Hong Kong aims to safeguard key facilities with new cybersecurity law

19/3/2025 19:10

Hong Kong passed a cybersecurity law on Wednesday to regulate operators of critical infrastructure, forcing them to strengthen computer systems and report cybersecurity incidents or risk penalties of up to HK$5 million ($640,000).



The law, set to take effect in 2026, aims to safeguard the security of computer systems vital to the functioning of critical infrastructure, said Chris Tang, the security chief of the Asian financial hub.



"It's definitely not to target personal information or commercial secrets," he added.



The law was necessary because disruption or sabotage of the computer systems at the heart of critical infrastructure posed a risk to society and the economy in the former British colony, the Security Bureau told the legislative council.



Such incidents could have "a rippling effect affecting the entire society, seriously jeopardising the economy, people's livelihood, public safety and even national security," it added.



The bill covers infrastructure in eight industries from banking and financial services to information technology, energy transport, healthcare and communications.