Speaker – Ms Shariffah Rashidah Syed Othman
Ms Shariffah Rashidah Syed Othman
Commissioner, Personal Data Protection, Personal Data Protection Department,
Ministry of Digital
Malaysia
Biography
Shariffah Rashidah has served the Government of Malaysia as an Administrative and Diplomatic Officer since 2004, starting in the ICT and Technical Division of the National Security Council (NSC) before moving to the Cyber and Space Security Division in 2006. She began as an Assistant Director and later advanced to Principal Assistant Director, spending nearly two decades formulating, coordinating and monitoring national cybersecurity policies in Malaysia.
Her key contributions include the development of the NSC Directive No. 24: Policy and Mechanism for National Cyber Crisis Management, the NSC Directive No. 26: National Cyber Security Management, the National Cyber Crisis Management Plan, the National Cyber Coordination and Command Centre (NC4), the National Cryptography Policy, the Malaysia Cyber Security Strategy 2020-2024, the Cyber Security Act 2024 [Act 854] and the Malaysia Cyber Security Strategy 2025-2030.
At regional level, she helped shape the ASEAN Regional Forum (ARF) Work Plan on the Security of and in the Use of ICTs, facilitating the establishment of the ARF Inter-Sessional Meeting on ICTs Security (ARF ISM on ICTs Security) and the ARF Points of Contact on ICTs Security. From 2018 to 2020, she cochaired the ARF Open-Ended Study Group on ICTs Security alongside Singapore and Japan. She was also involved in the development of the ASEAN Checklist for the implementation of the Norms of Responsible State Behaviour in Cyberspace and the establishment and operationalisation of the ASEAN Regional CERT and the development of the ASEAN Cyber Security Cooperation Strategy 2026-2030.
She led Malaysia’s delegation to the United Nations Open-Ended Working Group on the Security of and in the Use of ICTs (OEWG) 2021-2025, which recently concluded with the establishment of a permanent Global Mechanism that is inclusive and universal in nature, addressing developments in the field of ICTs in the context of international security and advancing responsible state behaviour in the use of ICTs.
As one of the key personnel behind the creation of the National Cyber Security Agency (NACSA), she was appointed Director of Policy and International Cooperation at NACSA in July 2020. Recognising the importance of cyber security in public services, she later served at the Malaysian Administrative Modernisation and Management Planning Unit (MAMPU) as Senior Principal Assistant Director in the Public Sector Reform Division. During the COVID-19 pandemic, she supported the COVID-19 Immunisation Task Force (CITF) by contributing to the development of the MySejahtera application including the enhancement of the vaccination module.
Upon returning to NACSA’s Chief Executive Office, she continued coordinating national cyber security efforts. From March to August 2023, she performed the duties of Chief Executive of NACSA before resuming her role as Director of Policy and International Cooperation until July 2025. Starting from 1 August 2025, she was appointed as the Deputy Director General of the Personal Data Protection Department, Ministry of Digital and was subsequently appointed as Personal Data Protection Commissioner, effective 3 September 2025.
Shariffah Rashidah holds an MSc in Information Security from Royal Holloway, University of London, and a BSc in Science (Computer) from Universiti Teknologi Malaysia.