ArchiveS ArchiveS

STATEMENT BY MALAYSIA AT 

THE FOURTH SUBSTANTIVE SESSION OF THE OPEN-ENDED WORKING

GROUP ON SECURITY OF AND IN THE USE OF INFORMATION AND

COMMUNICATIONS TECHNOLOGIES 2021-2025  

ON  

CONFIDENCE BUILDING MEASURES  

 

8 MARCH 2023

NEW YORK   

Thank you, Mr. Chair for giving me the floor.  

 

1.      Malaysia strongly supports Confidence Building Measures as tools to address misunderstandings and misperception of events, which may lead to miscalculation, escalation of tensions and, potentially, conflict. The distinct contributions of CBMs in instilling trust and confidence among States are widely recognised.    

 

2.      New and emerging disruptive technologies have immense   potential for innovative digital transformation. However, the trustworthiness of technologies can only be achieved through transparent verification, where threat visibilities are necessary. In this regard, the participation of stakeholders is important.   

 

3.      Malaysia values the elaboration from Switzerland, during the informal intersessional meeting last December, on existing initiatives, standards and platforms that are being used by cybersecurity practitioners to manage incidents and vulnerabilities. One of the initiatives mentioned was the Common Vulnerability Scoring System (CVVS), which is used to evaluate the threat level of vulnerabilities. The Common Vulnerabilities Exposure (CVE) score is often used by cybersecurity practitioners to prioritise security vulnerabilities. The CVE identifiers serve to standardise vulnerability information and unify communication amongst practitioners, including  for security advisories and vulnerability databases.  

   

4.      The National Cyber Coordination and Command Centre of Malaysia utilises   CVE scoring as one of the indicators in determining our National Cyber Threat Level. This is also the case with the Traffic Light Protocol (TLP), that is widely used to facilitate the sharing of sensitive information with the appropriate parties .   Having said this, Malaysia believes that the OEWG should consider how best to leverage upon and find convergence on existing initiatives, as part of the CBMs that we may  focus on. This can facilitate the development of the UN Global Points of Contact directory. 

 

5.      The ASEAN Cybersecurity Cooperation Strategy (2021-2025) provides a roadmap for cooperation to achieve the objective of a safe and secure ASEAN cyberspace, through the application of voluntary, non-binding norms of responsible State behaviour, confidence-building measures, and coordinated capacity-building. 

 

6.      As mentioned by my ASEAN colleagues, the ARF Work Plan on ICT Security and the ARF Open-Ended Study Group on CBMs to Reduce the Risk of Conflicts Stemming from the Use of ICTs were  established specifically to focus on CBM initiatives among ARF Participants, recognising the special characteristics of the cyber environment that need to be addressed differently.   

 

7.      As regards further measures which could be taken by States and/or the OEWG, Malaysia believes that Member States would benefit from greater sharing of best practices, experiences and assessments focused on the implementation of CBMs at the national or regional levels to advance ICT security.        

  

8.      The National Survey of Implementation of UN Recommendations on Responsible Use of ICTs by States in the Context of International Security could be used as a tool to identify challenges to implementation, including specific gaps in capacities, which need to be addressed.  

 

Thank you, Mr. Chair.