- Agencies must move faster on visibility, patching and incident response
- A nationwide shift to remote work raises new cybersecurity risks across government networks
200,000 civil servants have begun working from home three days a week. It is the largest public sector shift to remote work since the pandemic, covering ministries, government agencies, statutory bodies and government-linked companies.
The early signs are good. Citizens at Urban Transformation Centres reported services running smoothly on day one. But behind the scenes, a quieter story is unfolding: 200,000 government work laptops have just left the safety of the office network and are now sitting on home Wi-Fi, next to family smart TVs and unsecured printers. For criminals who make their living breaking into computer systems, that is an opportune moment.
A risk that grew the moment people walked out the door
Malaysia’s online environment is already under pressure. CyberSecurity Malaysia recorded a 38% jump in data breach incidents in just one quarter of 2025. International criminal groups such as RansomHub, Qilin and Lynx are actively targeting the region.
A government laptop on a home network is very different from one in a secure ministry building. At home, the device sits outside the government’s protective firewall and intrusion detection systems, making malicious activity harder to spot and contain. Software updates get put off because the family is watching Netflix. And if even one laptop is compromised, attackers can use it as a doorway into the wider government system – and from there, to the personal information of millions of Malaysians who interact with public services every day.
Five things that need to happen now
1. Know where every government laptop is, at every moment. You cannot protect what you cannot see. Many agencies still rely on device lists that are updated once a week or once a month – far too slow when laptops are constantly moving between coffee shops, schools and homes. Every department head should be able to answer four basic questions in under a minute: how many laptops do we have, where are they, who is using them, and are they safe?
2. Fix the weak spots before criminals find them. When software companies discover a flaw in their products, they release a fix. On average, criminals figure out how to exploit that same flaw within 40 to 60 days. Agencies that wait for the next quarterly maintenance window are giving attackers a head start of weeks. The fixes need to be installed automatically, the same day they are released, on every laptop – wherever in the country it happens to be.
3. Get the people who fix laptops and the people who protect them to talk to each other. In too many agencies, these are two separate teams using two separate systems, often discovering during a crisis that they are looking at completely different information. Bringing them onto one shared view of every device closes the gaps that criminals exploit, and shortens the response from days to minutes when something goes wrong.
4. Plan for the bad day before it happens. With 200,000 laptops spread across the country, the question is no longer whether something will go wrong but how quickly it can be contained. Every agency should rehearse this month: if a civil servant in Kajang clicks the wrong link tonight, can the team shut down that laptop, work out what the attacker touched, and restore the device – all without anyone having to leave their own home at midnight?
5. Let the machines handle the repetitive work. Government technology teams are already stretched thin, and a remote workforce multiplies their workload. The agencies that cope best will be those that let smart, automated tools handle repetitive tasks, from checking devices and installing updates to deploying software – so that skilled staff can focus on the judgement calls only humans can make. Governments around the world are already heading this way. Malaysia’s civil service has the chance to leap ahead.
The work-from-home directive is, at its heart, a sensible response to a difficult moment. It will only succeed if public trust holds. Malaysians noticed when their counter services kept running on day one. They will notice far more sharply if their personal information turns up on a criminal leak site three months from now. The window to get this right is open. It will not stay open for long.
James Greenwood is AVP, Solution Engineering – APAC at Tanium
Related Articles
Keyword(s) :