Protection of Critical Infrastructures (Computer Systems) Ordinance

In recent years, laws and regulations protecting the security of computer systems of critical infrastructures ("CIs") have become increasingly common in many jurisdictions. Building on this momentum, on 19 March 2025, Hong Kong’s Legislative Council passed the Protection of Critical Infrastructures (Computer Systems) Bill, marking a significant milestone in the region’s cybersecurity regulatory framework. The Protection of Critical Infrastructures (Computer Systems) Ordinance (Cap. 653) (the "Ordinance"), which will take full effect on 1 January 2026, aims to strengthen the security of the computer systems of CIs and minimise the chance of essential services being disrupted or compromised due to cyberattacks, thereby enhancing the overall computer system security in Hong Kong.

Click here to read more.