China slaps 1-hour deadline on reporting serious cyber incidents Beijing will soon expect Chinese network operators to 'fess up to serious cyber incidents within an hour of spotting them – or risk penalties for dragging their feet. China digital fingerprint China ponders creating a national 'cyberspace ID' READ MORE From November 1, the Cyberspace Administration of China (CAC) will …
The other 'safer' option is that you report 'I have been hacked' then 'I made a mistake, I have not been hacked' on a rotating schedule of 59minutes 5seconds (allowing 55 seconds for the report to be logged as CCP central !!!)
You will be correct & mistaken multiple times but demonstrating a eagerness to comply with the directive from 'on high' !!!
(It is always best to be 'seen' to be trying to comply !!!)
:)
"other alternative appears to be to not get hacked"
Sharpening minds in the direction of that option sounds like a good thing to me. The response in the UK usually being particularly lackadaisical. "Oh yeah we forgot to mention all your shit got leaked a few weeks/months back but its not really our fault because it was a third party system". 1 hour does sound like a bit of a stretch though.
I note that they have at least been sensible to include the 'when noticed' condition, because some of these infections can linger for days before it becomes evident that something is amiss - especially the smaller shops don't have the tools and resources to immediately spot anomalies.
The 1 hour window is rather short, though, if the required reporting requires a long shopping list of questions to be filled out, but it does prompt for more speed than the IMHO too leisurely approach of 3 days after you spot a problem. OTOH, that does leave you with more time and resources to first put out the fire so it's a mixed bag.
Bonus points for including 'responsible people', it means executives who decide that bonus payments are more important than decent cyber defence and personnel may end up with a problem when consequences arrive. I've only seen that in Europe with DORA and NIS2, before that decision makers could hide behind the company.
In summary, possibly harsh but IMHO not without merit.
Pre-written report will sort out the problems with the 1 hour window.
The other option is to simply not look for nor monitor for hacks. If you only need to report from when you became aware: Ignorance is suddenly your best buddy. Anything goes wrong: It's tech. Hardware, software or just your system being slow. Repair it. But don't think for one minute, that it was a cyber incident! Nope: No hacking here. Just a glitch. Or bug. Or hardware failure. That'd cover it!
Obviously the head in the sand approach won't survive for long, so pre-writing a report that's vague enough but covers key points is the better way to go, with updates as and when you can actually get the information to put into the report. After all: You've done what you can within that 1 hour window... you just made a few mistakes.
Or AI: Get AI to do the report. There: Sorted! Can also get it to monitor for breaches, too. Makes me wonder, though, if that's actually what this is about: To get more businesses in China to employ AI to monitor their systems...
and I can say a lot. about the shit they get up to, at least they go after managing directors and the board of the companies deemed to have done wrong.
Compare that with the pathetic slap on the wrist (if any) that the west rolls out companies with security (if they bother with security at all) so rubbish that it is almost daily that a major company has had their I.T. systems broken into.
Or it maybe that the "highly sophisticated" malware that western companies are attacked with are way more "highly sophisticated" than the Chinese attacks... ?
Ishy
