Vietnam | ENGLISH | CHINESE

After the implementation of the

Source:Cipon  Adddate:2021-10-25  Views:1870

2021In 2021, the "Regulations on the Management of Network Product Security Vulnerabilities", the "Data Security Law of the People's Republic of China", and the "Regulations on the Protection of Key Information Infrastructure Security" were successively implemented, and the implementation of the "Personal Information Protection Law of the People's Republic of China" is also on the way. It can be seen that the compliance trend in the network security industry is not "a gentle breeze blowing on the face and a gentle rain", but "a thunderous and resolute move sweeping the mountains and seas"

9On September 1st, the "Regulations on the Management of Network Product Security Vulnerabilities" (hereinafter referred to as the "Regulations") have officially come into effect. The "Regulations" mainly manage and constrain four types of responsible parties: network product (including hardware and software) providers, network operators, organizations or individuals engaged in activities such as discovering, collecting, and publishing network product security vulnerabilities, and vulnerability collection platforms. Let's take a look at the "must know, must pay attention to must know" matters of the four types of responsible parties.


In the increasingly severe situation of network security, standardized management of vulnerabilities has become an essential and critical part of the network security defense battle. To ensure the implementation of standardized management of vulnerabilities, the concerted efforts of four types of responsible parties are needed. From the discovery, repair, and disclosure of vulnerabilities, every step should not be taken lightly. As the first responsible person (network security product provider), we firmly believe that we will take responsibility, strictly abide by the "Regulations", and work together with the second responsible person (network operator), the third responsible person (organizations or individuals engaged in network product security vulnerability discovery, collection, and publication activities), and the fourth responsible person (vulnerability collection platform) to build a network security defense line and protect the security of the cyberspace.

Previous:Huawei Professional Certification New Upgrade Notice

Next:Warm Celebration of the Successful Conclusion of the