Hong Kong passes its first cybersecurity bill covering critical infrastructure South China Morning Post

pOperators of critical infrastructure in eight sectors will face fines of up to HK5 million for failing to keep their computer systems up to dateppHong Kongs legislature has approved the citys first bill targeted at cybersecurity for computer systems needed for critical infrastructure with operators facing fines of up to HK5 million US643000 for failing to keep their systems up to dateppThe Legislative Council on Wednesday passed the Protection of Critical Infrastructures Computer Systems Bill amid a spate of cyberattacks against essential service providersppSecretary for Security Chris Tang Pingkeung said authorities would start setting up a commissioners office and shortlisting affected operators by June with a target for the legislation to come into effect on January 1 2026ppThe bill covers infrastructure in eight areas deemed crucial to the normal functioning of society the energy information technology banking communications maritime and healthcare services and land and air transport sectorsppOther infrastructure operators maintaining critical social and economic activities such as those managing major sports and performance venues as well as research and development parks were also includedppThe purpose of the bill is to establish legal requirements for organisations designated as critical infrastructure operators to ensure they take appropriate measures to protect their computer systems and reduce the impact of their operations on society and residents daily lives in the event of a cyberattack Tang saidp