Page 36 - 20v•Cyber Security Strategy 2020-2024
P. 36

36      Malaysia Cyber Security Strategy 2020-2024

                                               We will establish a data leakage
             CNII: 11 SECTORS                  protection mechanism through the
                                               adoption
                                                           and
                                                                                      of
                                                                   implementation
                                               policies,  procedures  and  guidelines
                         National Defence      related to data protection, public
                         and Security          key    infrastructure  and    electronic
                                               information management. This will be
               Banking and                     realised through the development of
                    Finance                    data  leakage  protection  policy  and

                                               guidelines as well as the execution
                         Information and       of  the  National  Cryptography  Policy,
                         Communication         which    outlines  the   methods     and
                                               strategic  approach  in  the  use  and
                                               creation  of  cryptographic  algorithms
                     Energy                    and cryptography products to protect

                                               information that are of national interest.

                         Transportation        Management  of  vendors  that  deal
                                               with government and CNII agencies
                                               will also be improved  to minimise  data
                      Water                    privacy  and security risks.  Awareness
                                               initiatives will be conducted on supply
                                               chain threats. Supply chain security
                         Health Services       management       will   be    integrated
                                               into agency procurement and risk
                                               management         process.     Vendors,
                                               products and services shall be assessed
                Government
                                               to identify those with high risk and
                                               mitigated accordingly. Third parties that

                         Emergency             are awarded with government projects,
                         Services              especially on ICT, will be required to
                                               adhere to information security standards
                                               and practices such as the International
                Agriculture                    Organization for Standardization and
              and Plantation
                                               the    International    Electrotechnical
                                               Commission’s ISO/IEC 27001:2013 and

                          Trade, Industry      ISO/IEC 27002:2013 as well as having
                          and Economy          the necessary cyber  security and
                                               information security experts in place.
   31   32   33   34   35   36   37   38   39   40   41