Security News > 2021 > August > China orders annual security reviews for all critical information infrastructure operators
China's government has introduced rules for protection of critical information infrastructure.
An announcement by the Cyberspace Administration of China said that cyber attacks are currently frequent in the Middle Kingdom, and the security challenges facing critical information infrastructure are severe.
The CAC referred to critical infrastructure as "The nerve center of economic and social operations and the top priority of network security".
China's definition of critical information infrastructure can be found in Article 2 of the State Council's "Regulations on the Security Protection of Critical Information Infrastructure" and boils down to any system that could suffer significant damage from a cyber attack, and/or have such an attack damage society at large or even national security.
"The regulations clarify that important network facilities and information systems in key industries and fields belong to critical information infrastructure," wrote the CAC in its announcement, adding that the state was adopting measures to monitor, defend and handle network risks and intrusions, originating domestically and globally.
The regulations themselves are lengthy and detailed, but the theme is that all Chinese enterprises whose operations depend on networks must conduct an annual security reviews, report breaches to government, and establish teams to monitor security constantly.
News URL
Related news
- Australian spy chief fears sabotage of critical infrastructure (source)
- Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure (source)
- FBI: Critical infrastructure suffers spike in ransomware attacks (source)
- Major shifts in identity, ransomware, and critical infrastructure threat trends (source)
- Web-based PLC malware: A new potential threat to critical infrastructure (source)
- Email security trends in the energy and infrastructure sector (source)
- Public anxiety mounts over critical infrastructure resilience to cyber attacks (source)
- CISA shares critical infrastructure defense tips against Chinese hackers (source)
- Five Eyes tell critical infra orgs: take these actions now to protect against China's Volt Typhoon (source)
- FBI v the bots: Feds urge denial-of-service defense after critical infrastructure alert (source)