Data breach on the critical information infrastructures: Lessons from the Wikileaks

The recent massive critical data leaks by Wikileaks suggest how fragile national security is from the perspective of information system and network sustainability. This incident raises some causes of concern. Firstly, critical infrastructure such as military and diplomatic systems is not spared from security breach. Secondly, such leak causes far-reaching damage to public interests, national security and economic sustainability. And thirdly, both technology and law seem incapable of dealing with such situation. Malaysia is not spared from the risk of information security attacks. Its ten critical sectors as identified in its National Cyber Security Policy (NCSP) -national defence and security; banking and finance; information and communications; energy, transport and water; government, emergency and medical services; as well as food and agriculture-can at any time fall victim to security breaches and data leaks if efforts to protect their system are flawed. The objective this paper is to outline the problems and challenges from the points of legal framework that Malaysia should anticipate and address in maintaining and sustaining its national CII. The paper first look at the problem of data breaches in the world and examine how as the technology becomes more superior, the cyber-world becomes more vulnerable to data breaches. Tied to that is the notion of critical information infrastructure (CIIs). As more and more of these CIIs are connected and dependent on connectivity, the normal incidence of data breach can be a potential of human loss and catastrophe. The paper next look at the concept of critical information security in Malaysia and examine the seriousness of data breaches in Malaysia. The paper seeks to explore legal options that Malaysia can adopt in preparing itself to more data breaches onslaught. It is the basic contention of the paper that the traditional legal framework should be reformed in line with the advances of the information and communications - echnologies.