SlideShare a Scribd company logo

Guide to Cybersecurity Compliance in China

Download as PPTX, PDF
Alibaba Cloud
Alibaba Cloud

See Webinar Recording at https://resource.alibabacloud.com/webinar/detail.htm?webinarId=8 This presentation features a comprehensive introduction to China’s Cybersecurity Law, including analysis of key articles and their implementation so far. It aims to provide a roadmap to help global companies understand regulatory risks related to network security, content security, personal information protection and data cross-border transfer. More Webinars: https://resource.alibabacloud.com/webinar/index.htm Blog: Navigating Through China's Cybersecurity Legislation https://www.alibabacloud.com/blog/Navigating-Through-China's-Cybersecurity-Legislation_p570635 ICP License: www.alibabacloud.com/icp China Connect: www.alibabacloud.com/chinaconnect

Internet
1 of 32
GUIDE TO CYBERSECURITY COMPLIANCE IN CHINA
Content Overview Key Regulatory Risks for Global Companies in China01 (Slide No. 6) Introduction to Alibaba Cloud’s Compliance Solutions 02 (Slide No. 16) 2 / 32
Cybersecurity Law Timeline Type Law Draft Influence of the Regulation/Law State Council - Regulations on Security Protection of Computer Information Systems Ministry of Public Security and five other ministries – Administrative Measures for Hierarchical Protection of Information Security Central Leading Group for Cyberspace Affairs established NPC Standing Committee July members & other parties – Cybersecurity Law Draft Second Deliberation Cryptography Law (Draft) released for public comment The Cybersecurity Law (Draft) for Second Deliberation was released on the National People’s Congress’ website for public comment 1994.02 2000.04 2000.09 2007.06 2014.02 2015.06 2015.07 2016.072015.12 2016.11 2017.06 2nd World Internet Conference “Call for closer cooperation in cyberspace governance” The Cybersecurity Law of the People’s Republic of China is adopted by Standing Committee of the 12th National People's Congress 2017.04 The 12th National People's Congress Deliberate the Cybersecurity Law (Draft) Ministry of Public Security – Administrative Measures for Prevention and Treatment of Computer Viruses State Council – Administrative Measures for Internet Information Services Personal information and important data cross-border security assessment measures released for public comment The Cybersecurity Law takes effect on June 1, 2017 Name of the Regulation/Law 3 / 32
China Cybersecurity Law The Cybersecurity Law came into effect on JUNE 1st 2017 4 / 32
Security/Compliance FAQs from Foreign Companies Local Branch Registration •Fines and penalties? •Grace period? •Cost and timeline of compliance? •Data security? •Government’s access to data? Personal Information Protection Network Security Requirements ICP Licensing/Filing Content Violations Cross-border Data Transfer 5 / 32
Key Regulatory Risks Network Security Risks Vulnerability management Prevent computer virus and cyber attacks Store network logs for at least six months Emergency response Management and training Content Security Risks Recognize and prevent prohibited images Prohibited texts Prohibited videos and audios Personal Information Protection Real identity verification Data collection Data transfer Data storage Cross-border Data Transfer Risk self assessment Risk assessment by authorities Cybersecurity Law 6 / 32
Fines & Penalties Fine: Between RMB 10,000 to 50,000 Failure to immediately take remedial measures for security flaws and vulnerabilities Failure to require users to provide truthful identity information Infringe on personal information Failure to stop the transmission of prohibited information Act. 61Act. 60Act. 59 Act. 68Act. 64 Failure to perform network security protection duties Fine: Between RMB 50,000 – 500,000 Fine: Between RMB 50,000 – 500,000. A temporary suspension of operations, closing of website, and cancellation of business licenses Fine: Between one and ten times the amount of the unlawful gains Fine: Between RMB 50,000 – 500,000. A temporary suspension of operations, closing of website, and cancellation of business licenses The most severe penalties for network operators is usually suspension of business or shut down of website. 7 / 32
Examples of Increasing Regulatory Pressure Increasing PenaltiesInspections By Both Central and Local Authorities High PR Risks 8 / 32
Increasing Fines and Penalties Globally 9 / 32
Alibaba Cloud Cybersecurity Compliance Solutions • ICP filing/licensing consulting and application services Business Licensing Requirements • Vulnerability management and repair • Virus and cyber attack prevention • Personnel training • Network logs storage • Emergency response Network Security Risk Management • Prohibited image recognition • Prohibited text recognition • Video and live streaming solutions • Social media and e-commerce solutions Content Security • Real identity verification • Data encryption • Data leakage prevention Personal Information Protection • Data cross-border transfer consulting service • Data cross-border transfer self-assessment consultin g • Data cross-border transfer authority assessment consulting Data Cross-border Transfer Risk Management 10 / 32
Comprehensive products and services In-house public Policy team + Collaboration with Policy makers One-stop compliance solutions Alibaba Cloud is CSL ready Why Alibaba Cloud? Why Now? Increasing regulatory pressure. Several companies have already been penalized. Global companies are investing more in compliance in China. Protecting personal information and ensuring cyber security is a global trend. Taking Action 11 / 32
Business Licensing in China 01 12 / 32
ICP Filing/License ICP Filing - All websites need to apply for ICP Filing - Non-commercial websites ICP License - All commercial websites - Must be registered in China; IDC and domain in China; based on business content and specific requirements by local communications authorities 13 / 32
Network Security Risk Management 02 14 / 32
Article 21, China Cybersecurity Law Network operators shall perform the following security protection duties:: Formulate internal security management systems, determine persons responsible for network security, and implement network security protection responsibility. Prevent computer viruses, network attacks, and intrusions. Store network logs for at least six months; monitor and record network operational statuses and security incidents. Data classification, back-up of important data, and encryption. 01 02 03 04 15 / 32
Alibaba Cloud Security Protection 16 / 32
Security & Compliance Certifications ISO/IEC 27001 Information Security Management System The first Cloud Service Provider to achieve CSA STAR Gold Certification all Over the world. ISO/IEC 20000-1:2011, IT Service Management System ISO/IEC 22301:2012, Business Continuity Management System Multi-Tier Cloud Security System(MTCS) SS 548:2015 (Level 3 IaaS Certification) PCI Compliant AICPA SOC 2 DJCP MPAA HIPAA 17 / 32
03 Content Security Solutions 18 / 32
Article 47, China Cybersecurity Law “Network operators shall strengthen management of information published by users.” “ … and upon discovering information that the law or administrative regulations prohibits...they shall immediately stop transmission of that information, employ handling measures such as deleting it, to prevent the information from spreading, save relevant records, and report it to the relevant competent departments.” 19 / 32
Content Security Solutions Alibaba Cloud Information Compliance – Provide image, text and video recognition based on Alibaba Cloud Big Data technology to protect your brand from association with illicit or otherwise illegal and brand damaging activity.. • Pornography Detection • OCR • Text Recognition • Video Recognition 2015 • Sensitive Graph • Sensitive Content • SPAM 2016 • Branding Logo • Audio Recognition • Customized Service 2017 Video Pornography • CDN Detection • OSS API Detection • Frame Based Image Detection Image Pornography • OSS Image Pornography Detection • Pornography Detection API 20 / 32
04 Personal Information Protection Solutions 21 / 32
Article 24, 41, 42 - China Cybersecurity Law “Network operators shall require users to provide real identity information when signing agreements with users or confirming provision of services.” (Article 24) “… abide by the principles of legality, propriety and necessity; explicitly stating the purposes, means, and scope for collection and usage, and obtaining the consent …” (Article 41) “… prevent personal information from leaking, being destroyed or lost. … report to regulating authorities upon any leakage, destruction or loss of personal information. ”(Article 42) 22 / 32
Personal Information Protection – Real Identity Verification Base on user-submitted information, Real Identity Verification is an ID authentication solution that leverages the Alibaba Cloud facial recognition and big data risk management model to detect ID fraud activities. • ID Authentication • Facial Recognition • Fake ID Authentication • Name and ID Pair Matching • OCR Support ID Authentication • Static Comparison • Interactive Authentication Facial Recognition • Identify fraud ID, phone no and devices • High performance check on known database Fake ID Authentication 23 / 32
Personal Information Protection – Data Encryption 24 / 32
Personal Information Protection – Anti-hacking Risk overview of you network and assets Vulnerability Management Asset Management Incident response and 24/7 services Find vulnerabilities in your system from community white hat 0-day mitigation Anti-bot service Data Leakage Protection 25 / 32
05 Data Cross-border Transfer Risk Management 26 / 32
Article 37, China Cybersecurity Law “Personal information and other important data gathered or produced by critical information infrastructure operators during operations within the mainland territory of the People's Republic of China, shall store it within Mainland China. Where due to business requirements it is truly necessary to provide it outside the mainland, they shall follow the measures jointly formulated by the State network information departments and the relevant departments of the State Council to conduct a security assessment.” 27 / 32
Data Cross-border Transfer Risk Management Data Cross-border: Personal information or important data collected or generated domestically by network operator sending to oversea company, organization or individual using network or other methods. Definition Transferring client information collected in China to overseas HQ. Scenarios Transferring Chinese employees’ personal information to overseas HQ. Your clients transfer data overseas using your platform. Transferring client information collected in China to third party consulting, auditing agencies or contractors. 28 / 32
Data Cross-border Risk Management Data Cross-border Transfer Legitimacy and Legality Risk Management Allowed Two-tiered Assessment. Conditions for self and authorities assessment Definition of Legitimacy and Legality Risk Management Responsibility Boundaries Managing Risk After Data is Transferred Overseas Data Cross-border Risk Management Overall Risk Assessment Self-assessment Consulting Authority Inspection Consulting Result Reviewed and Tested by Authority 29 / 32
Compliance Consulting Service Methodology Compliance Survey 01 02 03 04 05 Gap Assessment Compliance Strategy Change Implementation Result Testing 30 / 32
Alibaba Cloud Cybersecurity Compliance Solutions • ICP filing/licensing consulting and application services Business Licensing Requirements • Vulnerability management and repair • Virus and cyber attack prevention • Personnel training • Network logs storage • Emergency Response Network Security Risk Management • Prohibited image recognition • Prohibited texts recognition • Video and live streaming solutions • Social media and e-commerce solutions Content Security • Real identity verification • Data encryption • Data leakage prevention Personal Information Protection • Data cross-border transfer consulting service • Data cross-border transfer self-assessment consulting • Data cross-border transfer authority assessment consulting Data Cross-border Transfer Risk Management 31 / 32
Guide to Cybersecurity Compliance in China

Recommended

CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? Digital Transformation EXPO Event Series
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeHimani Singh
 
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Bitglass
 
Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Samrat Das
 
Cloud Access Security Brokers
Cloud Access Security BrokersCloud Access Security Brokers
Cloud Access Security BrokersAbhishek Tripathi
 
Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Moshe Ferber
 
Cloud keybank privacy and owner authorization
Cloud keybank privacy and owner authorizationCloud keybank privacy and owner authorization
Cloud keybank privacy and owner authorizationPvrtechnologies Nellore
 
Cloud security
Cloud securityCloud security
Cloud securityBikashPokharel3
 

Recommended

CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? Digital Transformation EXPO Event Series
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeHimani Singh
 
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Bitglass
 
Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Samrat Das
 
Cloud Access Security Brokers
Cloud Access Security BrokersCloud Access Security Brokers
Cloud Access Security BrokersAbhishek Tripathi
 
Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Cloud security for banks - the central bank of Israel regulations for cloud s...
Cloud security for banks - the central bank of Israel regulations for cloud s...Moshe Ferber
 
Cloud keybank privacy and owner authorization
Cloud keybank privacy and owner authorizationCloud keybank privacy and owner authorization
Cloud keybank privacy and owner authorizationPvrtechnologies Nellore
 
Cloud security
Cloud securityCloud security
Cloud securityBikashPokharel3
 
Cloud security
Cloud securityCloud security
Cloud securityTushar Kayande
 
63 Requirements for CASB
63 Requirements for CASB63 Requirements for CASB
63 Requirements for CASBKyle Watson
 
Securing virtual workload and cloud
Securing virtual workload and cloudSecuring virtual workload and cloud
Securing virtual workload and cloudHimani Singh
 
IDSA Overview at CSA SV
IDSA Overview at CSA SVIDSA Overview at CSA SV
IDSA Overview at CSA SVVishwas Manral
 
Top 10 AWS Security and Compliance best practices
Top 10 AWS Security and Compliance best practicesTop 10 AWS Security and Compliance best practices
Top 10 AWS Security and Compliance best practicesAhmad Khan
 
Guide to CASB Use Cases
Guide to CASB Use CasesGuide to CASB Use Cases
Guide to CASB Use CasesSachin Yadav
 
Biznet Gio Presentation - Database Security
Biznet Gio Presentation - Database SecurityBiznet Gio Presentation - Database Security
Biznet Gio Presentation - Database SecurityYusuf Hadiwinata Sutandar
 
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
The Software-Defined Perimeter: Securing Network Access for the Modern WorkforceThe Software-Defined Perimeter: Securing Network Access for the Modern Workforce
The Software-Defined Perimeter: Securing Network Access for the Modern WorkforcePerimeter 81
 
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...Government Technology & Services Coalition
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantageMoshe Ferber
 
Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Moshe Ferber
 
The Cloud & I, The CISO challenges with Cloud Computing
The Cloud & I, The CISO challenges with Cloud Computing The Cloud & I, The CISO challenges with Cloud Computing
The Cloud & I, The CISO challenges with Cloud Computing Moshe Ferber
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyCloud Standards Customer Council
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applicationsForcepoint LLC
 
The Cloud Security Rules
The Cloud Security RulesThe Cloud Security Rules
The Cloud Security RulesKai Roer
 
Aligning Risk with Growth - Cloud Security for startups
Aligning Risk with Growth - Cloud Security for startupsAligning Risk with Growth - Cloud Security for startups
Aligning Risk with Growth - Cloud Security for startupsMoshe Ferber
 
What the auditor need to know about cloud computing
What the auditor need to know about cloud computingWhat the auditor need to know about cloud computing
What the auditor need to know about cloud computingMoshe Ferber
 
apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays LIVE New York 2021 - Securing access to high performing API in a regu...apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays LIVE New York 2021 - Securing access to high performing API in a regu...apidays
 
Security and governance in the cloud
Security and governance in the cloudSecurity and governance in the cloud
Security and governance in the cloudJulian Knight
 
Cloud security innovation - Cloud Security Alliance East Europe Congress 2013
Cloud security innovation - Cloud Security Alliance East Europe Congress 2013Cloud security innovation - Cloud Security Alliance East Europe Congress 2013
Cloud security innovation - Cloud Security Alliance East Europe Congress 2013Moshe Ferber
 
New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeUlf Mattsson
 
State regulation of information protection in the cloud - international and K...
State regulation of information protection in the cloud - international and K...State regulation of information protection in the cloud - international and K...
State regulation of information protection in the cloud - international and K...Vsevolod Shabad
 

More Related Content

What's hot

63 Requirements for CASB
63 Requirements for CASB63 Requirements for CASB
63 Requirements for CASBKyle Watson
 
Securing virtual workload and cloud
Securing virtual workload and cloudSecuring virtual workload and cloud
Securing virtual workload and cloudHimani Singh
 
IDSA Overview at CSA SV
IDSA Overview at CSA SVIDSA Overview at CSA SV
IDSA Overview at CSA SVVishwas Manral
 
Top 10 AWS Security and Compliance best practices
Top 10 AWS Security and Compliance best practicesTop 10 AWS Security and Compliance best practices
Top 10 AWS Security and Compliance best practicesAhmad Khan
 
Guide to CASB Use Cases
Guide to CASB Use CasesGuide to CASB Use Cases
Guide to CASB Use CasesSachin Yadav
 
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
The Software-Defined Perimeter: Securing Network Access for the Modern WorkforceThe Software-Defined Perimeter: Securing Network Access for the Modern Workforce
The Software-Defined Perimeter: Securing Network Access for the Modern WorkforcePerimeter 81
 
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...Government Technology & Services Coalition
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantageMoshe Ferber
 
Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Moshe Ferber
 
The Cloud & I, The CISO challenges with Cloud Computing
The Cloud & I, The CISO challenges with Cloud Computing The Cloud & I, The CISO challenges with Cloud Computing
The Cloud & I, The CISO challenges with Cloud Computing Moshe Ferber
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyCloud Standards Customer Council
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applicationsForcepoint LLC
 
The Cloud Security Rules
The Cloud Security RulesThe Cloud Security Rules
The Cloud Security RulesKai Roer
 
Aligning Risk with Growth - Cloud Security for startups
Aligning Risk with Growth - Cloud Security for startupsAligning Risk with Growth - Cloud Security for startups
Aligning Risk with Growth - Cloud Security for startupsMoshe Ferber
 
What the auditor need to know about cloud computing
What the auditor need to know about cloud computingWhat the auditor need to know about cloud computing
What the auditor need to know about cloud computingMoshe Ferber
 
apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays LIVE New York 2021 - Securing access to high performing API in a regu...apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays LIVE New York 2021 - Securing access to high performing API in a regu...apidays
 
Security and governance in the cloud
Security and governance in the cloudSecurity and governance in the cloud
Security and governance in the cloudJulian Knight
 
Cloud security innovation - Cloud Security Alliance East Europe Congress 2013
Cloud security innovation - Cloud Security Alliance East Europe Congress 2013Cloud security innovation - Cloud Security Alliance East Europe Congress 2013
Cloud security innovation - Cloud Security Alliance East Europe Congress 2013Moshe Ferber
 

What's hot (20)

Cloud security
Cloud securityCloud security
Cloud security
 
63 Requirements for CASB
63 Requirements for CASB63 Requirements for CASB
63 Requirements for CASB
 
Securing virtual workload and cloud
Securing virtual workload and cloudSecuring virtual workload and cloud
Securing virtual workload and cloud
 
IDSA Overview at CSA SV
IDSA Overview at CSA SVIDSA Overview at CSA SV
IDSA Overview at CSA SV
 
Top 10 AWS Security and Compliance best practices
Top 10 AWS Security and Compliance best practicesTop 10 AWS Security and Compliance best practices
Top 10 AWS Security and Compliance best practices
 
Guide to CASB Use Cases
Guide to CASB Use CasesGuide to CASB Use Cases
Guide to CASB Use Cases
 
Biznet Gio Presentation - Database Security
Biznet Gio Presentation - Database SecurityBiznet Gio Presentation - Database Security
Biznet Gio Presentation - Database Security
 
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
The Software-Defined Perimeter: Securing Network Access for the Modern WorkforceThe Software-Defined Perimeter: Securing Network Access for the Modern Workforce
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
 
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantage
 
Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...
 
The Cloud & I, The CISO challenges with Cloud Computing
The Cloud & I, The CISO challenges with Cloud Computing The Cloud & I, The CISO challenges with Cloud Computing
The Cloud & I, The CISO challenges with Cloud Computing
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
 
The Cloud Security Rules
The Cloud Security RulesThe Cloud Security Rules
The Cloud Security Rules
 
Aligning Risk with Growth - Cloud Security for startups
Aligning Risk with Growth - Cloud Security for startupsAligning Risk with Growth - Cloud Security for startups
Aligning Risk with Growth - Cloud Security for startups
 
What the auditor need to know about cloud computing
What the auditor need to know about cloud computingWhat the auditor need to know about cloud computing
What the auditor need to know about cloud computing
 
apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays LIVE New York 2021 - Securing access to high performing API in a regu...apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays LIVE New York 2021 - Securing access to high performing API in a regu...
 
Security and governance in the cloud
Security and governance in the cloudSecurity and governance in the cloud
Security and governance in the cloud
 
Cloud security innovation - Cloud Security Alliance East Europe Congress 2013
Cloud security innovation - Cloud Security Alliance East Europe Congress 2013Cloud security innovation - Cloud Security Alliance East Europe Congress 2013
Cloud security innovation - Cloud Security Alliance East Europe Congress 2013
 

Similar to Guide to Cybersecurity Compliance in China

New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeUlf Mattsson
 
State regulation of information protection in the cloud - international and K...
State regulation of information protection in the cloud - international and K...State regulation of information protection in the cloud - international and K...
State regulation of information protection in the cloud - international and K...Vsevolod Shabad
 
Isaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyIsaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyUlf Mattsson
 
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2Kyle Lai
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudUlf Mattsson
 
Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyUlf Mattsson
 
Security in RegTech's Playground
Security in RegTech's PlaygroundSecurity in RegTech's Playground
Security in RegTech's PlaygroundJohn ILIADIS
 
Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...
Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...
Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...Alibaba Cloud
 
Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesUlf Mattsson
 
Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupChris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupCohesive Networks
 
Cloud computing and Law-India legal summit
Cloud computing and Law-India legal summitCloud computing and Law-India legal summit
Cloud computing and Law-India legal summitAdv Prashant Mali
 
Cloud computing and law-India legal summit 2011
Cloud computing and law-India legal summit 2011Cloud computing and law-India legal summit 2011
Cloud computing and law-India legal summit 2011Adv Prashant Mali
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaUlf Mattsson
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Ulf Mattsson
 
Isaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataIsaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataUlf Mattsson
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNAMatteo Masi
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber securityAurobindo Nayak
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataUlf Mattsson
 
Isaca new delhi india - privacy and big data
Isaca new delhi india - privacy and big dataIsaca new delhi india - privacy and big data
Isaca new delhi india - privacy and big dataUlf Mattsson
 

Similar to Guide to Cybersecurity Compliance in China (20)

New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscape
 
State regulation of information protection in the cloud - international and K...
State regulation of information protection in the cloud - international and K...State regulation of information protection in the cloud - international and K...
State regulation of information protection in the cloud - international and K...
 
Isaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyIsaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacy
 
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
ISACA - China Cybersecurity Law Presentation - Kyle Lai - v3.2
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloud
 
Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technology
 
Security in RegTech's Playground
Security in RegTech's PlaygroundSecurity in RegTech's Playground
Security in RegTech's Playground
 
Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...
Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...
Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...
 
Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best Practices
 
Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupChris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
 
Cloud computing and Law-India legal summit
Cloud computing and Law-India legal summitCloud computing and Law-India legal summit
Cloud computing and Law-India legal summit
 
Cloud computing and law-India legal summit 2011
Cloud computing and law-India legal summit 2011Cloud computing and law-India legal summit 2011
Cloud computing and law-India legal summit 2011
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...
 
Isaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataIsaca new delhi india privacy and big data
Isaca new delhi india privacy and big data
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNA
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber security
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive data
 
Isaca new delhi india - privacy and big data
Isaca new delhi india - privacy and big dataIsaca new delhi india - privacy and big data
Isaca new delhi india - privacy and big data
 

More from Alibaba Cloud

Why a Multi-cloud Strategy is Essential
Why a Multi-cloud Strategy is EssentialWhy a Multi-cloud Strategy is Essential
Why a Multi-cloud Strategy is EssentialAlibaba Cloud
 
Getting Started with Elasticsearch
Getting Started with ElasticsearchGetting Started with Elasticsearch
Getting Started with ElasticsearchAlibaba Cloud
 
Alibaba Cloud’s ET City Brain - Empowering Cities to Think
Alibaba Cloud’s ET City Brain - Empowering Cities to ThinkAlibaba Cloud’s ET City Brain - Empowering Cities to Think
Alibaba Cloud’s ET City Brain - Empowering Cities to ThinkAlibaba Cloud
 
Serverless Computing: Driving Innovation and Business Value
Serverless Computing: Driving Innovation and Business ValueServerless Computing: Driving Innovation and Business Value
Serverless Computing: Driving Innovation and Business ValueAlibaba Cloud
 
Loan Default Prediction with Machine Learning
Loan Default Prediction with Machine LearningLoan Default Prediction with Machine Learning
Loan Default Prediction with Machine LearningAlibaba Cloud
 
Next Level Digital Media with Alibaba Cloud (Part 2)
Next Level Digital Media with Alibaba Cloud (Part 2)Next Level Digital Media with Alibaba Cloud (Part 2)
Next Level Digital Media with Alibaba Cloud (Part 2)Alibaba Cloud
 
An Introduction to Alibaba Cloud’s Message Service
An Introduction to Alibaba Cloud’s Message ServiceAn Introduction to Alibaba Cloud’s Message Service
An Introduction to Alibaba Cloud’s Message ServiceAlibaba Cloud
 
Protecting Your Big Data on the Cloud
Protecting Your Big Data on the CloudProtecting Your Big Data on the Cloud
Protecting Your Big Data on the CloudAlibaba Cloud
 
Next Generation Retail Part 3 - Retail Transformation Best Practices
Next Generation Retail Part 3 - Retail Transformation Best PracticesNext Generation Retail Part 3 - Retail Transformation Best Practices
Next Generation Retail Part 3 - Retail Transformation Best PracticesAlibaba Cloud
 
The Next Generation of Retail - Unlocking Alibaba Retail Cloud
The Next Generation of Retail - Unlocking Alibaba Retail CloudThe Next Generation of Retail - Unlocking Alibaba Retail Cloud
The Next Generation of Retail - Unlocking Alibaba Retail CloudAlibaba Cloud
 
Big Data Quickstart Series 3: Perform Data Integration
Big Data Quickstart Series 3: Perform Data IntegrationBig Data Quickstart Series 3: Perform Data Integration
Big Data Quickstart Series 3: Perform Data IntegrationAlibaba Cloud
 
Migration to Alibaba Cloud
Migration to Alibaba CloudMigration to Alibaba Cloud
Migration to Alibaba CloudAlibaba Cloud
 
How to Leverage ApsaraDB to Deploy Business Data on the Cloud
How to Leverage ApsaraDB to Deploy Business Data on the CloudHow to Leverage ApsaraDB to Deploy Business Data on the Cloud
How to Leverage ApsaraDB to Deploy Business Data on the CloudAlibaba Cloud
 
Big Data Quickstart Series 1: Create Powerful Data Visualization
Big Data Quickstart Series 1: Create Powerful Data VisualizationBig Data Quickstart Series 1: Create Powerful Data Visualization
Big Data Quickstart Series 1: Create Powerful Data VisualizationAlibaba Cloud
 
Introduction to Elastic Compute Service on Alibaba Cloud to Power Your Busine...
Introduction to Elastic Compute Service on Alibaba Cloud to Power Your Busine...Introduction to Elastic Compute Service on Alibaba Cloud to Power Your Busine...
Introduction to Elastic Compute Service on Alibaba Cloud to Power Your Busine...Alibaba Cloud
 
Launch and Scale Your E-commerce Website with Magento
Launch and Scale Your E-commerce Website with MagentoLaunch and Scale Your E-commerce Website with Magento
Launch and Scale Your E-commerce Website with MagentoAlibaba Cloud
 
Responding to Digital Transformation With RDS Database Technology
Responding to Digital Transformation With RDS Database TechnologyResponding to Digital Transformation With RDS Database Technology
Responding to Digital Transformation With RDS Database TechnologyAlibaba Cloud
 
How to Set Up ApsaraDB for RDS on Alibaba Cloud
How to Set Up ApsaraDB for RDS on Alibaba CloudHow to Set Up ApsaraDB for RDS on Alibaba Cloud
How to Set Up ApsaraDB for RDS on Alibaba CloudAlibaba Cloud
 
Discovering Cloud Networking: VPC, VPN, Express Connect & Server Load Balancer
Discovering Cloud Networking: VPC, VPN, Express Connect & Server Load BalancerDiscovering Cloud Networking: VPC, VPN, Express Connect & Server Load Balancer
Discovering Cloud Networking: VPC, VPN, Express Connect & Server Load BalancerAlibaba Cloud
 
Introduction to WAF and Network Application Security
Introduction to WAF and Network Application SecurityIntroduction to WAF and Network Application Security
Introduction to WAF and Network Application SecurityAlibaba Cloud
 

More from Alibaba Cloud (20)

Why a Multi-cloud Strategy is Essential
Why a Multi-cloud Strategy is EssentialWhy a Multi-cloud Strategy is Essential
Why a Multi-cloud Strategy is Essential
 
Getting Started with Elasticsearch
Getting Started with ElasticsearchGetting Started with Elasticsearch
Getting Started with Elasticsearch
 
Alibaba Cloud’s ET City Brain - Empowering Cities to Think
Alibaba Cloud’s ET City Brain - Empowering Cities to ThinkAlibaba Cloud’s ET City Brain - Empowering Cities to Think
Alibaba Cloud’s ET City Brain - Empowering Cities to Think
 
Serverless Computing: Driving Innovation and Business Value
Serverless Computing: Driving Innovation and Business ValueServerless Computing: Driving Innovation and Business Value
Serverless Computing: Driving Innovation and Business Value
 
Loan Default Prediction with Machine Learning
Loan Default Prediction with Machine LearningLoan Default Prediction with Machine Learning
Loan Default Prediction with Machine Learning
 
Next Level Digital Media with Alibaba Cloud (Part 2)
Next Level Digital Media with Alibaba Cloud (Part 2)Next Level Digital Media with Alibaba Cloud (Part 2)
Next Level Digital Media with Alibaba Cloud (Part 2)
 
An Introduction to Alibaba Cloud’s Message Service
An Introduction to Alibaba Cloud’s Message ServiceAn Introduction to Alibaba Cloud’s Message Service
An Introduction to Alibaba Cloud’s Message Service
 
Protecting Your Big Data on the Cloud
Protecting Your Big Data on the CloudProtecting Your Big Data on the Cloud
Protecting Your Big Data on the Cloud
 
Next Generation Retail Part 3 - Retail Transformation Best Practices
Next Generation Retail Part 3 - Retail Transformation Best PracticesNext Generation Retail Part 3 - Retail Transformation Best Practices
Next Generation Retail Part 3 - Retail Transformation Best Practices
 
The Next Generation of Retail - Unlocking Alibaba Retail Cloud
The Next Generation of Retail - Unlocking Alibaba Retail CloudThe Next Generation of Retail - Unlocking Alibaba Retail Cloud
The Next Generation of Retail - Unlocking Alibaba Retail Cloud
 
Big Data Quickstart Series 3: Perform Data Integration
Big Data Quickstart Series 3: Perform Data IntegrationBig Data Quickstart Series 3: Perform Data Integration
Big Data Quickstart Series 3: Perform Data Integration
 
Migration to Alibaba Cloud
Migration to Alibaba CloudMigration to Alibaba Cloud
Migration to Alibaba Cloud
 
How to Leverage ApsaraDB to Deploy Business Data on the Cloud
How to Leverage ApsaraDB to Deploy Business Data on the CloudHow to Leverage ApsaraDB to Deploy Business Data on the Cloud
How to Leverage ApsaraDB to Deploy Business Data on the Cloud
 
Big Data Quickstart Series 1: Create Powerful Data Visualization
Big Data Quickstart Series 1: Create Powerful Data VisualizationBig Data Quickstart Series 1: Create Powerful Data Visualization
Big Data Quickstart Series 1: Create Powerful Data Visualization
 
Introduction to Elastic Compute Service on Alibaba Cloud to Power Your Busine...
Introduction to Elastic Compute Service on Alibaba Cloud to Power Your Busine...Introduction to Elastic Compute Service on Alibaba Cloud to Power Your Busine...
Introduction to Elastic Compute Service on Alibaba Cloud to Power Your Busine...
 
Launch and Scale Your E-commerce Website with Magento
Launch and Scale Your E-commerce Website with MagentoLaunch and Scale Your E-commerce Website with Magento
Launch and Scale Your E-commerce Website with Magento
 
Responding to Digital Transformation With RDS Database Technology
Responding to Digital Transformation With RDS Database TechnologyResponding to Digital Transformation With RDS Database Technology
Responding to Digital Transformation With RDS Database Technology
 
How to Set Up ApsaraDB for RDS on Alibaba Cloud
How to Set Up ApsaraDB for RDS on Alibaba CloudHow to Set Up ApsaraDB for RDS on Alibaba Cloud
How to Set Up ApsaraDB for RDS on Alibaba Cloud
 
Discovering Cloud Networking: VPC, VPN, Express Connect & Server Load Balancer
Discovering Cloud Networking: VPC, VPN, Express Connect & Server Load BalancerDiscovering Cloud Networking: VPC, VPN, Express Connect & Server Load Balancer
Discovering Cloud Networking: VPC, VPN, Express Connect & Server Load Balancer
 
Introduction to WAF and Network Application Security
Introduction to WAF and Network Application SecurityIntroduction to WAF and Network Application Security
Introduction to WAF and Network Application Security
 

Recently uploaded

定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一3sw2qly1
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Lucknow
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 

Recently uploaded (20)

定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 

Guide to Cybersecurity Compliance in China

  • 2. Content Overview Key Regulatory Risks for Global Companies in China01 (Slide No. 6) Introduction to Alibaba Cloud’s Compliance Solutions 02 (Slide No. 16) 2 / 32
  • 3. Cybersecurity Law Timeline Type Law Draft Influence of the Regulation/Law State Council - Regulations on Security Protection of Computer Information Systems Ministry of Public Security and five other ministries – Administrative Measures for Hierarchical Protection of Information Security Central Leading Group for Cyberspace Affairs established NPC Standing Committee July members & other parties – Cybersecurity Law Draft Second Deliberation Cryptography Law (Draft) released for public comment The Cybersecurity Law (Draft) for Second Deliberation was released on the National People’s Congress’ website for public comment 1994.02 2000.04 2000.09 2007.06 2014.02 2015.06 2015.07 2016.072015.12 2016.11 2017.06 2nd World Internet Conference “Call for closer cooperation in cyberspace governance” The Cybersecurity Law of the People’s Republic of China is adopted by Standing Committee of the 12th National People's Congress 2017.04 The 12th National People's Congress Deliberate the Cybersecurity Law (Draft) Ministry of Public Security – Administrative Measures for Prevention and Treatment of Computer Viruses State Council – Administrative Measures for Internet Information Services Personal information and important data cross-border security assessment measures released for public comment The Cybersecurity Law takes effect on June 1, 2017 Name of the Regulation/Law 3 / 32
  • 4. China Cybersecurity Law The Cybersecurity Law came into effect on JUNE 1st 2017 4 / 32
  • 5. Security/Compliance FAQs from Foreign Companies Local Branch Registration •Fines and penalties? •Grace period? •Cost and timeline of compliance? •Data security? •Government’s access to data? Personal Information Protection Network Security Requirements ICP Licensing/Filing Content Violations Cross-border Data Transfer 5 / 32
  • 6. Key Regulatory Risks Network Security Risks Vulnerability management Prevent computer virus and cyber attacks Store network logs for at least six months Emergency response Management and training Content Security Risks Recognize and prevent prohibited images Prohibited texts Prohibited videos and audios Personal Information Protection Real identity verification Data collection Data transfer Data storage Cross-border Data Transfer Risk self assessment Risk assessment by authorities Cybersecurity Law 6 / 32
  • 7. Fines & Penalties Fine: Between RMB 10,000 to 50,000 Failure to immediately take remedial measures for security flaws and vulnerabilities Failure to require users to provide truthful identity information Infringe on personal information Failure to stop the transmission of prohibited information Act. 61Act. 60Act. 59 Act. 68Act. 64 Failure to perform network security protection duties Fine: Between RMB 50,000 – 500,000 Fine: Between RMB 50,000 – 500,000. A temporary suspension of operations, closing of website, and cancellation of business licenses Fine: Between one and ten times the amount of the unlawful gains Fine: Between RMB 50,000 – 500,000. A temporary suspension of operations, closing of website, and cancellation of business licenses The most severe penalties for network operators is usually suspension of business or shut down of website. 7 / 32
  • 8. Examples of Increasing Regulatory Pressure Increasing PenaltiesInspections By Both Central and Local Authorities High PR Risks 8 / 32
  • 9. Increasing Fines and Penalties Globally 9 / 32
  • 10. Alibaba Cloud Cybersecurity Compliance Solutions • ICP filing/licensing consulting and application services Business Licensing Requirements • Vulnerability management and repair • Virus and cyber attack prevention • Personnel training • Network logs storage • Emergency response Network Security Risk Management • Prohibited image recognition • Prohibited text recognition • Video and live streaming solutions • Social media and e-commerce solutions Content Security • Real identity verification • Data encryption • Data leakage prevention Personal Information Protection • Data cross-border transfer consulting service • Data cross-border transfer self-assessment consultin g • Data cross-border transfer authority assessment consulting Data Cross-border Transfer Risk Management 10 / 32
  • 11. Comprehensive products and services In-house public Policy team + Collaboration with Policy makers One-stop compliance solutions Alibaba Cloud is CSL ready Why Alibaba Cloud? Why Now? Increasing regulatory pressure. Several companies have already been penalized. Global companies are investing more in compliance in China. Protecting personal information and ensuring cyber security is a global trend. Taking Action 11 / 32
  • 12. Business Licensing in China 01 12 / 32
  • 13. ICP Filing/License ICP Filing - All websites need to apply for ICP Filing - Non-commercial websites ICP License - All commercial websites - Must be registered in China; IDC and domain in China; based on business content and specific requirements by local communications authorities 13 / 32
  • 14. Network Security Risk Management 02 14 / 32
  • 15. Article 21, China Cybersecurity Law Network operators shall perform the following security protection duties:: Formulate internal security management systems, determine persons responsible for network security, and implement network security protection responsibility. Prevent computer viruses, network attacks, and intrusions. Store network logs for at least six months; monitor and record network operational statuses and security incidents. Data classification, back-up of important data, and encryption. 01 02 03 04 15 / 32
  • 16. Alibaba Cloud Security Protection 16 / 32
  • 17. Security & Compliance Certifications ISO/IEC 27001 Information Security Management System The first Cloud Service Provider to achieve CSA STAR Gold Certification all Over the world. ISO/IEC 20000-1:2011, IT Service Management System ISO/IEC 22301:2012, Business Continuity Management System Multi-Tier Cloud Security System(MTCS) SS 548:2015 (Level 3 IaaS Certification) PCI Compliant AICPA SOC 2 DJCP MPAA HIPAA 17 / 32
  • 19. Article 47, China Cybersecurity Law “Network operators shall strengthen management of information published by users.” “ … and upon discovering information that the law or administrative regulations prohibits...they shall immediately stop transmission of that information, employ handling measures such as deleting it, to prevent the information from spreading, save relevant records, and report it to the relevant competent departments.” 19 / 32
  • 20. Content Security Solutions Alibaba Cloud Information Compliance – Provide image, text and video recognition based on Alibaba Cloud Big Data technology to protect your brand from association with illicit or otherwise illegal and brand damaging activity.. • Pornography Detection • OCR • Text Recognition • Video Recognition 2015 • Sensitive Graph • Sensitive Content • SPAM 2016 • Branding Logo • Audio Recognition • Customized Service 2017 Video Pornography • CDN Detection • OSS API Detection • Frame Based Image Detection Image Pornography • OSS Image Pornography Detection • Pornography Detection API 20 / 32
  • 22. Article 24, 41, 42 - China Cybersecurity Law “Network operators shall require users to provide real identity information when signing agreements with users or confirming provision of services.” (Article 24) “… abide by the principles of legality, propriety and necessity; explicitly stating the purposes, means, and scope for collection and usage, and obtaining the consent …” (Article 41) “… prevent personal information from leaking, being destroyed or lost. … report to regulating authorities upon any leakage, destruction or loss of personal information. ”(Article 42) 22 / 32
  • 23. Personal Information Protection – Real Identity Verification Base on user-submitted information, Real Identity Verification is an ID authentication solution that leverages the Alibaba Cloud facial recognition and big data risk management model to detect ID fraud activities. • ID Authentication • Facial Recognition • Fake ID Authentication • Name and ID Pair Matching • OCR Support ID Authentication • Static Comparison • Interactive Authentication Facial Recognition • Identify fraud ID, phone no and devices • High performance check on known database Fake ID Authentication 23 / 32
  • 24. Personal Information Protection – Data Encryption 24 / 32
  • 25. Personal Information Protection – Anti-hacking Risk overview of you network and assets Vulnerability Management Asset Management Incident response and 24/7 services Find vulnerabilities in your system from community white hat 0-day mitigation Anti-bot service Data Leakage Protection 25 / 32
  • 27. Article 37, China Cybersecurity Law “Personal information and other important data gathered or produced by critical information infrastructure operators during operations within the mainland territory of the People's Republic of China, shall store it within Mainland China. Where due to business requirements it is truly necessary to provide it outside the mainland, they shall follow the measures jointly formulated by the State network information departments and the relevant departments of the State Council to conduct a security assessment.” 27 / 32
  • 28. Data Cross-border Transfer Risk Management Data Cross-border: Personal information or important data collected or generated domestically by network operator sending to oversea company, organization or individual using network or other methods. Definition Transferring client information collected in China to overseas HQ. Scenarios Transferring Chinese employees’ personal information to overseas HQ. Your clients transfer data overseas using your platform. Transferring client information collected in China to third party consulting, auditing agencies or contractors. 28 / 32
  • 29. Data Cross-border Risk Management Data Cross-border Transfer Legitimacy and Legality Risk Management Allowed Two-tiered Assessment. Conditions for self and authorities assessment Definition of Legitimacy and Legality Risk Management Responsibility Boundaries Managing Risk After Data is Transferred Overseas Data Cross-border Risk Management Overall Risk Assessment Self-assessment Consulting Authority Inspection Consulting Result Reviewed and Tested by Authority 29 / 32
  • 30. Compliance Consulting Service Methodology Compliance Survey 01 02 03 04 05 Gap Assessment Compliance Strategy Change Implementation Result Testing 30 / 32
  • 31. Alibaba Cloud Cybersecurity Compliance Solutions • ICP filing/licensing consulting and application services Business Licensing Requirements • Vulnerability management and repair • Virus and cyber attack prevention • Personnel training • Network logs storage • Emergency Response Network Security Risk Management • Prohibited image recognition • Prohibited texts recognition • Video and live streaming solutions • Social media and e-commerce solutions Content Security • Real identity verification • Data encryption • Data leakage prevention Personal Information Protection • Data cross-border transfer consulting service • Data cross-border transfer self-assessment consulting • Data cross-border transfer authority assessment consulting Data Cross-border Transfer Risk Management 31 / 32