Xinhua News Agency, Beijing, December 8 (Xinhua) -- In order to standardize the reporting of network security incidents, reduce the losses and harms caused by network security incidents, and maintain national network security, the Cyberspace Administration of China solicited public opinions on the "Administrative Measures for Network Security Incident Reporting (Draft for Comments)" on the 8th. The Comment Draft proposes that social organizations and individuals are encouraged to report larger, major, or especially major network security incidents to the internet information departments.
According to the Consultation Paper, a cybersecurity incident refers to an incident that causes harm to networks and information systems or the data therein due to human causes, software and hardware defects or failures, natural disasters, etc., and has a negative impact on society. When a network security incident occurs, operators shall promptly initiate an emergency response plan to deal with it. According to the "Guidelines for the Classification of Cybersecurity Incidents", where it is a large, major, or particularly major cybersecurity incident, it shall be reported within 1 hour.
According to the Consultation Draft, where operators fail to report network security incidents in accordance with provisions, the internet information departments are to impose penalties in accordance with relevant laws and administrative regulations. Where operators report late, omitted, falsely report, or conceal network security incidents, causing major harmful consequences, the operators and relevant responsible persons are to be given heavier punishments in accordance with law.