In an era defined by rapid technological advancement and increasing digital interdependence, cybersecurity has emerged as a foundational pillar for sustainable economic growth and societal well-being.
Recognizing this imperative, the Sarawak state government, through the Sarawak Multimedia Authority, launched CyberSarawak on October 16, 2024, during the International Digital Economy Conference Sarawak 2024 in Kuching.
This comprehensive initiative, bearing the motto “Stay Safe, Stay Smart, Stay Secure,” represents a strategic response to the escalating sophistication of cyber threats and underscores Sarawak’s commitment to fostering a secure, inclusive, and trustworthy digital ecosystem aligned with the Sarawak Post COVID-19 Development Strategy 2030 and the Sarawak Digital Economy Blueprint 2030.
The launch, officiated by Sarawak Premier Datuk Patinggi Tan Sri (Dr) Abang Haji Abdul Rahman Zohari bin Tun Datuk Abang Haji Openg, marked a significant milestone in the state’s digital transformation journey, emphasizing that robust cybersecurity measures are not merely technical safeguards but essential enablers of public confidence, economic participation, and the integrity of critical digital infrastructure.
CyberSarawak was conceived against a backdrop of alarming global trends in cybercrime, which is projected to grow at an annual rate of fifteen percent and reach an estimated USD$10.5 trillion in damages by 2025.
This pervasive threat landscape affects all sectors, from government services and financial institutions to small businesses and individual citizens, making a coordinated, whole-of-society approach to cybersecurity indispensable.
The initiative is structured around three interconnected pillars known as the 3S Programme, each addressing a distinct yet complementary dimension of cybersecurity resilience.
The first pillar, Stay Safe, focuses on creating immediate protective measures for individuals and businesses by establishing a centralized platform for reporting cybersecurity incidents.
This component includes a dedicated help desk that assists victims of cyber threats in documenting incidents, receiving expert guidance, and accessing relevant support resources, thereby reducing response times and mitigating potential harm.
By providing a clear and accessible channel for incident reporting, Stay Safe aims to demystify the process of seeking help after a cyber-attack, encouraging greater public participation in collective threat detection and response.
This proactive stance not only supports affected parties but also generates valuable data that informs broader threat intelligence and policy development efforts within the state.
The second pillar, Stay Smart, emphasizes the critical role of education and awareness in building long-term cyber resilience, particularly among underserved communities that may lack access to digital literacy resources.
Recognizing that human behaviour remains one of the most significant vulnerabilities in cybersecurity, this programme prioritizes outreach initiatives designed to equip citizens with practical knowledge on secure online practices.
A flagship component of Stay Smart is the Train-the-Trainer Ambassador Programme, which trains local community members drawn from libraries, local councils, and civil society organizations to conduct cyber awareness sessions within their own networks.
To date, the Sarawak Multimedia Authority has successfully trained sixty-five ambassadors across Sarawak, creating a sustainable, community-driven model for disseminating cybersecurity best practices.
Educational content covers fundamental topics such as creating strong passwords, enabling two-factor authentication, keeping software systems updated, and exercising caution when using public networks, thereby empowering individuals to become active participants in their own digital safety.
The third pillar, Stay Secure, is dedicated to assessing and strengthening the cybersecurity posture of Critical Information Infrastructure, which includes government agencies, statutory bodies, and government-linked companies responsible for delivering essential services to the public.
Through comprehensive cybersecurity assessments, the Sarawak Multimedia Authority has evaluated forty-seven agencies under this initiative, identifying vulnerabilities and recommending targeted improvements to enhance system resilience.
This proactive approach ensures that the digital backbone supporting Sarawak’s economy and public services remains robust against evolving threats, thereby safeguarding continuity of operations and maintaining public trust in digital government services.
By focusing on institutional capacity alongside individual awareness, Stay Secure reinforces the understanding that cybersecurity is a shared responsibility requiring coordinated action across all levels of society.
CyberSarawak’s design reflects lessons learned from similar initiatives implemented across the globe, demonstrating how regional cybersecurity strategies can draw upon international best practices while remaining responsive to local contexts.
Singapore’s SG Cyber Safe Programme, managed by the Cyber Security Agency of Singapore, offers a particularly relevant comparative model, as it similarly emphasizes public-private partnerships and community outreach to raise cybersecurity awareness among businesses and citizens.
The SG Cyber Safe Partnership Programme galvanizes a “multiplier effect” by enabling partner organizations to develop training content, products, services, and outreach programmes that encourage the adoption of good cybersecurity practices.
Partners are classified as either Advocate or Member organizations, with Advocates engaging in deeper collaborations on community outreach initiatives, a structure that mirrors CyberSarawak’s emphasis on training local ambassadors to extend the reach of awareness campaigns.
This partnership model has proven effective in Singapore, where targeted campaigns addressing specific demographics, such as seniors and students, have helped embed cybersecurity considerations into everyday digital behaviours.
In the United Kingdom, the National Cyber Security Centre has implemented the Cyber Aware campaign, a public-facing initiative designed to help individuals and small businesses adopt fundamental cybersecurity practices such as using strong passwords, enabling two-factor authentication, and maintaining regular software updates.
The campaign has reached millions of citizens through accessible messaging and practical guidance, with reporting services used extensively to assist those experiencing cyber incidents.
Awareness of the Cyber Aware campaign stands at significant levels among UK businesses and charities, indicating both the reach of the initiative and the ongoing need for expanded outreach efforts.
The National Cyber Security Centre’s approach, which combines public education with technical support for public sector organizations, offers valuable insights for CyberSarawak as it seeks to balance broad awareness-raising with targeted assistance for critical infrastructure providers.
Australia’s approach to cybersecurity awareness, coordinated through the Australian Cyber Security Centre, similarly emphasizes community engagement and support for vulnerable populations.
The Australian Cyber Security Centre has committed close to seven million Australian dollars in funding to uplift cybersecurity awareness among some of Australia’s most vulnerable citizens, recognizing that digital inclusion must be accompanied by digital safety measures.
This focus on equity aligns closely with CyberSarawak’s commitment to reaching underserved communities through its Train-the-Trainer Ambassador Programme, ensuring that cybersecurity education does not inadvertently exclude those who may benefit most from enhanced digital literacy.
The Australian Cyber Security Centre’s comprehensive online platform provides easy-to-follow resources tailored to diverse audiences, including non-English speaking communities, a practice that CyberSarawak could adapt to Sarawak’s multilingual context to maximize accessibility and impact.
At the European level, the European Union Agency for Cybersecurity coordinates the European Cybersecurity Month, an annual campaign held every October that promotes cybersecurity awareness among citizens, organizations, and businesses across member states.
The European Cybersecurity Month has evolved significantly since its inception, with participation expanding to twenty-six countries in the 2021 campaign and continuing to grow in subsequent years.
The campaign’s emphasis on coordinated messaging, resource sharing, and cross-border collaboration offers a model for how regional initiatives like CyberSarawak might engage with national and international frameworks to amplify their impact.
Deployment reports highlight the importance of evaluating campaign effectiveness through participant feedback and data collection, a practice that CyberSarawak has already begun to adopt through its incident reporting portal and ambassador training assessments.
The implementation of CyberSarawak reflects a broader strategic vision articulated in the Sarawak Digital Economy Blueprint 2030, which envisions the state as a leading digital economy and society by the end of the decade.
This blueprint emphasizes that digital transformation must be underpinned by strong governance, inclusive access, and resilient infrastructure, with cybersecurity serving as a cross-cutting enabler for all other strategic priorities.
CyberSarawak operationalizes this vision by embedding security considerations into the fabric of Sarawak’s digital development agenda, ensuring that innovation and growth proceed hand-in-hand with risk management and public protection.
The initiative also aligns with global best practices in cybersecurity governance, which increasingly advocate for multi-stakeholder collaboration, continuous learning, and adaptive policy frameworks capable of responding to rapidly evolving threat landscapes.
Public engagement has been a central feature of CyberSarawak’s rollout, with the Sarawak Multimedia Authority organizing community events such as the Cyber Security Awareness Run held at Padang Merdeka in December 2024, which attracted approximately two thousand participants.
Such events serve dual purposes: raising visibility for cybersecurity issues in an accessible, non-technical format, and fostering a sense of collective ownership over digital safety among Sarawakians.
The authority has also encouraged citizens to report cyber threats via the official CyberSarawak portal, reinforcing the message that vigilance and timely reporting are critical components of an effective defence strategy.
Furthermore, the authority conducts workshops and collaborative sessions with critical agencies to reinforce the principle that cybersecurity is not solely a technical challenge but a shared societal responsibility requiring ongoing dialogue and partnership.
Looking ahead, CyberSarawak is designed to evolve in response to emerging technologies and threat vectors, with additional projects planned for 2025 and beyond to further enhance Sarawak’s cybersecurity capabilities.
Potential areas of expansion include advanced threat intelligence sharing mechanisms, specialized training programmes for cybersecurity professionals, and the integration of artificial intelligence and machine learning tools to improve threat detection and response times.
The initiative also holds promise for fostering local innovation in cybersecurity solutions, potentially creating opportunities for Sarawak-based startups and research institutions to contribute to the state’s digital resilience while generating economic value.
By positioning cybersecurity as both a protective measure and an engine for innovation, CyberSarawak seeks to transform a perceived vulnerability into a strategic advantage for Sarawak’s digital economy.
The significance of CyberSarawak extends beyond Sarawak’s borders, offering valuable insights for other regions navigating the complex interplay between digital transformation and security.
Its emphasis on community-based awareness, institutional capacity building, and centralized incident reporting provides a replicable model for jurisdictions seeking to balance openness with protection in the digital age.
Moreover, the initiative demonstrates how subnational governments can take proactive leadership in cybersecurity governance, complementing national frameworks with context-specific strategies that address local needs and priorities.
As cyber threats continue to transcend geographical boundaries, such localized yet interconnected approaches will be essential for building a globally resilient digital ecosystem.
Comparative analysis of initiatives in Singapore, the United Kingdom, Australia, and the European Union reveals common success factors: sustained public messaging, targeted support for vulnerable groups, strong public-private partnerships, and mechanisms for continuous evaluation and adaptation.
CyberSarawak’s alignment with these principles positions it well to achieve meaningful impact while contributing to the broader global effort to enhance cybersecurity resilience.
CyberSarawak represents a forward-looking and holistic approach to cybersecurity that aligns with Sarawak’s ambitious digital economy aspirations.
By integrating immediate protective measures, sustained public education, and institutional strengthening under a unified framework, the initiative addresses the multifaceted nature of cyber risk while empowering citizens, businesses, and government agencies to participate confidently in the digital economy.
As emphasized during the launch, Sarawak’s digital future depends not only on technological infrastructure but on the trust and security that enable meaningful participation by all.
Through continued investment, collaboration, and adaptation, CyberSarawak has the potential to become a cornerstone of Sarawak’s journey toward becoming a leading, inclusive, and resilient digital society by 2030, while offering valuable lessons for cybersecurity initiatives worldwide.
References
Australian Cyber Security Centre. (n.d.). Homepage. https://www.cyber.gov.au
Bernama. (2024, October 16). Abang Johari launches CyberSarawak. https://bernama.com/en/news.php?id=2352457
Cyber Security Agency of Singapore. (n.d.). SG Cyber Safe Partnership. https://www.csa.gov.sg/our-programmes/support-for-enterprises/sg-cyber-safe-programme/sg-cybersafe-partnership/
Department for Science, Innovation and Technology. (2023). National Cyber Strategy 2022: Annual Progress Report 2022-2023. https://assets.publishing.service.gov.uk/media/64e60e4b1ff6f3000d70ae7c/14.283_CO_National_Cyber_Strategy_Progress_Report_Web_v3.pdf
Department of Home Affairs. (2024, December 2). Vulnerable Australians receive Cyber Security Awareness. https://www.homeaffairs.gov.au/news-media/archive/article?itemId=1267
European Union Agency for Cybersecurity. (2021). European Cybersecurity Month 2021: Deployment Report. https://www.enisa.europa.eu/sites/default/files/publications/ENISA%20ECSM%20Deployment%20Report%202021.pdf
European Union Agency for Cybersecurity. (2022). ECSM 2022 Campaign Report. https://www.enisa.europa.eu/sites/default/files/publications/ECSM_2022_CampaignReport.pdf
European Union Agency for Cybersecurity. (n.d.). European Cybersecurity Month. https://www.enisa.europa.eu/topics/european-cybersecurity-month
Government of the United Kingdom. (2025). Cyber security breaches survey 2025. https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2025/cyber-security-breaches-survey-2025
National Cyber Security Centre. (n.d.). Cyber security advice for public sector organisations. https://www.ncsc.gov.uk/section/advice-guidance/public-sector
Premier Department Sarawak. (2024, December 1). Community called on to support CyberSarawak in tackling cyber threats. https://premierdept.sarawak.gov.my/web/subpage/news_view/10029
Sarawak Digital Economy Corporation. (2023). Sarawak Digital Economy Blueprint 2030. https://www.scope.net.my/wp-content/uploads/2023/11/SDE-Blueprint-2030-Book.pdf
Sarawak Multimedia Authority. (n.d.). About CyberSarawak: Overview. CyberSarawak Official Portal. https://www.cybersarawak.gov.my/web/about_us/overview/
Sarawak Tribune. (2024, December 1). SMA launches CyberSarawak to combat cyber threats. https://www.sarawaktribune.com/sma-launches-cybersarawak-to-combat-cyber-threats/
