China: Opened consultation on TC260 guide on generated artificial intelligence service security emergency response

On 18 December 2024, the National Technical Committee on Cybersecurity of Standardisation Administration (TC260) opened a public consultation on cybersecurity standard practice guidelines on generative artificial intelligence (AI) service security emergency response. The consultation remains open until 31 December 2024. The guide aims to help generative AI service providers manage and respond to security incidents effectively. It is designed to assist in preparing for and responding to security incidents and covers the classification and grading of security incidents, as well as the emergency response process. According to the guide, security incidents are classified based on their impact on business operations and data, the severity of business losses, and the extent of social harm. Incidents are graded into four levels, particularly severe, severe, moderate, and general, with corresponding management measures. Upon detection of a security incident, the response team will evaluate the incident, activate the relevant emergency plan, and take immediate action to mitigate the impact.