|
US$329.00 · In stock
Delivery: <= 3 days. True-PDF full-copy in English will be manually translated and delivered via email.
GA/T 1717.2-2020: Information security technology - Notification and warning of cyber security incidents - Part 2: Specifications for procedure for notification and warning
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GA/T 1717.2-2020 | English | 329 |
Add to Cart
|
3 days [Need to translate]
|
Information security technology - Notification and warning of cyber security incidents - Part 2: Specifications for procedure for notification and warning
| Valid |
GA/T 1717.2-2020
|
PDF similar to GA/T 1717.2-2020
Basic data | Standard ID | GA/T 1717.2-2020 (GA/T1717.2-2020) | | Description (Translated English) | Information security technology - Notification and warning of cyber security incidents - Part 2: Specifications for procedure for notification and warning | | Sector / Industry | Public Security (Police) Industry Standard (Recommended) | | Classification of Chinese Standard | A90 | | Classification of International Standard | 35.240 | | Word Count Estimation | 14,160 | | Date of Issue | 2020-03-24 | | Date of Implementation | 2020-08-01 | | Issuing agency(ies) | Ministry of Public Security | GA/T 1717.2-2020: Information security technology - Notification and warning of cyber security incidents - Part 2: Specifications for procedure for notification and warning
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
(Information Security Technology Network Security Incident Notification and Early Warning-- - Part 2.Notification and Early Warning Process Specification)
ICS 35.240
A90
People's Republic of China Public Safety Industry Standard
Information security technology, network security incident notification and early warning
Part 2.Notification and Early Warning Process Specification
2020-03-24 release
2020-08-01 Implementation
Issued by the Ministry of Public Security of the People's Republic of China
Table of contents
Foreword Ⅰ
1 Scope 1
2 Normative references 1
3 Terms and definitions 1
4 Classification of cyber security incidents 1
4.1 Classification elements 1
4.2 Classification of network security incident notification 3
4.3 Early warning levels of network security incidents 4
5 Notification process 4
5.1 Publication of notification 4
5.2 Disposal of notification 4
5.3 Filing of notifications 5
6 Early warning process 5
6.1 Issuance of warning 5
6.2 Disposal of early warning 6
6.3 Upgrade or downgrade of warning 6
6.4 Releasing the warning 6
7 Evaluation Index 6
Appendix A (normative appendix) Network security incident notification content, report and classification example 7
A.1 Cybersecurity incident notification content 7
A.2 Network security incident analysis report 8
A.3 Summary report of cyber security incidents 8
A.4 Example of classification of network security incident notification 9
Reference 10
Foreword
GA/T 1717 "Information Security Technology Cybersecurity Incident Notification and Early Warning" is divided into three parts.
---Part 1.Terminology;
---Part 2.Notification and early warning process specifications;
---Part 3.Data classification coding and labeling system technical specifications.
This part is part 2 of GA/T 1717.
This section was drafted in accordance with the rules given in GB/T 1.1-2009.
This part was proposed by the Cyber Security Bureau of the Ministry of Public Security.
This part is proposed and managed by the Public Security Information System Security Standardization Technical Committee.
Drafting organizations of this section. Network Security Bureau of the Ministry of Public Security, Network Security Detachment of Public Security Bureau of Longyan City, Fujian Province, China Science and Technology Co., Ltd.
The main drafters of this section. Huang Xiaosu, Zhang Xiudong, Wu Chenmiao, Ren Bin, Ruan Xiaoli, Liu Yanling, Zhao Yang, Mou Kun.
Information security technology, network security incident notification and early warning
Part 2.Notification and Early Warning Process Specification
1 Scope
This part of GA/T 1717 specifies the classification and processing procedures for notification and early warning of cyber security incidents.
This section applies to public security organs and other relevant functional institutions or organizations to carry out cybersecurity incident notification and early warning work.
2 Normative references
The following documents are indispensable for the application of this document. For dated reference documents, only the dated version applies to this
For documents, for undated references, the latest version (including all amendments) applies to this document.
GB/Z 20986-2007 Information Security Technology Information Security Incident Classification and Classification Guidelines
GB/T 22240 Information Security Technology Information System Security Level Protection Rating Guidelines
GB/T 25069-2010 Information Security Technical Terms
GB/T 32924-2016 Information Security Technology Network Security Early Warning Guide
GA/T 1717.1-2020 Information Security Technology Cybersecurity Incident Notification and Early Warning Part 1.Terminology
3 Terms and definitions
The terms and definitions defined in GA/T 1717.1-2020 apply to this document.
4 Classification of cyber security incidents
4.1 Classification elements
4.1.1 Overview
The classification of network security incidents mainly considers two elements. the importance of network security protection objects and the degree of possible damage.
4.1.2 The importance of network security protection objects
The importance of network security protection objects is based on the importance of the business they carry to national security, economic construction, and social activities,
Comprehensive factors such as the level of network security protection, the importance and sensitivity of data, are divided into three levels. particularly important, important and general.
Specifically.
a) Particularly important objects of protection, including.
1) Network security protection objects during major events;
2) Information systems rated as Level 4 and above in accordance with the provisions of GB/T 22240;
3) Important Internet applications with hundreds of millions of users or tens of millions of daily active users;
4) Electronic trading platform with daily trading volume of 100 million yuan;
5) The top five important Internet applications in the industry;
6) Systems involving personal information of citizens above one million;
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GA/T 1717.2-2020_English be delivered?Answer: Upon your order, we will start to translate GA/T 1717.2-2020_English as soon as possible, and keep you informed of the progress. The lead time is typically 1 ~ 3 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GA/T 1717.2-2020_English with my colleagues?Answer: Yes. The purchased PDF of GA/T 1717.2-2020_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|