Page:Cybersecurity Act 2018.pdf/6

Rh “computer program” means data representing instructions or statements that, when executed in a computer, causes the computer to perform a function;

“computer service” includes computer time, data processing and the storage or retrieval of data;

“computer system” means an arrangement of interconnected computers that is designed to perform one or more specific functions, and includes—
 * (a) an information technology system; and
 * (b) an operational technology system such as an industrial control system, a programmable logic controller, a supervisory control and data acquisition system, or a distributed control system;

“critical information infrastructure” means a computer or a computer system in respect of which a designation under section 7(1) is in effect;

“cybersecurity” means the state in which a computer or computer system is protected from unauthorised access or attack, and because of that state—
 * (a) the computer or computer system continues to be available and operational;
 * (b) the integrity of the computer or computer system is maintained; and
 * (c) the integrity and confidentiality of information stored in, processed by or transmitted through the computer or computer system is maintained;

“cybersecurity incident” means an act or activity carried out without lawful authority on or through a computer or computer system that jeopardises or adversely affects its cybersecurity or the cybersecurity of another computer or computer system;

“cybersecurity officer” means any cybersecurity officer appointed under section 4(3);