Why Should You Care About The Cyber Security Bill 2024
Arthur Yeow
Published on Apr 30, 2024
Share this Article
Unbeknownst to many, Malaysia faces more than 84 million cyber attacks every day. Therefore, it is unsurprising that the Malaysian Cyber Security Bill 2024 was passed recently.
The bill passed both houses of parliament with broad support and at a quick pace. It is expected to pass into law, with major provisions taking effect in a matter of weeks. It is similar to legislation passed in other countries, such as Singapore, Japan, and the United States.
Malaysia’s Cyber Security Bill follows the core fundamentals of similar cyber security legislation—improving the cyber security governing framework, capabilities, and posture. However, Malaysia takes a step further by defining the country's critical sectors, such as healthcare, agriculture, and energy.
Who does it impact?
Malaysia’s Cyber Security Bill 2024 affects any organisation, local or foreign, that owns or operates digital infrastructure that falls under the following categories, which are known as National Critical Information Infrastructure (NCII):
- government;
- banking and finance;
- transportation;
- defence and national security;
- information, communication and digital;
- healthcare;
- water sewerage and waste management;
- energy;
- agriculture and plantation;
- trade, industry and economy; and
science, technology and innovation.
Leaders such as board directors and management team members responsible for technology have obligations under this bill. Technology and digital teams, compliance teams, and risk management teams are also impacted. There will also be indirect impacts on human resources practitioners such as recruitment and learning and development professionals.
In addition to NCII owners or operators, providers of cyber security services are also impacted as they will now be subject to licensing under the law.
How does it impact you?
NCII entities face numerous obligations under the bill, as well as any regulations that may be developed and promulgated by the National Cyber Security Agency (NACSA). These may include:
- Compliance with codes of practice developed by sector leads;
- Reporting requirements in the event of breaches;
- Obligations to conduct periodic cyber risk exercises and assessments; and
- Duties to run independent cyber audits.
How should you prepare?
While 85% of Malaysian companies feel confident in their ability to defend against cyberattacks, in reality, only 2% are ready to do so. Most Malaysian organisations impacted by this bill will likely have to take steps to (1) improve their cyber security posture and (2) ensure that they are ready to manage the compliance obligations under the bill.
A necessary prerequisite for this is ensuring that organisations have cyber security capabilities, including:
- Threat intelligence analysis to brace against future threats;
- Incident handling and digital forensics;
- Network defence and penetration testing; and
- Cyber security awareness among employees to harden targets.
Malaysian businesses are concerned about the impact of cyber security regulations - nearly half of the organisations surveyed are concerned about mandatory reporting of cyber risk management and operational resilience requirements. However, organisations can alleviate these concerns by developing robust internal cyber security capabilities that will ensure organisations have processes, structures, and people to manage cyber security concerns and regulatory compliance.
View Related Courses
This Article Is Tagged Under
Arthur Yeow
Published on Apr 30, 2024
Share this Article
Related Articles. Here’s what we’ve been up to recently.
Generative AI: The Game-Changer for Malaysian E-commerce Success
Discover how Generative AI is transforming Malaysian e-commerce. From improving customer experiences to optimising operations, the e-commerce industry has adopted AI to improve productivity and efficiency. Learn about the benefits and real-world applications driving e-commerce success and positioning Malaysian businesses at the forefront of the digital marketplace. Explore the transformative power of Generative AI and its impact on the future of e-commerce in Malaysia.
Nik Sharmine A
Jul 26, 2024
How AI is Revolutionising the Financial Services Industry in Malaysia
In this insightful blog post, we delve into the transformative impact of artificial intelligence (AI) on the financial services sector in Malaysia. With 92% of Fortune 500 companies integrating OpenAI into their operations, the financial services industry is no exception. Discover how AI is enhancing efficiency, reducing human error, and bolstering data security. We explore real-world examples of AI applications, from Maybank's AI-driven mobile banking app to CIMB Malaysia's digitalisation efforts.
Nik Sharmine A
Jul 17, 2024
Why Should You Care About The Cyber Security Bill 2024
Explore the implications of Malaysia's newly passed Cyber Security Bill 2024, including its impact on critical infrastructure sectors and recent examples of cyberattacks.
Arthur Yeow
Apr 30, 2024