(Tax Update) Overview of Cyber Security Act 2024
(Tax Update) Overview of Cyber Security Act 2024
On August 26, 2024, Pasarana Malaysia Bhd confirmed a cybersecurity incident involving unauthorized access to parts of its internal systems due to a ransomware attack.
On the same day, four new subsidiary legislations under the Cyber Security Act 2024 came into effect, focusing on risk assessments, licensing of service providers, offence compounding, and incident notification.
Key Highlights of the Cyber Security (Notification of Cyber Security Incident) Regulations 2024
Immediate Notification: Entities must promptly report any known or suspected cybersecurity incidents.
First Reporting Within 6 Hours: Initial information, including details about the incident's type, severity, and discovery method, must be submitted within six hours of becoming aware of the incident.
Supplementary Information Within 14 Days: Additional details regarding the incident and its impact must be provided within fourteen days.
Ongoing Updates: Further updates may be required as directed by the Chief Executive.
Submission Method: Reports should be submitted via the National Cyber Coordination and Command Centre System or other methods as directed in case of system disruptions.
Key Features of the Cyber Security (Compounding of Offences) Regulations 2024
Compoundable Offences: The regulations identify certain offences eligible for compounding, typically involving compliance failures by entities managing critical information infrastructures.
Compounding Process: The Chief Executive of NACSA may offer to compound offences, with a 30-day period for offenders to make electronic payments to avoid prosecution.
Definition and Scope of NCII Entities
National Critical Information Infrastructure (NCII) entities in Malaysia are organizations that own or operate computer systems whose disruption or destruction could significantly impact essential services, such as security, defense, foreign relations, economy, public health, public safety, or public order.
These entities are categorized within eleven sectors: government, banking and finance, transportation, defense and national security, information and communication, healthcare, water and waste management, energy, agriculture, trade, and science and technology.
Key Takeaways
Mandatory Compliance: NCII entities and cybersecurity service providers must strictly adhere to these regulations to avoid severe penalties, including fines and imprisonment.
Efficient Enforcement: The regulations enable streamlined enforcement, allowing certain offences to be swiftly resolved through compounding.
Proactive Management: Companies must integrate these new requirements into their cybersecurity strategies to ensure compliance and mitigate legal and operational risks.
The Cyber Security Act 2024 and its accompanying regulations mark a significant enhancement of Malaysia’s cybersecurity framework, aiming to protect the country's digital landscape.
Visit Us
Wisma KTP, 53 Jalan Molek 1/8, Taman Molek, 81100 Johor Bahru
Wisma THK, 41, Jalan Molek 1/8, Taman Molek, 81100 Johor Bahru
KTP (Audit, Tax, Advisory)
An approved audit firm and licensed tax firm operating under the KTP group based in Johor Bahru providing audit, tax planning, advisory and compliance services to clients
Website www.ktp.com.my
Instagram https://bit.ly/3Rko5kN
Linkedin https://bit.ly/3sapf4l
Telegram http://bit.ly/3ptmlpn
THK (Secretarial, Bookkeeping, Payroll, Advisory)
A licensed secretarial firm in Johor Bahru providing fast reliable incorporation, secretarial services, corporate compliance services, outsourcing bookkeeping, and payroll services to clients
Website www.thks.com.my
Facebook https://bit.ly/3nQ98rs
KTP Lifestyle
An internal community for our colleagues on work and leisure.
Tiktok http://bit.ly/3u9LR6Q
Youtube http://bit.ly/3ppmjyE
Facebook http://bit.ly/3ateoMz
Instagram https://bit.ly/3jZpKLo
KTP Career
An external job community on vacancies in Johor Bahru for interns, graduates & experienced candidates.
Instagram https://bit.ly/3u2PxHg
Facebook http://bit.ly/3rPxz9o