Speaking at the Global Information Governance Summit (GIGS 2013)

By: Sonny Zulhuda

ImageThis is just to share of my upcoming presentation at the Global Information Governance Summit (GIGS 2013) that is held in Kuala Lumpur, 28th-29th of May 2013.

I will be speaking in the session 3 of day 2, entitled “Selected Issues in Information Security Law and Data Protection”. I will be speaking more specifically about the threat of identity theft; spam; data surveillance and cyber-terrorism!

The event is jointly organised by the QC Consulting and Universiti Teknologi Malaysia (UTM) Space. Here is the snapshot of the agenda at the second day.

 

Image

The list of the speakers are amazing. I hope I can deliver something new to the audience. Let me know if you’re there too. That is for now, will share more when things are done!:)

National Security in Digital Economy: Redefinition, Reaction and Legal Reform

By: Sonny Zulhuda

This is my latest paper that I recently presented in the 1st International Conference on International Relations and Development (ICIRD) organised by a consortium of Thai top universities, and held in the beautiful campus of Thammasat University, Bangkok, Thailand.

This paper investigates the need for global government and especially Malaysia to relook at and redefine the concept of national security amid the changing circumstances especially in relation to the country’s increased reliance on the information and communications technology (ICT).

The challenge is, the more a governance system is exposed to the Internet and ICT, the bigger the risks it would face. When the security of the system is not reliable enough to secure the system, information assets are at stake and the country’s critical information infrastructure (such as defence, communications, energy and medical systems) would become loophole that undermines national security.

Continue reading

“Social Engineering” a.k.a. Phishing

By: Sonny Zulhuda

Yay! I opened my Inbox this morning and I just won another LOTTERY I never participated in! Feeling lucky don’t you? This is what I just received:

 

 

 

PRIZE AWARD NOTIFICATION!!!

We are pleased to inform you of your Email Success in our Computer Balloting made today for winners from the AUSTRALIAN LOTTERY EMAIL AWARD, as part of our Promotional Draws held this month.

This is a Scientific Computer Game in which your Email Address was used. It is a Promotional Program by AUSTRALIAN LOTTERY EMAIL AWARD.It is a Promotional Program that chooses emails world wide to encourage Internet users; therefore you do not require buying Ticket to enter for it. This is an Email Internet Program were winners are randomly selected from all over the world through Computer Draw System and extracted from over 800,000 Email Addresses from Unions, Association and Corporate Bodies listed online.

Below are your Winning Details:
Reference No: 575061725
Batch No: 056490902/188
Ticket No: 07-42-97-66-11-00
Winning Number No: ILP/HW46704/08

Wow. You don’t think I would rush checking for the accuracy or genuineness of this award right? Of course not, because for one simple reason, this kind of message could not deserve even a curiosity let alone excitement. This is obviously a phishing message which is a gateway to identity theft.

Continue reading

Data Privacy in Indonesia — Quo Vadis?

Oleh: Sonny Zulhuda

(Disadur dari Kolom Telematika di Detikinet.com terbit tgl 24/1/2011 disini)

boss-spying-on-youBerita tentang kemungkinan kebocoran (atau tepatnya pembocoran) 25 juta data pelanggan telekomunikasi di Indonesia merupakan sebuah isu yang perlu dicermati lebih dalam. Kejadian serupa telah menghantui komunitas pengguna dan pelanggan jasa telekomunikasi (termasuk e-commerce) di berbagai belahan di dunia.

Dengan berbagai inovasi teknologi informasi, data pribadi tidak lagi dilihat sebagai kelengkapan transaksi, namun telah menjadi komoditas bisnis. Tidak salah jika muncul anggapan bahwa tambang data (data mining) tidak lama lagi akan menjadi primadona bisnis menggantikan tambang emas yang makin terkikis ketersediaannya.

Inti permasalahan tentang kebocoran data konsumen terletak pada beberapa kesalahan berpikir yang perlu segera dikoreksi. Pertama, bahwa DATA (termasuk data pribadi) tidak seperti harta/aset yang memiliki sifat dan hak-hak terkait perlindungan properti (property rights). Kedua, bahwa hak melindungi kepentingan dan kehidupan PRIBADI bukan merupakan bagian dari hak asasi manusia.

Continue reading

Stopping Data Theft through the Back Door: Shifting the Duty to the Boardroom?

By: Sonny Zulhuda

The following is the abstract of the paper I presented (in a poster) at the recent 7th Asian Law Institute (ASLI) Conference at the International Islamic University Malaysia, 25-26 May 2010.

“In the information economy that relies heavily on the sustainability of information technology and the availability of data for business, data theft is equal to a catastrophe that causes massive losses to organisations. Authorities and technologists have put in place myriad of criminal laws and security tools to address this issue, only to see that the incidents of data theft become more rampant. The complications is because data theft involves a range of security issues, ranging from flawed physical control to a weak personal data management, from a single mistake of people on data processing, to a collective negligence of decision makers in the boardroom.

“In the context of corporation, the idea of holding the management board responsible is now increasingly attractive due to the fact that the victims of data theft would see a better chance of getting compensation. This is a rising trend on the law on data theft where certain duties are imposed on the management board of the companies.

“The law, as appears in some jurisdictions such as the US and the UK, obliges the board to exercise certain level of due diligence in managing data asset in the company. Besides, new laws impose duty on the companies to disclose or quickly notify threat or actual attack of data theft that occurs and potentially affects their clients, partners, customers or anyone who happen to be their data subjects. This paper reckons that in shifting some duties to the companies, the incidents of data theft can be better prevented. It argues that it is a good move for other countries like Malaysia to emulate such legal development.”

  • February 2020
    M T W T F S S
    « Dec    
     12
    3456789
    10111213141516
    17181920212223
    242526272829  
  • Visitor

    free counters

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,631 other followers