TheArtOfService
Back to Frameworks

Myanmar Cybersecurity Law (2023)

Self-Assess
Myanmar
v2023
8 domains
8 controls

Myanmar's Cybersecurity Law (2023) establishes a cybersecurity and data protection framework. The law covers cybersecurity obligations for digital platform service providers, critical information infrastructure protection, personal data processing requirements, and cybersecurity incident reporting. Administered by the Ministry of Transport and Communications. The law has been criticised for its surveillance provisions and broad scope.

Unverified

Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.

Framework Domains (8)

Content Controls

1 controls
Controls in the Content Controls domain of Myanmar Cybersecurity Law (2023)1 controls
CodeTitle
MMCL-5Content Moderation, Removal Requests, and Lawful Access

Cybersecurity Governance and CII

1 controls
Controls in the Cybersecurity Governance and CII domain of Myanmar Cybersecurity Law (2023)1 controls
CodeTitle
MMCL-1Cybersecurity Authority and Critical Information Infrastructure Designation

Data Localisation

1 controls
Controls in the Data Localisation domain of Myanmar Cybersecurity Law (2023)1 controls
CodeTitle
MMCL-4Data Localisation and Cross-Border Data Transfer Controls

Enforcement and Compliance

1 controls
Controls in the Enforcement and Compliance domain of Myanmar Cybersecurity Law (2023)1 controls
CodeTitle
MMCL-8Penalties, Enforcement, and Human Rights Considerations

Incident Response

1 controls
Controls in the Incident Response domain of Myanmar Cybersecurity Law (2023)1 controls
CodeTitle
MMCL-6Cybersecurity Incident Detection, Response, and Notification

Internet Access Controls

1 controls
Controls in the Internet Access Controls domain of Myanmar Cybersecurity Law (2023)1 controls
CodeTitle
MMCL-3VPN Restrictions and Circumvention Tool Prohibitions

Licensing and Authorisation

1 controls
Controls in the Licensing and Authorisation domain of Myanmar Cybersecurity Law (2023)1 controls
CodeTitle
MMCL-2Licensing of Digital Platforms and Cybersecurity Service Providers

Technical Security Controls

1 controls
Controls in the Technical Security Controls domain of Myanmar Cybersecurity Law (2023)1 controls
CodeTitle
MMCL-7Network Security, Access Control, and Cryptographic Controls

Your Compliance Coverage

If you comply with Myanmar Cybersecurity Law (2023), you already cover:

US EPA Safe Drinking Water Act (SDWA) - Cybersecurity Requirements

13%

1 controls mapped

Compare →

OWASP MASVS

13%

1 controls mapped

Compare →

OWASP ASVS

13%

1 controls mapped

Compare →

+ 21 more: NIST SP 800-171A - Assessing Security Requirements for Controlled Unclassified Information (CUI) (13%), AWWA Cybersecurity Guidance for the Water Sector (American Water Works Association) (13%)

See all 24 mapped frameworks ↓

Maps to 24 other frameworks

8 total controls
US EPA Safe Drinking Water Act (SDWA) - Cybersecurity Requirements
1 source controls mapped|1 target controls covered
13%
OWASP MASVS
1 source controls mapped|1 target controls covered
13%
OWASP ASVS
1 source controls mapped|1 target controls covered
13%
NIST SP 800-171A - Assessing Security Requirements for Controlled Unclassified Information (CUI)
1 source controls mapped|3 target controls covered
13%
AWWA Cybersecurity Guidance for the Water Sector (American Water Works Association)
1 source controls mapped|1 target controls covered
13%
ISO/IEC 27011:2024
1 source controls mapped|2 target controls covered
13%
ASD Strategies to Mitigate Cyber Security Incidents
1 source controls mapped|3 target controls covered
13%
ISO 27019
1 source controls mapped|1 target controls covered
13%
FFIEC Cybersecurity Assessment Tool (CAT)
1 source controls mapped|1 target controls covered
13%
CISA Cross-Sector Cybersecurity Performance Goals (CPG) 2.0
1 source controls mapped|2 target controls covered
13%
MTCS (Singapore)
1 source controls mapped|1 target controls covered
13%
ISO 27043
1 source controls mapped|1 target controls covered
13%
AWS Well-Architected Security Pillar
1 source controls mapped|1 target controls covered
13%
ISO 27018
1 source controls mapped|1 target controls covered
13%
FFIEC IT Examination Handbook
1 source controls mapped|1 target controls covered
13%
NIST SP 800-124 Revision 2 - Guidelines for Managing the Security of Mobile Devices
1 source controls mapped|2 target controls covered
13%
ISO 27017
1 source controls mapped|1 target controls covered
13%
ISO/SAE 21434
1 source controls mapped|1 target controls covered
13%
API 1164
1 source controls mapped|1 target controls covered
13%
Azure Security Benchmark
1 source controls mapped|1 target controls covered
13%
ISO 28001:2007 Supply Chain Security Management
1 source controls mapped|1 target controls covered
13%
IEC 62443
1 source controls mapped|1 target controls covered
13%
ISO/IEC 27010:2015
1 source controls mapped|1 target controls covered
13%
APRA CPS 234
1 source controls mapped|1 target controls covered
13%
Compare Myanmar Cybersecurity Law (2023) with US EPA Safe Drinking Water Act (SDWA) - Cybersecurity Requirements

Frequently Asked Questions

What is Myanmar Cybersecurity Law (2023)?

Myanmar Cybersecurity Law (2023) is a compliance framework from Myanmar with 8 domains and 8 controls. Myanmar's Cybersecurity Law (2023) establishes a cybersecurity and data protection framework. The law covers cybersecurity obligations for digital platform service providers, critical information infrastructure protection, personal data processing requirements, and cybersecurity incident reporting. Administered by the Ministry of Transport and Communications. The law has been criticised for its surveillance provisions and broad scope. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.

How many controls does Myanmar Cybersecurity Law (2023) have?

Myanmar Cybersecurity Law (2023) has 8 controls organised across 8 domains. The largest domains are Content Controls (1 controls), Cybersecurity Governance and CII (1 controls), Data Localisation (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.

What frameworks does Myanmar Cybersecurity Law (2023) map to?

Myanmar Cybersecurity Law (2023) maps to 24 other compliance frameworks. The top mapping partners are US EPA Safe Drinking Water Act (SDWA) - Cybersecurity Requirements (13% coverage), OWASP MASVS (13% coverage), OWASP ASVS (13% coverage). Use our comparison tool to explore control-level mappings between frameworks.

How do I get started with Myanmar Cybersecurity Law (2023) compliance?

Start your Myanmar Cybersecurity Law (2023) compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Myanmar Cybersecurity Law (2023) requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 8 controls and track your progress.

Start Your Compliance Journey

Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 700 frameworks.

Get Started Free →

Free forever — no credit card required