Managed Security Service Provider of the Year

Winner:
SCAN Associates Berhad
Website: www.scan-associates.net

Managed Security Services Provider of the Year 2010 is presented to SCAN Associates Berhad for its excellent growth strategies and dominant presence in the Government sector. They have recorded a robust year-on-year growth in 2009, through focused strategies in the Government and Banking sectors.  
In 2009, SCAN Associates expanded its security services portfolio to develop and operate their client’s internal SOC as well as assisting and consulting large enterprises in moving towards building up their internal SOC and operating it in a joint operations mode. SCAN Associates is an organization that originated from University Research Group and has actively participated in various initiates by the government and non-government organizations. SCAN Associates has been and currently involved with various working groups under organizations such as SIRIM, MOSTI, DSM, and MAMPU.

Education and Training Provider of the Year

Winner:
EC Council Academy
Website: www.eccouncilacademy.org

Information Security Education & Training Provider of the Year 2010 is presented to EC Council for its role as a leading provider of IT Security certification and a member driven international organization of academicians, industry practitioners and professionals from e-Business domain. EC Council offers a comprehensive set of courses on information security, which are recognized throughout the world.
EC Council offers in-house courses such as the Certified Ethical Hacker course, Computer Hacking Forensics Investigator program, and License Penetration Tester program to complement the vendors’ courses. EC Council has been doing excellent work in security awareness and outreach programs for the public and private sectors as well as the students in universities.

Safety Outreach Provider of the Year

Winner:
Jabatan Pendaftaran Negara
Website: www.jpn.gov.my

Information Security Outreach Provider of the Year 2010 is awarded to Jabatan Pendaftaran Negara (JPN). JPN is an organization that complies with ISO 27001 and adheres to other industry standards such as 5S (from Japan), ITIL, and COBIT.  They have undertaken numerous initiatives in sharing of resources and knowledge management internally on technology updates from ICT world to the employees.
JPN believes in truly integrating people, process and technology with a high emphasis on the people and process aspects. They have regular awareness and training programs on information security to their employees including the top management. They have an ICT steering committee which consists of head of every department in the organization to discuss matters on security. Their awareness programs cover all aspects of security by educating their security guards, vendors and internal staff and propel themselves to being an example to other government agencies in Malaysia.

Innovative Company of the Year

Winner:
Extol MSC Berhad
Website: www.extolcorp.com

Information Security Innovative Company of the Year 2010 is awarded to Extol MSC Berhad for their excellence in usage of Artificial Intelligence technology for Video surveillance.
One of their innovative applications is a Unified Authentication system which has the capability of authenticating and integrating the digital assets with the physical non-digital assets. This application will be used as a new module for the ePassport platform. As part of their future plans, they intend to refine Artificial intelligence in becoming more accurate and mature, with less error rates.

Winner:
Heitech Padu Berhad
Website: www.heitech.com.my

Information Security Innovative Company of the Year 2010 is awarded to Heitech Padu Berhad for their beneficial solution innovations. Their innovations, spanning a wide range of areas, are highly customizable for the customers and allow them to be a one stop solution provider.
Innovative software developed by Heitech Padu enables application systems that use different network protocols to interact seamlessly. Another easy to use application enables inter-lending facility based on international standards.
One of the highly innovative solution developed by them are the PaduNet Hybrid & PaduMOBS (Business Recovery) that offers an integrated, fully customized and total back-up solution package to ensure business continuity with logical and physical security. Heitech Padu also operates a state-of-art Tier IV datacenter in Malaysia with high system uptime of 99.995%.

Information Security Project of the Year

Winner:
Sime Darby Holdings
Website: www.simedarby.com

Information Security Project of the Year 2010 is presented to Sime Darby Holdings Berhad for implementing integrated Security Management Projects in the areas of Security Incident and Event Monitoring, Data Loss Prevention and Information Security Management System, where the main objective of these projects were to continuously review and enhance the overall security posture for protection of critical information assets and systems.
By focusing on people, process and technology and through strict adherence to budget and timeline, Sime Darby has demonstrated tremendous implementation excellence in the field of security project management. Sime Darby’s data center was also ISO 27001 certified in July 2010.

Winner:
Malaysia Airlines System
Website: www.malaysiaairlines.com

Information Security Project of the Year 2010 is presented to Malaysia Airlines System for being the first Malaysia Airline to comply with PCI Standards for online booking that included a comprehensive overhaul of the underlying infrastructure and support functions. By working together with various departments such as IT, Finance, Distribution and Service providers, MAS was able to put together a security framework that encompassed a holistic approach.

Information Security Organization of the Year

Winner:
Malaysia Airports Technologies Sdn. Bhd.
Website:www.malaysiaairports.com.my

Information Security Organisation of the Year 2010 is presented to Malaysia Airports Technologies Sdn. Bhd., a subsidiary of Malaysia Airports Holdings Berhad.  It is an entity responsible for the critical day to day operations and maintenance of the IT systems for Kuala Lumpur International Airports (KLIA).  The organisation seeks to continuously benchmark and improve its processes to be on par with the best in the industry.  
MA Technologies main focus is to provide Operation & Maintenance (O & M) for the entire ICT infrastructure for KLIA on a round the clock basis.  The range of services provided includes airport system solutions, system integration, networking, broadband network services, facility management and monitoring.  In MA Technologies the code of ethics established the rules on information security; similarly the IT policies also provide rules and guidelines towards sustaining security posture. 
IT Transformation initiatives launched in the last year has transformed Malaysia Airports Technologies from an O & M operator into an ICT Service provider for the entire of Malaysia Airports and its system of airports, not just at KLIA.  This transformation includes reorganisation, improvement of processes, cultural alignment, standardisation and ICT governance.
MA Technologies has successfully earned certifications to OHSAS 18001:2007 and ISO 9001:2008 and surveillance to ISO/IEC 27001:2005 for 2009.

Information Security Visionary of the Year – CXO, Academician or Student

This Award will have three sub-categories:

CxO

Winner:
Dr. Mohamed Ridza bin Wahiddin

Information Security Visionary (CXO) of the Year 2010 is presented to Dr. Mohamed Ridza bin Wahiddin for his tremendous contribution as the Chief Research Director of the Advanced Information Security & Advanced Analysis and Modeling Clusters at MIMOS BERHAD, a Malaysian government research institute focusing on ICT and microelectronics.
Some of the initiatives undertaken by him were:

• Chairman of the National Cyber Security Policy with a focus on ‘R&D for Self-Reliance’
• Deputy Chairman of Malaysia Standards Technical Committee on Information Security TC/G/5
• Rapporteur for work on ‘Security Proofs’; the world’s first Quantum Key Distribution standards driven by the European Telecommunications Standards Institute (ETSI)

Winner:
Puan Faridah Abdul Rahman

Information Security Visionary (CXO) of the Year 2010 is presented to Puan Faridah for her contribution in establishing IT security index as one of the significant measurement factors at MAS to obtain real-time visibility on the security posture.  In this real-time IT Security Index audit each element is monitored and indicated by colors of the level of health they’re in to provide security assurance for MAS. In 2009, she also embarked on initiatives to implement a system which helps to prevent system-wide malicious attacks.

Academician

Winner:
Professor Abu Bakar Munir

Information Security Visionary (Academician) of the Year 2010 is presented to Professor Abu Bakar Munir for his contribution to the development of Privacy law in Malaysia. His contribution towards the nation, namely to educate the industry on the legal and policy issues of security as well as influence the policy makers in the government departments and private organizations, is commendable.  

He has published numerous publications on Cyber laws, Privacy and Data Protection, Internet Banking and he is about to publish his latest book on Personal Data Protection in Malaysia : Law and Practice to provide guidance on how organizations in Malaysia can comply with recently passed legislation - The Personal Data Protection Act 2010. He has been an adviser to the Governments of Malaysia and Indonesia on Personal Data Protection Law.

Student

• A student of under-/post-grad or doctoral programme who has been instrumental in driving the information security vision in the nation.