The Protection of Critical Infrastructures (Computer Systems) Ordinance, Cap. 653, came into operation on 1 January 2026 and requires designated operators to protect computer systems against cyberattacks, including industrial control systems and other OT environments. The ordinance highlights areas such as monitoring, detection, training, risk assessments, audits, and security measures for operational technology.

TMS’s product and solution approach is designed with reference to recognized standards and regulatory frameworks, including:

• IEC 62443
• ISO/IEC 27005
• NIS2
• NERC CIP

As OT exposure rises, organisations need more than generic IT cybersecurity controls. They need an approach that reflects physical operations, legacy protocols, multi-vendor conditions, and operational continuity requirements. Leading OT cybersecurity reference firms present this distinction clearly, and TMS should do the same in its market-facing content.

• OT cybersecurity for smart buildings in Hong Kong.
• Why FM needs OT-aware cyber controls.
• The role of testing labs in cyber resilience.
• Understanding IEC 62443 in operational environments.