China: National Cybersecurity Standardisation Technical Committee adopted notice on approval of cybersecurity standards projects

On 22 August 2025, the National Cybersecurity Standardisation Technical Committee (TC260) adopted the notice on the approval of 28 national cybersecurity standards projects (network security document no. 15). The approved projects cover a wide range of areas, including technical requirements for one-click control of automotive external data collection, technical specifications for mobile communication signal shielding devices, application interface specifications for cryptographic equipment (revision), and security requirements for cryptographic modules (revision). Other projects address physically unclonable function security, multi-channel certificate application and use protocols (revision), security requirements for consumer smart connected devices, and basic requirements for industrial control system security management (revision). Additional projects include guidelines for classification and grading of cybersecurity vulnerabilities (revision), general security specifications for integrated circuit chips, cybersecurity frameworks for satellite internet, and implementation guides for information security risk assessment (revision) and information security governance (revision). The list also covers indicators and methods for evaluating cybersecurity threat information, cybersecurity incident management coordination, codes of conduct for automated network data collection, and guidelines for personal information protection by small-scale processors. Further approvals cover guidelines on security in data provision, commissioned processing and joint processing, service capability requirements for professional institutions conducting compliance audits of personal information protection, revisions to personal information security specifications, classification guidelines for data security products, capacity building for data security practitioners, data security capability maturity models (revision), evaluation methods for AI security capability maturity, classification and grading of AI application security, security guidelines for AI applications involving minors, guidance on cloud computing security responsibilities, and implementation guides for blockchain system security.