Experts urge faster shift from conventional systems as digital threats reshape modern warfare
PETALING JAYA: The battlefield is no longer defined by tanks and troops alone.
It is increasingly shaped by algorithms, cyber strikes and unseen digital threats, with analysts warning Malaysia risks falling behind if it does not urgently strengthen its technological defences.
As geopolitical tensions deepen, experts say digital infrastructure is now as critical as conventional military power and Putrajaya must move faster to bolster its cyber, legal and defence capabilities.
Universiti Utara Malaysia defence and geopolitical analyst Associate Professor Dr Mohamad Faisol Keling said the country must recognise that modern defence is rapidly shifting away from traditional systems.
“Malaysia’s defence development is still focused on conventional systems and equipment compared to high-tech.
“Although Malaysia began paying attention to high-tech and electronic advancements in the early 2000s, these efforts need to be strengthened,” he said.
He added that while Malaysia has established strengths in electronics and semiconductors, its defence industry has yet to fully capitalise on these advantages in developing AI-driven capabilities.
“The production of the national defence industry still revolves around conventional equipment such as light armoured vehicles, while Malaysia is known for semiconductors,” he said, adding that the country should leverage its industrial base to accelerate technological advancement.
On cyber threats, Mohamad Faisol said Malaysia must continuously reassess whether its systems are evolving in step with emerging risks, especially as much of the nation’s critical infrastructure is now digitised.
“The question is whether these systems and equipment move in line with the advancement of current threats,” he said, stressing the need to strengthen system effectiveness against cyber risks and update defence doctrine accordingly.
He added that Malaysia should draw lessons from ongoing global conflicts, where technology has fundamentally altered the nature of warfare.
“The Iran-Israel conflict, the India-Pakistan conflict, as well as the Ukraine war should serve as benchmarks for Malaysia,” he said.
Recent conflicts, he added, have demonstrated how so-called “third world” technologies can challenge more advanced military systems, reshaping long-held assumptions.
“The success of the Iranian and Pakistani armies in using ‘third world’ technology against ‘first world’ systems shows that the dominance of developed countries is no longer absolute,” he said.
Meanwhile, International Islamic University Malaysia’s Ahmad Ibrahim Kulliyyah of Laws senior lecturer and cyber law expert Associate Professor Dr Mahyuddin Daud said while Malaysia has made progress with the Cyber Security Act 2024, significant gaps remain in addressing modern hybrid threats.
He warned that the country’s broader legal framework still relies heavily on outdated laws ill-suited to cyber warfare scenarios.
“Malaysia’s laws are stronger on post-incident response rather than anticipating cross-border, state-linked hybrid campaigns that blur the line between war, espionage and disinformation,” he said.
He added that the current framework remains largely inward-looking and does not adequately address coordinated responses to transnational, AI-driven campaigns, including attacks on civilian infrastructure and social cohesion seen in conflicts such as Iran-Israel.
“There is still fragmentation between cybersecurity regulation, data protection and online safety laws, despite the likelihood that future conflicts will combine technical attacks with information warfare and deepfake-driven manipulation,” he said.
Mahyuddin also pointed to gaps in the protection of critical private digital infrastructure and weaknesses in coordination across regulatory domains.
While Malaysia is developing an AI governance framework, he said stronger safeguards are needed, particularly for high-risk systems.
“High-risk AI systems used in defence and cybersecurity should undergo mandatory risk and impact assessments, with clear human-in-the-loop requirements,” he said.
He added that Malaysia still lacks a coherent legal architecture to address AI-driven, state-linked cyber operations, despite existing criminal provisions covering cyber offences.
Mahyuddin outlined five key reforms that should be prioritised: fully operationalising the Cyber Security Act 2024 framework, modernising the Computer Crimes Act 1997, introducing a dedicated AI governance law, integrating cyber-related regulations into a unified digital resilience strategy and strengthening regional cooperation on cyber norms and incident response.
