MLPS 2.0 Compliance & China Cybersecurity Law

What is China Cybersecurity Law?

In conjunction with 12 other authorities, the Cyberspace Administration of China (CAC) published a revised Cybersecurity Law which came into effect on February 15, 2022. Under the new Measures, mentioned parties must apply for a China Cybersecurity Law Review so as to mitigate risks associated with data processing activities overseas.

As the Chinese government has become more aware of the potential risks of cyber security and data breaches, more laws and regulations are expected to be issued in the coming future. Thus, regardless of the company size or industry, any business that is expanding or already operating within China is suggested to take a cautious approach by complying with the classified standards highlighted by the China Cybersecurity Law.

Necessity of China Cybersecurity Law MLPS 2.0 Compliance Service

As illustrated in the China Cybersecurity Law, if the service providers violate the requirements, warning and levy fines shall be given to the responsible personnel. Where circumstances are serious, the relevant competent department may order a temporary suspension of operations, a suspension of business for corrections, closing down of websites, cancellation of relevant operations permits, or cancellation of business licenses. Still, the China Cybersecurity Review Process is technically complicated, the majority of operators and service providers might find it very difficult to deal with these levels of regulated security protections. To support the proper implementation of MPLS 2.0, the administrative requirement emphasized by the China Cybersecurity Law, CITIC Telecom CPC offers an one-stop China Cybersecurity Law MLPS 2.0 Compliance Service for all businesses with their own networks in China, including but not limited to the information technology industry, financial services, internet service providers and telecommunications companies.

TrustCSI™ - One-stop Compliance Service on China Cybersecurity Law

CITIC Telecom CPC has extensive knowledge and experience in China Cybersecurity Law compliance service. To help enterprises of all scales extend their business opportunities in China, CITIC Telecom CPC created TrustCSI™ Professional Service which covers a wide range of mission-critical cybersecurity-related tasks performed by top-notch security professionals, ranging from vulnerability assessment to penetration testing, security device migration to China Cybersecurity Law MLPS 2.0 compliance, and more.

TrustCSI™ China Cybersecurity Law MLPS 2.0 Compliance Service Scope

Information System Survey: An initial China Cybersecurity Law Compliance Survey is conducted, to assess the target Information System, covering physical location, network topology, personal information types, existing security devices, and other items.

Classification of Consequences: In the event of compromise of the Information System, levels of consequences are defined according to the official China Cybersecurity Law MLPS 2.0 Level Classification rule.

Materials Registration: All necessary materials such as appropriate documents and forms are prepared and submitted to the Local Internet Police responsible for China Cybersecurity Law Review.

Gap Analysis Reporting: A “Gap Analysis Report” is produced, according to non-compliance findings related to the current topology of the Information System based on the China Cybersecurity Law MLPS 2.0 compliance table.

Remediation Planning: Based on the “Gap Analysis Report” a “Remediation Plan” will be carefully created, assisting the enterprise to properly and systematically close the identified security gaps using IT security best practices as requested by the China Cybersecurity Law .

Official Assessment Assistance: For the nal submission of the “Official Assessment Report” to the local Network Police for endorsement, CITIC Telecom CPC’s experts will assist the enterprise with every step of the China Cybersecurity Law official assessment process.

China is an extremely important market, and for enterprises expanding or already operating inside Mainland China, it is imperative their digital transformation be in compliance with China Cybersecurity Law MPLS 2.0, the most up to date version of this mandatory regulation. To ensure not only an easier and smoother process to achieve MLPS 2.0 Compliance, but also more stringent and careful verification, CITIC Telecom CPC offers the China Cybersecurity Law MLPS 2.0 Compliance Service, a one-stop service covering every aspect and stage of the China Cybersecurity Law MLPS 2.0 Compliance process, including classification, registration, gap analysis, remediation and assessment. This important service is easy, reliable, and professionally administered to ensure an enterprise operates a robust, fully compliant MLPS 2.0 infrastructure.

Compliance Service Scope

Information System Survey
An initial survey is conducted, to assess the target Information System, covering physical location, network topology, personal information types, existing security devices, and other items
Classification of Consequences
In the event of compromise of the Information System, levels of consequences are defined according to the official China Cybersecurity Law MLPS 2.0 Level Classification rule
Materials Registration
All necessary materials such as appropriate documents and forms are prepared and submitted to the local Internet Police
Gap Analysis Reporting
A “Gap Analysis Report” is produced, according to non-compliance findings related to the current topology of the Information System (based on the China Cybersecurity Law MLPS 2.0 compliance table).
Remediation Planning
Based on the “Gap Analysis Report” a “Remediation Plan” will be carefully created, assisting the enterprise to properly and systematically close the identified security gaps using IT security best practices
Official Assessment Assistance
For the final submission of the “Official Assessment Report” to the local Network Police for endorsement, CITIC Telecom CPC’s experts will assist the enterprise with every step of the official assessment process

Blog

: CIE Golde: To “Roof over” Digitalization with Innovations

~~2022-11-16~~

Interconnection in the digital era has brought together cross-regional online and offline businesses, facilitating the global business of enterprises, creating new opportunities and…

More