Written by Fatin Ismail
On the 27 of March 2024, the Dewan Rakyat passed the Cyber Security Bill 2024. This bill seeks to enhance the national cyber security by requiring compliance of certain measures, standards and processes in the management of cyber security threats and cyber security incidents to national critical information infrastructures.
This is due to the extensive use of information and communications technology systems and devices in executing various functions and businesses of the public sectors and private sectors.
This proposed Act provides, among others, for the establishment of the National Cyber Security Committee, the duties and powers of the Chief Executive of the National Cyber Security Agency, the appointment of the national critical information infrastructure sector leads and the designation of national critical information infrastructure entities as well as licensing of cyber security service providers.
The establishment and maintenance of the National Cyber Coordination and Command Centre System by the Chief Executive are included in the proposed Act for the purpose of dealing with cyber security threats and cyber security incidents
One interesting feature of proposed Act is section 3 which provides for extra-territorial application whereby the act shall have effect outside as well as within Malaysia as if the offence was committed at any place within Malaysia. This is especially crucial when it comes to matters of cyber security which could be committed from anywhere in the world.
In addition, the proposed Act also deals with the national critical information infrastructure sector leads and national critical information infrastructure entities.
The functions of the national critical information infrastructure sector lead include but are not limited to, planning, formulating and deciding on policies relating to national cyber security, deciding on approaches and strategies in addressing matters relating to national cyber security, monitoring the implementation of policies and strategies relating to national cyber security.
Published on 23 June 2024