The Cyber Security Act 2024 [Act 854] has been given royal assent on 18 June 2024 and was officially gazetted on 26 June 2024 (although it is still yet to be in force). The National Cyber Security Agency, Malaysia (“NACSA“) has commented that this legislation is a major milestone in strengthening Malaysia’s cyber defences and enhancing the nation’s resilience against emerging threats. NACSA has also confirmed that they are still working towards finalising the accompanying regulations which will be vital to ensure clarity in the application and enforcement of the new legislation.
The Cyber Security Act 2024 will establish important key authorities including the National Cyber Security Committee, the appointment of the Chief Executive, the introduction of National Critical Information Infrastructure (“NCII“) and NCII Sector Leads. Further information can be found on our previous coverage of the (then) Cyber Security Bill 2024 here.
Exciting developments await as Malaysia becomes the newest country in Southeast Asia to adopt comprehensive national cyber security legislation and governance. The future operation of the Cyber Security Act 2024 will be greatly shaped by the regulations, codes of practice and guidelines to be issued by the authorities. Stakeholders are encouraged to stay informed and updated about upcoming developments to align their systems and processes with the country’s new cyber security legal landscape.
Author: Shawn Zachary Tan, LL.B. (Hons) Queen Mary University of London (UK), Middle Temple.