CyberSec Malaysia 2025: CyberSecurity Malaysia’s Keynote Reveals the Country Is Not Up to Speed on Cyber Resilience

This year, CyberSecAsia made its way through Malaysia once again. Some frequent sponsors made a repeat appearance from last year. Among them were Cato Networks, Sentinel One, ESET, and Ping Identity, alongside numerous channel partners which Netpoleon is a distributor for. Some new sponsors also made an appearance, along with old sponsors making a comeback to Malaysia such as Akamai, Failaina, and SendQuick .

For two days (28th and 29th May), CyberSecAsia saw experts and thought leaders in the cybersecurity industry sharing their insights. Among them were Ts. Wan Roshaimi Wan Abdullah, CTO of CyberSecurity Malaysia, who gave his keynote speech on morning of the last day. His keynote underscored the increasingly complex landscape of cybersecurity in Malaysia specifically.  

Abdullah walked up to the podium and dove right into the issues around the cyber ecosystem that is rapidly growing. The world is now seeing advancements in Artificial Intelligence (AI), Internet of Things (IoT), 5G, and quantum encryption. Hearing of these advancements used to sound exciting, but if recent developments have shown anything, these technological advancements are actually now a double-edged sword. That’s because bad actors have added these technologies in their arsenal as well.

This is an unfortunate consequence of innovation that Abdullah pointed out, saying: “Every convenience comes with risks” This is true not only for external threats but for internal vulnerabilities as well. With new technologies and products, one can say that they have been vigorously tested, but the true threats and gaps will not be discovered until the public uses them. 

Abdullah then asked the crowd:  “Do you see these technological changes as a transformation or a disruption?”

It was no doubt an interesting question that caused quite the stir as murmurs began breaking out in the crowd and differing opinions were put forth. One attendee within earshot audibly chose disruption. So, amongst the attendees, at least for this event in Malaysia, there appeared to be some hesitation towards the evolving cyber landscape. This made a bit more sense when Abdullah pointed out Cybersecurity Malaysia’s findings that Malaysia saw a 78% spike in ransomware last year. Additionally, scam dominance in Malaysia was at 72.1% (comparatively, global scams were only 6%). Lastly, their findings revealed that Malaysia saw over a RM 1 billion lost to cyberattacks.  

Abdullah had warned attendees that external bad actors are not the only contributors to these shocking statistics. Abdullah pointed out that these adverse events in cybersecurity are also due to insider threats, which are vulnerabilities within an organisation’s systems as well as the employees either practicing cyber hygiene inadequately or not practicing it entirely. Even more, insider threats can be employees or people within an organisation. They do not necessarily have to be disgruntled members; they could even be ignorant individuals who are not thoroughly briefed in the company’s cybersecurity protocols and solutions (that is, cybersecurity hygiene). This is why they are more likely to fall for a scam, like impersonation attempts, deepfakes, and phishing.

Furthermore, with new solutions and features emerging in technology, employees can become a weak point if they are not trained or educated properly in terms of using said technologies. To this end, businesses can expect cyber scammers to continuously look for ways to breach organisations.

Abdullah closed his keynote with a firm reminder: “You have to go back to basic hygiene… and make sure all small things are fixed”

For those who did not attend CyberSecMalaysia 2025 this year but are on the lookout for cybersecurity solutions, remember this: While cybersecurity vendors and providers will always be on the frontlines against bad actors and scammers, it is not enough to rely on their solutions alone. Organisations must make sure their employees are aware and capable on how to use these solutions properly to ensure cyber hygiene. Otherwise, it will be them (the employees and people in these groups) who will become the weakness and the way in for cyber scammers.