For some time now, CIOs around the world have been busy fixing the Log4j2 vulnerability. From a technical perspective, there are solutions such as patches and system upgrades. However, vulnerability management is not just a technical issue in China; there are also legal requirements that companies must meet. For example, service providers are required by… Continue reading Legal Requirements for Vulnerability Management
China continues to strengthen its control of operators of large Internet platforms. In addition to the regulation on the use of algorithms to influence user behavior, such as recommendation algorithms, which will come into force on March 1, 2022, the Cybersecurity Review Measures will come into force on February 15, 2022. In addition to operators… Continue reading Measures of the Cyber Security Review
Critical Information Infrastructure Operators (CIIOs) are a central and so far vague concept of China’s new cybersecurity and data protection system. With the regulations on critical information infrastructure protection (“the regulations”) that came into force on September 1, 2020, the government is now creating more transparency, but at the same time increasing the pressure on… Continue reading Who Is Operator of Critical Information Infrastructure?