HOME   Cart(0)   Quotation   About-Us Tax PDFs Standard-List Powered by Google www.ChineseStandard.net Database: 189759 (9 Feb 2025)

GB/T 32924-2016 PDF English


Search result: GB/T 32924-2016 English: PDF (GB/T32924-2016)
Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardStatus
GB/T 32924-2016English150 Add to Cart 0-9 seconds. Auto-delivery. Information security technology -- Guideline for cyber security warning Valid
BUY with any currencies (Euro, JPY, GBP, KRW etc.): GB/T 32924-2016     Related standards: GB/T 32924-2016

PDF Preview: GB/T 32924-2016


GB/T 32924-2016: PDF in English (GBT 32924-2016)

GB/T 32924-2016 GB NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 Information security technology - Guideline for cyber security warning ISSUED ON: AUGUST 29, 2016 IMPLEMENTED ON: MARCH 01, 2017 Issued by: General Administration of Quality Supervision, Inspection and Quarantine; Standardization Administration of the People's Republic of China. Table of Contents Foreword ... 3  Introduction ... 4  1 Scope ... 5  2 Normative references ... 5  3 Terms and definitions ... 5  4 Classification of cyber security warning ... 6  5 Cyber security warning process ... 11  Bibliography ... 13  Information security technology - Guideline for cyber security warning 1 Scope This Standard gives classification guidelines and processing procedures for cyber security warning. This Standard provides guidance for timely and accurate understanding of the impact of cyber security incidents or threats, possible consequences, and effective measures. This Standard is also applicable to network and information system supervisors and operation departments referring to the handling of cyber security incidents or threats. 2 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. GB/T 22240-2008, Information security technology - Classification guide for classified protection of information systems security GB/T 25069-2010, Information security technology - Glossary 3 Terms and definitions For the purposes of this document, the terms and definitions defined in GB/T 25069-2010 as well as the followings apply. For ease of use, some terms and definitions in GB/T 25069-2010 are listed repeatedly below. 3.1 object of cyber security protection It also refers to assets, information or resources that are valuable to the organization. It is the object of security policy protection. NOTE: It mainly refers to the application, data, and equipment of important information systems. [GB/T 20984-2007, definition 3.1] protection The degree to which the object of cyber security protection may be damaged refers to the damage to its software and hardware, functions and data by a cyber security incident or threat, the extent to which the system business is slow or interrupted, data leakage, tampering, loss or damage, and direct and indirect losses to the object of protection. Its size mainly considers the possible direct losses of the object of protection itself, as well as the cost of defending against attacks, restoring the normal operation of the system, and eliminating negative effects. It is classified into very severe, severe, large and general. Specifically: a) Very severe damage refers to the large-scale paralysis that may cause or has caused the network or information system to lose business processing capabilities, or the confidentiality, integrity, and availability of critical system data have been severely damaged; the cost of restoring the normal operation of the system and eliminating the negative effects is huge. For example: - Large-scale and continuous cyber attacks may cause or have caused a large-scale paralysis of the network or information system, causing it to lose business processing capabilities; - Security vulnerabilities and vulnerability exploitation processes involving management permissions are disclosed, and automated attack tools appear, which may cause or have caused large-scale personal information leakage, including account password, bank card number and other information that may affect property. b) Severe damage refers that it may cause or has caused a long-term interruption or partial paralysis of the network or information system, so that its business processing capabilities are greatly affected, or the confidentiality, integrity, and availability of key system data are destroyed; the cost of restoring the system to normal operation and eliminating negative effects is huge. For example: - Organized and targeted attacks may cause or have caused a long-term interruption or partial paralysis of the network or information system, which greatly affects its business processing capabilities; - Security vulnerabilities and vulnerability exploitation processes involving remote command execution are disclosed, which may cause or have caused large-scale personal information leakage but does not contain financial information. c) Large damage refers to the network or information system that may cause greatly threaten national security, cause social unrest, have extremely bad negative effects on economic construction, or seriously damage public interests, a red warning shall be issued. That is, it may cause particularly serious damage to very important object of cyber security protection. 4.2.3 Orange warning (level II warning) When a serious cyber security incident or threat occurs, which may threaten national security, cause social panic, have a major negative impact on economic construction, or harm the public interest, an orange warning shall be issued. Including the following: a) It may cause serious damage to very important object of cyber security protection; b) It may cause particularly serious damage to important object of cyber security protection. 4.2.4 Yellow warning (level III warning) When a serious cyber security incident or threat occurs, which may affect national security, disrupt social order, have a certain negative impact on economic construction, or affect public interests, a yellow warning shall be issued. Including the following: a) It may cause greater or general damage to very important object of cyber security protection; b) It may cause serious or greater damage to important object of cyber security protection; c) It may cause very serious or serious damage to general cyber security protection. 4.2.5 Blue warning (level IV warning) When a general cyber security incident or threat occurs, it has basically no impact on national security, social order, economic construction and public interests, but may cause damage to the interests of individual citizens, legal persons or other organizations, and a blue warning shall be issued. When it is especially mild, no warning can be issued. Including the following: a) It may cause general damage to important object of cyber security protection; b) It may cause greater or general damage to general object of cyber security protection. ......
 
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.