§ 16L — Cybersecurity exercises

16L.—(1) The Commissioner may conduct cybersecurity exercises for the purpose of testing the state of readiness of different designated providers responsible for third‑party‑owned critical information infrastructure in responding to significant cybersecurity incidents.(2) A designated provider responsible for third‑party‑owned critical information infrastructure must participate in a cybersecurity exercise if directed in writing to do so by the Commissioner.

(3) Any person who, without reasonable excuse, fails to comply with a direction under subsection (2) shall be guilty of an offence and shall be liable on conviction to a fine not exceeding $100,000.[Act 19 of 2024 wef 31/10/2025]

—(1) The Commissioner may conduct cybersecurity exercises for the purpose of testing the state of readiness of different designated providers responsible for third‑party‑owned critical information infrastructure in responding to significant cybersecurity incidents.

(2) A designated provider responsible for third‑party‑owned critical information infrastructure must participate in a cybersecurity exercise if directed in writing to do so by the Commissioner.

(3) Any person who, without reasonable excuse, fails to comply with a direction under subsection (2) shall be guilty of an offence and shall be liable on conviction to a fine not exceeding $100,000.[Act 19 of 2024 wef 31/10/2025]