Nacsa: Cybersecurity Bill is planned to be tabled on March 25 in Parliament


NC4 and Nacsa observed an increase in cybersecurity incidents in Malaysia up to February this year, reflecting a similar global trend. — Photo by Towfiqu barbhuiya on Unsplash

PETALING JAYA: The long-awaited Cybersecurity Bill is planned to be tabled in Parliament on Monday (March 25), according to a spokesperson from the National Cyber Security Agency (Nacsa).

According to a statement from Nacsa, the Bill will give it a legal mandate to set cybersecurity standards that must be abided to by organisations classified as National Critical Information Infrastructure (NCII), with non-compliance leaving them subject to legal action.

NCII, the new name replacing Critical National Information Infrastructure (CNII) in the Bill, includes systems that could have an impact on "national defence and security, national economic stability, national image, the government's ability to function, public health and safety, as well as individual privacy" in the event of disruption or destruction.

Sectors categorised under NCII include the government, national defence and security, banking and finance, information and communications, energy, transportation, emergency services, water, health services, agriculture and plantations, and trade, industry and economy.

"Nacsa is committed to monitoring national cyber threat activities through NC4 (National Cyber Coordination and Command Centre), upgrading capabilities and capacities in terms of technology or expertise to ensure national sovereignty and security are upheld," it said in a statement.

The Bill's tabling was originally slated for the end of last year or early this year.

It also stated that "cybersecurity is a shared responsibility, and Nacsa also continuously collaborates with local and international authorities to assist in investigations, tracking, and apprehending perpetrators”.

The NC4 and Nacsa also observed an increase in cybersecurity incidents in Malaysia up to February 2024, reflecting a similar global trend.

The threat actors targeted websites, online systems, networks, and applications owned by high-profile private and government organisations in Malaysia that have vulnerabilities.

Nacsa, the government agency overseeing cybersecurity incidents in Malaysia, claimed that the NCII organisations targeted by cybercriminals proactively reported the incidents to Nacsa for coordination and monitoring.

According to the agency's analysis, there were more attacks using infostealer malware to steal credentials. These attacks don't require a lot of technical knowledge or understanding; instead, they take advantage of people who aren't protecting their identities well in the IT environment.

Following a meeting on Jan 29, threat levels were raised from low to moderate to ensure organisations took proactive action to protect themselves and enhance their readiness to protect critical assets.

In the short term, Nacsa recommends the installation of device-compatible antivirus software, the changing of passwords, and enabling multi-factor authentication (MFA).

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Nacsa

   

Next In Tech News

Exclusive-Amazon likely to face investigation under EU tech rules next year, sources say
US natgas producers chase AI-driven surge in power demand to weather low prices
Snowflake shares surge on rosy forecast, AI deal with Anthropic
Digital banks lead profitability gains among Brazilian lenders, says central bank
PayPal fixes outage that affected thousands worldwide
X's former top policy chief takes job with Elon Musk rival, Sam Altman
Alibaba integrates e-commerce platforms into a single business unit
US watchdog issues final rule to supervise Big Tech payments, digital wallets
Nvidia to build AI school in Indonesia, VP says
A Google PC running Android could be in the works

Others Also Read