Nacsa: Cybersecurity Bill is planned to be tabled on March 25 in Parliament


NC4 and Nacsa observed an increase in cybersecurity incidents in Malaysia up to February this year, reflecting a similar global trend. — Photo by Towfiqu barbhuiya on Unsplash

PETALING JAYA: The long-awaited Cybersecurity Bill is planned to be tabled in Parliament on Monday (March 25), according to a spokesperson from the National Cyber Security Agency (Nacsa).

According to a statement from Nacsa, the Bill will give it a legal mandate to set cybersecurity standards that must be abided to by organisations classified as National Critical Information Infrastructure (NCII), with non-compliance leaving them subject to legal action.

NCII, the new name replacing Critical National Information Infrastructure (CNII) in the Bill, includes systems that could have an impact on "national defence and security, national economic stability, national image, the government's ability to function, public health and safety, as well as individual privacy" in the event of disruption or destruction.

Sectors categorised under NCII include the government, national defence and security, banking and finance, information and communications, energy, transportation, emergency services, water, health services, agriculture and plantations, and trade, industry and economy.

"Nacsa is committed to monitoring national cyber threat activities through NC4 (National Cyber Coordination and Command Centre), upgrading capabilities and capacities in terms of technology or expertise to ensure national sovereignty and security are upheld," it said in a statement.

The Bill's tabling was originally slated for the end of last year or early this year.

It also stated that "cybersecurity is a shared responsibility, and Nacsa also continuously collaborates with local and international authorities to assist in investigations, tracking, and apprehending perpetrators”.

The NC4 and Nacsa also observed an increase in cybersecurity incidents in Malaysia up to February 2024, reflecting a similar global trend.

The threat actors targeted websites, online systems, networks, and applications owned by high-profile private and government organisations in Malaysia that have vulnerabilities.

Nacsa, the government agency overseeing cybersecurity incidents in Malaysia, claimed that the NCII organisations targeted by cybercriminals proactively reported the incidents to Nacsa for coordination and monitoring.

According to the agency's analysis, there were more attacks using infostealer malware to steal credentials. These attacks don't require a lot of technical knowledge or understanding; instead, they take advantage of people who aren't protecting their identities well in the IT environment.

Following a meeting on Jan 29, threat levels were raised from low to moderate to ensure organisations took proactive action to protect themselves and enhance their readiness to protect critical assets.

In the short term, Nacsa recommends the installation of device-compatible antivirus software, the changing of passwords, and enabling multi-factor authentication (MFA).

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Nacsa

   

Next In Tech News

Tesla increases wages for staff at German gigafactory by 4%
Apple explores push into smart glasses with ‘Atlas’ user study
Japan's Kioxia sees flash memory demand almost tripling by 2028
Hacker gets into woman’s email, changes every password, tries to make purchases
Foxconn says Oct revenue +8.59% y/y, Q4 outlook good
Want to help a friend find love? Give a PowerPoint presentation
Can an Apple�Watch get AFib patients off bloodthinners?
South Korea fines Meta about $15 million over collection of user data
Ehailing service Bolt says it’s launching in Malaysia soon, already licensed by Apad
French IT firm Atos agrees to sell Worldgrid unit to Alten

Others Also Read