Minister On Cybersecurity Advisory Board

Minister of National Security Michael Weeks has provided an update on the Cybersecurity Advisory Board, saying that “the Board will be expected to provide me with a report on the exercise of its functions at the end of every period of six months.”

The Minister’s full statement follows below:

Mr. Speaker, I rise today to provide this Honourable House with an update on the appointment of the Cybersecurity Advisory Board, and the enactment of the Cybersecurity Act 2024, which received royal assent earlier this year on June 24th .

Mr. Speaker, the Cybersecurity Advisory Board exists to provide the Minister of National Security with advice on best practices for the safeguarding of information resources of Bermuda’s essential operations. In accordance with Section 5 of the Cybersecurity Act, the Board will:

  1. Provide advice on the management of cybersecurity to protect Bermuda’s economic well-being and to prevent cybercrime;
  2. provide advice to the Cabinet on the management of Bermuda’s national cybersecurity strategy and the internal Government cybersecurity programme;
  3. provide advice to the Public Service Executive on the management of the Government cybersecurity programme;
  4. provide advice to relevant Public Officers to enable them to meet responsibilities relating to the Government’s cybersecurity programme;
  5. provide advice to Critical National Information Infrastructure [CNII] enforcement authorities; and
  6. coordinate and encourage collaboration amongst the Government and other CNII enforcement authorities and the entities they regulate.

Mr. Speaker, the Board will bring together public officers and private sector stakeholders to contribute to the development and management of our cybersecurity policies. Board members will include:

  • The Chief Information Security Officer and the National Disaster Coordinator from within the Ministry of National Security,
  • The Chief Information Officer in the Department of Information and Digital Technologies,
  • The Head of the Bermuda Public Access to Information/Personal Information Protection Unit,
  • A representative from the Bermuda Police Service,
  • The Bermuda Hospitals Board Chief Information Security Officer,
  • Two private sector cybersecurity advisors, and
  • A lawyer with cybersecurity experience.

Mr. Speaker, I am pleased to report that the necessary private sector members have been identified and have been formally appointed to the Board. Members of the public can expect to be apprised of the full composition of the Board, including the Chairman and the Deputy Chairman, through notice in the Official Gazette in the coming days. I wish to thank the Board Members for their willingness to serve Bermuda in this capacity. I look forward to receiving the benefit of their expertise and collaboration in the vital task of ensuring that Bermuda is cyber safe.

Mr. Speaker, in accordance with the Cybersecurity Act 2024, the Board will be expected to provide me with a report on the exercise of its functions at the end of every period of six months. The report will include information on the general state of cybersecurity in Bermuda, and will be used to inform the Cabinet’s decision making on cybersecurity matters for the country and for the public service. The Board will work closely with the Ministry of National Security’s Cybersecurity Unit in furtherance of the Unit’s function to provide cybersecurity services, capabilities and expertise to the Government and other CNII enforcement authorities and entities.

Mr. Speaker, Honourable Members will recall that the Cybersecurity Act provides for the designation of CNII entities and enforcement authorities. The Cybersecurity Unit is continuing its consultation process to ensure that those identified as CNII enforcement agencies and CNII entities understand how the Cybersecurity Act will impact them. When this Act was tabled, I assured this Honourable House and the public that the requirements of the Bill were not meant to be overly burdensome for the affected entities, but needed to be robust enough to ensure adequate protection and recovery capabilities in the event of a cyber-incident. With the assistance of the newly appointed Board, and the Cybersecurity Unit, we intend to provide guidance and assistance in the development of a cybersecurity framework that protects both Government and privately owned critical national information infrastructure.

Thank you, Mr. Speaker.

Read More About

Category: All, technology

Source link