China: National Cybersecurity Standardisation Technical Committee opened consultation on draft Cybersecurity Standards Practice Guide - Industrial Enterprise Data Security Capability Maturity Model

On 4 January 2026, China’s National Cybersecurity Standardisation Technical Committee (TC260) opened a public consultation, until 18 January 2026, on the draft Cybersecurity Standards Practice Guide - Industrial Enterprise Data Security Capability Maturity Model. The Practice Guide sets out an industrial enterprise data security capability maturity model and maturity level evaluation methods. Further, the Practice Guide defines capability elements, five maturity levels, and process domains covering industrial enterprise data across the full data lifecycle and general security. It also provides reference frameworks, assessment methods, and baseline requirements to guide industrial enterprises in building and evaluating data security capabilities.