KUALA LUMPUR: Malaysia is on the right track in cybersecurity as the government is introducing new policies and frameworks, said Zoho Corporation’s ManageEngine regional director, Asia Pacific, Arun Kumar.
Arun said Malaysia’s cybersecurity is keeping pace with the rapid growth of its digital economy.
“There is a cybersecurity law in Malaysia about securing critical infrastructure, such as banks and government institutions. There is also the Personal Data Protection Act when it comes to handling data,” he said during a media roundtable today.
Arun said these policies and frameworks are important first steps when moving towards a more secure cyber environment.
However, Arun stressed that cybersecurity is not only a government responsibility and that the private sector and individual citizens also have a crucial role to play.
“More awareness, more investments (needed from the private sector and citizens),” he said.
Arun reiterated that companies, regardless of size, should view government regulations, laws, and compliance requirements only as a starting point. “Companies still need to invest in upskilling, adopt the right tools, and prioritise a ‘cybersecurity-first’ approach to stay protected.”
Furthermore, Arun said, there are no unique cybersecurity challenges in Malaysia compared to other Asean countries. “I see somewhat similar trends, challenges when it comes to cyber security or cyber preparedness.”
The main issues across the region are the lack of skilled workforce to support digital transformation and cybersecurity needs.
“Most of the markets face challenges today when it comes to right skills in terms of workforce. Skilled workforce is one of the important steps every company, including SMEs, must take to build a safer nation,” Arun said.
He noted there is a lot of momentum and strong growth expected from the digital transformation roadmap and the expanding digital economy. “However, if these priorities are neglected, organisations will remain vulnerable to cyberattacks, and such threats are likely to increase over time.”
Arun concluded the country will be well prepared to maintain a safe digital environ-ment if these steps are properly implemented.
Malaysia has seen cyberattacks targeting financial institutions and government portals, including ransomware and phishing attacks aimed at stealing sensitive data. For example, in a high‑profile incident in March, computer systems at Kuala Lumpur International Airport were hit by an attack.
The National Cyber Security Agency and Malaysia Airports Holdings said the hackers demanded a US$10 million (RM42 million) ransom, which Prime Minister Datuk Seri Anwar Ibrahim rejected.
Malaysia also recorded a staggering 4,017,161 internet-borne cyberthreats in the first quarter of 2025, according to data from Kaspersky. This translates to more than 44,000 daily attacks, reflecting a rising trend in cybercrime coinciding with the disbursement of the Sumbangan Tunai Rahmah government financial aid during the March–April period.
A significant proportion of these cyberthreats stems from phishing scams distributed through popular messaging platforms.
