What are the new China Cybersecurity Law provisions? And how CISOs should respond

What are the new China Cybersecurity Law provisions? And how CISOs should respond

What are the new China Cybersecurity Law provisions? And how CISOs should respond

Source: CSO Magazine On:

Read On

What are the new China Cybersecurity Law provisions? And how CISOs should respond

Chinese Cybersecurity Law definition

China’s CyberSecurity Law (CSL), passed in 2016, is broad legislation that dictates how companies should approach security and privacy within the country. It includes strict controls around online activities and provisions around storing data locally, having joint venture partners, and in some cases registering network assets. It also has mandatory requirements around breach notification, appointing a head of cybersecurity, incident response plans, and more.

Additional provisions – known as the Regulations on Internet Security Supervision and Inspection by Public Security Organs – were passed in November 2018 and outline how the country’s main domestic security agency, the Ministry of Public Security (MPS), can conduct both onsite and remote inspection of computer networks, which are generally defined in the CSL as five or more computers connected to the internet.

Onsite inspections require at least two police officers to be present and show both identification and inspection certificates. The MPS may go into business premises, computer rooms and workplaces and “copy information related to internet safety supervision and inspection.”

Recorded Future’s analysis of the legislation says information that could be copied includes “any and all user information, technical measures for the network, and information security protection, hosting, or domain name information, as well as any content distribution the organization may be conducting.”

About the author: CIO Minute
Tell us something about yourself.

This post was originally published on this site

Do NOT follow this link or you will be banned from the site!
What are the new China Cybersecurity Law provisions? And how CISOs should respond

This website uses cookies to ensure you get the best experience on our website.