Hong Kong's New Critical Infrastructure Cybersecurity Law

Hong Kong's New Critical Infrastructure Cybersecurity Law

Hong Kong’s government has introduced the Protection of Critical Infrastructure (Computer System) Bill, a significant legislative measure aimed at enhancing the cybersecurity of critical infrastructure. This proposed law seeks to establish a regulatory framework for critical computer systems (CCSs) operated by designated critical infrastructure operators (CIOs), addressing the urgent need for improved cybersecurity among rising global threats.
 
The legislation empowers a newly created Commissioner’s Office to enforce compliance and impose specific obligations on CIOs, shifting from voluntary measures to mandatory regulations. While this initiative aims to strengthen the security of essential services in Hong Kong, it also raises important questions regarding the designation of CIOs, the scope of critical infrastructure, and the implications for businesses regarding compliance costs and vendor oversight.

Our IT experts delve into the details of the newly introduced Protection of Critical Infrastructure (Computer System) Bill and its implications for businesses regarding vendor oversight and compliance.

Please click here to read our full newsletter.