Operators of critical infrastructure in Hong Kong will now have 12 hours to notify authorities of any serious security breaches, following a consultation exercise on a proposed law to enhance protection. The Security Bureau extended the time frame from the initial two hours proposed, citing practical difficulties and feedback from other jurisdictions.
A spokesman addressed concerns over the powers of the commissioner’s office, assuring that device linking and program installations on operator systems would only occur in exceptional circumstances. The bureau received 53 submissions during the consultation period for the Protection of Critical Infrastructure (Computer System) Bill, concluding the exercise in August.
Stakeholders highlighted challenges in contacting authorities within two hours while dealing with security issues. The extended time limit aims to provide operators with a more feasible window to both report incidents and address cybersecurity concerns effectively.
[ad_2]
Source link