Malaysia unveils National Cloud Computing Policy

Unveiled at the ASEAN AI Summit Malaysia 2025, the NCCP focuses on five core pillars guiding cloud adoption in Malaysia.

The Malaysian government has unveiled the new National Cloud Computing Policy (NCCP) to take a more strategic measure in cloud deployment in the country. The NCCP is nation’s first policy which is focused on to developing a sovereign, secure, inclusive, and sustainable digital ecosystem.

“This policy is not just a government directive. It is a strategic blueprint that will guide our nation toward a secure, sovereign, inclusive, and sustainable cloud future. The NCCP embodies a whole-of-nation approach. It reflects our belief that true digital transformation must be inclusive, reaching across sectors, institutions, and communities,” said Gobind Singh, Minister of Digital, Malaysia.

Prior to the NCCP, the implementation of cloud initiatives in isolation, a concern the government had as it could place the nation at risk of falling behind in the rapidly advancing global digital economy.

Currently, all the major cloud vendors operate and offer their services in the country via their network of partners. Almost all the major cloud vendors have also heavily invested in developing the infrastructure in the country, especially in meeting data sovereignty and regulatory requirements set by the government.

CRN Asia has reached out to cloud vendors and cloud service providers in Malaysia for their views on the NCCP.

Developed by the Ministry of Digital, the NCCP adopts a “Whole-of-Nation” approach, fostering collaboration among all stakeholders, including government agencies, the private sector, cloud service providers, academia, and the public. The policy is also dynamic, allowing for continuous updates to adapt to technological advancements and emerging challenges.

According to the ministry, the policy outlines a comprehensive direction to strengthen the adoption of cloud technology across all levels – government, industry, and the general public. Beyond serving as a guiding document, the NCCP also functions as a national action plan to ensure Malaysia remains competitive in the fast-evolving global digital economy. The policy aims to position Malaysia as a world-class cloud computing hub by 2030, anchored on innovation, cybersecurity, sustainability, and inclusivity.

“The NCCP is fully aligned with the Malaysia Cyber Security Strategy (MCSS). It implements robust security frameworks to protect national data and build public trust. It upholds data sovereignty, ensuring data generated within Malaysia is governed by Malaysian laws. It also introduces a sound regulatory framework, one that provides clear direction for stakeholders to develop specific policies tailored to their needs, while ensuring flexibility within a unified national strategy. This approach empowers each sector to adapt and innovate, without compromising alignment with the broader national vision,” said the minister.

Taking a deeper look at the NCCP, there are five pillars which it will focus on. The first pillar is on public sector transformation whereby the aim will be on modernizing government services through the adoption of cloud technologies to enhance efficiency, transparency, and responsiveness. The second pillar fosters growth in the private sector, specifically in helping MSMEs expand their operations and compete globally as well as boost economic growth and attract investments.

The third pillar focuses on having secure data protection and privacy. This includes strengthening data security frameworks, ensures compliance with data protection laws, and builds public trust in digital platforms. The fourth pillar on digital inclusivity addresses the digital divide by extending cloud infrastructure to underserved areas and promoting digital literacy.

The fifth pillar is on environmental sustainability whereb resource-efficient and environmentally friendly cloud practices is imperative, such as utilising green data centres and monitoring energy consumption.

The Ministry of Digital also calls upon all parties, including government agencies, industry players, cloud service providers, academia, and the public to work hand in hand in implementing this policy.