PETALING JAYA: Bursa Malaysia Bhd has formed a dedicated industry working group to enhance cyber resilience across the Malaysian stockbroking ecosystem.
The establishment of the industry working group is a coordinated action, moving forward from the unauthorised trades incident on April 24.
Bursa Malaysia CEO Datuk Fad’l Mohamed said the industry working group represents a concerted effort to strengthen the cyber resiliency of the country’s trading ecosystem.
“The industry recognises that cyber resiliency is not just a technology best practice – it is the cornerstone of a trusted and vibrant capital market. A resilient ecosystem safeguards investor confidence, upholds market integrity, and ensures that our digital infrastructure can withstand and adapt to evolving threats,” he said in a statement today.
The industry working group, chaired by Bursa Malaysia chief regulatory officer Julian M Hashim, comprises representatives from four bank-backed participating organisations (PO), two non-bank PO and two subject matter experts in the field of cybersecurity.
The group held its inaugural meeting on Tuesday, where it finalised its terms of reference.
Its mandate includes assessing current cybersecurity practices and identifying systemic vulnerabilities within the stockbroking ecosystem, developing industry-wide standards and best practices for information and communication technology risk management and incident response and recommending enhancements to regulatory frameworks and operational protocols to improve cyber resilience.
Bursa Malaysia noted that the industry working group targets to finalise its recommendation paper within four
months, with the subsequent implementation phase focused on the execution of the recommendations.
Recognising the diversity in operational complexity across stockbroking firms, consultation with the industry will be carried out to ensure the recommendation paper is practical and fit for purpose.
The establishment of the industry working group is part of a broader commitment to strengthen the industry’s cyber resilience.
In recent months, stockbroking firms have adopted precautionary measures such as mandatory password resets, enhanced monitoring of unusual logins, blocking suspicious Internet Protocol addresses, and issuing client alerts to ensure login details are always kept secure.
In line with these efforts, Bursa Malaysia, on May 21 sent out a directive to mandate that all stockbroking firms implement multifactor authentication by the end of 2025. This requirement is a critical step towards enhancing the security of investor trading accounts and mitigating the risk of unauthorised access.
Bursa Malaysia said it remains committed to safeguarding investor confidence and market stability through proactive regulatory leadership and collaborative action.
