MLPS 2.0: Insights and Strategies

MLPS 2.0: Insights and Strategies

To understand the MLPS 2.0 series standards and conduct MLPS compliance implementation

a man looking at city view

In 2016, China released its first National Cybersecurity Strategy, which states, “There is no national security without cybersecurity.” This strategy also highlights the importance of cybersecurity legislation. As a result, the Cybersecurity Law of the People’s Republic of China (“CSL”) was adopted in November 2016 and became effective in June 2017.

In fact, the MLPS is derived from the Administrative Measures for the Multi-level Protection of Information Security (“MLPS Administrative Measures”), which has been under implementation by the Ministry of Public Security for years. Based on the MLPS Administrative Measures, the Ministry of Public Security, in conjunction with other related government agencies, drafted the Regulations on Multi-level Protection for Cybersecurity (Exposure Draft) (“MLPS Regulation”) to support the implementation of CSL and the MLPS. The MLPS Regulation marked the beginning of MLPS 2.0.

Recently, Technical Management Department of the State Administration for Market Regulation (SAMR) held a national standard press conference to officially issue core MLPS 2.0 series of national standards (“MLPS 2.0 series of standards”), including <GB/T 22239-2019 Information Security Technology–Baseline for Classified Protection of Cybersecurity>, <GB/T 25070-2019 Information Security Technology–Technical Requirements of Security Design for Classified Protection of Cybersecurity> and <GB/T 28448-2019 Information Security Technology–Evaluation Requirements for Classified Protection of Cybersecurity>, which can effectively guide network operators, network security enterprises and network security service providers to carry out the multi-level protection implementation work and comprehensively improve the security protection capability of network operators.

The MLPS 2.0 series standards apply to the supervision of the development, operation, maintenance and use of networks in China. Starting from the MLPS 2.0 development history, KPMG is focusing on the “What is MLPS 2.0”, “MLPS 2.0 challenges” and “Proposed compliance path for MLPS 2.0” to provide insights of interpretation and response for enterprises.

© 2024 KPMG Huazhen LLP, a People's Republic of China partnership, KPMG Advisory (China) Limited, a limited liability company in Chinese Mainland, KPMG, a Macau (SAR) partnership, and KPMG, a Hong Kong (SAR) partnership, are member firms of the KPMG global organisation of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

The KPMG name and logo are trademarks used under license by the
independent member firms of the KPMG global organisation.

For more detail about the structure of the KPMG global organisation please visit


Connect with us