Cyber Resilience from the Ground Up:
Human-Centric Strategies for a Safer Digital Malaysia

Friday, 1 August 2025 |
3 mins read

In general, cybersecurity often related to regulations, infrastructure and investment, however, the real resilience starts with people. In our conversation with Roshdi Ahmad, Chief Operating Officer at CyberSecurity Malaysia, we explore how human-focused initiatives, from talent development to public awareness are shaping national readiness.

Roshdi Ahmad
Chief Operating Officer
CyberSecurity Malaysia

Q1. How is Malaysia strengthening public awareness and human capital in cybersecurity?

Roshdi: CyberSecurity Malaysia, the technical cybersecurity specialist agency under the Ministry of Digital, plays a pivotal role in safeguarding Malaysia's digital landscape. As the nation's technical agency, we've invested heavily in people-centric development to build a resilient ecosystem. Our focus goes beyond technology, we're prioritising human readiness. Some of our key initiatives include:

Digital Resilience Programme

Provides cyber takaful which includes cyber awareness and protection, risk consulting and strategic advisory for organisations and individuals to manage emerging threats proactively.

CyberSAFE, Global ACE, and CyberGuru

Programmes targeting cyber literacy, professional training and technical leadership development.

We’re building a security-aware culture, not just training professionals, but also educating families, students, and frontline users. Telcos like TIME dotCom have an opportunity to amplify the reach of these programmes by integrating them into their service ecosystems, supporting public awareness, and making cybersecurity literacy a shared priority across sectors.

Q2. What makes these public programmes truly impactful?

Roshdi: They are built on three core pillars:

1

Training & Certification

Growing cybersecurity talents.

2

Community Outreach

Spreading cyber awareness among students, families, and the wider community.

3

Capability Building

Enhancing strategic and technical leadership in cybersecurity across sectors.

We're not just building skillsets; we're building a culture of shared responsibility.

Q3. How can organisations help scale cybersecurity awareness across Malaysia?

Roshdi:

  • Embedding internal and external awareness content.
  • Partnering to co-develop cybersecurity training or tools.
  • Using their platforms to amplify public awareness and cyber literacy campaigns.
  • Requesting their partners and vendors to play their part in creating cybersecurity awareness.

With millions of users across sectors, working together allows us to push cybersecurity awareness into every home and business.

Q4. What happens when organisations are not prepared for cyber threats?

Roshdi: According to Cisco's 2025 Cybersecurity Readiness Index, only 3% of organisations in Malaysia have achieved the 'Mature' level of readiness required to effectively withstand today's cybersecurity. Over half of Malaysian organisations (57%) reported suffering cyberattacks in the last year, often exacerbated by complex and disparate security frameworks.

The goal of cyber preparedness has always been about reducing the possibility of the organisation being a target of cyber threats and in the event of an attack, reduce the potential loss due to the attack. Some of the initiatives the organisations can implement are:

Proactive Cybersecurity Measures

Organisations must implement comprehensive strategies, including regular system updates, employee training and intrusion detection systems.

Incident Response Planning

A well-defined response plan ensures a swift, coordinated reaction that minimises operational and reputational damage.

Data Backups

Regular backups allow organisations to restore critical data without needing to comply with ransom demands.

It’s a reminder that preparedness must come before crisis, not after. Many organisations only act after a breach. But by then, the damage is done both financial and reputational.

Q5. Are there proactive cybersecurity success stories we can learn from?

Roshdi: Yes. Several Malaysian organisations have avoided major incidents because of early adoption of cyber frameworks, timely software patching and investment in monitoring systems. Resilience works best when it’s proactive, not reactive.

What you can do today:

Prioritise security at the board level

Prioritise security at the board level

Train employees continuously

Train employees continuously

Deploy proactive security measures

Deploy proactive security measures

Conduct regular risk assessments and supply chain audits

Conduct regular risk assessments and supply chain audits

Audit credential and access controls

Audit credential and access controls

Enforce MFA across systems

Enforce MFA across systems

These measures help minimise the risk of cyber attacks and minimises the potential loss.

Q6. Why must cybersecurity initiative go beyond tech?

Roshdi: Despite advanced infrastructure, human error and social engineering remain the top causes of breaches and vulnerabilities. With AI-powered scams and identity theft on the rise, awareness must evolve alongside technology. Public-private partnerships are key to making cybersecurity accessible, actionable and embedded into daily digital life.

While frameworks and technology form the foundation of cybersecurity, true resilience is built through people. From training professionals to educating the public, Malaysia is making strong strides in building a more secure digital future. As Roshdi Ahmad shared, when awareness and action go hand in hand, every layer of society becomes part of the defence. With the right focus and collaboration, Malaysia can be better prepared to face the evolving threats.

Secure Your Business with Confidence

From ransomware to insider threats — let’s tailor a cybersecurity solution that protects what matters most.

TIME TO TALK
Back to Security

About Time

Our Company

Newsroom

Investor Relations

Career

Sustainability

Governance

Reference Access Offer

More From Time

Home Fibre

Time Business

Time Enterprise

Time Wholesale

Emit Solar

Time Charge N Go

Help

Live Chat

FAQ

FAQ

Application Status

Announcements

Follow Us

Download App

Copyright 2025 TIME dotCom Bhd 199601040939 (413292-P). All rights reserved.

Redress your complaints at the Consumer Forum Malaysia CFM www.cfm.my/complaint-channels