On 1 January 2026, the Office of the Commissioner of Critical Infrastructure (Computer-system Security) issued a Code of Practice (the “CoP”) under the Protection of Critical Infrastructures (Computer Systems) Ordinance (Cap. 653) (the “Ordinance”), which came into force on the same day (see our previous legal update on Hong Kong passing its first cybersecurity legislation regulating critical infrastructures)….
By: Mayer Brown
By: Mayer Brown
