Mandatory cybersecurity audits urged to prevent personal data leaks in Malaysia

Malaysia's cybersecurity defenses are considered weak due to the absence of mandatory regular audits for both public and private organizations, according to an expert. Professor Datuk Dr. Mohamad Fauzan Noordin, a lecturer in Information Technology at the International Islamic University Malaysia (IIUM), stated that this oversight allows numerous security weaknesses within systems and websites to go unnoticed until data breaches occur.

Professor Noordin highlighted that the current situation creates significant vulnerabilities, leaving organizations open to data leaks. He emphasized the critical need for organizations to conduct periodic cybersecurity audits to proactively identify and address weaknesses in their systems. This proactive approach is essential for safeguarding sensitive personal data.

“

The level of cyber data protection in Malaysia is still weak because periodic cybersecurity audits are not mandatory for public and private organizations to identify weaknesses in their systems.

The report from Utusan Malaysia on June 17th underscores the urgency of this issue. The lack of a mandatory audit framework means that potential security flaws are often discovered only after sensitive information has already been compromised. This reactive approach is insufficient in the face of evolving cyber threats.

Implementing mandatory cybersecurity audits is presented as a crucial step to enhance the overall security posture of Malaysian organizations. Such a requirement would compel entities to regularly assess their digital defenses, ensuring compliance with best practices and mitigating the risk of devastating data breaches. This measure is vital for protecting the personal data of citizens and maintaining public trust in digital services.

“

This situation causes many security weaknesses in the systems and websites of organizations to go undetected earlier, thus opening up space for data leakage incidents.