1.3 Establishment of Cybersecurity Classified Protection System

With the development of new Internet technology and application in recent years, the global trend in cybersecurity has become more significant, and many countries have incorporated cybersecurity in their national security strategy. China is a major user of network systems, including the Internet, and one of the countries severely challenged with cybersecurity threats. China urgently needs to establish and improve her legal system for cybersecurity, raise awareness of cybersecurity, and elevate the level of cybersecurity protection for the society, enhancing security, openness, convenient and dynamism. Since 2013, the Chinese government has embarked on strengthening the cybersecurity legislation system, and gradually step up the legislative process for establishing a cybersecurity law. On November 7, 2016, at the 24th meeting, the 12th National People’s Congress passed the Cybersecurity Law, effective from June 1, 2017.

Article 21 of the Cybersecurity Law stipulates a requirement for implementation of the Cybersecurity Classified Protection System in China.

To facilitate implementation of the Cybersecurity Law, establish and improve the relevant management and technical standards system, MPS, in conjunction with relevant departments, research organizations, cybersecurity experts, legal professionals, and other experts, developed four national standards, including Baseline for Classified Protection of Cybersecurity (GB/T 22239), and Technical Requirements of Security Design for Classified Protection of Cybersecurity (GB/ T 25070), which were released on May 10, 2019, and effective from December 1, 2019. These standards, which align with the requirements of the Cybersecurity Law, are key to implement the CCPS. With these developments, China has entered the implementation stage of the CCPS. The classified protection system has since entered its 2.0 era.