Considering Hong Kong’s growing cyber security risks

Secretary for Innovation, Technology and Industry, Professor Sun Dong talks about cyber security

Over the past two years, the COVID-19 pandemic has compelled more businesses to accelerate their digital transformation by trying different emerging technologies. Indeed, this transformation has added impetus to our economic growth but also triggered concern over cyber security.

According to the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), cyberspace threat detections increased more than 20 per cent in the first four months in 2022 compared to the same period last year.

Considering growing cyber security risks, both public and private organisations must remain vigilant and develop effective strategies to mitigate the risks. Particularly, it is essential to strengthen the IT infrastructure, defence and incident response capabilities and security awareness to address the challenges ahead.

The Government also attaches great importance to cyber security. We have been adopting a multi-pronged strategy to enhance Hong Kong’s overall cyber security capabilities. In view of this never-ending battle, it is important for us to step up our cyber security efforts to better protect the community. Let me take this opportunity to highlight some of our major areas of work.

First, supporting the community in building a secure cyber environment. OGCIO (the Office of the Government Chief Information Officer) led by Victor, the Hong Kong Police Force, HKCERT run by HKPC and the Hong Kong Internet Registration Corporation Limited (HKIRC), have been working closely to support the business sector and public. We will continue to implement different initiatives, such as disseminating security alerts, issuing security advice and guidelines, and promoting security awareness of cyber security through educational and promotional events.

No organisation is immune to cyber-attacks, even small and medium enterprises (SMEs) tend to be more vulnerable to cyber security threats.

To this end, the Government has been providing financial support to our SMEs, for instance through the Technology Voucher Programme to strengthen their information security level. Further, HKCERT published an Incident Response Guideline for SMEs last month which provides guidance on how to better handle unforeseen security incidents. These measures should be able to help our SMEs better gear up to establish a simple yet effective incident response mechanism.

Apart from taking swift response upon contingency, it is crucial to act ahead of an attacker’s next move. Co-organised by OGCIO and HKIRC, the Partnership Programme for Cyber Security Information Sharing provides a platform to facilitate exchange of mitigation strategies, best practices, and insights from cyber security experts. Recently, the Open Threat Intelligence Campaign was launched to offer local and overseas cyber threat intelligence gathered by HKCERT and cyber security researchers. It could furnish organisations with forecasts of potential security threats, thereby facilitating them to take preventive measures in advance.

Second, nurturing information security talent. The Government has been actively promoting professional accreditation, encouraging tertiary institutions to offer more information security courses, and organising activities for the youth in raising their interest. Hong Kong also strives to attract global cyber security talent to work in Hong Kong, for instance launching the Technology Talent Admission Scheme to handle expeditiously the admission of overseas and Mainland technology talents to work in Hong Kong.

Fostering international collaboration in the cyber security community. OGCIO and HKCERT both actively co-operate with computer emergency response centres in the Mainland, Asia-Pacific region and around the world. We are committed to providing timely information on cyber threat intelligence and security best practices, as well as participating in drills for a prompt and co-ordinated response to large-scale cyber attacks.


Leave a Comment

Related posts