Police and OGCIO jointly host Inter-departmental Cyber Security Drill to enhance Government’s cyber defence capability 

144

Hong Kong Government Press Release

22nd March 2023 – (Hong Kong)   The Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force and the Government Computer Emergency Response Team Hong Kong under the Office of the Government Chief Information Officer (OGCIO) co-organised the 7th Inter-departmental Cyber Security Drill today.  The Drill aimed to strengthen the preparedness and the overall incident response capability of government departments to cyber attacks.
      
In their opening remarks, the Assistant Commissioner of Police (Crime), Ms Chung Wing-man, and the Assistant Government Chief Information Officer (Cyber Security and Digital Identity), Mr Daniel Cheung, both pointed out that the increasing prevalence of cyber attacks posed greater cyber security risks to government departments.  They hoped the Drill would strengthen participants’ competency to cope with cyber threats, thereby further enhancing the Government’s overall ability to prevent, detect and respond to cyber attacks.
      
The Drill was held in a hybrid online-offline format for the first time, with participation of 232 information technology officers from 68 government bureaux and departments.  The Drill featured a practical exercise system, allowing participants to exchange ideas on various cyber-attack scenarios, and conduct real-time incident response and investigation. 
      
  Prior to the Drill, the CSTCB held an online training workshop for the participants, during which the CSTCB, together with cyber security experts, shared with the participants strategies and techniques against cyber attacks, promoting communication and collaboration between the Government and the industry.  
      
In addition, to maintain close liaison and review the round-the-clock communication mechanism with respective government departments, the CSTCB conducted a nine-day emergency communication exercise between February 27 and March 7. The exercise simulated a scenario in which the authorities are required to notify the relevant departments about cyber attack incidents outside office hours, with a view to ensuring the effectiveness of the communication mechanism and laying a solid foundation for future joint response actions to cyber attacks.