As Malaysia attracts US$14.7 billion in data centre investment, ensure your team has the AI skills to compete — Cyber Security Act 2024 compliant training.
Malaysia's technology sector is booming, with an unprecedented USD 14.7 billion investment pipeline from Google, AWS, and Microsoft for data centre infrastructure. The Cyber Security Act 2024 requires NCII technology entities to conduct annual risk assessments and report incidents within 6 hours. Malaysia has 140 AI solution providers generating over RM1 billion in revenue, with plans for 900 new AI startups by 2026. This programme is structured to qualify for HRD Corp SBL-Khas claims, with training costs covered directly from employer levy contributions — no upfront payment required. The PDPA amendments, with maximum fines increased to RM1 million and mandatory 72-hour breach notification, make compliance-aware AI deployment a business imperative.
LOCAL CONTEXT
Malaysia is rapidly positioning itself as a regional AI hub through the Malaysia Digital initiative. Strong government incentives, including HRDF and MDEC grants, combined with a growing pool of digital talent, create fertile ground for AI transformation across industries.
$2.1 billion AI market by 2030
growing
THE CHALLENGE
“PDPA Amendment Compliance Gap”
“HRD Corp Funding Underutilisation”
“AI Talent Shortage Blocking Implementation”
“Cyber Security Act 2024 Compliance Burden”
Our team has trained executives at globally-recognized brands
OUTCOMES
FUNDING & SUBSIDIES
Up to RM1,000 per participant
Covers training costs for employees of registered employers (mandatory for 10+ staff). Direct provider payment — no upfront cost to employer.
Official SourceUp to MYR 5,000 per company
50% matching grant for digital service subscriptions adopted as part of this programme's implementation phase.
Official SourceUp to 70% of project costs, capped at RM2 million
For companies with Malaysia Digital status commercialising AI solutions — training may qualify as part of a broader AI project.
Official SourceVaries by partner institution
Part of RM1.5 billion public-private initiative supporting MSME business digitalisation through financial institutions and digital service providers.
Official SourceREGULATORY LANDSCAPE
The PDPA 2010 amendments (effective January–June 2025) are directly relevant: maximum fines increased to RM1 million, mandatory DPO appointments, 72-hour breach notification, expanded sensitive data definitions including biometrics, and new data portability rights. The Cyber Security Act 2024 requires NCII entities to conduct annual cybersecurity risk assessments, biennial audits, and notify authorities of incidents within 6 hours of discovery. MOSTI's National Guidelines on AI Governance and Ethics (AIGE) outline seven core principles for responsible AI deployment, and the National AI Office (NAIO) is developing the AI Technology Action Plan 2026–2030 as a risk-based regulatory framework.
CHALLENGES IN MALAYSIA
The 2024 PDPA amendments require mandatory DPO appointments, 72-hour breach notification, and expanded sensitive data definitions including biometrics — effective June 2025. Many Malaysian organisations lack the AI governance frameworks needed to ensure automated systems meet these heightened requirements, risking fines up to RM1 million.
Malaysian employers with 10+ staff pay a mandatory 1% levy to HRD Corp, yet many fail to fully claim these funds for AI training. The SBL-Khas scheme covers up to RM1,000 per participant with direct provider payment, but the 'apply before training' requirement and 5-10 day processing time catch unprepared organisations off-guard.
Malaysia has only 3,000 AI professionals against a projected demand of 30,000 by 2030. With 81% of employers struggling to hire AI talent and a 34% salary premium required for AI-skilled candidates, building internal capability through training is significantly more cost-effective than competing in the talent market.
The Cyber Security Act 2024 requires NCII entities to conduct annual cybersecurity risk assessments, biennial audits, and report incidents within 6 hours. AI systems that process sensitive data must be designed with these requirements embedded from the start — retrofitting compliance is far more expensive.
OUR PROCESS
We assess your current AI maturity, technology stack, and strategic priorities within IT services companies, managed service providers, and technology consulting firms. This includes interviews with operations, leadership, and frontline teams to map your highest-impact use cases.
We tailor all modules to your specific context within IT services companies, managed service providers, and technology consulting firms. All examples, case studies, and exercises use scenarios your teams will recognise from their daily work.
Interactive workshops using real-world scenarios from IT services companies, managed service providers, and technology consulting firms. Each module combines concept explanation with immediate practice on tasks your teams perform daily.
Participants develop 2-3 AI use case proposals specific to their departments, with business cases, risk assessments, and implementation roadmaps ready for leadership review.
30-day post-programme support includes office hours, Slack access, implementation coaching, and a follow-up session to review progress on use case pilots and address emerging challenges.
IS THIS RIGHT FOR YOU?
MSPs with growing client bases struggling to scale service desk operations
IT service firms with NOC teams overwhelmed by alert volume and noise
MSPs losing competitive deals to AI-enabled managed service competitors
IT service companies wanting to improve per-client margins through automation
MSPs with SLA compliance challenges during growth phases
Individual IT consultants without managed service operations
MSPs needing custom RMM/PSA platform development (try Engineering tier)
IT service operations already running mature AI automation at scale
See yourself above? Let's talk about AI for IT Services & Managed Service Providers in Malaysia.
Let's TalkCOMMON QUESTIONS
MORE TRAINING
WHY PERTAMA PARTNERS
Pertama operates at the intersection of AI capability building and Malaysia's specific compliance landscape — Cyber Security Act 2024, PDPA amendments, and BNM RMiT for fintech clients. Unlike global IT training providers, we design programmes that address the immediate regulatory requirements Malaysian technology firms face while building practical AI engineering skills.
Training is delivered in English as the primary working language, with Bahasa Malaysia terminology integrated where relevant. Facilitators are comfortable with the code-switching between English, Bahasa Malaysia, and Mandarin that is common in Malaysian professional settings. All materials reference Malaysian regulations, funding mechanisms, and market examples. On-premise delivery is available for organisations with strict information security requirements. Programme structure is designed to meet HRD Corp's 'apply before training' process requirements, with adequate lead time built into scheduling.
Let's discuss how ai for it services & managed service providers can help your organization in Malaysia.
Start a Conversation