On September 11, 2024, the opening ceremony of this year’s China Cybersecurity Week was held in Guangzhou, marking the start of a week-long series of activities across the country, from Sept. 9 to 15. The ceremony was organized by the National Technical Committee 260 on Cybersecurity of the Standardization Administration of China (SAC/TC260), the China Cybersecurity Industry Alliance, and the China Electronics Standardization Institute. Over 150 representatives, including experts, researchers, and industry professionals, attended the event. Mr. Guo Tao, deputy head of the cybersecurity coordination bureau at the Cyberspace Administration of China (CAC), delivered the keynote address.

In his speech, Mr. Guo Tao outlined four key priorities:

  • Alignment with legislation and response to emerging challenges: building a work mechanism that adaptsto the evolving cybersecurity landscape, aligning standardization efforts with legislation, and addressing emerging challenges through comprehensive standardization planning.
  • Supporting the contribution of standardsto key areas/products: leveraging standards to enhance the cybersecurity of critical information infrastructure, product interconnectivity, data security, personal information protection, and artificial intelligence. The overarching goal is to drive industrial development in these areas through robust standardization efforts.
  • Implementation and application: enhancing the feasibility and scientific basis of cybersecurity standards through pilot trialsand active industry participation, ensuring their practical application and effectiveness across industries.
  • International collaboration: encouraging industry experts to engage in international standardization and promoting Chinese standards globally.A priority for the near future is hosting the ISO/IEC JTC1/SC27 conference in the second half of 2025.

Additionally, the event saw the launch of the Data Security Standards Enhancement Program (DSEP), with Guangzhou’s Nansha District designated as the first pilot zone. Ten organizations, including China Mobile, Huawei, and Alibaba Cloud, were announced as the first batch of pilot units. The program is designed to support high-quality digital and cybersecurity development, in line with the Data Security Law and Personal Information Protection Law. SAC/TC260 has classified all data security and personal information protection standards into three tiers:

  • Basic: Standards that directly support legal obligations and reflect baseline security requirements.
  • Advanced: Standards that impose higher-level requirements.
  • Excellent: The highest tier of standards.

For more details on the framework, please see the figures below. Note that the official version differs slightly from the one showcased during the SAC/TC260 Cybersecurity Standard Week in 2024.

Finally, the event also unveiled the first batch of certified interoperable cybersecurity products from companies such as Huawei and Tianrongxin, showcasing the successful implementation of cybersecurity product interconnectivity standards in the industry.

In conclusion, the opening ceremony of the 2024 China Cybersecurity Week in Guangzhou set the tone for a nationwide push to advance cybersecurity awareness and standardization. The event underscored the critical role of standards in addressing emerging cybersecurity challenges. Looking ahead, initiatives such as hosting the ISO/IEC JTC1/SC27 conference in 2025 will continue to promote the development and global recognition of Chinese cybersecurity standards at the international level.