Connect with us

Technology

Hong Kong Tightens Cyber Defences with New Cybersecurity Law: What It Means for Businesses

Technology

Is This the Future of Robotics? Unitree’s G1 Moves with Human-Like Precision

Technology

NVIDIA Unveils Isaac GR00T N1: The Future of Humanoid Robotics

Technology

Manus AI: China’s Next DeepSeek or a Glimpse into AGI?

Technology

Google Settles Racial Bias Lawsuit with $28 Million Payout

Technology

Apple’s AI Struggles: Siri Delays Raise Concerns of Falling Behind Rivals

Science & Environment Technology

Sunita Williams Returns to Earth After 286 Days

Technology

Spacetop G1: The Laptop That Redefines Workspaces

Technology

Top 5 Scientific Gadgets to Help You

Technology Brands Social

Project Aria Gen 2: Meta’s Bold Step Towards Smarter AI and AR

Technology

Hong Kong Tightens Cyber Defences with New Cybersecurity Law: What It Means for Businesses

Cybersecurity Law
  • The Cybersecurity Law of Hong Kong brings stringent regulations for essential facilities and imposes penalties up to HK$5 million (£500,000) for non-compliant behaviour.
  • The regulation has prompted concerns regarding the latest additions to the governing powers, triggering apprehension in the region about depriving investments in technology.

Hong Kong has been very active in fighting cyber threats with the introduction of a new cybersecurity law aimed at the protection of critical infrastructure. The Protection of Critical Infrastructures (Computer Systems) Bill seeks to protect critical sectors by imposing strict security requirements and was passed recently by the legislative council. The new law, providing for hefty fines of up to HK$5 million for failure to comply, seeks to hold organisations liable to a higher degree for protecting their digital systems.

Tough Security for Life-and-Death Sectors

Directly concerned with organisations representing critical infrastructure, the new law compels the enhancement of cybersecurity practices. Major sectors covered include:

  • Energy
  • Banking and Financial Services
  • Information Technology
  • Transport (land, air, and maritime)
  • Communications and Broadcasting
  • Health Care Services

Interestingly, it even extends to venues and facilities that support major social or economic activities such as sports stadiums, technology parks, and performance art venues. This broader scope embodies the very will of the government to protect Hong Kong’s digital backbone from rising cyber threats.

Concerns Over Expanded Intersection Power by The Government

The law is focused on protecting infrastructure while also giving the government lots of power in cybersecurity incidents. In situations where operators do not adequately respond to breaches, the officials are enabled to get court warrants to go into the computer systems or install some kind of monitoring software.

This, however, has raised concerns among the international tech businesses and the advocacy societies. The Asia Internet Coalition and the American Chamber of Commerce in Hong Kong warned last year that such powers, if exercised, may deter tech investments in the region. 

Meanwhile, Article 19, a London-based organisation advocating for free speech, argued that the law gives authorities “excessive” investigative powers, including the power to demand “any relevant information” during investigations. 

In reaction to these concerns, Hong Kong authorities dismissed the claims, noting that the same regulations would exist in the U.S., the U.K., and the E.U. concerning cybersecurity.

Privacy Salient Issues Tackled

Minister of Security Chris Tang clarified that this public race was because the law deals primarily with big institutions and their computer systems. It does not deal with personal data or business secrets.

Interestingly, though, the government departments are expressly excluded from the law, yet some of them have been victims in recent breaches of data. The Fire Services Department, Registration & Electoral Office, Cyberport and the Consumer Council were some of the agencies recently affected by leaked data.

Very Stringent Compliance, Hefty Penalties

The new law says that critical infrastructure operators shall:

  • Conduct an annual assessment for cybersecurity risk.
  • Report incidents suffered from a breach within 12 hours.
  • Suffer a fine of up to HK$5 million (£500,000) for failing to meet security standards.

In a very contentious decision, the government has opted not to reveal the list of regulated operators. However, officials justify the decision that this should be kept confidential to avoid these organisations being prime targets for hackers.

Patrick Li, Hong Kong’s Permanent Secretary for Security, confirmed that more than 100 critical infrastructure operators will have to comply with the regulation but added that the names of those affected will not be disclosed for security reasons.

Rising Cyberattacks

This law has come into being at a time when cybercrime is surging in Hong Kong. Over the last year, hackers have become increasingly active in targeting universities, non-governmental organisations, and even some government hospitals, thus attesting more and more to the vulnerability of states in this region.

The privacy watchdog in Hong Kong first reported in 2023 that around 70% of companies in the area were victims of some form of a cyberattack. Therefore, with the increasing digitisation of the city, good and strong cyber defences are a must.

Booming Cybersecurity Market

The emerging threat landscape is thus increasing demand for cybersecurity solutions. The cybersecurity market for Hong Kong is expected to reach up to US$852.65 million (about £665.4 million) by 2025, with security services making up nearly US$484.04 million (around £377.5 million) worth of revenue.

From 2025 to 2029, the market is further projected to increase at a compound growth rate of 7.64% annually and reach about US$1.14 billion (£890.3 million) by the end of 2029.

Business Effects and Those Facing Technology Firms

Cybersecurity is a priority in Hong Kong, as much of its economy depends on the digital infrastructure. However, the new law is bound to strengthen the fortification of such an infrastructure because of its requirement for proactive measures and for pushing organisations to place a stronger importance on data protection.

However, many global firms will find it more difficult to operate. Such compliance costs might lead to a “business decision” even in the case of tech firms when considering investments in the region.

Striking a Balance between Security and Growth in Business

The new cybersecurity law in Hong Kong is supposed to improve cybersecurity, but how much it succeeds in doing so depends on finding the right balance between rigorous enforcement and keeping the city attractive as a business hub.

As organizations work through the requirements of the new law, the upcoming years will show whether this legislation indeed provides the necessary safeguards to critical infrastructure without choking innovation or scaring away foreign investment.

Related Topics:
Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Text Translator

Awards Ceremony

Click on the Image to view the Magazine

GBM Magazine cover


Global Brands Magazine is a leading brands magazine providing opinions and news related to various brands across the world. The company is head quartered in the United Kingdom. A fully autonomous branding magazine, Global Brands Magazine represents an astute source of information from across industries. The magazine provides the reader with up- to date news, reviews, opinions and polls on leading brands across the globe.


Copyright - Global Brands Publications Limited © 2025. Global Brands Publications is not responsible for the content of external sites.

Translate »