China Publishes First National Cybersecurity Strategy

On December 27, the Cyberspace Administration of China (CAC) released the first National Cybersecurity Strategy (The Strategy), which illustrates and reaffirms China's main positions and propositions on cyberspace development and security and serves as the guide for China's cybersecurity work. The Strategy aims to build China into a cyber power while promoting an orderly, secure, and open cyberspace and safeguarding national sovereignty. The Strategy addresses cybersecurity as “the nation’s new territory for sovereignty” and marks a new step in streamlining cyber control.
Major tasks include:

  1. Defend cyberspace sovereignty
  2. Protect national security
  3. Protect critical information infrastructure (CII)
  4. Build a healthy online culture
  5. Fight cyber crime, espionage, and terrorism
  6. Improve cyber governance
  7. Enhance baseline cybersecurity
  8. Elevate cyberspace defense capabilities
  9. Strengthen International Cooperation

The Strategy defines the scope of CII as including but not limited to basic communication and broadcasting networks, energy, finance, transportation, education, scientific research, hydraulic systems, industrial manufacturing, healthcare, social welfare, public service, and important information and internet application systems for government agencies. To ensure protection of CII, the cybersecurity review regime will continue to expand.
In order to improve cyber governance, the government will implement the Cybersecurity Law and the Juvenile Online Protection Regulations. Furthermore, the development of a positive Internet culture is designed to improve online protection for minors. Overall, there is a consistent theme of promoting “secure and trusted” products and developing security review. The Strategy also promises to actively promote the internationalization of Internet resources, including IP addresses and root servers, and supporting UN initiatives in cyberspace.