NATIONAL SECURITY COUNSIL'S DIRECTIVE NO. 24

The National Security Council's Directive No 24: Policy and Mechanism of the National Cyber Crisis Management, is an executive directive that outlines the strategy that Malaysia will undertake for cyber crisis mitigation and response among Malaysia's Critical National Information Infrastructure (CNII) through public and private collaboration.

The objectives of this Directive are:

1. to outline the overall national cyber crisis management policies and mechanisms before and after the cyber crisis;
2. to achieve an effective uniformity and proactive approach in monitoring and addressing the cyber threats that might affect the CNII agencies/ organisations to function; and
3. to set guidelines for CNII agencies/ organisations in dealing with any threats and cyberattacks on those agencies so that the Government is aware of the current level of preparedness in facing the cyber threats and attacks.

There are six main principles under this directive: A national cyber crisis management structure; national cyber-threat levels; Computer Emergency Response Team (CERT); cyber security protection mechanisms; response, communication and coordination procedures; and readiness programme.