Overview of the Protection of Critical Infrastructures

An overview of the Protection of Critical Infrastructures (Computer Systems) Bill, specified requirements and key actions

An overview of the Protection of Critical Infrastructures (Computer Systems) Bill

26 March 2025

After almost two years of discussions and engagement with various stakeholders, the Legislative Council approved the "Protection of Critical Infrastructures (Computer Systems) Bill" on 19 March 2025. This legislation aims to strengthen cybersecurity measures for critical infrastructure and ensure the reliability of essential services. With enforcement slated to commence on January 1, 2026, the bill mandates Critical Infrastructure Organizations (CIOs) to adhere to specific cybersecurity protocols, while granting regulatory bodies the authority to address and mitigate cyber risks. For a detailed understanding of the bill’s provisions, including compliance obligations, its impact and key actions, please read our latest publication.

Overview of the Protection of Critical Infrastructures (Computer Systems) Bill, Hong Kong

On 19 March 2025, Hong Kong introduced the “Protection of Critical Infrastructures (Computer Systems) Bill” to safeguard the cybersecurity of critical infrastructure and ensure the stability of essential services. The bill imposes statutory requirements on operators of Critical Infrastructure Organizations...

Overview of the Protection of Critical Infrastructures (Computer Systems) Bill, Hong Kong

On 19 March 2025, Hong Kong introduced the “Protection of Critical Infrastructures (Computer Systems) Bill” to safeguard the cybersecurity of critical infrastructure and ensure the stability of essential services. The bill imposes statutory requirements on operators of Critical Infrastructure Organizations (CIOs) to implement robust cybersecurity measures.

Connect with us

Find office locations kpmg.findOfficeLocations
kpmg.emailUs
Social media @ KPMG kpmg.socialMedia