Gobind: Malaysia must think global on digital security

KUALA LUMPUR: The government is accelerating efforts to build a robust digital security ecosystem, with a dual focus on grooming homegrown cybersecurity talent and crafting regulatory guardrails for artificial intelligence (AI).
Digital Minister Gobind Singh Deo said Malaysia must think beyond its borders when it comes to digital security, as cybersecurity challenges and solutions are increasingly global in nature.
"We want our talent to be recognised internationally and equipped to meet global standards," he said at the launch of the Certified Chief Information Security Officer (C|CISO) programme on Tuesday.
He said bolstering the local talent pool will be critical as Malaysia prepares to implement the long-awaited Cyber Security Act and the amended Personal Data Protection Act (PDPA).

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

The Star

4 days ago

• The Star

‘Collection of metadata poses risks'

PETALING JAYA: Like puzzle pieces scattered across a table, bits of digital data may appear meaningless on their own. But with enough time, as well as location and behavioural clues, a recognisable picture can emerge. That is the concern raised by cybersecurity experts over a government initiative to collect anonymised mobile phone data. The Mobile Phone Data (MPD) programme, introduced by the Malaysian Communications and Multimedia Commission (MCMC), is intended to support public policy, particularly in tourism and infrastructure planning. Although authorities have emphasised that the data excludes names and identification numbers, experts warn that by combining the anonymous data with other metadata such as tower location, timestamps and user behaviour, it could still expose individuals to reidentification and cyber threats. According to AI Society president Dr Azree Shahrel Ahmad Nazri, even coarse location data such as cell tower logs can be used to build a person's detailed behavioural profile. 'From just a few days of movement data, researchers can predict who you are with over 90% accuracy,' he claimed when contacted. 'This is why metadata is not truly anonymous.' MCMC, in a media briefing last week, clarified that IMEI numbers and SIM card IDs were not among the data fields requested. However, Azree Shahrel cautioned that even without those identifiers, centralising metadata still poses significant cybersecurity risks. He also warned that such repositories could become high-value targets for hackers, cybercriminals or foreign actors. 'If breached, this data could form a detailed map of user routines, enabling highly targeted attacks or surveillance,' he said. He suggested that persistent identifiers, such as anonymised mobile numbers, be replaced with session-based tags, and that precise timestamps be aggregated to reduce the risk of tracking individuals. Universiti Malaysia Sarawak lecturer Chuah Kee Man echoed those concerns, pointing out that the MPD does not currently violate the Personal Data Protection Act 2010 (PDPA), as anonymised metadata and government agencies fall outside its scope. However, he argued that this legal blind spot still raises red flags. 'The collection is occurring without the public's explicit consent or even knowledge. 'And while it may not breach the PDPA directly, it creates ethical and legal issues surrounding the erosion of privacy rights,' he said. He warned that once data is stored at this scale, it could potentially be used for political profiling, social control or surveillance. 'The integrity of how this data is used relies entirely on those managing it – both now and in the future,' he said. He called for a shift in approach, including the principle of data minimisation, where only essential data is collected, and for the implementation of informed consent policies. 'If the government insists on collecting such data, it must demonstrate a clear need and adopt every possible measure to protect users,' he said. Cybersecurity specialist Fong Choong Fook said public concern about the MPD programme is not unfounded, especially given previous data breaches involving government-linked agencies. 'One of the most notable cases was in 2017, when the personal data of 46 million Malaysians was leaked after the MCMC outsourced work to a contractor. 'Incidents like these continue to shape public scepticism,' he said. The massive data breach in 2017, believed to affect almost the entire population of Malaysia, included lists of mobile phone numbers, identity card numbers, home addresses and SIM card data of 46.2 million customers from multiple mobile phone and mobile virtual network operators. 'Take note that the PDPA does not apply to MCMC. This means that if a data leak were to occur, MCMC would not be held liable,' he said, highlighting a gap in accountability. Fong urged the government to be transparent about the anonymisation process and to release a clear set of guidelines outlining how the data is managed, what safeguards are in place and how privacy is protected. 'There should be a publicly accessible framework, or at least a white paper that can be scrutinised by independent experts. 'We cannot continue operating in a black box,' he said.

Malay Mail

5 days ago

• Malay Mail

Gobind: Naio to submit AI law proposals by end-June, Cabinet brief to follow

SEPANG, June 18 — The National AI Office (Naio) will submit its proposals on artificial intelligence (AI) laws to the Digital Ministry by the end of this month. Digital Minister Gobind Singh Deo said Naio has been tasked with submitting its recommendations on AI legislation to help develop a comprehensive governance framework. 'The Ministry of Digital has commenced the process by holding dialogues with the right now, we are engaging and interacting with all the relevant ministries and agencies. 'Once I get the suggestions from the Naio, we will put up a paper to the Cabinet. We will seek its guidance as to what to do next. If that paper is passed and accepted by the Cabinet, we will have to start work on the bill itself,' he told reporters after launching the RAI Portal here today. Minister in the Prime Minister's Department (Law and Institutional Reform) Datuk Seri Azalina Othman Said yesterday stated that Malaysia is studying to develop AI legislation to address legal complexities in the digital age. She said she has written to Gobind to propose a meeting between the Legal Affairs Division (BHEUU) and the Digital Ministry to initiate a discussion on drafting new AI laws. According to Azalina, Malaysia has no specific laws focused on AI because, unlike traditional technologies, AI operates on an entirely different platform. — Bernama

Malay Mail

5 days ago

• Malay Mail

Gobind: Naio to submit draft law proposals by end-June, Cabinet brief to follow

SEPANG, June 18 — The National AI Office (Naio) will submit its proposals on artificial intelligence (AI) laws to the Digital Ministry by the end of this month. Digital Minister Gobind Singh Deo said Naio has been tasked with submitting its recommendations on AI legislation to help develop a comprehensive governance framework. 'The Ministry of Digital has commenced the process by holding dialogues with the right now, we are engaging and interacting with all the relevant ministries and agencies. 'Once I get the suggestions from the Naio, we will put up a paper to the Cabinet. We will seek its guidance as to what to do next. If that paper is passed and accepted by the Cabinet, we will have to start work on the bill itself,' he told reporters after launching the RAI Portal here today. Minister in the Prime Minister's Department (Law and Institutional Reform) Datuk Seri Azalina Othman Said yesterday stated that Malaysia is studying to develop AI legislation to address legal complexities in the digital age. She said she has written to Gobind to propose a meeting between the Legal Affairs Division (BHEUU) and the Digital Ministry to initiate a discussion on drafting new AI laws. According to Azalina, Malaysia has no specific laws focused on AI because, unlike traditional technologies, AI operates on an entirely different platform. — Bernama