The first Hong Kong Cybersecurity Attack and Defence Drill, spearheaded by the Digital Policy Office (DPO) in collaboration with the Cyber Security and Technology Crime Bureau of the Hong Kong Police Force, the Hong Kong Internet Registration Corporation Limited, and the Hong Kong Institute of Information Technology, concluded today (November 17).
Various government departments and public organisations have been invited to participate in the exercise, which examines the defence capabilities of government departments and public organisations through practical combat scenarios on Internet-facing information systems, while carrying out in-depth security assessments and vulnerability detection activities of the relevant systems at the same time.
The "Red Teams", formed by five teams of cybersecurity professionals and academics acting as the attackers, launched simulated cyberattacks in a strictly controlled environment on participating organisations' designated information systems and electronic service platforms which are already in operation with a view to identifying potential security risks and vulnerabilities. Meanwhile, 12 defensive "Blue Teams", comprising government departments and public organisations, fended off these attacks in daily system operation scenarios, thereby strengthening their detection and incident response skills and tactics, and enhancing their experience.
The drill, which was launched on November 15, spanned three days for a total of 60 hours and was conducted in a controlled manner with the goal of enhancing the technical skills, strategy, experience, and overall defense capabilities of the participating government departments and public organisations. All participating systems and services have been in normal operation. Findings and reports of the drill will be provided to the respective departments or organisations responsible for operating the systems for necessary reference and follow-up.
In addition, the DPO invited other government departments and public organisations which did not participate in the drill to join as observers. More than 400 representatives from over 50 government departments and public organisations attended guided tours arranged by DPO which explained the objectives, arrangements, and preparations of the drill, so as to help them prepare for participation in future drills. The Under Secretary for Innovation, Technology and Industry, Ms Lillian Cheong, and the Commissioner for Digital Policy, Mr Tony Wong, visited the venue during the drill to engage in exchanges on the exercise's progress with the participating teams, judging panels and staff. The Deputy Commissioner (Digital Infrastructure), Mr Daniel Cheung, visited the venue today to witness the successful completion of the first Hong Kong Cybersecurity Attack and Defence Drill.
The DPO will continue to collaborate with the industry to prepare a series of cyber security promotion activities, including the Cybersecurity Symposium 2024 to be held in December, with a view to raising the community's awareness of cyber security. This symposium will bring together public and private sector organisations, businesses, and industry experts from the Mainland to discuss how the industry can work together to strengthen cybersecurity. The important outcomes and experience from this drill will also be shared in depth at the symposium.
Follow this news feed: East Asia