May 22, the Ministry of Industry and Information Technology website on the “industrial field data security standard system construction guide (2023 version) (draft)” to the public for comments. According to the draft, by 2024, a standard system for data security in the industrial sector will be initially established to effectively implement data security management requirements and basically meet the needs of data security in the industrial sector.

Industry insiders said that industrial data security needs and risks drive to accelerate the construction of the standard system. Network security enterprises will fully participate in the construction process of the standard system mainly through compliance and improving technical product capabilities, to meet market needs and stimulate the vitality of the data security track.

Demand and risk two-wheel drive

The draft for Comments defines the construction goal of industrial data security standard system: by 2024, the initial establishment of industrial data security standard system, effective implementation of data security management requirements, basically meet the needs of industrial data security, promote the application of standards in key industries and enterprises, and develop more than 30 national, industrial or group standards for data security.

WES5123-1200

WES5123-1200

WES5123-1200

By 2026, a relatively complete system of industrial data security standards will be formed, the requirements of relevant laws, regulations, policies and institutions of data security will be fully implemented, the technical level, application effect and internationalization of the standards will be significantly improved, and the basic, normative and leading role of the standards will be highlighted. The implementation work will be carried out in an all-round way, which will strongly support the key work of industrial data security. Develop more than 100 national, industrial or group standards for data security.

In recent years, China has issued the “telecommunications and Internet industry Data Security Standard System construction Guide”, “Internet of Vehicles network security and data security standard System construction Guide” and other data security standard system construction related system documents. Under the double wheel drive of security demand and security risk, the construction of data security standard system in industrial field is increasingly urgent.

Liu Wenmao, chief innovation officer of Green League Technology, told the China Securities Journal: “Industrial big data runs through the design, process, production, management, service and other links of the industry, and the safety needs of the industrial sector are becoming more and more diverse. At the same time, risks of illegal data transmission, unauthorized access, large-scale cloud data leakage, and all links of the whole life cycle of data are ubiquitous in the industrial field, which makes it difficult for industrial enterprises to build data security. Therefore, it is urgent to systemize and standardize data security management in the industrial field, and accelerate the organic integration of data classification and classification, hierarchical protection, safety assessment, emergency treatment and other work.”

It is clear in the draft for comments that the data security standard system in the industrial field is composed of six types of standards: basic commonality, safety management, technical products, safety assessment and industrial evaluation, emerging convergence fields and vertical industries.