Source: Golden Sheep Network
On April 8, the final report of the 2021 Netizens' Online Security Satisfaction Survey, the "Special Report on The Implementation of Graded Protection and Enterprise Compliance", was held simultaneously in Beijing and Guangzhou. According to the report, 55.88% of network practitioners expressed "very strong and relatively strong" supervision of government departments' network security, nearly 70% of network practitioners paid high attention to the critical information infrastructure protection system, and more than 70% of employees expressed satisfaction or great satisfaction with the network security management status of their units, but believed that there was still a lack of implementation of network security budgets.
The press conference was hosted by the Organizing Committee of the Survey of Netizens' Satisfaction with the Internet Sense of Cybersecurity, hosted by the Beijing Cyberspace Security Association and the Guangdong Cyberspace Security Association, and supported by the Guangdong Emerging National Institute of Network Security and Informatization Development.
Industry experts "cloud" to affirm the importance of the survey report
Tang Qianlin, Secretary-General of the Computer Security Committee of the China Computer Society, Ren Weihong, Researcher of the Information Security Graded Protection Evaluation Center of the Ministry of Public Security, Wang Minwei, Political Commissar of the Cyber Police Corps of the Guangdong Provincial Public Security Department, Shao Guoan, Deputy Director of the Informatization Collaborative Innovation Committee of the China Software Industry Association and former Director of the Security Management Department of the State Information Center, Zhang Yan, Deputy Chief Engineer and Researcher of the China Academy of Railway Sciences Group, Huang Liling, Executive Deputy Director and Secretary-General of the Organizing Committee of the Investigation Activities, and Xiao Huilin, Secretary-General of the Beijing Cyberspace Security Association. Huang Zhihao, vice president of the Guangdong Cyberspace Security Association, Zhang Wei, director of the Guangdong Critical Information Infrastructure Protection Center, Fang Satisfied, deputy director of the Guangzhou South China Information Security Evaluation Center, Cheng Xiaofeng, deputy secretary general of the Organizing Committee of the Investigation Activity and senior evaluator of the Guangzhou South China Information Security Evaluation Center, and other industry experts and scholars participated in the conference online and offline, and representatives of member units of the All-China Cyber Security Federation also attended the conference.
The conference was broadcast live in real time through the Huya and Douyu platforms, and was publicized and reported by major central and local mainstream media.
Huang Liling, executive deputy director and secretary general of the organizing committee of the investigation activities, said that as an important cornerstone of national network security, the hierarchical protection system and the critical information infrastructure protection system are of great significance to the mainland's network security governance and industry standard development, such as the evaluation of network security supervision work by network practitioners, the hierarchical protection system, and the implementation of the critical information infrastructure protection system. It is hoped that all sectors of society and more netizens and more network practitioners will participate in the survey activities and provide detailed online public opinion support to the state and relevant departments to carry out Internet governance and supervision.
Tang Qianlin, secretary general of the Computer Security Committee of the China Computer Society, affirmed the achievements of the investigation activities over the years, emphasizing that the special report of the investigation activities is of great significance for strengthening the security protection of the country's critical information infrastructure, important information systems and big data, and comprehensively analyzing the implementation of graded protection and enterprise compliance in the mainland. We call on all sectors of society to pay more attention to and support the hierarchical protection of network security, give full play to their respective advantages, and contribute to the construction of national network security.
Wang Minwei, political commissar of the Cyber Police Corps of the Guangdong Provincial Public Security Department, pointed out that in order to improve the design and construction of relevant systems and regulations on network security, the state has promulgated a series of laws and regulations such as the Cybersecurity Law, the Digital Security Law, the Personal Information Protection Law, and the Regulations on the Protection of Key Information, which have laid a solid legal foundation for the mainland to strengthen network security governance. The development of the network security satisfaction survey activities is an important measure to implement the "Cybersecurity Law" and the network security graded protection system, and now the survey activities have been successfully held for four years, the quality and effect are getting better and better every year, and such results can be achieved by the guidance of the Cyber Security Bureau of the Ministry of Public Security and the full support of all sectors of society. It is hoped that in the future, public security departments, party and government organs, enterprises and institutions and other sectors of society will continue to support the comprehensive management of network security, cooperate with the investigation activities in 2022, and contribute to the construction of digital China and network power.
The "Graded Protection and Enterprise Compliance Special Report" was released
More than 50% of employees: Maintaining network security most requires strengthening the construction of the rule of law and strengthening supervision
Ren Weihong, a researcher at the Information Security Graded Protection Evaluation Center of the Ministry of Public Security, comprehensively and systematically interpreted the basic situation and existing problems in government network security supervision, network security graded protection implementation, customs and security work, and enterprise compliance reflected in the report in the "Special Report on Graded Protection and Enterprise Compliance".
She said that more than 50% of network practitioners support and recognize the network security supervision work of government departments, nearly 60% of practitioners have a high degree of awareness of laws and regulations related to hierarchical protection, and nearly 70% of practitioners pay more attention to the critical information infrastructure protection system. The survey shows that the top three measures most needed to be taken to maintain network security are the construction of the rule of law, strengthening supervision and implementing a hierarchical protection system.
She pointed out that only 40% of the current network practitioners have an understanding of the network security graded protection system 2.0 standard, and the publicity and implementation of relevant departments still need to be increased; the relevant systems and standards of the customs protection work have not yet been released, there is a bias in the understanding of practitioners, and more research and exploration are still needed in the introduction of guidelines for the protection of critical information infrastructure and the strengthening of the construction of the national standard customs protection system; in terms of corporate compliance, network business units are still lacking in the implementation of network security budgets. It is hoped that operators will make more efforts in strengthening the construction of systems and norms and improving the safety awareness of managers.
Interpretation of the "Special Report on Graded Protection and Enterprise Compliance"
Shao Guoan, deputy director of the Informatization Collaborative Innovation Committee of the China Software Industry Association, conducted an in-depth analysis on the interpretation of the special report around the compliance work of enterprises, and discussed how to strengthen the supervision of government network security.
Shao Guoan believes that enterprises should pay more attention to the norms of the network security system, set up network security management institutions in accordance with regulations, determine the person in charge of network security, and implement the responsibility for network security protection. At a time when the national strategy is extending to cyberspace, relevant departments should strengthen supervision, do a good job in network security protection that combines points, lines and surfaces, and publicize and implement relevant laws and regulations on network security. To raise awareness of cybersecurity laws and regulations, it is recommended that both operators and practitioners should further deepen their understanding of laws and regulations such as the Regulations on the Security Protection of Computer Information Systems and the Measures for the Management of Graded Protection of Information Security.
Key topics of the report: hierarchical protection and related protection, data security and personal information protection
At the discussion of important topics of the report, Zhang Yan, deputy chief engineer of the China Academy of Railway Sciences, and Cheng Xiaofeng, deputy secretary general of the organizing committee of the investigation activities and senior evaluator of the South China Information Security Evaluation Center in Guangzhou, respectively made in-depth interpretations on the topics of "graded protection and guanji protection" and "data security and personal information protection".
In his speech, Zhang Yan analyzed the implementation of the graded network security protection system and the critical information infrastructure protection system, and the implementation of measures for network operators and network service providers to perform the main responsibilities of network security, and believed that in the promotion of informatization of the graded network security protection system, the competent departments play a leading role in the implementation of the hierarchical protection system.
Cheng Xiaofeng, senior evaluator of Guangzhou South China Information Security Evaluation Center, introduced the data security and personal information protection practices under the scope of enterprise compliance, and conducted in-depth discussions on data security and personal information protection in the implementation of hierarchical protection, the compliance requirements of enterprises in the Data Security Law and the Personal Information Protection Law, and the compliance management practices of enterprises with integrated security.
Roundtable: Hierarchical Protection and Corporate Compliance
Yan Ming, director of the organizing committee of the investigation activities, Tang Qianlin, secretary general of the Computer Security Committee of the China Computer Society, Ren Weihong, researcher of the Information Security Graded Protection Evaluation Center of the Ministry of Public Security, Shao Guoan, deputy director of the Informatization Collaborative Innovation Committee of the China Software Industry Association, Zhang Yan, deputy chief engineer of the China Academy of Railway Sciences, and Cheng Xiaofeng, deputy secretary general of the Organizing Committee of the investigation activities, conducted in-depth exchanges and discussions on the theme of "graded protection and enterprise compliance" and shared their views in the industry field.
The implementation of network security graded protection and enterprise compliance research were officially launched in the "cloud"
The organizing committee held a grand cloud launch ceremony of "Network Security Graded Protection Implementation and Enterprise Compliance Research Activity" at the meeting, marking the official launch of the national network security graded protection implementation and enterprise compliance research activities in 2022.
The reporter learned that the organizing committee also commended more than ten initiators and supporting units that made outstanding contributions to the 2021 "National Graded Protection Implementation and Enterprise Compliance Special Investigation" such as Heilongjiang Provincial Network Security Association, Hunan Cyberspace Security Association, Beijing Ming Dynasty Wanda Technology Co., Ltd., China Security Net Shield (Guangzhou) Information Technology Co., Ltd., and Shenzhen Huyi Intelligent Technology Co., Ltd. In the 2021 survey activities, they took a powerful way to spread the influence of the activities to multiple outlets across the country, and adopted diversified forms to disseminate and promote the survey activities, so that the survey results were more objective and comprehensive and true.
This special conference will conduct in-depth discussions on hot topics such as the implementation of graded network security protection, critical information infrastructure protection, and enterprise network security management.