Path:
Home >
GB/T >
Page207 > GB/T 43269-2023
Home >
Standard_List >
GB/T >
Page207 > GB/T 43269-2023
US$1109.00 · In stock
Delivery: <= 8 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 43269-2023: Information security techniques - Assessment criteria for cybersecurity emergency capability
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 43269-2023 | English | 1109 |
Add to Cart
|
8 days [Need to translate]
|
Information security techniques - Assessment criteria for cybersecurity emergency capability
| Valid |
GB/T 43269-2023
|
PDF similar to GB/T 43269-2023
Basic data
| Standard ID | GB/T 43269-2023 (GB/T43269-2023) |
| Description (Translated English) | Information security techniques - Assessment criteria for cybersecurity emergency capability |
| Sector / Industry | National Standard (Recommended) |
| Classification of Chinese Standard | L80 |
| Classification of International Standard | 35.030 |
| Word Count Estimation | 55,586 |
| Date of Issue | 2023-11-27 |
| Date of Implementation | 2024-06-01 |
| Issuing agency(ies) | State Administration for Market Regulation, China National Standardization Administration |
GB/T 43269-2023: Information security techniques - Assessment criteria for cybersecurity emergency capability
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
ICS 35:030
CCSL80
National Standards of People's Republic of China
Information security technology
Cybersecurity emergency capability assessment criteria
Published on 2023-11-27
2024-06-01 Implementation
State Administration for Market Regulation
Released by the National Standardization Administration Committee
Table of contents
PrefaceⅠ
1 Scope 1
2 Normative references 1
3 Terms and Definitions 1
4 Overview 1
5 Level 1 ability requirements 2
5:1 Emergency organizations and personnel 2
5:2 Emergency system 2
5:3 Monitoring and early warning 3
5:4 Emergency Response 3
5:5 Preventive guarantee 3
6 Level 2 competency requirements 4
6:1 Emergency organizations and personnel 4
6:2 Emergency system 4
6:3 Monitoring and early warning 5
6:4 Emergency Response 6
6:5 Preventive guarantee 6
7 Level 3 ability requirements 7
7:1 Emergency organizations and personnel 7
7:2 Emergency system 8
7:3 Monitoring and early warning 9
7:4 Emergency response10
7:5 Preventive safeguards11
8 Cybersecurity emergency capability assessment process12
8:1 Flow chart 12
8:2 Preparing for assessment 12
8:3 Assessment Implementation 12
8:4 Assessment conclusion 13
8:5 Report preparation13
Appendix A (informative) Applicable scenarios for network security emergency capabilities at all levels 14
Appendix B (Informative) Level 1 Cybersecurity Emergency Capability Assessment Method 15
Appendix C (informative) Level 2 network security emergency capability assessment method 21
Appendix D (Informative) Level 3 Cybersecurity Emergency Capability Assessment Method 33
Reference 51
Foreword
This document complies with the provisions of GB/T 1:1-2020 "Standardization Work Guidelines Part 1: Structure and Drafting Rules of Standardization Documents"
Drafting:
Please note that some content in this document may be subject to patents: The publisher of this document assumes no responsibility for identifying patents:
This document is proposed and coordinated by the National Information Security Standardization Technical Committee (SAC/TC260):
This document was drafted by: National Computer Network Emergency Response Technology Coordination Center, National Computer Network Emergency Response Technology Coordination Center
Zhejiang Branch, Antiy Technology Group Co:, Ltd:, Beijing Tianrongxin Network Security Technology Co:, Ltd:, National Computer Network Emergency Technology
Technology Processing Coordination Center Jiangsu Branch, Beijing Times Xinwei Information Technology Co:, Ltd:, China Electronics Technology Standardization Institute, Beijing Digital
Guanxing Technology Co:, Ltd:, China Cybersecurity Review Technology and Certification Center, National Computer Network Emergency Response Technology Coordination Center Heilongjiang
Branch center, H3C Technology Co:, Ltd:, State Grid Smart Grid Research Institute Co:, Ltd:, Beijing Dongfangtong Network Information Technology Co:, Ltd:, Sangfor Technology Co:, Ltd:
Technology Co:, Ltd:, Qi’anxin Netshen Information Technology (Beijing) Co:, Ltd:, Venus Information Technology Group Co:, Ltd:, Xinxin Information Technology Co:, Ltd:
Link Technology (Nanjing) Co:, Ltd:, Huawei Technologies Co:, Ltd:, Hengan Jiaxin (Beijing) Technology Co:, Ltd:, China Electronics Great Wall Internet System Application
Co:, Ltd:, Shenzhen Tencent Computer Systems Co:, Ltd:, Lenovo (Beijing) Co:, Ltd:, Shaanxi Provincial Network and Information Security Evaluation Center, Ren Zi
Xing Network Technology Co:, Ltd:, Hangzhou Anheng Information Technology Co:, Ltd:, Huaxin Consulting Design Institute Co:, Ltd:, Zhejiang Pengxin
Information Technology Co:, Ltd:, Beijing Huirte Technology Co:, Ltd:, Beijing Chenan Technology Co:, Ltd:, Shanghai Guanan Information Technology Co:, Ltd:
Co:, Ltd:, Beijing Shanshi Network Information Technology Co:, Ltd:
The main drafters of this document: Chen Yue, Yun Xiaochun, Geng Dongmei, Shu Min, Wang Wenlei, Ma Junye, Zhao Huanju, Ma Yang, Yang Jian, Yu Jiahua, Wang Xinjie,
Wu Lili, Guo Liang, Long Quan, Zhai Yahong, Zhong Sichao, Min Jinghua, Luo Liang, Wang Huili, Jiang Lingyun, Wang Bingzheng, Wan Xiaolan, Cui Tingting, Qian Kexiang,
Ye Runguo, Chen Hongbo, Zhang Xuan, Chen Shijun, Liu Bingshuang, Chen Xiaoguang, Yao Li, Zhao Chenggang, Shi Zhujun, Gao Rui, Zhang Sheng, Bai Jun, Li Ruxin, Liu Lanling,
Dong Ping, Zhang Liang, Zhang Fan, Sun Lili, Li Shibin, Ji Yingying, Yu Zhengchen, Zeng Xianyu, Xie Jiang, Yu Junjie, Ren Xiejing, Lin Feng:
Information security technology
Cybersecurity emergency capability assessment criteria
1 Scope
This document stipulates the requirements for network security emergency response capabilities and provides the corresponding assessment process:
This document is suitable for all types of organizations to build and evaluate cybersecurity emergency capabilities:
2 Normative reference documents
The contents of the following documents constitute essential provisions of this document through normative references in the text: Among them, the dated quotations
For undated referenced documents, only the version corresponding to that date applies to this document; for undated referenced documents, the latest version (including all amendments) applies to
this document:
GB/T 20986 Information Security Technology Network Security Incident Classification and Grading Guidelines
GB/T 25069 Information Security Technical Terminology
GB/T 38645-2020 Information Security Technology Network Security Incident Emergency Drill Guide
3 Terms and definitions
The terms and definitions defined in GB/T 25069 and the following apply to this document:
3:1
Organize and take cybersecurity emergency response measures to deal with emergencies before, during and after a cybersecurity incident:
Ability:
4 Overview
This document divides network security emergency response capabilities into three levels: From low to high, they are level one, level two and level three: The network security capabilities of each level are
The full emergency capability requirements include 5 aspects: emergency organization and personnel, emergency system, monitoring and early warning, emergency response, and prevention and guarantee, a total of 15 departments:
points, as shown in Figure 1: Chapter 5, Chapter 6, and Chapter 7 respectively stipulate the requirements for first-level, second-level and third-level network security emergency capabilities: High-level
Put forward enhanced requirements or add new clauses on the basis of one lower level, and mark in bold the applicable scenarios for network security emergency capabilities at all levels
See Appendix A:
Tips & Frequently Asked Questions:
Question 1: How long will the true-PDF of GB/T 43269-2023_English be delivered?
Answer: Upon your order, we will start to translate GB/T 43269-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 5 ~ 8 working days. The lengthier the document the longer the lead time.
Question 2: Can I share the purchased PDF of GB/T 43269-2023_English with my colleagues?
Answer: Yes. The purchased PDF of GB/T 43269-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.
Question 3: Does the price include tax/VAT?
Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs):
List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?
Answer: Yes. If you need your currency to be printed on the invoice, please write an email to
[email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.