The Cyberspace Administration of China issues the "Management Measures for National Cybersecurity Incident Reports".

In order to standardize the management of network security incident reporting, timely control the losses and harm caused by network security incidents, the National Internet Information Office recently issued the "National Network Security Incident Reporting Management Measures", further standardizing and clarifying the network security incident reporting process and requirements. The measures will be implemented starting from November 1, 2025. A relevant person from the National Internet Information Office stated that in recent years, various types of network security incidents have been frequent, and the scope of influence and level of harm continue to escalate. From the perspective of emergency response to network security incidents, it is beneficial to report to relevant departments in a timely manner after a network security incident occurs, in order to timely handle the incident and prevent harm from spreading or causing adverse social impacts. The measures consist of fourteen articles, mainly specifying requirements for the scope of application, regulatory responsibilities, reporting entities, reporting process, reporting deadlines, reporting content, etc. The measures explicitly state that operators who delay, omit, falsify, or conceal network security incidents that result in significant harm consequences will be punished more severely according to law; operators who take reasonable and necessary protective measures, effectively reduce the impact and harm of network security incidents, and report in a timely manner as required, may be punished more leniently or not held responsible depending on the circumstances.