SiberKASA is a initiative by CyberSecurity Malaysia exclusively to develop, empower, sustain and strengthen cyber security infrastructure and ecosystem in Malaysia to combat the growing complex and sophisticated cyber threats and cyber attacks. This is an effort to ensure continued development of cyber security solutions and make avail  CyberSecurity Malaysia’s products and services to industries and individuals in the country.
I want cybersecurity training for me and my staff to be better prepared for any form of cyber attack.
I need guidance for ISMS and usage of Evaluation Labs and have my source codes reviewed.
I fear my system may have been attacked and would like to find out. What security assessments are available?
I want to get my company and products certified to take my organization to the next level and ensure our compliance with relevant security standards
I need to ensure my Cloud is secure and all my websites are secure to provide uninterrupted service to my clients
My hard disk crashed and I need to recover all my important data. Any tools that can help me?
I want cybersecurity training for me and my staff to be better prepared for any form of cyber attack.
I need guidance for ISMS and usage of Evaluation Labs and have my source codes reviewed.
I fear my system may have been attacked and would like to find out. What security assessments are available?
I want to get my company and products certified to take my organization to the next level and ensure our compliance with relevant security standards
I need to ensure my Cloud is secure and all my websites are secure to provide uninterrupted service to my clients
My hard disk crashed and I need to recover all my important data. Any tools that can help me?
In the ISMS Guidance Series, Organizations will be guided in the establishment of information security management framework based on ISO/IEC 27001:2013. Organizations will be able to implement ISMS procedures efficiently and effectively with support from our domain expert in safeguarding critical information and digital assets.
Providing on going upskilling to beginner and seasoned security professionals to ensure highest levels of technical capability and proficient in implementation of security solutions. CyberGuru is the platform for you to find out and learn necessary skills to secure both your IT and OT systems.
Get your globally recognized cyber security certifications in various skills programs through our GlobalACE Scheme. GlobalACE Scheme is an cyber security education scheme designed to grow cyber security professionals that are capable of strategizing, planning and executing cyber security initiatives within their organizations in accordance to international standards
Protecting corporate data with a military grade AES encryption has been made possible with CSM Secure Suite. A 2 factor-authentication solution for organizations such as government agencies and financial institutions. Securing end points with ease and confidence with CSM Secure Suite.
Sanitize your storage devices during hardware upgrades to ensure highest level data security Sanitizing the storage devices that are being replaced mitigates the risk of data leak if and when the replaced drives are reused by other organizations
Tools for Digital Forensic Practitioners developed based on more than 20 yers of experience in the field.
A forensic laboratory does not only deal with evidence analysis; it also involves well- trained and skilled personnel, well-functioned equipment, well-established methods, preservation of evidence and ensuring that confidential data is protected and well-secured. CSM can assist organization in setting up a digital forensics lab at its best quality and credibility.
Concern to manage and protect organizations information security is at its top level when practitioners are constantly assessed. Through which improvement can be made and strategies can be well implemented. BCA helps organizations predict job-fit, training and development roadmap, and job performance that drives better business outcomes while ensuring the confidentiality, integrity and availability of organizations’ information.
In the activity of identifying and detecting vulnerabilities in your organization’s digital ecosystem it is critical to keep your security posture in check. SPA is a comprehensive exercise that will identify security loopholes in the digital eco system of the organization hence Improve readiness of the business against any potential cyber risks.
This assessment is specifically designed to cater Critical Industries needs to secure its industrial control system. Industries such s oil and gas, electricity, water and waste treatment, manufacturing, chemical and transportation are main users of SCADA system and they are also key drivers for National economy. Having the system constantly in checked is the smartest way possible for a secured operations.
App development is an increasing critical area in the digital world as many businesses rely on apps to act as the new age marketplace. The PSCA is specially designed to review source code for PHP programming and structural faults that may lead to possible security defects in the developed apps. This assessment will arm developers with information in order to make application source code more secure and comply with safe development technique.
TTSA aims to help validate legality of an organization involved in e-business. Through which consumer can identify which website belongs to a trustworthy e-business operator.
Backdoor in a computer system, network, or software application often used by cybercriminals to steal personal and financial data, install additional malware, and hijack devices. CSM offer a backdoor scanning services to ensure the systems in the organization are clean from backdoor infection for a more secured and efficient operations.
Lebahnet is a honeypot system sensors that is set up as a decoy to lure cyberattackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems. LebahNet will allow users to get first hand cyber attacks and malware samples as well as the latest cyber threat trends. It comes with a sensor that will be installed at organizations’ network and centralized management server for dashboard, log management, analysis platform and alert management.
ISGRiC, which stands for Information Security Governance, Risk and Compliance is a solution by CSM that aims to enable the measurement of the performance and effectiveness of information security controls in an organization. It features an interactive and practical dashboard that are accessible in any device with an internet connection.
Good news to organization and public whose mobile devices has been compromised or facing security issues. CSM is offering a mobile incident analysis service that will provide detailed analysis report for mobile incidents for a more secured usage of mobile devices.
Targeted to Government and Law Enforcement Agencies, the DF Case Management System is built and designed based on ISO 17025 requirement to efficiently conduct Digital Forensics Cases.
This service addresses concern on Electronic Stored Information (ESI) in order to provide solution to civil litigation or government investigation.
As cloud has become the major platform for organizations to store corporate information and data, the security of it has also become one of the major concern. The Cloud security assessment service is able to enhance governance and control for cloud infrastructure deployment. It will identify and fix system weakness on the implementation of cloud computing environment.
Cloud Security Audit for ISMS requirements focuses on cloud security audit on IaaS, PaaS and SaaS platform for Cloud Service Subscribers (CSS), Cloud Service Providers (CSP) and Cloud Service Brokers.
CSM CSIRT Consultation will guide organization in setting up their own Cyber Security Incidents Response Team to help reduce financial or reputational losses during cyber incidents. By having an Incident Respond Team being set up at an organization, they will have the benefit of containing incident at early stage before it propagates the entire network which will results in huge damage.
CyberDrill Exercise will involved setting up scenarios that simulate real world cyber attacks by CSM Analyst. This will increase organizations’ ability and knowledge in handling cyber attacks or incidents. As a result, organizations will be more ready and resilient in the digital world.
Stands for Cyber Detection, Eradication and Forensics, CyberDEF is a service that provides pro-active cyber defence forensics services to mitigate operational risk in the cyber space. CyberDEF will Ensure cyber incidents happened in an organization are investigated thoroughly by identifying caused of cyber intrusion, APT malware and ransomware by detecting threat, eradicate source and conduct forensic investigation.
MyCSC Data Recovery is a solution offered by CSM to recover data from damaged, failed, corrupted or inaccessible digital storage media. Data security and confidentiality is a core component of the service and is emphasized at each step of the process.
To improve competitiveness of Malaysian ICT products globally hence gain access to international market, CSM is offering MyCC evaluation and certification scheme to ICT product developers both local and international. This Scheme is a systematic process for evaluating and certifying security functionality of ICT products based on defined criteria or standards. This scheme ensures high standards of competence and impartiality as it is based on the international standards of ISO/IEC 15408 which is known as Common Criteria (CC).
BCMS Certification Scheme is based on the ISO 22301 international standard for organization that envisions for resiliency in their business operations. BCMS certification helps organisations to plan an effective business continuity management to protect against, reduce the likelihood of, and ensure business recovers from disruptive incidents.
Service offered by CSM to give assurance to businesses on website security and privacy protection by conducting compliance checking on Content and Multimedia Act based on Content Code.
The ISMS Certification scheme will help organizations in ensuring the confidentiality, integrity and availability of its information that shall result in achieving business efficiency and minimized business loss. The ISMS certification scheme is based on the ISO/IEC 27001 international standard that focuses on the aspect of information security.
The Penetration Tester Service Provider (PTSP) scheme focuses on the development and competitiveness of local companies and penetration testing consultants. As the increasing demands for professionalism in the cyber security job market specifically penetration testing, this scheme provides assurance to organization in engaging a well trained and top quality ethical hacker. The PTSP also act as a platform to foster cooperation and industry collaborations among players.
CyberSecurity Malaysia Randomness Test Tool (CRTT) is a product based on NIST Statistical Test Suite package. CRTT is a cryptographic tool to evaluate randomness of binary sequences produced by either hardware or software based random or pseudorandom number generators. Specifically developed to cater the needs of cryptographic product developers, testers and evaluators.
The MyCEL Lab is the only lab in Malaysia that has been awarded with National Voluntary Laboratory Accreditation Program (NVLAP) accreditation for cryptographic and security testing. MyCEL is able to perform testing of cryptographic modules and cryptographic algorithm implementations against the security requirements set forth in FIPS 140-2. Local Products certified according to FIPS 140-2 will have higher market value and meet the procurement requirements set by some external government agencies.
The TSA stands for Technology Security Assurance aims to test the security functions of developed technologies or digital products. The process of evaluation is shorter than MyCC certification and the cost is cheaper. Targeting developers whose intention is to market their product locally.
IPSA aims to assess the security function of locally built ICT products. It is relatively quicker and more cost-efficient assessment compared to MyCC Scheme.
The Cloud Security Compliance Audit is specifically built for Cloud service providers and developers in ensuring the compliance of security function of their platform being offered.
I want cybersecurity training for me and my staff to be better prepared for any form of cyber attack
I need guidance for ISMS and usage of Evaluation Labs and have my source codes reviewed
I fear my system may have been attacked and would like to find out. What security assessments are available?
I want to get my company and products certified to take my organization to the next level and ensure our compliance with relevant security standards
I need to ensure my Cloud is secure and all my websites are secure to provide uninterrupted service to my clients
My hard disk crashed and I need to recover all my important data. Any tools that can help me?
We can suggest the best solution for you by selecting the answer above.
We want to train and create awareness among our staff on the latest cyber threats
We want to take our company cybersecurity to the next level
I want to upgrade my skills as cybersecurity professionals
We want to get our product tested and certified
{ WE FORESEE, ADAPT AND PROTECT YOUR CYBER SECURITY }
Custodian of the most advanced
cybersecurity labs in Malaysia
Custodian of the most advanced cybersecurity labs in Malaysia
Manage & Protect
Identify & Detect
Respond & Recover
Governance & Compliance
We use cookies and other tracking technologies to improve your browsing experience on our website, to show you personalized content and targeted ads, to analyze our website traffic, and to understand where our visitors are coming from. By browsing our website, you consent to our use of cookies and other tracking technologies.
