In 2016, China released its first National Cybersecurity Strategy, which states, “There is no national security without cybersecurity.” This strategy also highlights the importance of cybersecurity legislation. As a result, the Cybersecurity Law of the People’s Republic of China (“CSL”) was adopted in November 2016 and became effective in June 2017.

In fact, the MLPS is derived from the Administrative Measures for the Multi-level Protection of Information Security (“MLPS Administrative Measures”), which has been under implementation by the Ministry of Public Security for years. Based on the MLPS Administrative Measures, the Ministry of Public Security, in conjunction with other related government agencies, drafted the Regulations on Multi-level Protection for Cybersecurity (Exposure Draft) (“MLPS Regulation”) to support the implementation of CSL and the MLPS. The MLPS Regulation marked the beginning of MLPS 2.0.

Recently, Technical Management Department of the State Administration for Market Regulation (SAMR) held a national standard press conference to officially issue core MLPS 2.0 series of national standards (“MLPS 2.0 series of standards”), including <GB/T 22239-2019 Information Security Technology–Baseline for Classified Protection of Cybersecurity>, <GB/T 25070-2019 Information Security Technology–Technical Requirements of Security Design for Classified Protection of Cybersecurity> and <GB/T 28448-2019 Information Security Technology–Evaluation Requirements for Classified Protection of Cybersecurity>, which can effectively guide network operators, network security enterprises and network security service providers to carry out the multi-level protection implementation work and comprehensively improve the security protection capability of network operators.

The MLPS 2.0 series standards apply to the supervision of the development, operation, maintenance and use of networks in China. Starting from the MLPS 2.0 development history, KPMG is focusing on the “What is MLPS 2.0”, “MLPS 2.0 challenges” and “Proposed compliance path for MLPS 2.0” to provide insights of interpretation and response for enterprises.