“computer program” means data representing instructions or statements that, when executed in a computer, causes the computer to perform a function;
“computer service” includes computer time, data processing and the storage or retrieval of data;
“computer system” means an arrangement of interconnected computers that is designed to perform one or more specific functions, and includes—
- (a) an information technology system; and
- (b) an operational technology system such as an industrial control system, a programmable logic controller, a supervisory control and data acquisition system, or a distributed control system;
“critical information infrastructure” means a computer or a computer system in respect of which a designation under section 7(1) is in effect;
“cybersecurity” means the state in which a computer or computer system is protected from unauthorised access or attack, and because of that state—
- (a) the computer or computer system continues to be available and operational;
- (b) the integrity of the computer or computer system is maintained; and
- (c) the integrity and confidentiality of information stored in, processed by or transmitted through the computer or computer system is maintained;
“cybersecurity incident” means an act or activity carried out without lawful authority on or through a computer or computer system that jeopardises or adversely affects its cybersecurity or the cybersecurity of another computer or computer system;
“cybersecurity officer” means any cybersecurity officer appointed under section 4(3);
