Over the past few years, digital life has quietly embedded itself into the everyday rhythms of Sarawakian society. From mobile payments to e-learning, from smart farming tools to online government services, the state is seeing a rapid surge in digital adoption fuelled by a structured and ambitious state agenda.
Since the launch of the Sarawak Digital Economy Strategy 2018–2022, the Sarawak government has placed digital transformation at the heart of its mission to become a high-income, developed economy by 2030. That momentum continues under the broader Sarawak Digital Economy Blueprint 2030, part of the Post COVID-19 Development Strategy (PCDS) 2030, with a focus on infrastructure, innovation, talent, and inclusion.
At the core of this digital surge are several key drivers:
- A multi-billion-ringgit investment in digital infrastructure, including towers and fibre optics, to deliver connectivity across urban and rural landscapes.
- Strategic development of digital talent through institutions like CENTEXS Digital Academy and the Integrated Talent Development Agency.
- State-backed promotion of technologies such as AI, IoT, blockchain, and big data to enhance public services and key industries like agriculture and manufacturing.
- Programs to support digital inclusivity like smart classrooms in remote schools and secure online public services and mobile-first government platforms.
This collective transformation is not only reshaping how people go through their daily lives while blurring the lines between the physical and digital realms. Sarawak is becoming a more connected, data-driven, and innovation-ready society.
But as this digital lifestyle becomes the new normal, an uncomfortable question arises: Are we secure in this shift?
The more we live, transact, and govern online, the more we expose ourselves to new kinds of risks, such as data breaches and cyber scams to infrastructure vulnerabilities and digital illiteracy.
This article explores how cybersecurity intersects with everyday digital life, highlighting not only the threats and gaps, but also the opportunities to build digital trust, resilience, and safety as a foundation for Sarawak’s digital future.
The Expanding Digital Lifestyle: Opportunities and Vulnerabilities
Sarawak’s digital transformation has reshaped everyday life across the state. Whether paying for meals, reporting public service issues, managing farms, or attending classes, more and more daily interactions now rely on digital platforms that are mostly developed locally and tailored for Sarawak’s unique needs.
Opportunities: A Digitally Empowered Society in the Making
From government services to industry, Sarawak’s growing digital lifestyle is powered by innovation and policy support:
- Cashless Transactions and e-Wallet Use
The state-backed S Pay Global has emerged as a core digital platform, facilitating secure and seamless cashless payments. Integrated with both public services and private businesses, the platform has helped popularise digital financial transactions even in rural areas.
Digital tools are enabling more responsive and transparent government. An example is an AI-powered mobile application for pothole monitoring, which uses community reporting and automation to support road maintenance, a locally developed innovation that illustrates Sarawak’s shift toward participatory, data-informed public service.
- SME Digitalisation and 5G Integration
Partnerships such as those between the Sarawak Digital Economy Corporation (SDEC) and telecom providers (e.g., U Mobile) are helping small businesses leverage digital tools, cloud platforms, and even early-stage 5G to expand e-commerce and digital operations across both urban and rural districts.
- Agriculture and Industry Innovation
Emerging technologies like AI and Internet of Things (IoT) are helping modernise farming, manufacturing, and logistics. These are piloted through open innovation platforms that support smarter, more sustainable operations.
- Digital Education and Workforce Transformation
In classrooms and training centres, digital tools are equipping Sarawakians with future-ready skills. From smart classrooms to online learning platforms, education is increasingly aligned with the digital economy’s demands.
Together, these developments have laid the groundwork for a more connected, productive, and inclusive society. However, with opportunity comes risk.
Vulnerabilities: Security Gaps in a Growing Digital World
As digital dependence grows, so do the risks—some of which have already begun to surface in Sarawak:
- A Surge in Cybercrime
In 2024 alone, over 2,000 cyber fraud cases were reported in Sarawak, resulting in losses exceeding RM36 million. Common victims include pensioners, students, and women, groups that often lack advanced digital security awareness.
- Systemic Vulnerabilities in Interconnected Platforms
With multiple sectors linked through shared platforms and data systems, a single breach can now ripple across healthcare, public administration, finance, or logistics, amplifying the impact of cyber attacks.
- Data Privacy and Digital Identity Risks
The increasing collection and exchange of personal and organisational data creates heightened risk if not properly regulated and secured. Issues around data protection, consent, and digital identity management are becoming more urgent.
- Capacity Gaps in Cybersecurity Infrastructure and Talent
Sarawak has acknowledged its need for stronger defences. Through initiatives like CyberSarawak and the formation of a dedicated Cyber Security Unit, the state is working to build advanced detection systems, analytics capacity, and a skilled cybersecurity workforce, but the gap remains significant.
- Regulatory and Enforcement Challenges
Cybersecurity threats often outpace policy. Calls are growing for stricter laws, coordinated federal-state enforcement, and higher penalties to deter data breaches and cybercrime.
- Cloud Vulnerabilities
With more government and business operations moving to the cloud, cloud security becomes a critical issue. Misconfigured servers or weak access controls can expose sensitive data and undermine public trust.
In short, the digital lifestyle has opened new doors for Sarawakians, but it also opens new windows for threats. As the state embraces innovation, the next crucial step is ensuring that security, trust, and digital safety keep pace.
The Cybersecurity Gap in a Growing Digital State
While Sarawak’s digital economy has surged ahead to bring connectivity, convenience, and opportunity to every corner of the state, its cybersecurity readiness has had to play catch-up. The gap is not due to inaction, but rather the sheer scale and complexity of safeguarding an expanding digital ecosystem that is still rapidly evolving.
Growing Faster Than It Can Be Secured
Several key challenges explain why cybersecurity has not grown in step with digital expansion:
- An Emerging but Still-Forming Cybersecurity Ecosystem
Sarawak only recently established a dedicated Cyber Security Unit (CSU) under the Sarawak Multimedia Authority (SMA) and launched the CyberSarawak initiative in 2024. These bodies are actively building out their capabilities, but are still in early phases of scaling infrastructure, operational reach, and policy frameworks to meet growing needs.
- A Complex and Expanding Digital Landscape
Sarawak’s aggressive rollout of towers, fibre optics, cloud services, and smart systems across both rural and urban zones has exponentially increased its digital “attack surface.” The diversity and interconnection of these systems make security planning highly complex. Advanced technologies like AI-powered threat detection are only now being deployed through partnerships such as that between SAINS and Bluesify.
- Shortage of Skilled Cybersecurity Talent
Although digital talent development is a government priority, the supply of trained cybersecurity professionals remains limited. Building a capable workforce requires sustained investment in digital education, technical certifications, career pathways, and public-private partnerships, which take time to mature.
- Ongoing Policy and Regulatory Development
Sarawak is currently aligning its cybersecurity laws and policies with federal efforts, including Malaysia’s Cyber Security Act 2024. Developing comprehensive governance frameworks such as ISO/IEC 27001-aligned standards and coordinating implementation across agencies and sectors remain ongoing challenges.
- Building a Culture of Security and Awareness
Perhaps the most fundamental challenge lies in cultivating a cybersecurity-aware society. Digital threats are no longer just technical issues; they require vigilance and literacy from all users. Embedding this culture across households, schools, businesses, and public agencies is a long-term process.
Local Responses: Strengthening the Defence
Despite these gaps, Sarawak is actively laying the foundation for a resilient cybersecurity landscape. Its main efforts are consolidated under the CyberSarawak initiative, launched by the SMA in 2024, and the Cyber Security Unit (CSU), formed the year prior. Together, they are leading a multi-pronged response:
- Cyber Security Unit (CSU)
Tasked with policy-making, capacity building, compliance support, and incident response, the CSU acts as a central authority for cybersecurity in Sarawak. It works with government agencies, critical infrastructure providers, businesses, and the public to assess cyber risks and strengthen defences. The unit plays a pivotal role in protecting essential services such as energy, healthcare, and data infrastructure.
The initiative runs three interconnected pillars:
- Stay Safe: A centralised incident reporting platform for both public and private sector users.
- Stay Smart: Community-focused awareness campaigns that educate citizens (especially underserved populations) on recognising scams and online threats.
- Stay Secure: A system-wide effort to assess and harden critical infrastructure, particularly in government and essential services.
- Promoting Cybersecurity Education and Culture
Engagements with stakeholders, targeted briefings, and public campaigns aim to normalise cybersecurity practices among everyday users. For example, initiatives such as “Click Wisely” by Metadise Academy and cybersecurity-themed community runs provide informal yet impactful outreach to promote safe digital habits.
- Developing Frameworks and Ethical Standards
Sarawak is currently rolling out a Cyber Security Framework to guide governance, compliance, and coordination. This includes alignment with national and international standards, and reflects broader ambitions like the integration of ethical AI governance within digital services.
- Fostering Collaboration and Innovation
The CSU works closely with tech companies, universities, and government partners to foster innovation in threat detection, big data governance, and security research. These collaborations are key to adapting quickly to emerging threats.
In essence, Sarawak is continuing to build its cybersecurity measures to match the ambitions of its digital future. But the gap remains a real and present challenge, requiring sustained effort, public cooperation, and strategic focus.
National and Global Case Studies of Cybersecurity Measures to Learn From
Sarawak is not alone in navigating the tension between digital growth and cybersecurity resilience. Across the globe and within Malaysia, governments are constantly testing, refining, and institutionalising different models to secure digital infrastructure, protect data, and respond to threats. These examples offer valuable insight into how Sarawak can strengthen its own digital defences while continuing to innovate.
Malaysia: Strengthening National-Level Cyber Defence
At the national level, Malaysia has taken bold steps to tighten cybersecurity frameworks and elevate threat preparedness:
A cornerstone legal reform, the Act introduces mandatory annual risk assessments, audits, and rapid reporting protocols for operators of National Critical Information Infrastructure (NCII). It empowers the National Cyber Coordination and Command Centre System (NC4S) to coordinate real-time responses and enforce higher standards across critical sectors.
This relevantly launched strategic blueprint promotes sector-wide resilience, awareness, and intelligence capabilities, while supporting mandatory breach notifications and stronger public-private partnerships. It sets national priorities for long-term cybersecurity capacity building.
- High Budget Allocations and Innovation Support
The federal budget for 2025 allocates RM421 billion toward digital security, funding research, infrastructure, workforce development, and emerging technology like AI-powered threat detection. Key projects include partnerships with the Malaysian Cryptology Technology and Management Centre and development of security operations centres nationwide.
- Effective Industry Collaboration
Partnerships with firms such as Sangfor enable the deployment of 24/7 managed detection and response (MDR) tools, enhancing security across ministries and educational institutions.
These efforts form a strong federal foundation Sarawak can align with and localise through its own strategies.
Singapore: Operational Excellence in Cyber Governance
Singapore is widely seen as a global leader in public-sector cybersecurity:
- The Government Cybersecurity Operations Centre (GCSOC), run by GovTech, offers centralised monitoring and rapid-response capabilities across all government smart systems and networks.
- The Cyber Security Agency (CSA) promotes rigorous standards through its Cyber Trust mark, which now includes AI, operational technology (OT), and cloud security frameworks.
- Initiatives like the SG Cyber Safe Programme and the Counter Ransomware Task Force (CRTF) drive community resilience and coordinated policy action.
- Through GovTech Digital Academy, the country invests heavily in cybersecurity education for public officers, ensuring that capacity building keeps pace with threat evolution.
Indonesia: Legal and Institutional Reform Under Pressure
Indonesia offers a case of rapid legislative and institutional reform driven by real-world cyber threats:
- The Cyber Security and Resilience Bill (RUU KKS), still under development, aims to formalise governance, strengthen the National Cyber and Crypto Agency (BSSN), and improve protection for vital infrastructure like education, immigration, and data centres.
- Following a ransomware attack in 2024 that affected over 280 government institutions, the bill mandates cross-agency coordination, enhanced leadership appointments, and private-sector partnerships with firms like Cisco to develop cybersecurity infrastructure and AI capabilities.
- Events like IndoSec 2025 promote ongoing knowledge exchange and foster collaboration across sectors, reflecting a national commitment to proactive reform.
European Union: Cross-Border Crisis Readiness
In 2025, the EU adopted a landmark Cybersecurity Blueprint, a model of integrated crisis management for digital threats affecting critical infrastructure and cross-border systems:
- The Blueprint outlines a five-stage crisis lifecycle (Detection, Analysis, Escalation, Response, Recovery) with clear escalation rules and coordinated communication among Member States.
- It integrates seamlessly with new legislation like the NIS2 Directive and is supported by institutions such as ENISA and EU-CyCLONe for training, simulation exercises, and crisis coordination.
- The EU Cyber Solidarity Act, in effect since February 2025, introduces an AI-driven alert system and Cyber Emergency Mechanism, ensuring mutual assistance and preparedness across the bloc.
These frameworks demonstrate how federated governance models can still achieve coherence in managing transnational cyber threats.
Finland: Whole-of-Society Cyber Resilience
Finland exemplifies the integration of cybersecurity into national security and everyday life:
- Its Cybersecurity Act of 2025, fully aligned with the EU’s NIS2 Directive, mandates risk management and reporting across all critical sectors.
- The Cyber Security Strategy 2024–2035 reflects a comprehensive security doctrine, embedding cybersecurity into education, crisis response, and quantum-safe cryptographic solutions.
- Citizens are treated as key stakeholders in resilience-building, with continuous campaigns to raise public cyber competence and encourage secure behaviour.
Lessons for Sarawak
These case studies show that cybersecurity excellence is not achieved overnight. Creating and maintaining a robust cybersecurity system across the board requires strong institutions, collaborative ecosystems, robust legal frameworks, and public awareness. Whether through Singapore’s operations centres, Finland’s community-focused resilience, or the EU’s legal coordination, a common thread emerges: cybersecurity must be embedded across all levels of society and governance, not bolted on as an afterthought.
Sarawak’s efforts through CyberSarawak and the Cyber Security Unit are a promising start. By adapting best practices to its local context and scaling capacity in a phased, inclusive manner, Sarawak can build a future-ready cybersecurity ecosystem to match its digital ambition.
Cybersecurity: What More Needs To Be Done?
While Sarawak’s digital ambitions have ushered in progress across various sectors, cybersecurity experts caution that defensive capabilities must evolve in tandem. Their insights underscore the importance of strengthening institutional frameworks, expanding local capacity, and fostering proactive digital citizenship.
1. Enhancing Cybersecurity Governance and Coordination
There is a need for stronger collaboration between Sarawak-specific entities like the Sarawak Multimedia Authority (SMA) and national bodies such as Malaysia’s National Cyber Security Agency (NACSA). Such coordination can improve threat response times, harmonise policy implementation, and ensure that cybersecurity is integrated across all layers of governance and service delivery.
2. Developing Tailored, Holistic Cybersecurity Strategies
Rather than relying solely on generic defences, Sarawak’s organisations must adopt bespoke cybersecurity plans that address sector-specific risks and local infrastructural nuances. Entities like SAINS already offer tailored services to help businesses and government units implement frameworks for threat intelligence, risk mitigation, and organisational resilience.
3. Building Talent and Expertise
The shortage of skilled cybersecurity professionals remains a pressing concern. To address this, stakeholders recommend expanding educational pathways such as cybersecurity-focused degree programmes and training modules, and encouraging participation in cyber competitions and simulations. These initiatives not only develop local expertise but also create a talent pipeline attuned to Sarawak’s needs.
4. Raising Public Awareness and Cyber Hygiene
A digitally secure society begins with informed individuals. Experts advocate for broader awareness efforts targeting diverse segments of the population, from school children to rural entrepreneurs. Campaigns under initiatives like CyberSarawak’s “Stay Safe, Stay Smart” should be scaled up to reach vulnerable communities and improve their defences against phishing, scams, and social engineering.
5. Embracing Advanced Technology Solutions
With threats becoming more sophisticated, conventional cybersecurity tools are no longer sufficient. Experts recommend wider adoption of next-generation solutions, including AI-powered threat detection systems, zero-trust architecture, and managed detection and response (MDR) services. These offer real-time, predictive protection against increasingly complex attacks.
6. Enforcing Regular Audits and Compliance
To maintain a high-security baseline, regular cybersecurity audits and adherence to international standards such as ISO/IEC 27001 are essential. Mandatory incident reporting can also help identify and plug systemic vulnerabilities early, while reinforcing accountability within organisations.
7. Protecting Critical Infrastructure
Industries such as energy, healthcare, finance, and public utilities are particularly vulnerable to cyberattacks. Experts stress the importance of risk assessments, continuous penetration testing, and real-time network monitoring. Public-private collaborations and third-party security consultations are necessary to secure Sarawak’s vital information infrastructure.
8. Regional and Global Engagement
Cybersecurity is a shared global challenge. Sarawak’s participation in national and international events such as Cyber Security Asia and CyberSecMalaysia helps keep its institutions aligned with global best practices, facilitates partnerships, and provides platforms for ongoing learning and benchmarking.
Empowering the User: A Safer Digital Life
Technology alone cannot guarantee safety in the digital age. Individual responsibility plays a central role. Fortunately, cybersecurity experts offer practical steps that all users can take to safeguard their digital lives:
- Use Strong, Unique Passwords: Combine uppercase and lowercase letters, numbers, and special characters. Avoid reusing passwords and consider using a password manager.
- Enable Multi-Factor Authentication (MFA): Add a second layer of verification to your accounts for enhanced protection.
- Keep Devices and Software Updated: Updates fix known vulnerabilities and enhance security.
- Be Cautious with Links and Attachments: Always verify sources before clicking or downloading.
- Secure Your Wi-Fi: Use WPA3 encryption, strong passwords, and change default router settings.
- Avoid Public Wi-Fi Risks: Don’t access sensitive information over unsecured networks; use a trusted VPN if needed.
- Back Up Your Data Regularly: Store copies of important files in secure cloud storage or on physical drives. Make backups of your backups for good measure.
- Lock Your Devices: Use PINs, biometrics, and enable remote wipe capabilities for lost or stolen gadgets.
- Manage Social Media Privacy: Adjust settings to control who sees your content and be mindful of what you share.
- Use Antivirus and Firewalls: Install and maintain reliable security software.
- Monitor Accounts and Activity: Set up account alerts and check for suspicious transactions.
- Stay Informed: Cyber threats evolve. So should your knowledge and precautions.
Conclusion: Strengthening Trust in Sarawak’s Digital Future
As Sarawak accelerates its journey toward a digital economy, the rapid integration of digital platforms into everyday life has brought both remarkable benefits and rising vulnerabilities. But with that transformation comes a clear warning: the digital landscape is only as strong as its security.
Cybersecurity can no longer be treated as a background concern. It must become a shared priority that is integrated into government strategies, business plans, and the daily habits of ordinary users. Expert recommendations point to the need for more structured governance, coordinated talent development, and the adoption of advanced technologies. At the same time, every user regardless of their status has a role to play in protecting themselves and their communities online.
Sarawak’s ability to build a trustworthy, inclusive, and resilient digital environment will determine how confidently its people and businesses can participate in a connected future. By treating cybersecurity as both a technical and social responsibility, the state can lay a strong foundation for a safer, smarter, and more sustainable digital Sarawak.
References:
- Digital connectivity for whole of Sarawak by 2025, says Abang Johari
- In Sarawak, technology transforms farming, schools, and daily life
- DigitalNEXUS 2025 marks milestone in Sarawak’s tech transformation, says Premier
- Sarawak charts bold path to digital future with education-led innovation
- Sarawak Digital Economy Corporation, Kintone team up to boost digital adoption among Malaysia’s SMEs
- [PDF] DIGITAL SARAWAK: Harnessing Digitalisation for Sustainable Development
- Sabah, Sarawak fast emerging as key digital infra hubs
- Empowering SMEs for Digital Readiness
- U Mobile collaborates with SDEC to advance digital transformation in Sarawak
- Community must step up to tackle cyber crime, drug abuse, says Kota Samarahan MP
- Sarawak’s digitalisation: A foundation of cybersecurity and resilient infrastructure
- About CyberSarawak
- Sarawak Government Committed To Tackling Cyber Threats
- What is cloud security? — Microsoft Security
- SAINS, Bluesify collaborate to strengthen Sarawak’s cybersecurity infrastructure
- SMA Coming Up with Own Guidelines to Enhance Cyber Security, Says General Manager
- Malaysia’s Cybersecurity Priorities and SISA’s Role as a NACSA-Licensed Partner (Cyber Security Act 2025 (Act 854))
- Malaysia is serious about cybersecurity, says DPM Zahid at the opening of CYDES 2025
- Malaysia’s AI And Cybersecurity Investments To Drive Digital Economy Growth
- Cybersecurity in Malaysia: AI Investments on the Rise
- Cybersecurity Capabilities
- Singapore’s Cyber Trust mark: Expansion and growing international adoption
- Cybersecurity Initiatives – SPF – Singapore Police Force
- Indonesia’s Cyber Security and Resilience Bill: Strengthening Governance or Expanding Institutional Rivalries?
- Indonesia’s National Data Centre Ransomware Attack
- IndoSec 2025 | Indonesia #1 Cybersecurity Event & Summit
- Cisco announces strategic initiatives to advance AI and cybersecurity in Indonesia
- EU adopts blueprint to better manage European cyber crises and incidents
- EU Cyber Solidarity Act | Shaping Europe’s digital future
- Cybersecurity Act passed by Parliament, obligations under the NIS 2 Directive enter into force 8 April 2025
- [PDF] Implementation plan for Finland’s Cyber Security Strategy 2024-2035
- Cybersecurity Services – SAINS – Digital Partner for Life
- Cybersecurity Best Practices for Individuals – Bitdefender
