Will China’s revised cybersecurity rules put foreign firms at risk of losing their secrets?

Companies are concerned they may have switch to Chinese service providers and equipment to meet Beijing’s demands on the protection of sensitive data

‘Chinese government is putting in place new tools that make it much more difficult for companies to keep their information private,’ cybersecurity expert says

Reading Time:3 minutes

The latest revisions to China’s cybersecurity law take effect on December 1. Photo: Shutterstock

Published: 10:30pm, 13 Oct 2019Updated: 6:23pm, 14 Oct 2019

As the clock ticks down to the latest update to China’s cybersecurity regulations on December 1, foreign firms are becoming increasingly concerned about how the changes might affect their operations.

Beijing has set its sights on becoming a technology powerhouse and to achieve that knows it must also develop a defensive structure capable of protecting its manufacturers, researchers and developers from cyberattacks.

As such, the new regulations, which operate alongside China’s cybersecurity law enacted in 2017, lay out precise instructions on how public and private sector companies and organisations – both Chinese and foreign – must secure their networks.

For foreign firms that could mean switching to Chinese equipment, adapting international strategies and exposing their systems to Beijing’s inspectors.

“No other country in the world does this, so it’s unknown how this will work,” said Jim Fitzsimmons, a Singapore-based director of the cyber consulting team at Control Risks, who has been helping multinational companies on the Chinese mainland adapt to the regulations.