Sep. 27, 2016


Datuk Ir. Khalilur Rahman Ebrahim

Malaysia

Datuk Ir. Khalilur Rahman Ebrahim

Executive Chairman, System Consultancy Services (SCS)

"Our mainstay, about 90% of our business, is in defense and in Malaysia."

BIO

Datuk. Ir. Khalilur Rahman Ebrahim graduated with a degree in electrical and electronic engineering from Brighton Polytechnic in 1973. He obtained his master’s in electronics from the University of Technology in Malaysia in 1993. He started his career in 1973 as a maintenance engineer in the communication department of the Malaysian National Electricity Board. He joined Sapura Holdings in 1984 as Head of R&D, where he was responsible for the development of many innovative products like the PABX, mobile phones, pagers, and feature phones. Khalilur started System Consultancy Services (SCS) in 1994, and now runs a group of five companies, dealing with Defence Technologies, Industrial Automation, SCADA systems, building security systems, and composites.

How did SCS evolve to become the key service provider on cyber security to the Malaysian defense industry?

While I was working in the R&D division of Sapura, we often received requests from the Ministry of Defense on matters of command and control (C2) and electronic warfare. The Malaysian Authorities at that time had purchased a military command, control and intelligence system (C3I) from the British and there was little expertise within the military to oversee the implementation of the system. To deliver the proper support on this project, we decided to form a dedicated company and in 1993 established as Sapura Consultancy Services, which we later rebranded as SCS. We started our operations with six consultants and developed rapidly from there. The government was keen on purchasing new technology, but needed technical advice and experts to maintain these complicated systems—the military alone did not have the capabilities to do so. The British could do it; however, the idea was to localize these services as having foreigners around our strategic defense infrastructure would present an unnecessary security risk. That is how we became the maintenance provider of these systems. Prior to 2000, we did a major software upgrade and, in conjunction with the Y2K compliance upgrade, we revamped the systems at the Ministry of Defense across the board and have been maintaining them ever since. We have 25 offices servicing 90 sites all over the country, as the service level agreement (SLA) that we signed with the military requires us respond within two hours whenever repairs are needed. Software and hardware are not static systems and continued maintenance is of pivotal importance to ensure the continued reliable service.

Would you also say that the security threats have changed?

Security threats change all the time. You can be an expert in one system and educate yourself on all the available hacking tools; however, once a new system arrives or gets upgraded overnight, you are back where you started—imagine the consequences for the military. We need to maintain continued awareness of global developments in cyber security and electronic warfare. We train and provide technology updates and awareness to around 2,000 military staff each year to monitor the situation. In addition, we now offer our services to the national police and several town councils to enhance their public services and cyber security measures.

Do you see an increase in demand for these services by private clients?

Awareness is increasing, though, unfortunately, not fast enough, as cyber security is a big threat to the whole wellbeing of businesses. There is no such thing as a free lunch—be careful when you get one. In the present day and age, technology like Facebook and WhatsApp are available for free, although it costs billions to set up the infrastructure and keep all the servers running. Without having vast assets, Facebook sold for USD25 billion, which demonstrates how much data is worth these days. Commercial organizations that have valuable information should be aware of the power and the privacy risks, as the tools to break into this data have become much more advanced.

Can your services be exported to other countries?

It is not possible to export the whole system, as it then becomes a Malaysian system abroad and often governments prefer to localize these security operations—like we did here as well. Nonetheless, certain technologies that we have developed are exportable and we run our advisory services abroad. SCS has become a reference point for C2 and cyber security in many regions.

What are your activities in the non-defense domain?

Our mainstay, about 90% of our business, is in defense and in Malaysia. We plan to expand in non-defense industries like Light Rail Transit (LRT), because these systems have technical support systems through which we can bring in our expertise in software management. We have vast experience in supplying the control system for the country's electricity grid company Tenaga Nasional, and KTM, which is a key player in keeping the trains rolling. We are a service provider to KTM, LRT, and MRT, and in this regard have a track record in providing technology and servicing these systems. Infrastructure in rail transport has to last at least 30 years, and during such a lifecycle, software needs to be upgraded multiple times. It is always better to have a local company be involved in the computer system servicing, someone who can deal with problems within a two-hour timeframe.

Do you have any interaction with international companies, such as British BAE Systems, that also operate in the field of cyber security?

In my position as board member of MIGHT, we have visited BAE Systems and its setup here impressed us. It is inspiring that it is running its global operations from Malaysia. Everyone has its own security niche and each country has its own demands. BAE Systems works closely with the British Ministry of Defense, which means its services abroad are different by default.

How do you envision Malaysia's future in developing domestic skills in infrastructure?

The government has decided on large investments in infrastructure between 2010 and 2020; a total of around MYR100 billion is on the table. Many projects, like the LRT and the MRT extension plans, are currently under development and will significantly enhance the accessibility of the city center. The issue, then, is that these large projects are often awarded to foreign players, often large Chinese state consortiums that bring less value to the local economy as they bring their own workforce, materials, and refinancing institutions. We would like to see our own manufacturing industry take a share of these projects. Our rail industry is not up to the level where we can fully compete; however, we should be part of the supply chain. Offset is key in such public investments. If you allocate such large amounts of public funds, there should be some return in the local economy. Instead of awarding the contract to a party that offers a 20% discount, we would rather pay 20% more and see the surplus churn around our own industry. We can learn from the Koreans as their F-16s are locally assembled, or from the Japanese, who build their engines. In the west, it is also common to have a national industrial agenda. We should become more vocal about this and structure the future tender packages better to include the churn factor. Of course, our industry needs to catch up and be capable of taking on the task. In addition, the after-sales element is pivotal—there should be agreements on servicing as well. The foreign party will not stay around for 40 years to do the MRO, which is why you need to be involved from the very beginning.