Cybersecurity laws: lessons learned for better protection

May 6, 2024
1 min read

TLDR:

Legislation was tabled in the House of Assembly to strengthen cybersecurity laws in Bermuda following a cyberattack on the Government. The Cybersecurity Act 2024 and Computer Misuse Act 2024 aim to establish a cybersecurity advisory board, designate critical national information infrastructures, and create a national cybersecurity incident response team. The attack last year highlighted the need for new legislation, and lessons learned from the incident have been incorporated into the Cybersecurity Act.

In response to the cyberattack, the Government has allocated funding for staffing a new cybersecurity unit, which will monitor threats to critical information infrastructures and provide support to other agencies. The new legislation will be complemented by future amendments to the Electronic Communications Act and Criminal Code, strengthening laws on cybercrime and providing tools for investigation and prosecution.

The Government’s priority is to defend against cyber threats and respond to cybercrime effectively, while ensuring protection without unduly burdening entities, organizations, and individuals. The Cybersecurity Act aims to align Bermuda with international standards and support the island’s increasing reliance on technology for daily operations.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and