KENANGA INVESTMENT BANK BERHAD SUSTAINABILITY REPORT 2024 BASIS OF THIS REPORT OUR APPROACH TO SUSTAINABILITY KENANGA AT A GLANCE GOOD GOVERNANCE LEADERSHIP STATEMENTS SUSTAINABLE ECONOMIC GROWTH ENVIRONMENTAL STEWARDSHIP EMPOWERING PEOPLE AND COMMUNITIES APPENDIX 55 54 All activities are monitored, and alerts are triggered when the DLP system detects customer data or confidential information being shared with external parties or copied to external mediums. We also published a Privacy Notice on our corporate website which specifies the scope in which we utilise customers’ data, further promoting transparency and enhancing customer awareness. Accelerating Data Security Measures In 2024, we reinforced the cyber resilience of our operations by implementing the following measures: Implementing Project Zero Trust • Implemented a zero-trust security strategy to strengthen Kenanga’s cybersecurity framework, addressing shifts in work locations and the technologies supporting this transition. Strengthening Measures for Securing Employee Data • Upgraded the mobile management tool to effectively monitor company information on employees’ mobile phones. • Renewed the Microsoft 365 subscription, which includes the full E5 security suite with advanced endpoint and identity protection. Fostering Cyber Awareness Among Employees • Worked with experienced cybersecurity experts to provide valuable cyber knowledge to our Group Digital, Technology and Transformation Division. • Carried out compulsory monthly cybersecurity awareness training for all employees, in partnership with Sophos and our in-house Kenanga Group Learning Management System. • Performed regular email phishing simulations to improve employee awareness of identifying and responding to potential phishing threats. • Conducted online quizzes and training sessions. • Completed 4,456 hours of mandatory in-house cybersecurity training for employees. • Achieved a success rate of 94.2% in identifying phishing emails through our employee phishing simulator. • Conducted four (4) mock-phishing exercises during the year. Securing Customers’ Data • Enhanced DLP solutions to prevent data leaks from internal sources. • Updated the virtual patch solution to the latest version to continue shielding servers from risks before applying physical security patches. • Maintained Cloudflare to protect web applications from cyberattacks. Enhancing Cyber Security Policy • Updated the policy with a section on cloud security, outlining requirements in areas such as cloud architecture, cloud applicationdeliverymodels, virtualisationandcontainerisation management, cryptographic key management, and access control. Undergoing Regulatory Audit • Participated in the industry regulatory audit by the Securities Commission Malaysia, with findings and remedial action plans deliberated upon by the Board. Improving Incident Response Mechanism • Enhanced the Cyber Incident Response Plan documentation by adding a scenario playbook for common cyber incidents, such as Distributed Denial-of-Service (“DDoS”) attacks, web defacement, and phishing. This includes a description of the activities and a process flow chart for each scenario. • Explored AI-powered cybersecurity defences to combat AI-driven cyberattacks. In 2024, zero cybersecurity incidents involving breaches of customer data were recorded. FUTURE OUTLOOK We continue to enhance our cybersecurity protocols and measures to address evolving threats, in line with our IT Strategy 2023-2027 and DLP Framework. This includes the implementation of Project Zero Trust, necessary system upgrades, and raising awareness among both our employees and clients to proactively tackle cybersecurity challenges. Our overarching goal is to build trust among our clients as they engage in financial pursuits digitally, reassuring them that their personal and financial information is well protected. CLIENT EXPERIENCE WHY IT MATTERS We attribute the success of Kenanga, a Malaysian brand that has grown from strength to strength over the past five (5) decades, to our strong client relationships. Having served over 500,000 clients, we reaffirm our ongoing commitment to delivering excellence through our products and services by prioritising our clients in everything we do. Law and Regulation Administered/ Regulated Bank Negara Malaysia Financial Services Act (2013) >> Ministry of Domestic Trade, Co-operatives, and Consumerism of Malaysia Consumer Protection Act (1999) >> Advertising Standards Advisory Malaysia Malaysian Code of Advertising Practice Companies Commission of Malaysia Companies Act 2016 Section 30 (2) Bursa Malaysia Bursa Securities Rules & Bursa Derivatives Rules Securities Commission Malaysia Guidelines on Advertising for Capital Market Products and Related Services >> >> >> >> OUR APPROACH At Kenanga, we focus on delivering value and sustaining relationships built on trust and satisfaction. We ensure that our interactions with clients are personalised and meaningful by focusing on their needs, preferences, and expectations. Transparency and communication are fundamental to our approach, as we aim to keep clients informed and engaged throughout their journey with us. Kenanga is guided by policies aligned with applicable laws and regulations, ensuring that our marketing materials and claims reflect a commitment to ethical principles, upholding accuracy and honesty. These are complemented by various customer touchpoints to promote frequent engagement. By employing our client-centric approach, we aim to build lasting relationships that strengthen the foundation sustaining our business for the long term. Responsible Marketing & Communication All information contained in prospectuses and memoranda are made available to the public in accordance with key applicable laws and regulations established by: SUSTAINABLE ECONOMIC GROWTH SUSTAINABLE ECONOMIC GROWTH
RkJQdWJsaXNoZXIy MTc1ODMy