China Question: Can You Explain China's Cybersecurity Regulatory Framework?

October 22, 2021 | BY

Susan Mok

Casper Sek of Jin Mao Partners highlights important aspects of the cybersecurity regulatory framework in China and basic requirements that companies are recommended to follow if they are operating their business in the country

Summary

If a company's network facilities and information systems are determined as critical information infrastructure it needs to follow the enhanced protection obligations as required by the Cybersecurity Law.

China's regulator is revising the Cybersecurity Review Measures to expand the cybersecurity reviews to a broader scope.

Cybersecurity graded protection scheme standards for the financial and securities industries have been published and financial institutions are required by authorities to implement those standards when building and maintaining their network facilities and information systems.