Shulou(Shulou.com)11/24 Report--

CTOnews.com March 28 news, the General Administration of Market Supervision, the Central Internet Information Office, the Ministry of Industry and Information Technology, the Ministry of Public Security issued opinions on the implementation of network security service certification.

CTOnews.com is accompanied by official original text and links to the original text.

In order to promote the construction of the certification system for network security services and improve the capacity and service quality of network security service institutions, according to the regulations on Certification and Accreditation of the Network Security Law, the General Administration of Market Supervision, the Central Network Information Office, the Ministry of Industry and Information Technology, and the Ministry of Public Security put forward the following opinions on carrying out the certification of network security services uniformly implemented by the state.

First, the network security service certification work adheres to the basic principle of "unified management, joint implementation, unified standards, standardization and order". The General Administration of Market Supervision, the Central Internet Information Office, the Ministry of Industry and Information Technology, and the Ministry of Public Security shall, in accordance with their duties, strengthen the organization, implementation, supervision and management of certification work, and encourage network operators to widely accept the certification results of network security services. to promote the healthy and orderly development of the network security service industry.

2. The certification catalogue of network security services shall be determined and adjusted timely by the General Administration of Market Supervision, the Ministry of Industry and Information Technology, and the Ministry of Public Security in accordance with market demand and industrial development. At the present stage, it includes service categories such as inspection and evaluation, security operation and maintenance, security consultation and grade protection evaluation. Certification rules and certification marks shall be formulated and promulgated separately by the General Administration of Market Supervision after consulting the Central Internet Information Office, the Ministry of Industry and Information Technology and the Ministry of Public Security.

Third, the General Administration of Market Supervision, the Central Internet Information Office, the Ministry of Industry and Information Technology and the Ministry of Public Security jointly set up a network security service certification technical committee with the participation of government departments, scientific research institutions, certification institutions, standardization institutions, network security service organizations and users, to coordinate and solve the technical problems in the construction and implementation of the certification system, and to study and put forward suggestions for the compilation and revision of certification catalogues and certification rules.

4. Certification institutions engaged in network security service certification activities shall be established in accordance with the law, meet the basic conditions stipulated in the regulations on Certification and Accreditation and the measures for the Administration of Certification bodies, have the professional ability to engage in network security service certification activities, and shall be approved and qualified by the General Administration of Market Supervision after consulting the Central Network Information Office, the Ministry of Industry and Information Technology and the Ministry of Public Security in accordance with the responsibilities of various departments.

5. The network security service certification body shall, in accordance with the certification entrustment put forward by the certification consignor, carry out authentication work in accordance with the basic norms and rules of network security service certification, and establish a traceable working mechanism to fully record the whole certification process.

VI. The certification body for network security services shall disclose the standards of certification fees and the status of validity, suspension, cancellation or revocation of certification certificates, and submit the implementation of network security service certification and certification certificate information in accordance with the relevant provisions.

7. Network security service institutions that have passed certification shall carry out network security services in accordance with relevant laws and regulations, standards and norms, so as to ensure continuous compliance with certification requirements.

8. The market supervision department shall be responsible for supervising and managing the network security service certification bodies, certification activities and certification results, and shall investigate and deal with certification violations in accordance with the law.

IX. Internet information departments, industrial and information departments and public security departments shall, in accordance with their respective functions and duties, promote the acceptance and application of certification results, strengthen the supervision and management of network security services, promote the development of network security service industry, and investigate and deal with relevant illegal acts in accordance with the law.

According to the latest report of the data statistics agency IDC, the total investment in global cyber security in 2022 is $195.51 billion (currently about 1.34 trillion yuan), and is expected to increase to $297.91 billion (currently about 2.05 trillion yuan) in 2026, with a five-year compound growth rate (CAGR) of about 11.9 percent.

In the Chinese market, IDC expects China's cyber security spending to be close to $28.86 billion (currently about 198.268 billion yuan) by 2026, with a five-year compound growth rate of 18.8%, ranking first in the world.

In terms of Pexels hardware and software, Bao IDC said that Unified threat Management (UTM) will dominate the network security hardware market expenditure, and more than 60% of the hardware expenditure will go to this market.

IDC estimates that China's unified threat management market will spend more than $6 billion (currently about 41.22 billion yuan) by 2026; the information and data security software market is expected to become the largest and fastest-growing secondary market in the overall software market.

IDC said that from the end-user point of view, the government, finance, telecommunications and other industries are still the main spenders in the field of network security, accounting for nearly 60% of the total. In addition, investment in manufacturing and professional services is also growing rapidly in the cyber security market, with a five-year compound growth rate exceeding the industry average.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.