KUALA LUMPUR, Dec 6 — In an effort to prevent data leaks and protect data security, CyberSecurity Malaysia (CSM) has issued recommendations for the use of technological equipment, devices, and software applications, the Dewan Negara sitting was told today.
Deputy Communications and Digital Minister Teo Nie Ching said the recommendations include a vulnerability assessment and penetration test, which identifies vulnerabilities in computer systems, applications, and devices.
“In addition, certification for devices, applications, and systems like the Malaysia Common Criteria (the Malaysian Common Criteria Evaluation and Certification) and Technology Security Assurance is necessary as it is an important process for assessing and certifying the security functions of Information and Communication Technology (ICT) products based on criteria or standards that have been set.
“At the same time, the Security Posture Assessment should be performed regularly to identify vulnerabilities of existing ecosystems, devices, applications, and systems that will be developed,” she said during the question-and-answer session.
Teo was responding to Senator Datuk Seri Ti Lian Ker’s question regarding the guidelines on using technical equipment, devices, and software applications from foreign countries in government buildings and premises to protect national data privacy.
She added the existing government policies do not prohibit the use of technological equipment, devices, or software applications from specific nations by government agencies or in government buildings and facilities.
Data security and government information confidentiality are subject to the Security Directive, the Information and Communication Technology (ICT) security circular, and the guidelines of the Office of the Chief Government Security Officer and the National Cyber Security Agency of the Prime Minister’s Department.
“These directives, circulars, and guidelines are currently in place across government agencies to protect essential national data and prevent its unauthorised dissemination and leakage.
“In this regard, the ministry, through the Malaysian Communications and Multimedia Commission and CSM, also provides assistance from a technical point of view, like digital forensics, to ensure data security and information confidentiality,” Teo said.