While this article was published, the Security Bureau of the Hong Kong Government announced that the Protection of Critical Infrastructure (Computer System) Bill will be gazetted on Friday, 6 December 2024, and will be introduced into the Legislative Council for First Reading and Second Reading on 11 December 2024. We will provide an update on further developments.
Since the coming into force of Malaysia Cyber Security Act 2024 (“CSA”) on 26 August 2024, there have been substantial developments in the landscape in the past few months.
On 25 June 2024, the Government proposed to enact a new piece of cybersecurity legislation, tentatively entitled the Protection of Critical Infrastructure (Computer System) Bill, to enhance the protection of computer systems of critical infrastructures (CIs). On 2 July 2024, the proposed legislative framework was tabled to the Legislative Council Panel on Security for consultation. The proposed legislation would require CI operators to fulfill certain statutory obligations and take appropriate measures to strengthen the security of their critical computer systems and minimize the chance of essential services being disrupted or compromised due to cyberattacks.