MEDIA RELEASE
CERTIFIED CHIEF INFORMATION SECURITY OFFICER (C|CISO) INITIATIVE STRENGTHENS CYBERSECURITY LEADERSHIP IN THE PUBLIC SECTOR
KUALA LUMPUR, 3 June 2025 – The Cyber Security Act 2024 (Act 854), which came into effect on 26 August 2024, establishes a comprehensive regulatory framework to enhance national cybersecurity. The Act comprises six main parts, including the establishment of the National Cyber Security Committee (JKSN) chaired by the Prime Minister, the empowerment of the Chief Executive of the National Cyber Security Agency (NACSA), and specific provisions concerning National Critical Information Infrastructure (NCII) entities.
Among its core elements are mandatory compliance with cybersecurity policies, standards and codes of practice; compulsory incident reporting through the National Cyber Coordination Centre (NC4); and regular audits and risk assessments. This systematic, risk-based regulatory approach requires each NCII entity to implement proactive cybersecurity controls, under continuous oversight and enforcement by NACSA.
In line with the compliance requirements outlined in the Act, the need for a professional, competent and qualified cybersecurity workforce has become increasingly critical. Only through a cadre of information security officers who understand legal mandates and possess both technical and strategic expertise can effective and sustained compliance with Act 854 be achieved. Therefore, initiatives such as the Certified Chief Information Security Officer (C|CISO) certification programme by CyberSecurity Malaysia are highly relevant in strengthening cybersecurity leadership across the public sector and NCII entities.
To support the implementation of this Act and address strategic capacity-building needs, the Ministry of Digital, through CyberSecurity Malaysia, today launched the Cybersecurity Professional Capability Development Programme – Certified Chief Information Security Officer (C|CISO), targeted at officers from ministries and government agencies. The programme aims to produce capable, globally recognised information security leaders, thereby bolstering the public sector’s preparedness in facing increasingly complex cyber threats.
As an initial phase, several officers from CyberSecurity Malaysia have undergone C|CISO certification training, demonstrating an early commitment to implementing the programme comprehensively. This achievement also serves as an important benchmark in establishing cybersecurity professionalism standards within the public sector.
The launch was officiated by Yang Berhormat Tuan Gobind Singh Deo, Minister of Digital. Also present were Tuan Fabian Bigar, Secretary-General of the Ministry of Digital, and Dato’ Ts. Dr Haji Amirudin bin Abdul Wahab, Chief Executive Officer of CyberSecurity Malaysia.
Minister of Digital, Mr. Gobind urged all cybersecurity practitioners to seize this opportunity to participate in the programme in order to enhance their skills and capabilities in facing today’s evolving and complex cybersecurity challenges. He noted that the implementation of this programme marks a significant step in developing competent cybersecurity expertise, while strengthening organisational preparedness against digital threats and reinforcing Malaysia’s role as a leader in producing highly skilled digital talent.
The programme is further supported by strategic assistance from the Ministry of Human Resources (KESUMA) through the Human Resource Development Corporation (HRD Corp), which is a key enabler for the programme’s realisation. Collaboration has also been established with EC-Council Asia Sdn. Bhd., an international strategic partner providing the C|CISO training and certification.
The initiative will be implemented over four sessions from late May to June, covering five key domains: cybersecurity management, data protection, legal compliance, risk management, and digital standards compliance. These are designed to strengthen participants’ capabilities in protecting information assets and managing organisational cybersecurity effectively.
-END-
Issued by:
Jabatan Pemasaran & Komunikasi Korporat, CyberSecurity Malaysia