society who are not disqualified in terms of section 5 and, preferably, appropriately qualified, knowledgeable and experienced in fields that include critical infrastructure protection, risk management, disaster management, or basic public service. At least one of the five members stated above should be appropriately qualified in the field of cybersecurity.