KUALA LUMPUR, Feb 23 — Communications and Digital Minister Fahmi Fadzil today expressed the need for state governments and government agencies in the country to allocate a certain amount of their budget for cyber security.
He said the matter needed to be emphasised as part of efforts to avoid data loss.
“One of the important things, InsyaAllah, we hope that Yang Amat Berhormat Tambun (Prime Minister Datuk Seri Anwar Ibrahim) will emphasise cyber security aspects in the Budget 2023 tomorrow.
“We are working to enable an audit of the cyber security to be carried out at the federal and state government level, and hoping for a good announcement by the Prime Minister tomorrow,” Fahmi said during the Minister’s Question Time in the Dewan Rakyat today.
He was responding to a supplementary question from Pasir Puteh MP Datuk Nik Muhammad Zawawi Salleh, on measures taken and will be taken by the government to address the data intrusion problem.
Apart from that, the government is also re-examining the country’s cryptography policy to streamline aspects of data security in the country, involving quantum cryptography that would make encryption, which is the key to data security, more difficult.
To an original question from Bagan MP Lim Guan Eng about the action taken over an incident that resulted in the Penang government’s website being hacked with 600,000 rows of personal data later reported as having been uploaded on the Internet, Fahmi said a report was lodged with CyberSecurity Malaysia (CSM) and action was taken on January 19.
The CSM had sent a notice to the Penang government’s ICT security department asking for information that could be extracted from the affected system to analyse the cause of the incident and take steps to ratify it.
“The format of the leaked data, as distributed or sold by cybercriminals on the dark web, must also be analysed if there is any similarity between the data format owned by the criminals and the original format of the data in the affected system,” he said.
The minister added that government organisations must always ensure the security level of their information system is in line with cyber security guidelines and best practices.
System users are also required to improve their cyber security awareness and knowledge to reduce the risk of cyber attacks.
Fahmi said they can visit the website at www.mycert.org.my to learn about current cyber security threats and measures against them, vulnerability reports in ICT products and applications, security update guides and comprehensive system and network security guides.
— Bernama
