Bismillahir Rahmannir Rahim

Alhamdulillahi Rabbil ‘alamin Wassalatu Wassalamu ‘Ala-Asyarafil Anbiya’e Wal Mursalin Sayidina Muhammadin Wa’ala Alihi Wasahbihi Ajma’in

Assalamu’alaikum Warahmatullahi Wabarakatuh, and a very good afternoon.

• Her Excellency Siti Rozaimeriyanty Dato Haji Abdul Rahman, Secretary-General of the ASEAN Inter-Parliamentary Assembly;

• Haslina Taib, Chair of the ASEAN Business Advisory Council Brunei and CEO of Dynamik Technologies;

• Pengiran Aki Ismasufian bin Pengiran Haji Ibrahim, Chair, APEC Business Advisory Council Brunei and Chief Executive Officer of Standard Chartered Bank;

And to our special guests.

• His Excellency Tan Sri Dato’ (Dr.) Johari bin Abdul, Speaker of the House of Representatives of Malaysia;

• Satvinder Singh, Deputy Secretary General for ASEAN Economic Community;

• Professor Tetsuya Watanabe, President, Economic Research Institute for ASEAN and East Asia (ERIA);

• Members of Parliament of ASEAN;

• Permanent Secretary and Deputy Permanent Secretaries;

• Distinguished panellists and delegates;

• Ladies and Gentlemen,

​1. I’m honoured to be here this afternoon, at this Tripartite Forum organised jointly by the ASEAN Inter-Parliamentary Assembly, ASEAN and APEC Business Advisory Councils of Brunei Darussalam. Please accept my heartfelt gratitude for the kind invitation to address this gathering on “Building a Cyber Resilient ASEAN”.

2. As we gather here, the ever evolving digital and technological landscape will continuously reshape our economies, societies and the very fabric of our daily lives. The advances in digital technologies have brought unprecedented opportunities for growth, innovation and connectivity.

3. We also witnessing an extraordinary era of digital transformation. The digital economy is expanding at an unprecedented rate, fuelling economic growth, enhancing public services and improving the quality of life throughout the ASEAN region. From e-commerce and e-government to financial technology and smart cities, the integration of digital technologies into every aspect of our lives has truly been remarkable.

4. Recognising that digital transformation, is a critical driver to elevate our region to new heights and enhance our global competitiveness, in 2021 ASEAN released its Digital Masterplan 2025 (ADM 2025), ADM 2025, among other things, provides a roadmap for ASEAN Member States to increase their citizens' capability to participate in the digital economy, envisioning ASEAN as a leading digital community and economic bloc, empowered by secure and transformative digital services, technologies and ecosystems.  

5. In addition, the study on the ASEAN Digital Economy Framework Agreement (DEFA) was officially endorsed by the ASEAN Economic Ministers’ (AEM) meeting in August 2023, paving the way to commence negotiations on establishing the agreement. The DEFA seeks to offer a comprehensive roadmap to empower businesses and stakeholders across ASEAN, through accelerating trade growth, enhancing interoperability, creating a safe online environment, and increasing participation of MSMEs.

6. Key topics such as digital trade, cross-border e-commerce, cybersecurity, digital ID and digital payments are considered in these negotiations along with emerging topics such as AI to ensure a future-proof DEFA.

7. Quoting Dr. Kao Kim Hourn, Secretary-General of ASEAN, “DEFA is a testament to ASEAN’s long-term commitment to embrace digital transformation that will leap forward ASEAN businesses globally, and unlock a borderless era of economic growth”.

8. However, the more connected and dependent we also become on digital technologies the more exposed we also become. As technology evolves the cyber threat landscape will also continue to evolve. Hence, organizations and individuals must continuously strengthen their defences and adopt proactive security measures to mitigate these risks.

9. Cyber threats are becoming increasingly complex and sophisticated especially in the era of Artificial Intelligence (AI). Malicious actors are exploiting vulnerabilities at an alarming rate, targeting everything from individual data to critical infrastructure. The same AI that can transform business processes, decision making and service deliveries thus providing operational efficiencies, impactful and meaningful engagements with citizens and customers can also be exploited in aiding and abetting cyber-attacks and cybercrime.

10.  The repercussions of these cyber-attacks can be severe—economic losses, breaches of personal and sensitive information, disruptions of essential services and more importantly, what we don’t want is a decline in trust in digital systems.

11. In light of these challenges, building cyber resiliency in ASEAN is not just an option; it is both a security and an economic imperative. Cyber resiliency refers to our ability to prepare for, respond to, and recover from cyber-attacks. It involves not only protecting systems and data but also ensuring the continuity of operations and minimising damage in the event of an incident.

12. Achieving cyber resiliency requires a holistic approach, involving deep collaboration between governments, the private sector, the general public, academics and non-governmental organizations. Each of us has a role to play in ensuring the overall safety and security of our digital space.

13. ASEAN has proactively strengthened its resiliency efforts within the region. One significant step was the establishment and implementation of the ASEAN Cybersecurity Cooperation Strategy 2021-2025.

14. We have made notable progress in policy coordination, including the creation of the ASEAN Cybersecurity Coordinating Committee (ASEAN Cyber-CC). This committee comprises representatives from relevant ASEAN sectoral bodies overseeing cybersecurity issues and aims to strengthen cross-sectoral coordination while respecting the distinct domains of each sector.

15. On a ministerial level, the informal ASEAN Ministerial Conference on Cybersecurity (AMCC) has been instrumental. Since 2018, it has brought together ASEAN Ministers of Telecommunications and/or Cybersecurity to endorse, in principle, all 11 voluntary, non-binding norms of responsible state behaviour in cyberspace outlined in the 2015 UN Group of Governmental Experts report, making ASEAN the first region to do so.

16. In the realm of capacity building, ASEAN Member States have organised numerous activities through initiatives such as the ASEAN-Japan Cybersecurity Capacity Building Centre (AJCCBC) and the ASEAN-Singapore Cybersecurity Centre of Excellence (ASCCE). These initiatives facilitate communication, information sharing, awareness raising, and the exchange of know-how and best practices. 

17. Brunei Darussalam, through Cyber Security Brunei, leads the Awareness Raising initiatives. This capacity-building initiative is further complemented by the activities of the ASEAN Regional Forum Inter-Sessional Meeting on Security of and in the Use of Information and Communication Technologies (ARF ISM on ICTs Security).

18. Regarding incident response, the ASEAN Digital Ministers Meeting (ADGMIN) in February 2024 endorsed the establishment of the ASEAN Regional CERT, aimed at further strengthening regional cyber resilience through timely information sharing, exchange of best practices, and capacity-building initiatives to enhance regional incident response capabilities.

19. Concurrently, ADGMIN welcomed the formation of the ASEAN Working Group on Anti-Online Scam (WG-AS), providing a platform for ASEAN Member States to cooperate and collaborate on capacity building, training, and information sharing related to combating online scams and scams across digital and telecommunication channels.

20. At the home front, Brunei Darussalam have also developed our own National Cyber Security Strategy (BNCSS). The national cybersecurity strategy consists of five key priority areas or objectives to be achieved through the National Action Plan, with emphasis towards building a safer, trusted, and resilient cyberspace, preserving national sovereignty, and enabling Brunei Darussalam’s digital transformation. The Strategic Objectives are:

• Strategic Objective 1: Strengthening Governance and Organisation Framework in Cyber Security.

• Strategic Objective 2: Securing National Critical Information Infrastructure (CII).

• Strategic Objective 3: Sustaining Safer National Cyberspace.

• Strategic Objective 4: Enhancing Capacity Building and Society Outreach.

• Strategic Objective 5: International, Regional and Domestic Collaboration, Cooperation and Partnership.

21. Cyber Security Brunei (CSB) is the national cybersecurity agency of Negara Brunei Darussalam, serving as an administrator that monitors and coordinates national efforts in addressing cybersecurity threats and cybercrime. CSB provides three main core services:

i. BruCERT: The Brunei Computer Emergency Response Team (BruCERT) was established in 2004 as the national and government CERT to deal with computer-related and internet-related security incidents in Negara Brunei Darussalam. BruCERT is the central hub which coordinates with international CERTs, network service providers, government agencies, and other relevant organizations to facilitate the detection, analysis, and prevention of security incidents on the internet. Since last year, there have been a total of 957 reported incidents from the public.

ii. CWC: The Cyber Watch Centre (CWC) provides secure monitoring of cyber threats to critical information infrastructure (CII) and serves to improve the cybersecurity landscape of Brunei Darussalam. It detects and provides alerts on cyberattacks, enabling relevant agencies to undertake appropriate preventive measures and remedial action in a timely manner before the threats increase. A total number of 1,023 phishing websites were successfully suspended or taken down by the respective domain registrar requested by CWC via BruCERT.

iii. NDFL: The National Digital Forensics Laboratory (NDFL) serves as a centre of excellence in facilitating any form of digital forensic investigation by providing law enforcement and investigation agencies with exclusive access to state-of-the-art forensics technology. A total number of 728 media had been processed by NDFL, which comprises 257 NDFL services such as mobile, computer, and video forensics.

These initiatives demonstrate the benefits of having a central agency representing Brunei, ensuring efficiency, speed of response, and coordination in addressing cybersecurity challenges.

22. Through Cyber Security Brunei, the Authority for Info-communication Technology Industry and MTIC, Brunei Darussalam actively collaborates with international stakeholders to enhance its cybersecurity capabilities. Throughout this we have also established that building cyber resilience is not a purely technical or technology issue and concern.

23. We have also observed the pursuit of technological supremacy, the safeguarding of national security, and the protection of local industries against foreign competition for their own reasons move towards increasing digital protectionism. These creates its own  set of challenges for ASEAN to reap optimal returns from the digital investments and projects it has made or continue to make.

24. While the challenges facing ASEAN’s digital economy are highly complex in nature, ASEAN must not lose sight of the importance of digitalization and continue with its efforts to foster a conducive environment for digital trade.

25. In conclusion, the path to a cyber-resilient ASEAN is a collective journey. It requires unwavering commitment, collaboration, and innovation from all stakeholders. As we continue to embrace the digital revolution, let us remain vigilant, proactive, and united in our efforts to safeguard our digital future. Together, we can build a resilient and secure ASEAN that thrives in the digital age, ensuring prosperity, security and trust for generations to come.

Thank you.