Interestingly, the document also mentions promoting"standard convergence and mutual recognition of certification results" and a plan to"Encourage Chinese scholars and entrepreneurs in the field of data security to actively participate in the work of relevant international organizations."
China has in the past sought to create standards that reflect its vision of the internet – a vision in which the internet is more easily controlled. Any attempt by the Middle Kingdom to bring a similar approach to infosec will likely be resisted in various international fora. Chinese participation at a technical level, however, will likely be welcomed. Chinese orgs have in recent years proven to be exceptionally adept bug-hunters.
The plan lays out a goal of a prosperous and mature infosec industry by 2035, by which time"The industrial policy system has been further improved, the key core technologies of data security, the development level of key products, and professional service capabilities have ranked among the world's advanced ranks, the awareness and application capabilities of data security applications in various fields have been significantly improved, and a number of leading companies with...
It's hard to imagine China not wanting any of the above, given the nation's stated policy of widespread connectivity and use of AI driving its economy.global spending on security and risk management would grow 11.3 percent to top $183 billion in 2023.
'China aims to grow local infosec industry by 30 percent a year' ... a good offense requires a good defense to practice on.