Modern societies in industrialized and developing nations share the common advantages and ailments of new technologies. The advent of digital transactions and activities has given birth to a world inter-connected by information networks that boost innovation and productivity, as well as accelerate knowledge-sharing and nation-building. Such interconnectivity also comes with vulnerabilities that need to be constantly addressed; with continuous threats coming from those who seek to exploit those vulnerabilities for monetary and non-monetary gains.
Organisations designated under the 10 Critical National Information Infrastructure (CNII) sectors, namely National Defence and Security, Banking and Finance, Information and Communications, Energy, Transportation, Water, Health Services, Government, Emergency Services and Food and Agriculture, continuously strive to ensure their operations, services, transactions, information and activities are constantly protected against the various threats.
The CNII organizations are also guided by their respective sectoral Computer Security Incident Response Team (CSIRT) or Computer Emergency Response Team (CERT) that will generally anticipate, monitor, identify and address threats affecting their constituents. The respective CSIRTs or CERTs will also issue security advisories and alerts in response to vulnerabilities or incidents to ensure readiness among constituents and stakeholders in mitigating network-borne threats.
At present, the National Cyber Coordination and Command Centre (NC4) under the National Cyber Security Agency (NACSA) serves as the National Computer Emergency Response Team, supported by MyCERT under Cyber Security Malaysia (CSM), the Cyber Defence Operations Centre (CDOC) under the Ministry of Defence and the MCMC Network Security Centre (MCMC NSC).
In addition to the above, MCMC also works closely with the Working Group 6 on Security, Trust & Privacy under the Malaysian Technical Standards Forum Bhd (MTFSB), which is the designated Technical Standards Forum (TSF) under the Communications and Multimedia Act 1998 (CMA98), to develop Information and Network Security Technical Codes for the Communications and Multimedia sector in Malaysia. The various Technical Codes outline the requirements towards ensuring security and resiliency for the sector and may also serve as references to other organisations and the public at large.