By Sonny Zulhuda
A new legislation brings new risks and opportunities. That’s so true about this new law, Cyber Security Act 2024 (Act 854). The Information Security Certification Body (ISCB) under CyberSecurity Malaysia (CSM) invited me to address their audience who are eventually their clients and partners on 26th November at Dorsett Putrajaya.
Having a privelege of experiencing the legislative preparation of this Act, I explained the background and objectives of the Act, and the roles it creates as well as the interplay between those roles.
The main roles under CSA 2024 are:
1. National Cyber Security Committee (NCSC), headed by the Prime Minister as the Chairman;
2. The Chief Executive of NACSA;
3. NCII Sector Lead (Currently there are 11 sectors);
4. NCII Entity.
(NCII: National Critical Information Infrastructure)
The session lasted three hours. It was quite a comprehensive sharing. Followed by Q&A, networking and…… LUNCH! 
My engagement with CSM (formerly known as NISER) started back in 2005 when I was in a team that worked on the National Cyber Security Policy commissioned by the Ministry of Science, Technology and Innovation (MOSTI).
Three years ago, I was formally appointed by ISCB of CSM as a subject matter expert on data protection law. Today’s event is a continuation of my contribution and engagement with the industry. Fitting myself in real-world industry and practical issues always feels great and rewarding. It is an opportunity for learning, unlearning and relearning.
TRIBUTE 