Datuk Mustapha Sakmud, Minister in the Prime Minister's Department (Sabah and Sarawak), has stressed that digital safety education must become a foundational priority at the household and school levels across Malaysia, arguing that early intervention is critical to stemming the tide of cybercrimes targeting families and younger users. Speaking at the Kota Kinabalu District Safe Internet Campaign Community Carnival 2026, Mustapha outlined a vision where parents and educators work in tandem to inoculate children against the mounting threats that accompany internet connectivity, from coordinated scams to malicious hacking and the psychological toll of cyberbullying.

The statistics underpinning Mustapha's call are sobering. Sabah recorded 321 scam-related complaints in the preceding year, with 152 additional cases filed in just the first half of the current year—a trajectory that suggests the problem is far from stabilizing. Hacking incidents similarly registered 159 complaints annually, though the rate appears to have slowed to 30 cases in the first six months of this year. These figures, while representing only confirmed reports, likely undercount the true incidence of cybercrime, as many victims remain unaware they have been compromised or are reluctant to file formal complaints. For a state like Sabah, which has been working to modernize its digital infrastructure and connectivity, these trends underscore the dual challenge of expanding internet access while simultaneously building the cultural and technical defenses necessary to keep users safe.

Mustapha's emphasis on early exposure and awareness reflects a growing recognition across Southeast Asia that cybersecurity cannot be treated as a purely technical problem to be solved by government agencies and private sector security experts alone. Instead, he argues, the responsibility must be diffused throughout society, beginning with the choices parents make at home regarding screen time, online behavior modeling, and frank conversations about digital risks. Schools, he contends, should embed Internet safety into their curricula not as an afterthought but as a core competency alongside literacy and numeracy, ensuring that students develop the critical thinking skills needed to evaluate online sources, recognize social engineering tactics, and understand the permanence of digital footprints.

The event itself demonstrated this holistic approach. Organized by the Malaysian Communications and Multimedia Commission (MCMC), the carnival drew more than 500 community members and featured immersive learning experiences through Virtual Reality technology, allowing attendees to navigate simulated scenarios involving common online threats. A live podcast session titled "Safe Internet, Shared Responsibility" brought together panelists from diverse professional backgrounds, amplifying the message that cybersecurity is not the domain of IT specialists alone but a shared civic obligation. The inclusion of cultural elements—a Bajau Samah singing competition—and recreational activities such as e-sports tournaments reflected an understanding that engagement with digital safety messaging works best when embedded within the broader rhythms of community life rather than presented as a lecture.

Mustapha specifically directed his counsel toward internet users in Sabah, advocating for heightened vigilance in verifying information sources before sharing or acting upon them. In an era where misinformation spreads as readily as malware, this guidance speaks to a broader vulnerability: the human tendency to trust information that confirms existing beliefs or arrives from apparently authoritative sources. He further cautioned against the disclosure of personal identifiers, financial details, and other sensitive information through digital channels, warning that irresponsible actors stand ready to exploit such revelations. This advice, while basic in its formulation, remains urgently necessary because many users, particularly those newly connected to the internet or less digitally experienced, underestimate the value of their personal data to criminals and the difficulty of recovering identity or financial losses once theft has occurred.

The geographic focus on Sabah carries particular significance for Malaysian cybersecurity policy. As one of the country's more geographically dispersed and less densely urbanized states, Sabah faces unique challenges in building digital literacy at scale. Infrastructure investments in broadband connectivity have extended internet access to more remote communities, but these gains risk being negated if users lack the knowledge and confidence to navigate digital spaces safely. The state's diverse population, encompassing multiple ethnic groups and languages, also necessitates culturally sensitive and linguistically appropriate cybersecurity messaging—a complexity that generic national campaigns may overlook.

The strategy outlined by Mustapha aligns with international best practices in cybersecurity education. Organizations such as the International Telecommunication Union and various national governments have recognized that behavioral and cultural change, particularly among young people, produces greater long-term dividends than reactive law enforcement or technological solutions alone. When children internalize digital safety norms early, they carry these habits into adulthood, creating a virtuous cycle of cautious, informed internet use. Schools serving as hubs for this education also multiply the reach of messaging, as young people become advocates within their own families and peer networks.

However, Mustapha's framing also hints at broader challenges facing cybersecurity governance in Malaysia. While personal responsibility and family vigilance are necessary, they are not sufficient. Scammers and hackers operate with increasing sophistication, often employing artificial intelligence and machine learning to craft convincing phishing messages and exploit system vulnerabilities that no amount of individual caution can entirely mitigate. Therefore, the minister's call for awareness must be accompanied by coordinated efforts among law enforcement agencies, telecommunications providers, and financial institutions to disrupt criminal operations, recover stolen funds, and hold perpetrators accountable.

The carnival format itself represents an effort to make cybersecurity education accessible and non-threatening. Many people, particularly older users or those with limited formal education, can feel alienated by technical jargon and abstract warnings. By combining education with entertainment, cultural celebration, and interactive technology demonstrations, the MCMC and local authorities sought to normalize conversations about digital safety and reduce the stigma associated with falling victim to online crimes. This approach acknowledges that awareness campaigns work best when they meet people where they are—in community spaces, during moments of leisure, and in registers they find welcoming rather than authoritarian.

Looking forward, Mustapha's advocacy suggests that cybersecurity will remain a priority within Sabah's governance agenda, particularly as digital services become increasingly central to education, healthcare, commerce, and public administration. The challenge will lie in maintaining momentum beyond single events, ensuring that schools genuinely integrate cybersecurity education into their teaching, that parents receive ongoing support in monitoring and guiding their children's digital lives, and that community organizations continue to facilitate public dialogue on these issues. The figures Mustapha cited—hundreds of complaints annually—represent real individuals and families whose trust in the internet has been breached, often with lasting financial and psychological consequences. By elevating cybersecurity awareness from a peripheral concern to a fundamental pillar of family and educational practice, Malaysia can work toward a digital ecosystem where technological opportunity is matched by the knowledge and resilience to use it safely.