Improving the Institutional System for Digital Security and building a flexible, resilient, and robust Digital Security Industrial Ecosystem will help establish a trustworthy and controllable Digital Security Barrier. This is essential for meeting the major security demands of our country’s digital transformation and will provide strong momentum for the construction of Cyber Great Power and Digital China.
健全数字安全制度体系,构建灵活、稳健、强大的数字安全产业生态,筑牢可信可控的数字安全屏障。有利于满足我国数字化转型的重大安全需求,为网络强国、数字中国建设提供强大推动力。
“Digital China Construction Series (Lesson 10 of 13): Build a Strong, Trustworthy, and Controllable Digital Security Barrier,” Beijing Party Member Education Network, April 11, 2025
On April 11, 2025, the Beijing Party Member Education Network released a remarkable 13-lesson educational series on China’s national digital strategy, Digital China. Designed as a foundational introduction, the course targets Party cadre and members and is intended to raise awareness, elevate political understanding, and standardize implementation.
Lesson Ten underscores the foundational importance of digital security in building Digital China. The lesson also makes its central point unmistakably clear: digital security is not simply a technical issue but a core pillar of national development.
On February 27, 2023, the Central Government added a Digital Security Barrier to the strategic framework of Digital China, bracketed by the new Digital Technology Innovation System.
Digital Security Barrier
The Party sees digital security as not simply a technical issue but a core pillar of national development and a necessary condition for the success of China’s digital transformation. Digital security is both a response to accelerating innovation in information technology and a bulwark against increasingly complex risks, ranging from human error to cyberattacks and system vulnerabilities. In this context, a “trustworthy and controllable Digital Security Barrier” becomes essential to protect national interests, ensure sovereignty in cyberspace, and support the safe development of new digital infrastructure, platforms, and services.
Cybersecurity and Data Security
The Party calls for strengthening both cybersecurity and data security. Cybersecurity is defined in systemic terms: the protection of hardware, software, and data across networks to ensure uninterrupted service and reliable operations. Data security is addressed as a complex and rising strategic priority, particularly its foundational role in the Digital Economy. Data is seen as both a resource and a vulnerability. A key aim is to build a data monitoring and emergency response system capable of real-time analysis, risk forecasting, and incident containment. A robust Digital Security Barrier, including data protection, is the precondition for secure governance, economic modernization, and global competitiveness in the digital age.
A Series Roadmap
If you are new to Digital China, you may want to begin with my overview of the strategy and a shortlist of key concepts that cadre are expected to master. Both will help you navigate the lessons.
Let’s continue the series with Lesson Ten:
Each lesson’s web address is linked to its original Chinese-language title. Note: Some of these links may have security certificate issues. For your safety, I’ve also embedded a clean, archived copy of each video in the corresponding post. You can choose which version to view, but I recommend using the archived copy for a safer experience.
“Digital China Construction Series 10: Build a Strong, Trustworthy, and Controllable Digital Security Barrier” (数字中国建设系列之十:筑牢可信可控的数字安全屏障), Beijing Party Member Education Network (北京党员教育网), April 11, 2025
Archived Video
Speaker: Beijing Guoheng Zhilin Cultural Communication Co., Ltd. (北京国恒智林文化传播有限公司)
Length: 10:30
Synopsis: The current digital security environment is becoming increasingly complex. In this context, building a strong, trustworthy, and controllable Digital Security Barrier is both an urgent requirement for addressing digital security challenges and a core element of strengthening the critical capabilities of Digital China. This includes not only the security of data, but also the security of infrastructure and application systems.
简介:当前数字安全环境日趋复杂。在此情境下,筑牢可信可控的数字安全屏障,是应对数字安全挑战的迫切需要,也是强化数字中国关键能力的核心之一。它既包括数据的安全,也包括基础设施安全和应用系统安全等。
Terminology shortlist with footnoted definitions: Digital Security Barrier1 (数字安全屏障).
Video Transcript and Translation
Terminology shortlist and other key terms are highlighted in blue.
00:26
On May 20, 2023, the Guangzhou Digital Security Operations Center was officially launched. As the first digital security operations center for a megacity in China, it will provide integrated digital security services with unified standards, quality, and operations across six key service areas, “cloud, network, edge, terminal, user, and security operations.” The center will serve all 505 government agencies in Guangzhou, creating a unified digital security “shield” that combines both defensive and offensive capabilities.
2023年5月20日,广州数字安全运营中心正式启用。作为全国首个超大城市数字安全运营中心它将在 “云 网 边 端 用” 及安全运营六大重点服务领域,为广州全市505家政府单位提供统一标准、统一质量、统一运营的一体化数字安全保障服务,打造攻守兼备的数字安全 “防护盾。”
00:59
Digital security is the cornerstone of China’s digitalization and plays a foundational role in the construction of Digital China. At present, the new generation of network information technology is rapidly iterating. New technical architectures, business models and application scenarios are constantly emerging. Digital has entered a major transformation period led by system innovation and intelligence, bringing new opportunities for global development.
数字安全是中国数字化的基石,在数字中国建设中起着底板作用。当下,新一代网络信息技术快速迭代。新的技术架构、业务模式和应用场景不断涌现,数字进入系统创新和智能引领的重大变革期,为全球发展带来了新的机遇。
01:24
At the same time, new risks are emerging: data breaches caused by human error, illegal intrusions resulting from network vulnerabilities, and insufficient emergency response capabilities due to gaps in security strategies and response systems. These issues have led to frequent incidents such as the widening digital divide, digital hegemony, and digital monopolies. The Digital Security Environment is becoming increasingly complex. In this context, building a trustworthy and controllable Digital Security Barrier is an urgent necessity to meet these growing challenges.
与此同时,新的风险也随之而来,人为疏忽导致的数据泄露、网络漏洞导致的非法入侵安全策略和应急体系缺失导致的应急能力不足,以及由此引发的数字鸿沟、数字霸权、数字垄断等事件频发。数字安全环境日趋复杂。在此情境下,筑牢可信可控的数字安全屏障,是应对数字安全挑战的迫切需要。
01:56
It is also one of the core elements in strengthening the critical capabilities of Digital China. Traditional concepts of digital security focused on protecting technical aspects such as networks and systems. Today, digital security encompasses a broader range of areas, including information security, cybersecurity, data security, and privacy protection. Conceptually, digital security in the new era refers to safeguarding digital information and systems from unauthorized access, use, attacks, theft, and disruption.
也是强化数字中国关键能力的核心之一。传统的数字安全理念强调对网络 、系统等技术层面的安全保护,如今数字安全则涵盖信息安全、网络安全、数据安全、 隐私保护等各领域。体现在概念上,新时期的数字安全是指保护数字信息和系统不受非法访问、使用、攻击、窃取和干扰等。
02:28
It includes not only the security of data, but also the security of infrastructure and application systems. To build a trustworthy and controllable Digital Security Barrier, it is essential to strengthen a National Protection System from both cybersecurity and data security perspectives.
既包括数据的安全,也包括基础设施安全和应用系统安全等。筑牢可信可控的数字安全屏障,要从网络安全和数据安全两方面夯实国家保障体系。
02:47
First, effectively safeguard cybersecurity. The report of the 20th Party Congress emphasized the need to modernize the National Security System and capabilities, and to resolutely safeguard national security and social stability.”
一是切实维护网络安全。党的二十大报告强调,推进国家安全体系和能力现代化,坚决维护国家安全和社会稳定。
02:59
Without cybersecurity, there is no national security. Cybersecurity refers to the protection of the hardware, software, and data within network systems from accidental or malicious damage, alteration, or leakage. It ensures the continuous and reliable operation of systems, uninterrupted network services, the secure storage of network information, and the safety of information throughout its generation, transmission, and use.
没有网络安全就没有国家安全。网络安全,指网络系统的硬件、软件及其系统中的数据受到保护,不因偶然或恶意的原因遭到破坏、更改、泄露。系统连续可靠的运行,网络服务不中断,保障网络信息的存储安全,以及信息产生、传输和使用过程中的安全。
03:28
To build a robust Digital Security Barrier, it is essential to effectively safeguard cybersecurity and improve the legal, regulatory, and policy systems for cybersecurity. In 1994, our country achieved full-function access to the global Internet. After 2000, the powerful media, commercial, and social value of the Internet gradually became evident. Government departments began to pay greater attention to participating in network information governance, successively issuing regulations such as the Telecommunications Regulations, the Administrative Measures for Internet Information Services, and the Electronic Signature Law.
要筑牢数字安全屏障,就要切实维护网络安全,完善网络安全法律法规和政策体系。1994年我国全功能接入国际互联网,2000年以后,互联网强大的媒体、商业和社会价值逐步显现。各部门开始重视参与网络信息治理,相继颁布了 “电信条例、” “互联网信息服务管理办法、” 电子签名法。”
04:00
The Decision of the Standing Committee of the National People’s Congress on Safeguarding Internet Security marked the beginning of an emphasis on cybersecurity. After our country’s Internet entered a fully socialized stage, the Central Leading Group for Cybersecurity and Informatization was established on February 27, 2014, to plan and coordinate the top-level design and promote comprehensive governance of the Internet according to law. On June 1, 2017, the Cybersecurity Law of the People’s Republic of China officially came into effect. This was our country’s first dedicated law in the field of cyberspace.
“全国人民代表大会常务委员会关于维护互联网安全的决定” 则开始强调网络安全。我国互联网进入全面社会化阶段后,2014年2月27日,中央网络安全和信息化领导小组成立,开始统筹协调顶层设计,全面依法治网。2017年6月1日, “中华人民共和国网络安全法” 正式实施,这是我国互联网领域第一部专门法律。
04:35
It affirmed the principle of cyber sovereignty, established a system for the protection of Critical Information Infrastructure, and clarified the rights and obligations of Internet content regulators, network operators, and individuals in the field of cybersecurity. It also further refined the rules for personal information protection, marking a significant milestone in the development of our country’s cyberspace rule of law.
它声明了网络主权原,则建立了关键信息基础设施保护制度,明确了互联网信息内容管理部门、网络运营者与个人在网络安全保护领域的权利与义务。进一步完善了个人信息保护规则,成为我国网络空间法治化建设的重要里程碑。
04:59
2021 was a pivotal year for cybersecurity legislation in our country. On April 27, the State Council passed the Regulations on the Security Protection of Critical Information Infrastructure, which came into effect on September 1 of that year. On June 10, after three rounds of deliberation, the revised Data Security Law of the People’s Republic of China was passed and also took effect on September 1, 2021.
2021年是我国网络安全立法的关键一年。4月27日,国务院通过 “关键信息基础设施安全保护条例。” 当年9月1日起施行。6月10日,历经三次审议 ,修改的 “中华人民共和国数据安全法” 表决通过。也于当年9月1日生效实施。
05:24
On August 20, the Personal Information Protection Law of the People’s Republic of China was passed and came into effect on November 1 of the same year, marking a new stage in the development of our country’s personal information protection legislative system. In addition, our country successively introduced policy documents such as the Cybersecurity Review Measures and the Security Assessment Measures for Cloud Computing Services, establishing a series of important systems for cybersecurity reviews, cloud computing service security assessments, data security management, and personal information protection. Over 300 national cybersecurity standards have been formulated and issued, including the Security Protection Requirements for Critical Information Infrastructure.
8月20日, “中华人民共和国个人信息保护法” 通过,于当年11月1日起实施。标志着我国个人信息保护立法体系进入新的发展阶段。此外,我国还相继出台 “网络安全审查办法、” “云计算服务安全评估办法” 等政策文件,建立起网络安全审查、云计算服务安全评估,数据安全管理、个人信息保护等一批重要制度,制定发布关 “键信息基础设施安全保护要求” 等300余项网络安全国家标准。
06:04
The legal, regulatory, and policy systems for cybersecurity has been steadily improved, significantly enhancing cybersecurity defense capabilities. Cybersecurity education, technology, and industry have also developed rapidly. According to the Digital China Development Report 2022, the scale of our country’s cybersecurity industry in 2022 was projected to reach nearly 217 billion yuan, representing a year-on-year growth of 13.9%.
网络安全法律法规和政策体系逐步健全,网络安全防护能力大幅提升,网络安全教育、技术、产业等加快发展。“数字中国发展报告2022” 年显示,2022年我国网络安全产业规模预计近2,170亿元。同比增长13.9%。
06:31
Second, strengthen data security protection capabilities. In the digital era, while data has become a key factor of production and a core asset, it also faces significant security risks. Research reports show that the number of global data breaches in 2020 exceeded the total from the previous 15 years combined. Between 2021 and 2022, the global average cost of a data breach rose from $4.24 million to $4.35 million, a year-on-year increase of 2.6%, reaching a record high.
二是增强数据安全保障能力。数字时代,数据在成为重要生产要素和核心资产的同时,也面临着巨大的安全风险。研究报告显示,2020年全球数据泄露数量已超过此前15年的总和。2021年至2022年间数据泄露的全球平均成本从424万美元增加至435万美元,同比增长2.6%,创历史新高。
07:08
Data security has become the core challenge of cybersecurity and can even pose a threat to national security. General Secretary Xi Jinping has emphasized the need to effectively safeguard national data security, strengthen the protection of Critical Information Infrastructure, and enhance the nation’s capacity to secure key data resources. It is also essential to improve early warning and traceability capabilities for data security. Data security refers to the protection of the data itself, typically through proactive technical measures such as modern cryptographic algorithms to ensure confidentiality, data integrity, and strong mutual authentication.
数据安全成为网络安全的核心挑战,甚至危及国家安全。习近平总书记强调,要切实保障国家数据安全,要加强关键信息基础设施安全保护,强化国家关键数据资源保护能力。增强数据安全预警和溯源能力。数据安全包括数据本身的安全,一般采用现代密码算法等技术对数据进行主动保护,如数据保密 、数据完整性、双向强身份认证等。
07:46
It also includes the security of data protection measures themselves, typically achieved through modern information storage technologies for proactive defense, such as disk arrays, data backups, and off-site disaster recovery. To address emerging security challenges, it is necessary to strengthen data security protection capabilities and establish a Basic Systems for Data Protection based on Classification and Grade.
也包括数据防护的安全。通常采用现代信息存储等手段对数据进行主动防护。如磁盘阵列、数据备份、异地容灾等。应对新安全挑战,需要增强数据安全保障能力,建立数据分类分级保护基础制度。
08:07
Improve the system for network data monitoring, early warning, and emergency response. Article 21 of the Data Security Law of the People’s Republic of China stipulates that the state shall establish a Protection System for Data based on “classification and grade.”2 Based on this, on September 14, 2022, the National Information Security Standardization Technical Committee released a draft for public comment of the national standard titled Information Security Technology-Requirements for Classification and Grading of Network Data.
健全网络数据监测预警和应急处置工作体系。 “中华人民共和国数据安全法” 第二十一条规定,国家建立数据分类分级保护制度。以此为基础2022年9月14日,全国信息安全标准化技术委员会发布国家标准 “信息安全技术 网络数据分类分级要求” 征求意见稿。
08:36
The standard outlines the basic principles, framework, and methodology for data classification and grading. It stipulates that data should first be classified by industry sector, and then by business attributes. Based on the data’s importance to economic and social development, as well as the potential degree of harm to national security, public interests, or the lawful rights and interests of individuals and organizations in the event of leakage, tampering, damage, or illegal access or use, data is graded into three levels, core, important, and general, in descending order of sensitivity.
给出了数据分类分级的基本原则、框架和方法。标准规定数据按照先行业领域、在业务属性的思路进行分类。根据数据在经济社会发展中的重要程度,以及一旦遭到泄露、篡改、破坏或者非法获取、非法利用,对国家安全、公共利益或者个人组织合法权益造成的危害程度,将数据从高到低分为核心、重要、一般三个级别。
09:12
Improving the system for network data monitoring, early warning, and emergency response requires action in three areas. First, establish a robust data collection and analysis system to ensure real-time and accurate awareness of dynamic digital security information and to quickly identify potential data security threats and risks. Second, rely on effective risk assessment technologies and early warning mechanisms to classify, consolidate, and analyze digital security incident information, assess the likelihood of occurrence and potential impact, and establish early warning systems for high-risk events.
健全网络数据监测预警和应急处置工作体系,则要从三个方面着手。其一,构建完善的数据收集和分析系统。确保实时准确地掌握数字安全动态信息,快速识别潜在的数据安全威胁和风险。其二,依托有效的风险评估技术和风险预警机制。对数字安全事件信息进行分类、整合和分析,评估其发生的概率和可能造成的风险 ,并针对高风险事件建立预警机制。
09:50
Third, based on early warning information, develop comprehensive emergency response plans and take timely countermeasures to reduce the impact of data breaches and risk shocks. Improving the Institutional System for Digital Security and building a flexible, resilient, and robust Digital Security Industrial Ecosystem will help establish a trustworthy and controllable Digital Security Barrier. This is essential for meeting the major security demands of our country’s digital transformation and will provide strong momentum for the construction of Cyber Great Power and Digital China.
其三,根据预警信息制定完善的应急预案,及时采取应对措施,减少数据泄露。和风险冲击的影响。健全数字安全制度体系,构建灵活、稳健、强大的数字安全产业生态,筑牢可信可控的数字安全屏障。有利于满足我国数字化转型的重大安全需求,为网络强国、数字中国建设提供强大推动力。
Footnotes
- Digital Security Barrier (数字安全屏障). “To build a robust Digital Security Barrier, it is essential to effectively safeguard cybersecurity and improve the legal, regulatory, and policy framework for cybersecurity. This includes not only the security of data, but also the security of infrastructure and application systems. Improving the Institutional System for Digital Security and building a flexible, resilient, and robust Digital Security Industrial Ecosystem will also help establish a trustworthy and controllable Digital Security Barrier.” see “Inside Digital China (10/13): Digital Security Barrier.” ↩︎
- 分类分级 is alternatively translated as “classification/grading” (China National Information Security Standardization Technical Committee, TC260), “category/class” (China Daily Language Tips), and “category/grade” (DigiChina). H/T to DigiChina for its analysis from 2021 on the underlying meaning of the term: “Categorized refers to classification of data by type; graded refers to classification by level of sensitivity.” ↩︎