8th Inter-departmental Cyber Security Drill held to enhance cyber defence capability of government departments (with photos)

    The Government Computer Emergency Response Team Hong Kong (GovCERT.HK) under the Office of the Government Chief Information Officer (OGCIO) and the Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force co-organised the 8th Inter-departmental Cyber Security Drill today (April 25). The Drill aimed to strengthen the preparedness and the overall incident response capability of government departments to cyberattacks.
 
    In their opening remarks, the Assistant Government Chief Information Officer (Cyber Security and Digital Identity), Mr Daniel Cheung, and the Assistant Commissioner of Police (Crime), Ms Chung Wing-man, both expressed their hope that the Drill could enhance the ability of the participants in countering the escalating threat of cyberattacks in this era of digitalisation to further strengthen the Government's overall capacity to prevent, detect and respond to cyberattacks.
 
    The GovCERT.HK and the CSTCB have jointly hosted the Inter-departmental Cyber Security Drill since 2017, with a view to enhancing the cyber security awareness and overall response capabilities of government departments. Over 250 government officers from 70 bureaux and departments (B/Ds) joined the Drill. It simulated a real-world cyber security incident where participants had to take immediate actions against various simulated cyberattack scenarios as well as conducting associated incident response and investigation. Prior to the Drill, the GovCERT.HK and the CSTCB held an online training workshop for the participants to share some strategies and techniques in handling cyberattacks.
 
    In addition, the OGCIO has promulgated the revised Government IT Security Policy and Guidelines to ensure that the information security standards in the Government tie in with the latest national and international developments. The revised Policy and Guidelines strengthened security control measures in various areas including the incident reporting mechanism. To effectively protect the Government's information systems and data assets, classified protection of IT security was also enhanced to mandate all B/Ds to adopt a risk-based approach to assess the classifications of their information systems and implement corresponding tiered security control measures according to the classifications.
 
    The Government will continue to implement measures to enhance its cyber security capabilities in order to ensure all departments can effectively tackle different cyber threats and uphold public information security.

Photo  Photo  Photo  Photo