PUTRAJAYA: The Malaysian Communications and Multimedia Commission (MCMC) has introduced the Guidelines on Information and Network Security for the Communications and Multimedia Industry (INSG) to enhance the country’s information and network security as well as the communications and multimedia industry’s resilience.

In a statement, MCMC said the INSG serves as a “best practices” framework and is not mandatory at this point.

“It is applicable to all service providers under the Communications and Multimedia Act.

“However, other industries can also adopt the INSG as part of their cybersecurity measures if deemed necessary,” it said yesterday.

MCMC encourages the industry to try operationalising these best practices as part of their proactive measures to strengthen cybersecurity across the communications and multimedia industry.

“This approach allows service providers sufficient time to adapt to the INSG and provide feedback for improvement.

“The INSG is not about adding extra regulations. Instead, it aims to enhance the capability and readiness of service providers to manage cyber risks, mitigate data breaches, minimise disruptions through strengthened network infrastructure and protect consumers from online harms,” it said, Bernama reported.

During the development phase of the INSG, MCMC actively engaged with various stakeholders, including cybersecurity firms, security consultants, licensee data centres and cloud service providers, as well as ministries, government agencies, regulators, non-governmental organisations, academia and forums affiliated with MCMC.

“The feedback, suggestions and insights provided were carefully evaluated and, where appropriate, incorporated into the INSG.

“This inclusive and transparent approach underscores MCMC’s commitment to address the diverse needs and concerns of stakeholders while ensuring adherence to best practices in cybersecurity management.”

It added that MCMC views the INSG as a pivotal step in safeguarding Malaysia’s digital ecosystem, ensuring secure and resilient network infrastructures for all.

The new framework highlights MCMC’s ongoing efforts to address the challenges of an increasingly complex cyber landscape while fostering trust and safety in the nation’s digital environment.

The guidelines were created with several objectives, including protecting Malaysian Internet users and ensuring service providers can address cyber threats such as ransomware, Distributed Denial-of-Service, phishing, scam, fraud, child sexual abuse material and cyberbullying.

The guidelines defined online harm, among them, as intimidation and threats, online harassment, child sexual abuse, disinformation, trolling and sexual extortion.

Other activities by cybercriminals included distributing spam, spoofing, phishing, robocalls, identity theft, scam, malware and offensive content.

It said the INSG shall come into effect “on a date as determined by the commission and shall continue to be effective until revoked by the commission”.

More information about the guidelines can be found at https://www.mcmc.gov.my.