Myanmar’s Cyber Security Policy 2023

March 2023

View the original document

Strategies and Action Plans

Author: Department of Information Technology and Cyber Security under the Ministry of Transport and Communications

Myanmar’s Cyber Security Policy 2023, published on 29 March 2023, by the Department of Information Technology and Cyber Security under the Ministry of Transport and Communications (MoTC), outlines a strategic framework for managing the nation’s cyber and digital security over a five-year period, extending to 2028.

Objectives and vision

The policy’s primary objective is to establish a stable and robust cyber environment to ensure the safety and security of Myanmar’s digital realm. This involves enacting comprehensive cyber and digital security legislation, which is a top priority in the policy’s agenda.

Key Components

  1. Legislative framework: The policy emphasises the necessity of enacting cyber and digital security laws to provide a legal foundation for cybersecurity measures. This includes drafting a comprehensive cybersecurity law to establish control over cybersecurity and protect personal information.
  2. Institutional structures: The formation of the Cyber Security Central Committee and Steering Committee is proposed to oversee and implement cybersecurity initiatives. These bodies are responsible for coordinating efforts across various sectors to enhance cyber resilience.
  3. Protection of critical information infrastructure: Safeguarding critical information infrastructure is a significant focus, aiming to protect essential digital assets from cyber threats and ensure the continuity of vital services.
  4. Digital certification and platform regulation: The policy outlines procedures for digital certification licenses and registration requirements for digital platform service providers. This ensures that digital services operate securely and comply with established cybersecurity standards.
  5. Cybersecurity services and cybercrime prevention: Provisions are included for cybersecurity service providers, addressing cyber fraud, cybercrime, online gambling, and online financial services. The policy sets forth offenses and penalties to deter malicious cyber activities.

Implementation strategy

To achieve its objectives, the policy proposes the following strategies:

  • Capacity building: Developing human resources skilled in cybersecurity to effectively implement and manage security measures.
  • Public awareness: Raising awareness about cybersecurity among citizens to promote safe digital practices.
  • International collaboration: Engaging with international partners to share best practices and stay updated on global cybersecurity trends.