On December 2, the National Information Security Standardization Technical Committee (NISSTC) issued a circular to solicit public comments on the Industrial Internet Enterprise Cyber Security Part 4: Protection Requirements of Data (Draft for Comment) (the "Draft"), and the cut-off date for receiving comments is January 30, 2023.

The purpose of the Draft is to standardize the data security protection of various types of enterprises in the industrial Internet, and specify the security protection process, protection requirements and security management requirements for different levels of industrial Internet data. According to the Draft, the data involved in the collection of industrial Internet data includes R&D test data and other R&D design data, and in the collection process, desensitization and other technical measures should be adopted based on the actual situation. In the collection of production control data such as control information, working conditions, and system logs, the real-time data and data availability requirements should be met, and the data collection must have minimal impact on the production control systems. 

(Source: China National Information Security Standardization Technical Committee)