29/06/2018 MPS called for public comments on classified protection regulation of cyber security

On 27th June, Ministry of Public Security (MPS) published the draft of classified protection regulation of cyber security and called for public comments. The deadline was 27th July 2018.

http://www.mps.gov.cn/n2254536/n4904355/c6159136/content.html

26/06/2018National Information Security Standardization Technical Committee (SAC TC260) called for public comments on 24 information security standard drafts

On 11th June, National Information Security Standardization Technical Committee (SAC TC260) called for public comments on 24 information security standard drafts and deadline was 25th July 2018.

            Information security technology – Security impact assessment guide of personal information

            Information security technology – Cybersecurity protection requirements of critical information infrastructure

            Information security technology – Security controls of critical information infrastructure

            Information security technology – Evaluation approaches for industrial control systems information security

            Information security technology – Cybersecurity guide for automotive electronics systems

            Information security technology – Security test requirements for cryptographic modules

            Information security technology – Guidance of cryptographic application for electronic records

            Information security techniques – Security technical requirements for operating system on smart mobile terminal

            Information security technology – Guide to malware incident prevention and handling

            Information security technology – Trusted computing architecture

            Information security technology – Guide to Bluetooth usage security

            Information security technology – Secure coding guide for application software

            Information security technology – Code security audit specification

            Information technology – Security techniques – Network security – Part 1: Overview and concepts

            Information technology – Security techniques – Network security – Part 2: Guidelines for the design and implementation of network security

            Information technology – Security techniques – Anonymous digital signatures – Part 1: General

            Information technology – Security techniques – Anonymous digital signatures – Part 2: Mechanisms using a group public key

            Information security technology – Security technical requirements and test evaluation approaches of smart mobile terminals

            Information security technology – Security technical requirements and testing and assessment approaches for firewall

            Information security technology – Trusted computing specification – Trusted connect testing specification

            Information security technology – Technical framework for authentication of mobile smart terminals based on biometric

            Information security technology – Technical requirements for mobile internet security audit products

            Information security technology – Light-weight authentication and access control mechanism

            Information security technology – Technical requirements for remote face recognition authentication system based on trusted environment

https://www.tc260.org.cn/

Chinese Version is available: 24 standard drafts-Chinese Version

19/9/2017 MIIT issued a notice on public network security threat monitoring and disposal approach

In order to actively deal with the serious and complex network security situation and further improve the public network security mechanism, MIIT issued a notice on public network security threat monitoring and disposal approach.

13/9/2017 The first cooperation on Network Security Conformity Assessment between China and German.

 

Sponsored by Certification and Accreditation Administration, German Federal Ministry of Economics and Energy and China Information Security Certification Center, the China – German Symposium on Information Security Assessment was successfully held in Beijing on September 11th, 2017.It is the first time for China and German to start network security conformity assessment cooperation, which attracted more than 200 participants from relevant government departments,testing certification bodies and related enterprises in China and German.
This symposium aims to promote strategic cooperation in “Made in China 2025” and “German industry 4.0”, focusing on the common concerned issues about the network security laws and regulations, standards, testing and certification. In order to facilitate trade development and technical exchanges between the two countries, China and German will share best practices to explore pragmatic cooperation, and enhance the mutual trust in network security certification.

 

30/08/2017 SAC/TC260 calls for comments on de-identification standard

On 25 August 2017, SAC/TC260 released the national standard: Information security technology – guide for the de-identification of personal information (draft for comments). The standard was developed to support the national standard;personal information protection specification.

The comments collection will continue to 9 October.

18/08/2017 CAC Calls for Comments on Critical Information Infrastructure Protection Regulations (Draft for Comments)

Recently, MIIT released the Critical Information Infrastructure Protection Regulations (Draft for Comments). The comments collection will be closed on 10 August, 2017. any comment can be delievered by email to security@cac.gov.cn.

 

Original text: http://www.cac.gov.cn/2017-07/11/c_1121294220.htm

 

ETSI in 2017 Cybersecurity Summit

On 27th July, 2017, at the invitation of the Alibaba Group, Charles Brookson, chairman of the ETSI Cybersecurity Technical Committee, visited China for the 2017 Cybersecurity Summit, and presented a speech of “ETSI and Cybersecurity standard” in the meeting. In his speech, Charles introduced the ETSI organization, ETSI’s achievements in Cybersecurity and the focuses of ETSI’s future work. It gave the participants a better understanding of ETSI’s progress in cybersecurity area, and laid a foundation for the future cooperation as well.

During the summit, Chairman Charles was also invited to have a closed-door meeting with the standardization department of Alibaba Group, and the both sides discussed the issues of mutual interests.

 

SESEC Roundtable Meeting Discusses Cybersecurity Standards

On 12 May 2017, SESEC convened a Cybersecurity Standard Roundtable Meeting. More than 20 experts, scholars, and representatives from enterprises in cybersecurity field attended the meeting.

The theme of the meeting was the new Cybersecurity Law, relevant standards and their influences, and experts from UNI-PARTNER, SIEMENS and ORACLE shared their understandings and analysis on the development situation of the system in their presentations.

They presented the evolution process of the law, the trend of the relevant regulations and standards, and the constructive suggestions for enterprises to deal with the rapid development of the system. They also introduced the status of SAC/TC260 (Cybersecurity Technical Committee), including its organization structure, standardization activities, and achievements in recent months. Furthermore, the speakers elaborated on three ongoing standards that will support the Cybersecurity Law.

After the presentations, the participants discussed the influences that the Cybersecurity Law and relevant standards will exert on their business, and made in-deep communication with each other. The platform provided them an opportunity to exchange the up-to-date information obtained, which deepened their understandings on the everchanging system, so that they could take measures to lower the risks in the future.

The evaluation system for two-dimensional barcode was jointly released by CQC and China electronics Chamber of Commerce (CECC)

中心与中国电子商会联合发布我国首个《二维码规范应用评价体系》

For more information, please click here

(Please be noted that the follwing information is only available in Chinese)