A MAJOR security breach involving a leading telecommunications operator in Asia last year serves as a stark reminder of the scale and consequences such events can have. The breach reportedly affected tens of millions of users and triggered significant operational, financial and reputational consequences.
While the incident occurred outside Malaysia, its lessons are highly relevant to telecommunications operators and critical infrastructure providers here.
As digital ecosystems become increasingly interconnected, organisations must continuously strengthen resilience across governance, detection, response and third- party risk management.
The challenge is not simply preventing attacks but also ensuring that organisations can respond effectively when such incidents occur.
The key cybersecurity risks facing telecommunications operators today include data breaches, ransomware, supply chain compromise, identity misuse and attacks targeting critical systems.
Increasingly, these risks extend beyond core networks into cloud environments, application programming interfaces (APIs) and broader third-party ecosystems.
At the same time, cybercriminals are increasingly leveraging frontier AI to automate reconnaissance, enhance phishing campaigns, support social engineering attacks and accelerate vulnerability discovery.
These capabilities reduce the cost and effort required to conduct attacks at scale, enabling threat actors to operate with greater speed and sophistication.
For telecommunications operators, the challenge extends beyond protecting customer
information. They must also ensure service availability, operational continuity and public confidence.
This responsibility is particularly important given the critical role telecommunications infrastructure plays in supporting economic activity, public services and national connectivity.
Against this backdrop, operators should focus on several priority areas to strengthen resilience. These include privileged access control, network segmentation, encryption of sensitive information, enhanced monitoring of critical systems and rapid remediation of identified vulnerabilities.
Organisations must also address more fundamental questions about how environments are designed, managed and monitored. Are customer data systems appropriately segregated from operational environments? Are identity management platforms sufficiently protected? Are critical systems continuously monitored for indicators of compromise?
If the answer is not a clear yes, further work is required.
Detection speed is equally critical. In today’s threat environment, breaches must be identified in days rather than months.
Achieving this requires centralised logging, behavioural monitoring, threat intelligence integration and clearly defined incident response processes.
Most importantly, resilience must be validated through practice. Tabletop exercises, red teaming activities and breach simulations should be conducted regularly to assess preparedness and identify gaps before a real incident occurs.
Incident response plans should be tested under realistic conditions, including scenarios where primary communication channels may not be available.
Resilience can no longer be viewed solely through the lens of compliance. Organisations may satisfy audit requirements and still struggle to detect, contain or recover from a sophisticated cyber incident.
True resilience is demonstrated during a crisis, not during an assessment.
Strengthening resilience requires leadership commitment, operational discipline and continuous improvement. It also requires organisations to move beyond checklist-based approaches and focus on capabilities that can withstand real-world attacks.
Telecommunications operators, technology providers, regulators and industry stakeholders all have important roles to play in strengthening collective resilience.
Threat intelligence sharing, common security baselines, regular sector-wide exercises, supply chain assurance and continuous capability development can all contribute to a stronger security posture across the industry.
Protecting modern economies and ensuring resilient digital infrastructure is a shared responsibility that requires commitment from every stakeholder.
LEE HAN THER
Cybersecurity and privacy officer
Huawei Malaysia
Already a subscriber? Log in
Get 20% OFF The Star Digital Access
Cancel anytime. Ad-free. Unlimited access with perks.
