processes, CyberSecurity Malaysia can also assist the Malaysian law enforcement agencies in formulating new policies around cyber-attacks in the country. “We are improving our advisory services to the Government through better reporting with Tableau. It is a life changing experience and it is really fun,” added Dato' Dr. Amirudin.

Growing the Tableau footprint across CyberSecurity Malaysia

Moving forward, more employees at CyberSecurity Malaysia are requesting Tableau. For example, the cybercrime division began using Tableau to analyze cases related to fraudulent websites.

CyberSecurity Malaysia will continue to collaborate in education program through a Memorandum of Understanding (MoU) with Tableau in order to create awareness of visual analytics for analysts and researchers.

"Since we started collaborating with Tableau, CyberSecurity Malaysia researchers have emerged as third runner up in a local data Hackathon competition after just one-month of guidance from a Tableau technical expert. “We view Tableau as a practical tool to unleash our potential to visualize our data with impact.”

You might also be interested in...