Knowledge Highlights 19 February 2025
A comprehensive guide to Cyber Security Act 2024 and corresponding regulations: Potential impact on businesses
The Cyber Security Act 2024 (“Act”) was gazetted on 26 June 2024 and came into force on 26 August 2024. The Act is aimed at enhancing the nation’s cyber security by:
- establishing the National Cyber Security Committee;
- defining the duties and powers of the Chief Executive of the National Cyber Security Agency;
- outlining the functions and duties of the national critical information infrastructure (“NCII”) sector leads and NCII entities;
- addressing the management of cyber security threats to the NCII and cyber security incidents; and
- regulating cyber security providers through licensing.
Four sets of related regulations listed below were also issued and came into force on 26 August 2024:
- Cyber Security (Period for Cyber Security Risk Assessment and Audit) Regulations 2024;
- Cyber Security (Notification of Cyber Security Incident) Regulations 2024;
- Cyber Security (Licensing of Cyber Security Service Provider) Regulations 2024; and
- Cyber Security (Compounding of Offences) Regulations 2024,
collectively, “Regulations”.
To read our full article, which sets out key takeaways for businesses, please click here.
Further information
This article has been prepared with the assistance of Senior Associate Ng Hong Syuen.
