Stay ahead with Malaysia’s Cyber Security Act 2024 for businesses

August 31, 2024
1 min read

TLDR:

Key Points:

  • The Cyber Security Act 2024 in Malaysia focuses on safeguarding critical information infrastructure against cyber threats.
  • The Act introduces regulations for risk assessment, incident notification, licensing for cybersecurity service providers, and penalties for non-compliance.

Summary:

Made effective on June 26, 2024, Malaysia’s Cyber Security Act 2024 aims to protect the nation’s critical information infrastructure (CII) from cyber threats. The Act establishes the National Cyber Security Committee, defines the roles of the National Cyber Security Agency, and requires licensing for cybersecurity service providers. The territorial scope of the Act extends beyond Malaysia’s borders, mirroring Singapore’s Cybersecurity Act. The Act introduces stringent regulations for entities classified as National Critical Information Infrastructure, including yearly risk assessments and audits. Incident notification requirements mandate immediate reporting of cybersecurity incidents to relevant authorities. Licensing for Cyber Security Service Providers is mandatory, with severe penalties for non-compliance. Offenses and penalties under the Act range from fines to imprisonment for non-compliance with cybersecurity practices. Overall, the Cyber Security Act 2024 in Malaysia places a strong emphasis on enhancing cybersecurity measures and ensuring compliance with regulatory requirements.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and