We Are apologized that your browser does not support JavaScript. If some webpage functions are not working properly, please enable JavaScript in your browser.
Friendly Print :
Please Press Ctrl + P to switch on the print function
Font Setting :
If your brower is IE6, please press ALT + V → X → (G)Larger(L)Medium-Large(M)Medium(S)Medium-small(A)small to adjust the font size,
Firefox, IE7 or above, press Ctrl + (+)Zoom in (-)Zoom out to adjust the font size。
:::
Regulations Governing the Establishment

Date:2016-10-03

Regulations  Governing  the  Establishment  of  the  National  Information  and  Communication  Security  Taskforce  (NICST),  Executive  Yuan  
(Approved  by  the  Executive  Yuan  on  August  1,  2016)  
1.  The  Executive  Yuan  (hereinafter  referred  to  as  “this  Yuan”)  shall  establish  the  National  Information  and  Communication  Security  Taskforce  (NICST)  (hereinafter  referred  to  as  “this  Taskforce”)  in  order  to  promote  policies  on  national  information  and  communication  (IC)  security,  expedite  the  construction  of  a  safe  national  IC  environment  and  boost  national  competitiveness.  

2.  This  Taskforce  is  responsible  for  the  following  national  IC  security  matters:  
(1)  Providing  consultancy  on  IC  security  policies.  
(2)  Providing  consultancy  on  IC  security  emergency  report  and  response  mechanisms.  
(3)  Providing  consultancy  on  major  IC  security  programs.  
(4)  Coordinating  and  supervising  inter-ministry  cyber  security  efforts.  
(5)  Implementing  other  related  measures  assigned  to  it  by  this  Yuan.  

3.  This  Taskforce  is  led  by  the  Convener,  Vice  Premier,  the  Vice  Convener,  the  Minister  without  Portfolio  of  the  Yuan  and  one  specified  Minister,  and  the  Co-Vice  Convener,  an  Advisory  Committee  Member  of  the  National  Security  Council.  Each  will  be  appointed  by  the  Premier  of  the  Yuan.  Other  commissioners  may  include  members  of  information  and  communication  security  agencies,  deputy  mayors  of  special  municipalities  and  experts  in  the  field.  The  taskforce  will  have  18  to  35  commissioners  in  total,  the  Convener,  the  Vice  Convener  and  the  Co-Vice  Convener  included.  

4.  The  operations  of  this  Taskforce  are  managed  by  the  Department  of  Cyber  Security.  

5.  Two  Systems  are  to  be  established  under  this  taskforce,  one  for  Cyberspace  Protection  and  the  other  for  Cybercrime  Investigation,  whose  managing  agencies  and  duties  are  listed  below:  
(1)  The  Cyberspace  Protection  System,  led  by  the  Department  of  Cyber  Security,  is  to  consolidate  IC  security  resources  and  promote  related  policies  while  supervising  the  following  four  working  groups,  whose  managing  agencies  and  duties  are  listed  below:  
A.  Critical  Information  Infrastructure  Protection  (CIIP)  Management  Group:  managed  by  the  Department  of  Cyber  Security,  is  in  charge  of  planning  and  promoting  CIIP  management  mechanism,  supervising  all  domains  to  implement  security  protections,  and  conducting  related  activities  such  as  security  audits  and  drills.  
B.  Industry  Development  Group:  managed  by  the  Ministry  of  Economic  Affairs,  is  in  charge  of  promoting  IC  security  industry  development,  integrating  resources  of  private  sectors,  the  Government,  and  academic  &  research  facilities,  and  developing  related  innovation  and  application.  
C.  Government  Cyber  Security  Protection  Group:  managed  by  the  Department  of  Cyber  Security,  is  in  charge  of  planning  and  promoting  IC  application  service  security  mechanism  of  the  government,  providing  IC  security  technology  services,  supervising  cyber  security  protection,  incident  handling  and  reporting  of  government  agencies,  conducting  cyber  security  audits  and  drills,  and  providing  assistances  to  ensure  the  completeness  and  effectiveness  of  cyber  security  protection  of  government  agencies.  
D.  Standard  and  Norm  Group:  managed  by  the  Department  of  Cyber  Security,  is  in  charge  of  formulating  and  revising  cyber  security  related  laws  and  regulations,  developing  cyber  security  related  national  standards,  and  making  and  maintaining  cyber  security  related  specifications  and  guidelines.  
E.  Awareness  and  Training  Group:  managed  by  the  Ministry  of  Education,  is  in  charge  of  promoting  fundamental  education  of  cyber  security,  strengthening  cyber  security  of  education  system,  raising  cyber  security  quality  of  people,  providing  information  services  of  cyber  security,  building  all-around  integration  platform,  conducting  international  cyber  security  competition,  promoting  communication  and  exchange  of  industries  and  academies,  and  strengthening  cyber  security  professional  cultivation.  
(2)  The  Cybercrime  Investigation  System,  jointly  led  by  the  Ministry  of  the  Interior  (MOI)  and  the  Ministry  of  Justice  (MOJ),  and  is  to  fight  cybercrimes,  protect  citizens’  privacy  and  build  a  sound  infrastructure  for  IC  security  while  supervising  the  following  three  working  groups:  
A.  Personal  Information  Protection  and  Legislation  Group:  managed  by  the  Ministry  of  Justice,  is  in  charge  of  propagating  and  promoting  Personal  Information  Protection,  reviewing  and  amending  regulations  to  protect  personal  information  and  prevent  cybercrimes.  
B.  Cybercrime  Prevention  Group:  managed  by  the  Ministry  of  the  Interior  and  the  Ministry  of  Justice,  is  in  charge  of  investigating  cybercrimes,  preventing  criminal  activity  on  the  Internet,  and  performing  digital  forensics.  
C.  Cyber  Environment  and  Internet  Content  Security  Group:  managed  by  the  National  Communication  Committees,  is  in  charge  of  enhancing  cyber  environment  and  Internet  content  security,  and  assisting  to  prevent  cybercrimes.  
In  order  to  actively  deliberate  national  cyber  security  policies  and  promote  strategies,  enhance  cyber  security  experiences  sharing  and  exchanging  between  private  sectors,  the  Government,  and  academic  &  research  facilities,  this  Taskforce  should  set  up  an  Information  Security  Consulting  Committee.  

6.  Each  working  group  shall  appoint  one  convener  from  among  the  commissioners  of  the  managing  ministry.  Operating  guidelines  shall  be  formulated  for  each  working  group  as  needed.  
Professionals  in  related  agencies  or  academia  will  be  appointed  by  the  General  Convener  to  serve  as  commissioners  in  the  Information  Security  Consulting  Committee,  with  the  group  totaling  17  to  21  commissioners.  Each  term  of  the  commissioner  is  two  years,  but  can  be  appointed  continuously.  

7.  This  Taskforce  shall  convene  a  meeting  every  six  months  and  may  schedule  ad  hoc  meetings  if  needed.  The  General  Convener  will  preside  over  the  meetings.  

8.  The  commissioners  and  conveners  of  this  Taskforce  and  its  working  groups  will  not  receive  remuneration.  
 

:::
scroll-top scroll-top