This site uses cookies to personalise and improve your browsing experience. By continuing browsing, you accept and agree to our cookie policy and to our use of cookies.

Phishing Alert

Be extra alert to phishing emails or text messages, as they may contain fake hyperlinks or fraudulent emails intended to deceive you into clicking and disclosing personal information. We strongly recommend that you carefully verify the authenticity and accuracy of the message content, including the account name, account number, subscribed services and HKBNES contact information provided. If you are in doubt, please do not reply, click on any links, download attachments, or disclose your personal information on uncertain websites. For inquiries, please contact the HKBN Enterprise Solutions Customer Service hotline at 128-180 or email corpinfo@hkbnes.net for assistance.

Enhancing Critical Infrastructure’s Cybersecurity through Legislative Frameworks

Share:
Download PDF

Jackal Chau

Senior Vice President - Solutions & Service Delivery

"Energy and persistence conquer all things."

Jackal has the impressive track records of managing and delivering complex mega-projects, including significant infrastructure built-out in one of HK’s landmark sites, leading a network revamp for one of the largest and most influential charitable organisation in HK, and successfully executing multiple infrastructure implementation, data centre migration and relocation projects.

Jackal started his IT career as an IT trainee in IBM and rapidly transformed into a key IT leader in sizable technology firms. He was the Head of Operations and Service Delivery at Macroview Telecom (now under HGC group) managing over 300+ technical staff and looking after all aspects of the post-sales delivery functions.

Jackal has an impressive track records of managing and delivering complex mega-projects, including significant infrastructure built-out in one of HK’s landmark sites, leading a network revamp for one of the largest and most influential charitable organisation in HK, and successfully executing multiple infrastructure implementation, data centre migration and relocation projects.

Get in touch with Jackal's

With over two decades of experience in the ICT industry, I have witnessed the relentless evolution and escalation of cyber threats. The Legislative Council Panel’s recent proposal of a legislative framework to enhance protection of computer systems within operators of critical infrastructures (“CIOs”) is a bold response to escalating risks such as sophisticated cyber-attacks, increased interconnectivity, and the growing significance of digital data, that may lead to severe operational disruptions and financial losses.

According to the panel discussion paper, this proposed bill is planned to be introduced into the LegCo for consideration by the end of 2024. The proposed legislative framework is focused solely on protecting the Critical Computer Systems (CCSs) of Critical Infrastructure Operators.
The Genesis of the Framework
The need for such a legislative framework stem from multiple risk factors. There has been an alarming increase in cyber-attacks targeting vital services over the past decade, with no signs of decline. These attacks not only disrupt services but also pose threats to national security and economic stability. Furthermore, the interconnected nature of modern systems means that vulnerabilities in one area can lead to extensive damage across multiple sectors.
Potential Risks to Critical Infrastructure (CI)
Enterprises, particularly those within critical infrastructure sectors, face numerous risks. For instance, in 2021, a major ransomware attack on a fuel transportation pipeline operator in the United States disrupted nearly half of the fuel supply on the East Coast. Similar incidents have occurred in Hong Kong; in 2024, a private hospital’s computer system was attacked by ransomware, disrupting its medical services. Additionally, recent technical outages at multiple airports have underscored the severe impacts of system failures, even when not initiated by cyber-attacks.
Benefits of Regulatory Compliance
Adhering to the proposed regulations offers substantial benefits. Firstly, it sets a standard baseline for cybersecurity practices, ensuring that all entities within critical infrastructure sectors meet minimum safety thresholds. Secondly, compliance significantly mitigates the legal and financial repercussions associated with data breaches. Lastly, robust cybersecurity measures foster trust among consumers and investors, which is vital for sustained business growth and continuity.

While the introduction of this legislative framework may pose initial challenges for businesses in critical sectors, the long-term benefits of enhanced security, increased trust, and operational stability far outweigh these obstacles. Moving forward, it is vital for business leaders to not only comply with these regulations but to view them as a strategic investment in the future of their organizations.

In addition to legislative frameworks, we also believe in the power of AI technologies to bolster security. This solution framework enables AI-driven threat prevention and response across network, endpoints, and cloud applications. It utilizes behavioral analytics, machine learning, and real-time threat intelligence to proactively hunt for anomalies and stop evasive threats. Schedule a consultation with us to explore these advanced capabilities further.

View Other Thought Leadership Articles:

Get in Touch
Contact our experts today to schedule a consultation
This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.