China: National Standardisation Administration issued plan for recommended national standards including nine cybersecurity standards

On 15 July 2025, the Secretariat of the National Cybersecurity Standardisation Technical Committee (TC260) issued Notice No. 90, announcing the issuance of plans for the revision of nine recommended national standards in cybersecurity, as authorised by the National Standardisation Administration. The projects, to be completed within a 16-month period from 11 July 2025 to 1 November 2026, will be overseen by TC 260 and assigned to several specialised working groups. The scope of these projects includes standards such as Cybersecurity Technology – Cybersecurity Product Interoperability: Part 4, Threat Information Format, Information Security Technology – Cryptographic Module Security Requirements, Cybersecurity Technology – IoT Security Reference Model and General Requirements, and Cybersecurity Technology – Security Technical Specification for Email Systems. Other projects cover Application Security Technical Requirements for IoT Perception Terminals, Capability Requirements and Evaluation Specification for Classified Protection Evaluation Institutions, Trusted Computing Specification: Trusted Support Platform for Servers, Basic Requirements for Industrial Control Systems Security Management, and Cryptographic Device Application Interface Specification. TC 260 instructed the relevant working groups to develop promotion plans, ensure timely implementation by the lead organisations, enhance coordination, seek broad stakeholder input, and align the drafting and revision of the standards with national requirements.