Taipei, Aug. 29 (CNA) The Legislature on Friday passed amendments to the Cyber Security Management Act, imposing restrictions on the use of products deemed a threat to national security and raising the maximum fine for failing to report certain cyber security breaches.
The amendments designate the Ministry of Digital Affairs (MODA) as the lead agency responsible for implementing the law, replacing the Executive Yuan, which first proposed the bill last year.
Under the changes, government agencies are prohibited from downloading, installing, or using products that could endanger national security, unless specifically approved by the relevant authorities. Such products are defined as those supplied by "enemy forces" or groups they control under the National Security Act and the Anti-Infiltration Act.
All central government agencies, including the Presidential Office and the five branches of government -- the Legislative Yuan, Executive Yuan, Control Yuan, Examination Yuan and Judicial Yuan -- must file cybersecurity plans with MODA. County and city governments must also submit their own plans and oversee the cybersecurity of their subordinate agencies.
Meanwhile, the fine for designated non-government organizations that fail to report cybersecurity incidents has been increased to NT$10 million (US$327,000), up from the previous NT$300,000-NT$5 million.
The organizations covered include state-owned enterprises, telecom providers and other infrastructure operators, and legal entities established or funded by the government, such as the National Performing Arts Center.
The amendments also authorize central government agencies overseeing these organizations to investigate cyber security incidents.
