Cybersecurity chief announced
Francis Chan assumes the post of Commissioner of Critical Infrastructure (Computer-system Security) on January 1.
The Government today announced that following an open recruitment exercise, Francis Chan will take up the appointment as the Commissioner of Critical Infrastructure (Computer-system Security) for a three-year term with effect from today.
The appointment is made by the Chief Executive in accordance with the Protection of Critical Infrastructures (Computer Systems) Ordinance.
The Government said Mr Chan possesses outstanding cybersecurity expertise, international vision, law enforcement experience and strategic management capabilities, along with excellent leadership, management and communication skills.
It added that Mr Chan will lead the Commissioner's Office under the Security Bureau to safeguard the security of computer systems of critical infrastructures in Hong Kong.
Mr Chan is the former Chief Superintendent of the Police’s Cyber Security & Technology Crime Bureau and has served as the Chairperson of the INTERPOL Cybercrime Expert Group.
After retiring from the Police in 2020, he has taken up managerial roles related to computer systems and cybersecurity in the private sector.
He has been serving as the Assistant Director (Critical Infrastructure) of the Security Bureau since May 2024.
The Protection of Critical Infrastructures (Computer Systems) Ordinance, which comes into effect today, provides a comprehensive legal framework to safeguard the security of computer systems of critical infrastructures in Hong Kong, regulate operators of critical infrastructures and investigate and respond to relevant computer-system security threats and incidents.
Mr Chan will head the Commissioner's Office, established today, to implement and enforce the statutory regime of the ordinance, including designating "operators of critical infrastructures" and "critical computer systems" as well as monitoring their compliance with statutory obligations.
In addition, the Chief Executive also appointed members of the Appeal Panel under Protection of Critical Infrastructures (Computer Systems) Ordinance for a two-year term from today to December 31, 2027.