§ 16 — Cybersecurity exercises

16.—(1) The Commissioner may conduct cybersecurity exercises for the purpose of testing the state of readiness of owners of different provider-owned critical information infrastructure in responding to significant cybersecurity incidents.[Act 19 of 2024 wef 31/10/2025]

(2) An owner of a provider-owned critical information infrastructure must participate in a cybersecurity exercise if directed in writing to do so by the Commissioner.[Act 19 of 2024 wef 31/10/2025]

(3) Any person who, without reasonable excuse, fails to comply with a direction under subsection (2) shall be guilty of an offence and shall be liable on conviction to a fine not exceeding $100,000.

—(1) The Commissioner may conduct cybersecurity exercises for the purpose of testing the state of readiness of owners of different provider-owned critical information infrastructure in responding to significant cybersecurity incidents.[Act 19 of 2024 wef 31/10/2025]

(2) An owner of a provider-owned critical information infrastructure must participate in a cybersecurity exercise if directed in writing to do so by the Commissioner.[Act 19 of 2024 wef 31/10/2025]

(3) Any person who, without reasonable excuse, fails to comply with a direction under subsection (2) shall be guilty of an offence and shall be liable on conviction to a fine not exceeding $100,000.