- Veröffentlicht: 16. August 2020
Enforcing the new local cybersecurity law requirements is fundamental in Macau’s development of Smart City initiatives and their integration into national development, Deloitte cybersecurity consultants told Macau News Agency (MNA).
In 2017, local authorities signed a four-year partnership agreement with the Alibaba Group to help Macau transform itself into a ‘smart city’ via cloud-computing technology in two phases, with the first having finished last year.
The first phase included collaboration on cloud computing, smart transportation, smart tourism, smart healthcare, and smart city governance, as well as talent development.
Then, in late December 2019, a new Macau Cybersecurity Law was enforced, demanding that public and private critical infrastructure operators across various industries meet obligations aimed at protecting the information network and computer systems of critical infrastructure.
“The Macau government has been working together with Alibaba to focus on the forming areas, smart governance and smart tourism, smart healthcare and transportation. All these initiatives require an enhanced level of digitalization, increasing the use of online-based platforms to execute the plan,” Deloitte’s Macau Office Managing Director, Sidney Cheng, told MNA.
This year the Legislative Assembly (AL) has also approved a new e-government law, aimed at using better software and hardware integration in public services for providing one-stop electronic services to residents and businesses.
Alibaba has assisted local authorities with the development of a centralized cloud-based platform that connects different government departments to enhance the efficiency of the city’s governance.
According to Cheng – who has been consulting closely with local authorities – different government departments having different levels of digital transformation with one of the main challenges falling in the need for a high level of collaboration within the government., with the inevitable security concerns coming from this transaction to the online world.
“For the public sector, based on our knowledge, various governmental departments have obtained cybersecurity certification (e.g. ISO27001), they have a certain level of cybersecurity awareness and controls in place. With the cybersecurity law enforcement, departments will conduct assessments to evaluate compliance level and develop the cyber improvement plan,” Deloitte Risk Advisory Partner, Eva Kwok, told MNA.
Ms. Kwok also noted that as better IoT progress is achieved in the city, through initiatives such as a new smart transportation network, cybersecurity demands also increase.
Internet of Things (IoT) refers to a system of interrelated, internet-connected objects that are able to collect and transfer data over a wireless network without human intervention.
“We observe that with many other regions when they push out this kind of initiatives. Smart devices or IoT penetration testing demand is very important so that experts can check if there are any cybersecurity loopholes, coding issues that can potentially cause data leaks before these devices roll out of production.”
Such cybersecurity concerns could also exist in initiatives such as the ‘Eye in the Sky’ video surveillance initiative by local security forces, which plans to implement a total 4.200 surveillance cameras in local public areas by 2028, some equipped with facial recognition capabilities.
In February of this year, the IT and Telecommunications Coordination Department of the Judiciary Police (PJ) told Macau News Agency (MNA) that police authorities already started reinforcing cybersecurity measures to prevent a possible attack by hacker activist group Anonymous to local video surveillance systems, with the attack later not taking place.
According to Deloitte, Mainland China Cybersecurity Law and Macau’s Cybersecurity Law, both focus on critical infrastructure security rather than only on personal data, when compared to the EU General Data Protection Regulation enforced in 2018, which focuses more on personal data scope and protection.
Local legislation is also said to have a larger emphasis on the enhancement of the maturity of cybersecurity through the enforcement of its requirements rather than emphasizing on harsher penalties included in the EU GDPR.
“We’ve seen a surveillance system put together. I think it is for the best […] Of course with the cybersecurity law, we now have a framework to work with, and that’s good for Macau as a whole,” Cheng noted to MNA.
Autor(en)/Author(s): Nelson Moura
Quelle/Source: Macau Business, 09.08.2020