OGCIO encourages more public and private organisations to take part in the cross-sector sharing of cyber security information.
The Office of the Government Chief Information Officer (OGCIO) has formalised the Partnership Programme for Cyber Security Information Sharing, also known as Cybersec Infohub, from September.
The OGCIO will partner with the Hong Kong Internet Registration Corporation Limited (HKIRC) to administer the collaborative platform Cybersechub.hk and encourage more public and private organisations to take part in the cross-sector sharing of cyber security information with a view to further enhancing the city’s overall defensive capability and resilience against cyber-attacks.
The OGCIO launched the two-year pilot Programme in 2018 with funding support from TechConnect (Block Vote) under the Innovation and Technology Bureau.
Since its launch, the pilot Programme has received a positive response from participating members and industries. At present, the Programme has 259 organisation members with over 850 registered representatives, covering a wide range of sectors including finance and insurance, public utilities, transport, healthcare, telecommunications, innovation and technology, information security and tertiary education institutions. The participating members and industry stakeholders indicated in the interim review of the Programme that the Programme is effective in enhancing overall cyber security situational awareness, facilitating mutual notification of cyber security information among different sectors, and improving the efficiency of information sharing.
A spokesman for the OGCIO said, as well as fostering the culture of cross-sector cyber security information sharing, the Programme also aims to reduce cyber security risks for specific sectors by actively enhancing exchanges within key industries such as banking and healthcare through organising sector-specific seminars and setting up individual groups for information sharing.
“The OGCIO has also collaborated with the Hong Kong Association of Banks in motivating its member banks to actively participate in the Programme so as to facilitate sharing of cyber security information with other sectors,” they said.
According to the spokesperson at present, over 95 banks are registered members of the Programme.
“The HKIRC, a non-profit-distributing organisation, will be in charge of the daily operation and financing of the formalised Programme as a means of upholding the neutrality of the Programme while the OGCIO will steer and monitor the operation,” said OGCIO spokesperson. “The HKIRC’s ‘.hk’ members cover the majority of local small and medium-sized enterprises (SMEs) that have webpages, and we anticipate that this partnership with the HKIRC will create synergy to attract the participation of more organisations, including SMEs, in sharing cyber security information.”
Membership of all existing participating members will continue in the formalised Programme. OGCIO hope to encourage information sharing among different stakeholders with a view to maintaining a secure and reliable cyberspace and developing a safe and business-friendly environment, the OGCIO will work with the HKIRC to continuously promote the Programme to different industry sectors, enhancing its effectiveness and conducting regular reviews on the Programme.
About 1 400 pieces of cyber security information of various types have been shared on the Cybersechub.hk platform, including alerts and advisories on sector-specific cyber threats, exchanges of views on cyber security incidents of public concern, and the latest security developments of emerging technologies (such as fintech and blockchain).
Over 330 pieces of cyber security information were also released for public reference via the Public Zone of the platform. In addition, the Programme has organised seven seminars and professional workshops for participating members.
The Partnership Programme for Cyber Security Information Sharing aims to enable the sharing of cyber security information, advice and professional insights among members and cyber security experts from different sectors. It also facilitates collaboration among members, through their sharing of alerts on the latest cyber threats, to take more effective measures to guard against cyber-attacks.