No. 5
50
Computer Misuse and Cybercrimes
2018
forces driving security innovation and secure
practices.
(d) identify any other risk-based security factors
appropriate and necessary to protect public health
and safety, or national socio-economic security;
and
I 4
(e) recommend to the owners of sYstaiirdesitmated as
critical infrastructure, methods of securing their
systems against cyber threats.
11. (1) The owner or operator of a system designated
as critical infrastructure shall report to the Committee any
incidents likely to constitute a threat in the nature of an
attack that amounts to a computer and cybercrime and the
action the owner or operator intends to take to prevent the
threat.
(2) Upon receipt of a report by the Committee, under
subsection (1), the National Security Council shall provide
technical assistance to the owner or operator of a critical
infrastructure to mitigate the threat.
(3) The Director may institute an investigation of a
computer and cybercrime attack on his or her own volition
and may take necessary steps to secure any critical
infrastructure without reference to the entity.
(4) The Director shall submit a report on any threat in
the nature of a computer and cybercrime reported by the
owners or operators of critical infrastructure periodically to
the National Security Council.
12. (1) A private entity may enter into an information
sharing agreement with a public entity on critical
information infrastructure.
(2) An agreement under subsection (1) shall only be
entered into for the following purposes and in line with a
critical infrastructure framework—
(a) to ensure cyber security;
(b) for the investigation and prosecution of crimes
related to cyber security;
(c) for the protection of life or property of an
individual; and
(d) to protect the national security of the country.
Reports on critical
information
infrastructure.
Information
sharing
agreements.