China Prepares for Cyberattacks


5a81051d4f0a676ade522012cde5edb7759a1283e7f674e18587cd7714018e36.jpg

China has implemented regulations for 1-hour reporting of severe cybersecurity incidents. This would include disruptions that impact over 50% of the people in a province or 10 million people, such as critical infrastructure attacks.

The irony is that China is recognized for its advanced and aggressive foreign cyber operations. But there is brilliance in this requirement. China has an excellent perspective in how such attacks can be used to disrupt adversaries and push foreign policy. It doesn’t want to suffer in ways that other nations might and therefore is improving its response and recovery capabilities.

In contrast, when the US SEC required public companies to report material outages within 4 days beginning in 2025, there was upheaval with some cybersecurity leaders, stating that it was impossible or at the very least irresponsible. They lobbied Congress to repeal the requirements. Since the regulation took effect, no major issues have arisen from the 4-day requirement.

The vast majority of US critical infrastructure is operated by private industry and concealing cybersecurity compromises only benefits the attackers.

The Cybersecurity and Infrastructure Security Agency (CISA) is also looking to update rules specifically for US critical infrastructure, mandating a 72-hour notification, but the final rule may not be published until mid-2026.

China knows something and realizes the importance of early reporting. Even the most aggressive US reporting proposals falls far short of the 1-hour requirement in China.

I hope my peers will remain calm, realize the necessity, and support early notification in the US.

How do you rate this article?

13


Matthew Rosenquist
Matthew Rosenquist

Cybersecurity Strategist specializing in the evolution of threats, opportunities, and risks in pursuit of optimal security for our digital world.


Cybersecurity Tomorrow
Cybersecurity Tomorrow

Cybersecurity strategy perspectives for the emerging risks and opportunities of securing our digital world. The insights of today will lead to tomorrow's security, privacy, and safety foundations.

Publish0x

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.