Malaysia Strengthens Cyber Security with New Act

Lilu Anderson
Photo: Finoracle.net

Malaysia's Cyber Security Act 2024: A Significant Leap Forward

The Cyber Security Act 2024 in Malaysia, effective as of August 26, marks a pivotal step in fortifying the nation's cyber security infrastructure. This legislation underscores the Malaysian government's dedication to safeguarding its digital economy, reflecting a comprehensive approach to managing cyber threats.

Key Provisions of the Cyber Security Act 2024

The Act introduces critical regulatory structures, including the establishment of the National Cyber Security Committee (JKSN) and defines the responsibilities for the chief executive of the National Cyber Security Agency (NACSA). These entities are crucial for overseeing the implementation of security measures and coordinating responses to cyber incidents.

Sector-Specific Responsibilities

Under the Act, leaders in sectors deemed as National Critical Information Infrastructure (NCII) are assigned specific roles. They are required to adhere to guidelines for handling cyber threats and incidents effectively. This sectoral focus ensures that key areas of the economy are adequately protected against cyber attacks.

Regulatory Framework and Compliance

Several regulations accompany the Cyber Security Act 2024:

  • Cyber Security Regulations (Risk Assessment Period): Requires NCII managers to perform annual cyber security risk assessments and biennial audits. This ensures continuous monitoring and improvement of security measures.

  • Cyber Security Regulations (Incident Notification): Mandates that authorised individuals report cyber incidents electronically within six hours of discovery, with a follow-up report within 14 days. This rapid response protocol is designed to mitigate the impact of cyber threats.

  • Licensing of Cyber Security Service Providers: Applies to individuals and companies offering services like monitoring and penetration testing. These entities must obtain licenses, ensuring they meet national security standards.

  • Compoundable Offenses: Details specific offenses under the Act that can be compounded, promoting compliance through clear penalties and enforcement mechanisms.

Anticipated Impact on Cyber Security Landscape

Chairman Fong Choong Fook of LGMS Bhd highlights that the Act will instill greater vigilance in organisations involved in the CNII. With legal obligations to prioritise cyber security, a decrease in data breaches is expected. However, tackling online scams remains a separate challenge that necessitates public awareness and education.

The Act is complemented by future plans to introduce a new bill on data privacy. By enhancing personal data protection, the government aims to curb scams, further securing Malaysia's digital space against evolving threats.

Through these measures, Malaysia sets a strong precedent in the region, demonstrating a robust commitment to cyber resilience and digital security.

Share This Article
Lilu Anderson is a technology writer and analyst with over 12 years of experience in the tech industry. A graduate of Stanford University with a degree in Computer Science, Lilu specializes in emerging technologies, software development, and cybersecurity. Her work has been published in renowned tech publications such as Wired, TechCrunch, and Ars Technica. Lilu’s articles are known for their detailed research, clear articulation, and insightful analysis, making them valuable to readers seeking reliable and up-to-date information on technology trends. She actively stays abreast of the latest advancements and regularly participates in industry conferences and tech meetups. With a strong reputation for expertise, authoritativeness, and trustworthiness, Lilu Anderson continues to deliver high-quality content that helps readers understand and navigate the fast-paced world of technology.