Cybersecurity impacts nations in multiple facets as the cyberspace luring efficiency and convenience in interconnectivity in our digital lifestyle including the critical national infrastructures (CNI) where a break in the weakest link impacts large geographical regions and send ripples across the economy. In order to protect the cybersecurity of CNIs, NIST Framework for Improving Critical Infrastructure Cybersecurity (NIST CSF), a technology-neutral framework based on industry best practices and standards, was developed in 2014. This research-in-progress seek to gain insights on its applicability in developing nations, Malaysia, where a qualitative methodology to investigate the applicability of NIST CSF in Malaysia was adopted. The Preliminary findings concurred that the framework is relevant and it needs to be revised periodically as every CNI sector is critical in its own way, and that the cyber threats are ever evolving and emerging.