Policy & Regulation

Network Operators Should Report Major Cybersecurity Incidents Within 1 Hour

Updated:2023/12/12 21:51

In order to standardize the reporting of network security incidents, reduce the losses and hazards caused by network security incidents, and maintain national network security, in accordance with laws and regulations such as the Cybersecurity Law of the People's Republic of China, the National Internet Information Office has drafted the "Management Measures for Network Security Incident Reports (Draft for Comments)" and publicly solicited opinions from the society.

The draft of opinions points out that network operators who construct, operate networks or provide services through networks within China should report within 1 hour if a network security incident that endangers network security occurs, in accordance with the Guidelines for the Classification of Network Security Incidents, it belongs to a major, significant, or particularly significant network security incident.

Among them, if networks and systems are critical information infrastructure, operators should report to the protection department and public security organs. For major or particularly significant cybersecurity incidents, the protection department shall report to the national cybersecurity department and the public security department of the State Council within 1 hour after receiving the report.

If the operator delays, omits, falsely reports or conceals a cybersecurity incident, resulting in significant harmful consequences, the operator and relevant responsible persons shall be punished severely in accordance with the law.

For press release services, please email us at english@c114.com.cn.


    Copyright© 2014 C114 All rights reserved.