This article first appeared in Digital Edge, The Edge Malaysia Weekly on March 24, 2025 - March 30, 2025

In 2023, businesses across Malaysia experienced an average of 74,000 cyberattacks per day, totalling around 26.85 million attacks for the entire year. Additionally, Malaysia ranked as the eighth most breached country in the world.

The trend continued upward in 2024, with businesses and organisations encountering 19.62 million attacks in just the first half of the year. As Deputy Prime Minister Datuk Seri Ahmad Zahid Hamidi noted, Malaysia incurred over RM1.22 billion in financial losses due to cybercrime over the past year.

This year, the number of cyberattacks is expected to increase due to the rapid growth of digital dependence. Malaysia continues to adopt new technologies, resulting in a growing reliance on digital infrastructure, which makes the country more vulnerable to cyberattacks, ransomware, zero-day vulnerabilities and phishing scams.

Additionally, a significant talent gap exists in the cybersecurity field in Malaysia. Currently, there are only 15,248 active cybersecurity professionals, which is far below the required 27,000 skilled experts needed to adequately address these challenges.

Another contributing factor is the large number of outdated or unpatched devices in the region. Our data shows that many attackers worldwide leverage such devices, particularly in developing countries across Southeast Asia, to launch DDoS (distributed denial-of-service) attacks on various regions, including the US and Europe.

For targets within Southeast Asia — especially in Malaysia — the threat is even more severe because the shorter distance to attacking devices, combined with higher available bandwidth, makes these attacks significantly more effective.

To address these challenges and reduce risks, businesses, including small and medium enterprises (SMEs), are adopting multilayered cybersecurity strategies. They encompass advanced endpoint protection, network security, encryption and secure payment gateways.

Compliance with regulations such as Malaysia’s Personal Data Protection Act (PDPA) and the new Cybersecurity Bill 2024 is also assisting SMEs in aligning with best practices for data protection.

But the most simple step would be creating a response plan for the most common threats, such as DDoS attacks, ransomware and breaches of critical systems (for example, CRM systems leading to data deletion).

A concise action plan should be developed, specifying who to contact in case of an attack and what steps to take. With the help of a qualified consultant, this process should take no more than a week.

Why is such a plan important? Because it enables quick response times. In a high-stress situation, when everything seems to be falling apart, it is difficult to act without predefined steps. The plan should be printed, laminated and stored securely for easy access during emergencies.

Training team members can reduce cyberattacks too. Many SMEs are implementing employee training programmes to raise awareness about phishing attacks and promote safe online behaviour, as human error remains a major vulnerability.

Additionally, CyberSecurity Malaysia has launched awareness initiatives specifically designed for SMEs, aimed at helping staff avoid pirated software and adopt basic protective measures to enhance the company’s cybersecurity.

We believe that all employees, regardless of their role, should participate in these training programmes rather than rely solely on cybersecurity specialists for protection. These training initiatives should be ongoing, as hackers and other malicious actors are continuously evolving their methods and developing increasingly sophisticated attacks.

Further mitigation steps would depend on the types of attacks that are typical in a particular field where organisations work; for instance, banks and flower shops do not experience the same types of attacks. It is essential to outline not only potential threats but also identify who might target the company (such as competitors, extortionists, hacktivists and more) and why.

Regarding investments in cybersecurity, those could be minimal if the risk is negligible, or it could be significantly higher if the risk is substantial. To estimate costs, it can be useful to analyse how much competitors are investing in cybersecurity.

One simple approach is to check LinkedIn and assess the number of cybersecurity professionals employed by similar companies. A smart strategy is to invest at least as much as competitors — preferably slightly more — since being better protected than the industry average is crucial.

When hackers target banks or mid-sized retail businesses in Malaysia, the least-prepared companies will suffer the most, followed by those with average protection. The best-protected companies will be the last to be affected, if at all.

Andrey Leskin is the chief technology officer of network security provider Qrator Labs

Save by subscribing to us for your print and/or digital copy.

P/S: The Edge is also available on Apple's App Store and Android's Google Play.