Malaysia faces rising cyber threats as incidents increase
Nacsa's chief executive Ir Dr Megat Zuhairy Megat Tajuddin, said cyberattacks are no longer solely targeting critical infrastructure or institutions.
'These attacks increasingly target our most vulnerable population, including children, the elderly, and digitally inexperienced users,' he said during his keynote address at the Cybersecurity Summit 2025 on Friday (July 25).
Organised by Star Media Group and supported by IDMeta as the bronze sponsor, the summit carried the theme 'Securing Malaysia's Digital Future.'
Megat said in 2024, Nacsa's National Cyber Coordination and Command Centre (NC4) recorded 4,626 cybersecurity incidents, a 43% increase from the previous year.
'In the first half of 2025 alone, 2,366 incidents involving National Critical Information Infrastructure (NCII) were reported.
'These figures underscore the urgent need to strengthen national cyber hygiene and awareness,' Megat added.
He said cybersecurity is a critical national priority and should no longer be seen as merely a technical issue.
'Today's cyber threats don't simply target systems and software. They exploit something far more human, our trust, our habits, and the gaps between institutions,' Megat said.
CyberSecurity Malaysia's chief executive officer, Datuk Ts Dr Amirudin Abdul Wahab, joined the call for stronger safeguards, warning that digitalisation and emerging technologies, while transformative, also introduce new vulnerabilities.
'The more connected we are, the more exposed we become to the threat of cyber attacks,' he said.
Amirudin emphasised the need for organisations to go beyond prevention and focus on cyber resilience, which is the ability to respond, recover, and resume operations swiftly after an attack.
He also highlighted the importance of building a secure, resilient, and trusted cyber ecosystem through greater collaboration among regulators, industry players, academia, and international stakeholders.
Sarbnedhan Singh Sandhu of the Securities Commission Malaysia warned that compliance alone doesn't ensure security.
He stressed the need for well-enforced frameworks aligned to business risks, noting that weak controls often lead to breaches.
Meanwhile, Securemetric Technology Sdn Bhd managing director Wo Swee Teck said generative artificial intelligence (AI) introduces serious risks.
He noted that effective risk mitigation depends on implementing strong cybersecurity measures, enforcing strict privacy safeguards, and ensuring continuous validation of AI models.
The one-day event gathered industry experts to address the country's most pressing cybersecurity concerns, including the emerging risks of generative AI, vulnerabilities in operational technology (OT) systems, talent shortages, and the growing importance of digital trust in a hyperconnected world.
The summit also showcased actionable strategies, regulatory frameworks, and real-world case studies aimed at enhancing cyber resilience across all sectors.
This year's edition featured more than 19 distinguished speakers and attracted over 80 participants, including C-level executives, IT security professionals, regulators, cybercrime investigators, and representatives from sectors such as telecommunications, finance, logistics, and technology startups.
Looking ahead, the CloudTech & DataCentre Conference 2.0, scheduled for Aug 6–7, will further explore strategies to position Malaysia as a regional hub for sustainable, high-tech data centres while advancing digital resilience.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Barnama
a day ago
- Barnama
NACSA Finalising Malaysia's Cybersecurity Strategy 2025-2030 -- Digital Ministry
NACSA Finalising Malaysia's Cybersecurity Strategy 2025-2030 -- Digital Ministry KUALA LUMPUR, July 30 (Bernama) -- The National Cyber Security Agency (NACSA) is finalising Malaysia's Cyber Security Strategy (MCSS) 2025–2030 as a continuation of the MCSS 2020–2024, said the Ministry of Digital. The ministry said the MCSS will involve three key stakeholders: the government, businesses and the community. 'It also takes into account emerging technologies such as artificial intelligence (AI) and all related cybersecurity threats to ensure comprehensive protection of the country's digital ecosystem,' it posted on the Parliament's website. The Digital Ministry was responding to Datuk Seri Hishammuddin Hussein (BN-Sembrong) on national data security and sovereignty concerns regarding transparency in the training of artificial intelligence (AI) systems such as DeepSeek and the use of Huawei chips. The ministry added that it is also taking proactive steps to establish an AI security committee to review technical aspects and ensure compliance with security and ethical standards, including assessments of foreign technology. 'This committee will consist of experts from various fields in both the public and private sectors to strengthen governance and ensure that the development and use of AI in Malaysia remain safe, responsible, and aligned with national principles,' it said. Meanwhile, responding to a question from Muhammad Ismi Mat Taib (PN-Parit) regarding the progress of 5G coverage, the Ministry of Digital said that Digital Nasional Bhd (DNB) has developed the 5G network to reach 82.4 per cent coverage in populated areas (COPA), with a total of 7,489 5G sites as of June 30, 2025. Additionally, the ministry said the country's 5G penetration rate reached 80.4 per cent, with approximately 27.4 million active subscribers as of May 2025, further solidifying the country's position as a regional leader in digital connectivity and communication technology transformation. -- BERNAMA
New Straits Times
7 days ago
- New Straits Times
Empowering Malaysians through trust in MyDigital ID
IN an age of rising digital scams and identity theft, Malaysia's push for a national digital identity system — MyDigital ID — could not be more timely. But for it to succeed, it must be built on trust, transparency, and voluntary adoption. MyDigital ID is not just another login. It is a digital trust anchor — a secure way to verify who you are online, whether you are renewing a licence, paying traffic summons, or registering a SIM card. And it is backed by the same authority that issues your MyKad — the National Registration Department (NRD). When onboard, your identity is cross-checked against NRD's database. No data is stored, no profiling is done, and no centralised tracking exists. It simply confirms that you are you — nothing more, nothing less. Digital identity without cybersecurity is a risk. That is why NACSA (National Cyber Security Agency) has been entrusted to oversee the MyDigital ID initiative. Our role is to ensure the system is resilient and built with public safety in mind. We are also preparing legal safeguards. The upcoming Cybercrime Bill, expected to be tabled in Parliament this December, will criminalise the misuse of digital identities — making impersonation and exploitation prosecutable offences. But cybersecurity is not just about infrastructure. It is about culture. Malaysians must understand how to protect themselves online — and MyDigital ID is a key part of that journey. Online scams are often powered by stolen passwords, fake profiles, and untraceable mobile numbers. MyDigital ID helps stop them by verifying your identity across three layers — a method inspired by multi-factor authentication: * Who you are: fingerprint or facial recognition; * What you know: your password; and, * What you have: your registered device or app It is like having three locks on your digital front door — your fingerprint, your password, and your trusted device. Only when all three line up do you get access. This makes impersonation far harder for scammers and helps prevent unauthorised access to your online accounts. It also plays a crucial role in SIM card registration. Scammers often use mobile numbers tied to fake or stolen identities to impersonate others and commit fraud. By linking SIM registration to MyDigital ID: * Only verified individuals can activate phone numbers, and * Impersonation via mobile becomes significantly harder. When every SIM card is tied to a verified digital identity, impersonation becomes much harder — and accountability becomes possible. So far, 35 government apps and 7 non-government platforms have integrated MyDigital ID — including MyJPJ, MyBayar, MySejahtera and MyTNB. In addition, 17 more applications are currently undergoing integration, and by year's end, we expect to surpass 100 integrated apps. Even the financial sector is preparing. Bank Negara Malaysia is leveraging its Financial Technology Regulatory Sandbox to explore secure integration of MyDigital ID within banking institutions, with a rollout targeted for 2026. As more services come onboard, the value of MyDigital ID becomes clearer. That is why voluntary adoption — driven by relevance and understanding — is the right path forward. Mandates may be discussed in policy circles, but from a cybersecurity standpoint, empowerment and education are far more effective. Mandating may not be suitable for now. Countries like Singapore and Saudi Arabia have shown that success comes from integration, not compulsion. Malaysia is on the right track — prioritising security, usability, and legal safeguards. MyDigital ID is a powerful tool. But its strength lies in its ability to build trust, not enforce compliance. As we expand its reach, let's focus on transparency, usefulness, and empowering Malaysians to take control of their digital lives — securely and confidently.
The Star
26-07-2025
- The Star
Malaysia faces rising cyber threats as incidents increase
Malaysia is experiencing a more sophisticated and aggressive wave of cyber threats, with 2,366 incidents reported in the first half of 2025, says the National Cyber Security Agency (Nacsa). Nacsa's chief executive Ir Dr Megat Zuhairy Megat Tajuddin, said cyberattacks are no longer solely targeting critical infrastructure or institutions. 'These attacks increasingly target our most vulnerable population, including children, the elderly, and digitally inexperienced users,' he said during his keynote address at the Cybersecurity Summit 2025 on Friday (July 25). Organised by Star Media Group and supported by IDMeta as the bronze sponsor, the summit carried the theme 'Securing Malaysia's Digital Future.' Megat said in 2024, Nacsa's National Cyber Coordination and Command Centre (NC4) recorded 4,626 cybersecurity incidents, a 43% increase from the previous year. 'In the first half of 2025 alone, 2,366 incidents involving National Critical Information Infrastructure (NCII) were reported. 'These figures underscore the urgent need to strengthen national cyber hygiene and awareness,' Megat added. He said cybersecurity is a critical national priority and should no longer be seen as merely a technical issue. 'Today's cyber threats don't simply target systems and software. They exploit something far more human, our trust, our habits, and the gaps between institutions,' Megat said. CyberSecurity Malaysia's chief executive officer, Datuk Ts Dr Amirudin Abdul Wahab, joined the call for stronger safeguards, warning that digitalisation and emerging technologies, while transformative, also introduce new vulnerabilities. 'The more connected we are, the more exposed we become to the threat of cyber attacks,' he said. Amirudin emphasised the need for organisations to go beyond prevention and focus on cyber resilience, which is the ability to respond, recover, and resume operations swiftly after an attack. He also highlighted the importance of building a secure, resilient, and trusted cyber ecosystem through greater collaboration among regulators, industry players, academia, and international stakeholders. Sarbnedhan Singh Sandhu of the Securities Commission Malaysia warned that compliance alone doesn't ensure security. He stressed the need for well-enforced frameworks aligned to business risks, noting that weak controls often lead to breaches. Meanwhile, Securemetric Technology Sdn Bhd managing director Wo Swee Teck said generative artificial intelligence (AI) introduces serious risks. He noted that effective risk mitigation depends on implementing strong cybersecurity measures, enforcing strict privacy safeguards, and ensuring continuous validation of AI models. The one-day event gathered industry experts to address the country's most pressing cybersecurity concerns, including the emerging risks of generative AI, vulnerabilities in operational technology (OT) systems, talent shortages, and the growing importance of digital trust in a hyperconnected world. The summit also showcased actionable strategies, regulatory frameworks, and real-world case studies aimed at enhancing cyber resilience across all sectors. This year's edition featured more than 19 distinguished speakers and attracted over 80 participants, including C-level executives, IT security professionals, regulators, cybercrime investigators, and representatives from sectors such as telecommunications, finance, logistics, and technology startups. Looking ahead, the CloudTech & DataCentre Conference 2.0, scheduled for Aug 6–7, will further explore strategies to position Malaysia as a regional hub for sustainable, high-tech data centres while advancing digital resilience.
