Not doing the work of equal protection is illegal
What is the equal protection?
Cybersecurity Level Protection AssessmentEqual Protection AssessmentIt is the fundamental system, strategy and approach for ensuring national information security. The work of cybersecurity classification protection is a kind of work that protects information and information carriers in different levels according to their importance. Information system operation and usage units shall select qualified cybersecurity level protection assessment institutions certified by the Ministry of Public Security, and conduct regular detection and assessment of the cybersecurity status of information systems in accordance with relevant technical standards such as "Information Security Technology - Basic Requirements for Cybersecurity Level Protection".
The Cybersecurity Law clearly stipulates that information system operation and usage units shall fulfill their security protection obligations in accordance with the requirements of the cybersecurity classification protection system. If they refuse to do so, they will be subject to corresponding penalties.

Why do we need to do the equal protection?
For the development of business through external cooperation, for instance, some software enterprises sell software systems externally. The client needs to prove that your information system is secure before making a purchase. Therefore, the client will require the software enterprise to conduct a network security level protection assessment to prove that the information system is secure.
Enhance one's own network security protection capabilities
Ensure that the network is protected from interference, damage or unauthorized access, and prevent the leakage, theft or tampering of network data
Comply with relevant national laws, regulations and industry supervision requirements
Article 21 of the Cybersecurity Law: The state implements a cybersecurity classification protection system. Network operators shall, in accordance with the requirements of the cybersecurity classification protection system, fulfill the following security protection obligations
Not doing the work of equal protection is illegal! Not doing the work of equal protection is illegal!
Article 21 of the Cybersecurity Law
Article 21: The state implements a system of classified protection for cyber security. Network operators shall, in accordance with the requirements of the cybersecurity classification protection system, fulfill the following security protection obligations to ensure that the network is free from interference, damage or unauthorized access, and to prevent the leakage, theft or tampering of network data:
1. Formulate internal security management systems and operating procedures, determine the person in charge of network security, and implement the responsibility for network security protection;
2. Take technical measures to prevent computer viruses, network attacks, network intrusions and other behaviors that endanger network security;
3. Take technical measures to monitor and record the network operation status and network security incidents, and retain relevant network logs for no less than six months as required.
4. Take measures such as data classification, backup of important data and encryption;
5. Other obligations as prescribed by laws and administrative regulations.
Article 59 of the Cybersecurity Law
Article 59: Where a network operator fails to perform the obligations of network security protection as prescribed in Articles 21 and 25 of this Law, the relevant competent department shall order it to make corrections and give it a warning. Where corrections are refused or consequences such as endangering network security are caused, a fine of not less than 10,000 yuan but not more than 100,000 yuan shall be imposed, and a fine of not less than 5,000 yuan but not more than 50,000 yuan shall be imposed on the directly responsible person in charge.
Where the operator of critical information infrastructure fails to perform the obligations of cyber security protection as prescribed in Articles 33, 34, 36 and 38 of this Law, the relevant competent department shall order it to make corrections and give it a warning. Where corrections are refused or consequences such as endangering network security are caused, a fine of not less than 100,000 yuan but not more than 1 million yuan shall be imposed, and a fine of not less than 10,000 yuan but not more than 100,000 yuan shall be imposed on the directly responsible person in charge.
"Criminal Law"Article 286
Article 286-1 [Crime of Refusing to Perform Information Network Security Management Obligations] Where a network service provider fails to perform the information network security management obligations as prescribed by laws and administrative regulations, and refuses to make corrections after being ordered by the regulatory department, and any of the following circumstances exists, it shall be sentenced to fixed-term imprisonment of not more than three years, criminal detention or public surveillance, and shall also or solely be fined:
(1) Causing the extensive dissemination of illegal information;
(2) Causing the leakage of user information and resulting in serious consequences;
(3) Causing the loss of evidence in criminal cases and the circumstances are serious;
(4) Where there are other serious circumstances and a unit commits the crime mentioned in the preceding paragraph, a fine shall be imposed on the unit. And the persons directly in charge and other persons directly responsible shall be punished in accordance with the provisions of the preceding paragraph.

If enterprises and public institutions violate the Cybersecurity Law and the Criminal Law and fail to fulfill their cybersecurity protection obligations in accordance with relevant regulations, the responsible persons of the enterprises will be directly summoned for a talk, fined, and required to rectify within a prescribed time limit. Not only will it cause irreparable losses to the unit's economy, but it will also damage the unit's image in the industry, which is not worth it. Urge the relevant responsible persons to do a good job in the software projectEqual Protection AssessmentWork.
