Malaysia took a bold step to advance its cybersecurity posture by announcing a new national strategy that will guide the country in improving its cyber resilience. Malaysia also called on ASEAN partners to take collective action to address evolving cyber threats that are affecting the region.
These two key points were highlighted on opening session of the three-day Cyber Defence and Security Exhibition and Conference (CYDES) 2025 in Putrajaya, Malaysia, which started on July 1.
Malaysia’s Deputy Prime Minister, YAB Dato’ Seri Dr Ahmad Zahid Bin Hamidi set the tone of the conference at the opening ceremony by stating unequivocally: “Let me be clear. Malaysia is serious about cybersecurity. We are investing, we are legislating, and, above all, we are collaborating across agencies, industries, and borders.
“Why? Because the threat landscape is changing faster than ever before”.
As part of CYDES 2025, the government launched the Malaysia Cyber Security Strategy (MCSS) 2025-2030, with focus on five key areas: protecting critical infrastructure, strengthening governance and legal frameworks, building national and regional capacity, advancing research and innovation, and fostering a cyber-aware society.
According to DPM Zahid, Malaysia's National Cyber Coordination and Command Centre reported 4,626 cybersecurity incidents in 2024, an increase of 43 per cent compared to 2020.
In just the first half of 2025, he said 294 incidents were reported, including 133 involving entities under the National Critical Information Infrastructure.
Cybercrime also caused losses of approximately RM1.5 billion (S$454,5 million) in Malaysia in 2024, affecting over 35,000 victims.
“The Nation's Cyber Security Strategy 2025-2030 represents our collective ambition to secure Malaysia's digital aspirations through a trusted and progressive cyberspace.
“That reflects our strategic intent to address the evolving cyber threats while supporting the nation's economic advancement and social well-being,” he added.
CYDES 2025 has been organised by the National Security Council (NSC) – Prime Minister’s Department – and the National Cyber Security Agency (NACSA) in collaboration with Alpine Integrated Solution Sdn Bhd (AIS).
Taking the main theme of Advancing Cyber Resilience, the event brought together leaders from government, industry, academia and security experts and attracted more than 8,000 participants, with 1,200 conference delegates from 27 participating countries and more than 200 exhibitors.
GovInsider was invited by NACSA-AIS as a media partner to the event.
To subscribe to the GovInsider bulletin, click here.
DPM Zahid highlighted the importance of collective action to address the ongoing challenges faced by ASEAN member states, particularly the gap in addressing threats – which creates loopholes that can be exploited by cybercriminals who continue to adapt to advanced technologies.
“We urge cooperation with a focus on real-time collaboration in incident response, digital forensics, data exchange and cross-regional policy harmonisation,” he said, adding that as its ASEAN Chairmanship, Malaysia has led the development of the ASEAN Cyber Security Cooperation Strategy 2026–2030 to turn this cooperation “from intention into implementation”.
This mechanism will adhere to the principles of confidentiality, sovereignty, and mutual trust, which are essential in managing sensitive and cross-border cyber security threats.
This initiative will be presented to ASEAN members and partners at the upcoming ASEAN Summit in October.
Malaysia has also ratified the Budapest Convention and will sign the United Nations Convention Against Cybercrime in Hanoi in October, reaffirming its commitment to align with international norms while strengthening regional and domestic legal frameworks.
In August last year, Malaysia issued the Cyber Security Act 2024 as part of Malaysia's efforts to strengthen its resilience and empower NACSA as the national cyber defence command centre.
Currently, Malaysia is pushing for the Cybercrime Bill to strengthen law enforcement authorities' ability to effectively detect, investigate, and prosecute cybercriminals.
DPM Zahid highlighted that humans are the key factor in advancing national cyber resilience.
He cited data that 93 per cent of organisations in Malaysia experienced AI-driven cyber incidents last year, yet only half of employees understand these risks.