Page:Cybersecurity Act 2018.pdf/9

10 computer system, that may imminently jeopardise or affect adversely, without lawful authority, the cybersecurity of that or another computer or computer system;

“cybersecurity vulnerability” means any vulnerability in a computer or computer system that can be exploited by one or more cybersecurity threats;

“Deputy Commissioner” means the Deputy Commissioner of Cybersecurity appointed under section 4(1)(b);

“essential service” means any service essential to the national security, defence, foreign relations, economy, public health, public safety or public order of Singapore, and specified in the First Schedule;

“full-time national serviceman” means a person who is liable to render full‑time national service under section 12 of the Enlistment Act (Cap. 93);

“licence” means a licence granted or renewed under section 26;

“licensable cybersecurity service” means any cybersecurity service specified as a licensable cybersecurity service in the Second Schedule;

“licensee” means the holder of a licence;

“owner”, in relation to a critical information infrastructure, means the legal owner of the critical information infrastructure and, where the critical information infrastructure is jointly owned by more than one person, includes every joint owner;

“standard of performance” means any standard of performance issued or approved under section 11(1), and includes such a standard of performance as may be amended from time to time.

(2) For the purposes of the definition of “cybersecurity service”, a person does not provide a cybersecurity service only because the person—
 * (a) sells, or sells licences for, cybersecurity programs intended to be installed by a user without the assistance of the seller