Bursa Malaysia Berhad, in collaboration with Malaysia’s stockbroking industry, today unveiled a series of cyber resilience enhancements aimed at strengthening the integrity and stability of the securities market.
The measures, detailed in a newly issued Recommendation Paper, form part of a coordinated industry response to the unauthorised trades incident that occurred in April 2025.
The paper was developed by an industry working group formed in June 2025, comprising representatives from both bank-backed and non-bank brokers as well as cybersecurity experts, and chaired by Julian M. Hashim, Bursa Malaysia’s Chief Regulatory Officer.
Bursa Malaysia Chief Executive Officer Dato’ Fad’l Mohamed said the initiative underscores the industry’s collective commitment to investor protection and market confidence.
“These enhancements represent the industry’s commitment to every investor that cybersecurity safeguards are taken seriously. We are taking active steps to fortify the marketplace so investors can trade with confidence,” he said.
The enhancements, reviewed by independent experts, will be incorporated into Bursa’s IT Security Standards (ITSS) and aligned with regulatory frameworks such as the Securities Commission’s Guidelines on Technology Risk Management (GTRM) and Bank Negara Malaysia’s Risk Management in Technology (RMiT).
The framework outlines nine key cybersecurity pillars, covering areas such as access control, threat detection, patch management, recovery planning, incident management, and oversight of third-party technology providers.
Implementation will follow a phased approach:
- Standards related to recovery planning and incident management must achieve full compliance within three months, and
- System and infrastructure-related standards are to be fully implemented by 31 December 2026.
Bursa Malaysia said the comprehensive framework is designed to be scalable and actionable, enabling all brokers — regardless of size — to adopt meaningful cybersecurity practices that strengthen the resilience of Malaysia’s capital market ecosystem.
