At present, organizations in China cover a whole range of industries, including financial and banking, eCommerce, IT, healthcare, tourism, manufacturing, and many more. Regardless of the companies' size and operation specifics, all those enterprises utilize and store petabytes of sensitive data – customer data, banking information, technologies, etc – that has always been a tempting target to hackers and criminals. According to Surfshark
, in 2021 China reported about 12.9 million breaches which, compared to the US (212.4m), Iran (156.1m), and India (86.6m), indicates the country has significantly strengthened digital security. Today, China's total data breach number is similar to Italy, Germany, Spain, UAE, and Australia – it's quite indicative, considering the countries' size and the number of operating companies in it.
The robust security of organizations in China is also explained by the strong focus on five major components – three regulations and two add-on focus points:
- Cybersecurity Law (CSL), dated June 1, 2017 – aimed to establish a universal regulatory regime for cybersecurity and data protection in China.
- Multi-level Protection Scheme (MLPS), effective on December 1, 2019 – cybersecurity compliance standard that must be applied by all domestic and foreign companies operating in China.
- Critical Information Infrastructure (CII), updated in October 2021 – aimed to protect network facilities and information systems in China that in case of any incident, may affect the performance of national security, national economy, people's livelihood, or public interest.
- Data Security Law (DSL), dated September 1, 2021 – focused on any data that, if leaked, may impact China's national, economic, or public security, public health, or social stability.
- Personal Information Protection Law (PIPL), effective in November 2021 – any data that refers to a person's name, address, date of birth, ID number, phone number, or biometrics.
Having analyzed the context and updating frequency of the security regulations above, it becomes more than obvious that China is heavily investing in improving national security. As the number and complexity of breaches continue to evolve, China-based companies, similar to overseas enterprises, can still often fall victim to various cyberattacks, breaches, and more.
In this article, cyberlands.io
experts will analyze the experience of the most notable incidents related to digital security in China, covering their causes and outcomes. As a result, you'll be able to get some more insights into the common strategies used, vulnerabilities, and data targeted, as well as how to protect your enterprise from cybercriminals.