Malaysia is serious about cybersecurity, says DPM Zahid at the opening of CYDES 2025

Malaysia took a bold step to advance its cybersecurity posture by announcing a new national strategy that will guide the country in improving its cyber resilience. Malaysia also called on ASEAN partners to take collective action to address evolving cyber threats that are affecting the region.  

These two key points were highlighted on opening session of the three-day Cyber Defence and Security Exhibition and Conference (CYDES) 2025 in Putrajaya, Malaysia, which started on July 1. 

Malaysia’s Deputy Prime Minister, YAB Dato’ Seri Dr Ahmad Zahid Bin Hamidi set the tone of the conference at the opening ceremony by stating unequivocally: “Let me be clear. Malaysia is serious about cybersecurity. We are investing, we are legislating, and, above all, we are collaborating across agencies, industries, and borders.  

“Why? Because the threat landscape is changing faster than ever before”.  

As part of CYDES 2025, the government launched the Malaysia Cyber Security Strategy (MCSS) 2025-2030, with focus on five key areas: protecting critical infrastructure, strengthening governance and legal frameworks, building national and regional capacity, advancing research and innovation, and fostering a cyber-aware society. 

According to DPM Zahid, Malaysia's National Cyber Coordination and Command Centre reported 4,626 cybersecurity incidents in 2024, an increase of 43 per cent compared to 2020. 

In just the first half of 2025, he said 294 incidents were reported, including 133 involving entities under the National Critical Information Infrastructure. 

Cybercrime also caused losses of approximately RM1.5 billion (S$454,5 million) in Malaysia in 2024, affecting over 35,000 victims. 

“The Nation's Cyber Security Strategy 2025-2030 represents our collective ambition to secure Malaysia's digital aspirations through a trusted and progressive cyberspace. 

“That reflects our strategic intent to address the evolving cyber threats while supporting the nation's economic advancement and social well-being,” he added. 

CYDES 2025 has been organised by the National Security Council (NSC) – Prime Minister’s Department – and the National Cyber Security Agency (NACSA) in collaboration with Alpine Integrated Solution Sdn Bhd (AIS).  

Taking the main theme of Advancing Cyber Resilience, the event brought together leaders from government, industry, academia and security experts and attracted more than 8,000 participants, with 1,200 conference delegates from 27 participating countries and more than 200 exhibitors.  

GovInsider was invited by NACSA-AIS as a media partner to the event. 

To subscribe to the GovInsider bulletin, click here.

Leading regional cybersecurity initiatives  

DPM Zahid highlighted the importance of collective action to address the ongoing challenges faced by ASEAN member states, particularly the gap in addressing threats – which creates loopholes that can be exploited by cybercriminals who continue to adapt to advanced technologies.

“We urge cooperation with a focus on real-time collaboration in incident response, digital forensics, data exchange and cross-regional policy harmonisation,” he said, adding that as its ASEAN Chairmanship, Malaysia has led the development of the ASEAN Cyber Security Cooperation Strategy 2026–2030 to turn this cooperation “from intention into implementation”.  

This mechanism will adhere to the principles of confidentiality, sovereignty, and mutual trust, which are essential in managing sensitive and cross-border cyber security threats.   

This initiative will be presented to ASEAN members and partners at the upcoming ASEAN Summit in October. 

Malaysia has also ratified the Budapest Convention and will sign the United Nations Convention Against Cybercrime in Hanoi in October, reaffirming its commitment to align with international norms while strengthening regional and domestic legal frameworks. 

In August last year, Malaysia issued the Cyber Security Act 2024 as part of Malaysia's efforts to strengthen its resilience and empower NACSA as the national cyber defence command centre.   

Currently, Malaysia is pushing for the Cybercrime Bill to strengthen law enforcement authorities' ability to effectively detect, investigate, and prosecute cybercriminals. 

Capacity building 

DPM Zahid highlighted that humans are the key factor in advancing national cyber resilience. 

He cited data that 93 per cent of organisations in Malaysia experienced AI-driven cyber incidents last year, yet only half of employees understand these risks. 

Therefore, this new strategy will also focus on capacity building, with an emphasis on talent development, advancing research, and building global partnerships to create cybersecurity experts ready to face the future. 

“It’s not about the system, but about the people ... Like a ship navigating turbulent water, our strength lies not in the ship itself, but in its crew,” he said. 

Malaysia has also launched the MyCyberHero initiative since 2024, aimed at promoting digital literacy from an early age. 

This effort aims to increase students' awareness of online threats, equipping them with knowledge and skills so they can navigate the digital world safely and responsibly. 

During the CYDES 2025 event, DPM Zahid witnessed the signing ceremony of a Memorandum of Understanding (MoU) between NACSA Chief Executive Dr Megat Zuhairy Megat Tajuddin and six Malaysian state and private universities to enhance research collaboration and talent development in the field of cybersecurity. 

The universities involved were Universiti Kebangsaan Malaysia, Universiti Teknologi MARA, Universiti Teknikal Malaysia Melaka, Universiti Tun Hussein Onn Malaysia, the Management and Science University, and University College TATI.