Vision Statement

'Malaysia's Critical National Information Infrastructure shall be secure, resilient and self-reliant. Infused with a culture of security, it will promote stability, social well-being and wealth creation'


Objective

  • Address the risks to the Critical National Information Infrastructure (CNII)
  • To ensure that critical infrastructure are protected to a level that commensurate with the risks
  • To develop and establish a comprehensive program and a series of frameworks

The National Cyber Security Policy (NCSP) has been designed to facilitate Malaysia’s move towards a knowledge-based economy (K-economy). The Policy was formulated based on a National Cyber Security Framework that comprises legislation and regulatory, technology, public-private cooperation, institutional, and international aspects.

The NCSP seeks to address the risks to the Critical National Information Infrastructure (CNII) which comprises the networked information systems of ten critical sectors. The CNII sectors are:

  • National Defence and Security
  • Banking and Finance
  • Information and Communications
  • Energy
  • Transportation
  • Water
  • Health Services
  • Government
  • Emergency Services
  • Food and Agriculture

The NCSP recognizes the critical and highly interdependent nature of the CNII and aims to develop and establish a comprehensive program and a series of frameworks that will ensure the effectiveness of cyber security controls over vital assets. It has been developed to ensure that the CNII are protected to a level that commensurate the risks faced.


The Eight Policy Thrusts


THRUST 1: Effective Governance

  • Centralise the coordination of national cyber security initiatives
  • Promote effective cooperation between public and private sectors
  • Establish formal and encourage informal information sharing exchanges

THRUST 2: Legislative & Regulatory Framework

  • Review and enhance Malaysia's cyber laws to address the dynamic nature of cyber security threats
  • Establish progressive capacity building programs for national law enforcement agencies
  • Ensure that all applicable local legislation is complementary to and in harmony with international laws, treaties and conventions

THRUST 3: Cyber Security Technology Framework

  • Ensure that all applicable local legislation is complementary to and in harmony with international laws, treaties and conventions
  • Implement an evaluation/certification program for cyber security products and systems

THRUST 4: Culture of security and Capacity Building

  • Develop, foster and maintain a national culture of security
  • Standardise and coordinate cyber security awareness and education programs across all elements of the CNII
  • Establish an effective mechanism for cyber security knowledge dissemination at the national level
  • Identify minimum requirements and qualifications for information security professionals

THRUST 5: Research & Development Towards Self-Reliance

  • Identify minimum requirements and qualifications for information security professionals
  • Enlarge and strengthen the cyber security research community
  • Promote the development and commercialization of intellectual properties, technologies and innovations through focused research and development
  • Nurture the growth of cyber security industry

THRUST 6: Compliance and Enforcement

  • Standardise cyber security systems across all elements of the CNII
  • Strengthen the monitoring and enforcement of standards
  • Develop a standard of cyber security risk assessment framework

THRUST 7: Cyber Security Emergency Readiness

  • Strengthen the national computer emergency response teams (CERTs)
  • Develop effective cyber security incident reporting mechanisms
  • Encourage all elements of CNII to monitor cyber security events
  • Develop a standard business continuity management framework
  • Disseminate vulnerability advisories and threat warnings in a timely manner
  • Encourage all elements of the CNII to perform periodic vulnerability assessment program

THRUST 8: International Cooperation

  • Encourage active participation in all relevant international cyber security bodies, panels and multi-national agencies
  • Promote active participation in all relevant international cyber security by hosting an annual international cyber security conference

CONTACT US

NATIONAL CYBER SECURITY AGENCY (NACSA)

National Security Council
Prime Minister's Department
Level LG & G, West Wing,
Perdana Putra Building,
Federal Government Administrative Center,
62502 Putrajaya, Malaysia.

FOLLOW US




Number of Visitors
16,111