Hong Kong intends to legislate to establish the cybersecurity responsibilities of critical infrastructure operators

Hong Kong, Oct. 10 (ZXS) -- Acting Secretary for Innovation, Technology and Industry of the Hong Kong Special Administrative Region Government, Zhang Manli, said on the 18th that in order to enhance the protection of critical infrastructure network security, the SAR government plans to legislate to clearly define the cybersecurity responsibilities of critical infrastructure operators, including establishing a good prevention management system to ensure the operation of their information systems and network security.

The Legislative Council of the Hong Kong Special Administrative Region met on the same day, and Manli Cheung made the above remarks in written response to Members' questions. Recently, the network systems of public organizations such as Hong Kong Cyberport Management Company Limited and the Hong Kong Consumer Council have been invaded one after another, and some data has been leaked, which has aroused concern in Hong Kong society. To this end, Cheung Man-lai pointed out that the HKSAR Government is drafting a legislative framework and collecting preliminary views from the industry, and the next step will be to consult the Panel on Security of the Legislative Council on the legislative proposal and conduct public consultation.

She added that the Law Reform Commission (LRC) of Hong Kong established a subcommittee in 2019 to conduct research on cybercrime and completed the first phase of public consultation on cyber-dependent crime and jurisdiction in October 2022. After the LRC publishes its report on the relevant matters, the HKSAR Government will study the recommendations of the study and consider how to follow up with a view to further enhancing cyber security.

Zhang Manli pointed out that in terms of data security risk management, the HKSAR Government has formulated multiple security measures and working mechanisms, covering data protection, audit and risk assessment, incident handling and response, education and training, etc., to maintain the security of government systems and data in an all-round way. Among them, the Office of the Chief Information Officer of the HKSAR Government conducts independent information security compliance audits for various departments of the HKSAR Government on a regular basis and provides recommendations to assist in the continuous improvement of the security management system. The Department has also been working closely with stakeholders in public organisations to remind them of enhanced cyber security measures to protect information systems and data against cyber attacks.

Mr Cheung said that the HKSAR Government would continue to implement and review the relevant work with a view to building Hong Kong into a safe and secure smart city. (End)