National Cyberspace Security Strategy

The broad application of information technologies and the rise and development of cyberspace has extremely greatly stimulated economic and social flourishing and progress, but at the same time, has also brought new security risks and challenges. Cyberspace security (hereafter named cybersecurity) concerns the common interest of humankind, concerns global peace and development, and concerns the national security of all countries. Safeguarding our country’s cybersecurity is an important measure to move forward the strategic arrangement of comprehensively constructing a moderately prosperous society, comprehensively deepening reform, comprehensively governing the country according to the law, and comprehensively and strictly governing the Party forward in a coordinated manner, and is an important guarantee to realize the “Two Centenaries” struggle objective and realize the Chinese Dream of the great rejuvenation of the Chinese nation. In order to implement Xi Jinping’s “Four Principles” concerning moving forward reform of the global Internet governance system and the “Five Standpoints” on building a community of common destiny in cyberspace, elaborate China’s important standpoints concerning cyberspace development and security, guide China’s cybersecurity work and safeguard the country’s interests in the sovereignty, security and development of cyberspace, this Strategy is formulated.

I, Opportunities and challenges

(1) Major opportunities.

In the wake of the flying development of the information revolution, a cyberspace composed of the Internet, telecommunications networks, computer systems, automatized control systems, digital equipment and the applications, services and data they carry, is currently comprehensively changing people’s ways of production and life, and is profoundly influencing humankind’s social historical development process.

New channels for the dissemination of information. The development of network technologies has broken through constraints of time and space, has expanded the range of communication, innovated communication methods, and triggered a fundamental shift in communication patterns. The Network has become a new channel for people to obtain information, study and interact, and has become a new carrier for the dissemination of humanity’s knowledge.

New spaces for production and life. In the present world, the network has profoundly penetrated into all aspects of people’s learning, life and work, online education, start-ups, healthcare, shopping, finance, etc., are becoming more widespread every day, and ever more people exchange ideas, achieve their undertakings and realize their dreams through the network.

New drivers for economic development. The Internet is becoming more of a leading force for innovation-driven development every day, the broad application of information technologies in all sectors of the national economy has promoted the transformation and upgrading of traditional industries, and has fostered new technologies, new business models, new industries and new models, it has stimulated the adjustment of economic structures and the transformation of economic development methods, infusing the economy and society with a new momentum.

New carriers for cultural flourishing. The network has stimulated cultural exchange and knowledge dissemination, it has liberated the development vitality of culture, promoted cultural innovation and reaction, and enriched people’s spiritual and cultural lives, it has so become a new channel for the dissemination of culture a new means for the provision of public cultural services. Online culture has become an important component part of cultural construction

New platforms for social governance. The network’s role in improving the national governance system and the modernisation of governance capabilities is becoming more prominent every day, e-government applications are growing ever deeper, government information openness and sharing has promoted government policymaking to become more scientific, democratic and rule of law-based, channels for citizen participation in social governance have been opened up, and they have become important pathways to guarantee citizens’ right to know, right to participate, right to express opinions and right to supervise.

New nodes for interaction and cooperation. Informatization and globalization are developing in an intertwined manner, stimulating the global circulation of factors such as information, finance, technology, talent, etc., and increasing interaction and convergence between different civilizations. The network has turned the world into a global village, international society is increasingly becoming a community of common destiny in which I find myself among you and you find yourself among us.

New territories for national sovereignty. Cyberspace has become a new area for important human activity of equal importance to land, sea, air and space, national sovereignty has extended and stretched into cyberspace, sovereignty in cyberspace has become an important component part of national sovereignty. Respect for sovereignty in cyberspace, safeguarding cybersecurity, seeking common governance, and realizing win-win, are becoming the consensus in international society.

(2) Grave challenges

The cybersecurity situation is growing more severe every day, and we face grave risks and challenges in national politics, the economy, culture, society, national defence, security and citizens’ lawful rights and interests in cyberspace.

Cyber penetrations harm political security. Political stability is the basic precondition for national development and the happiness of the people. The use of networks to interfere in the internal political affairs of other countries, to attack other countries’ political systems, incite social unrest, subvert other countries’ regimes, as well as large-scale cyber surveillance, cyber espionage and other such activities gravely harm national political security and users’ information security.

Cyber attacks threaten economic security. Networks and information systems have become critical infrastructure and even nerve centres for the entire economy and society, when they suffer from attacks and destruction, or major security incidents occur, it will lead to paralysis of critical energy, transportation, telecommunications and financial infrastructure, etc., resulting in disastrous consequences and gravely harming national economic security and the public interest.

Harmful online information corrodes cultural security. All kinds of ideologies and cultures are agitating and crossing swords online, excellent traditional culture and mainstream value views are facing attacks. Online rumours and degenerate culture as well as obscenity, violence, superstition and other such harmful information violating the Socialist core value view are corroding the physical and mental health of minors, undermining the social atmosphere, misleading value orientations and endangering cultural security. Online loss of moral norms and lack of sincerity happens frequently, and the degree of online civilization urgently needs to be raised.

Online terrorism, law-breaking and crime are destroying social security. Terrorism, separatism, extremism and other such forces are using the network to incite, plan, organize and carry out violent terrorist activities, directly threatening the security of people’s lives and possessions, as well as social order. Computer viruses, Trojans, etc., are sprawling across cyberspace, online fraud, hacker attacks, infringement of intellectual property rights, abuse of personal information and other such unlawful conduct exists in great quantities, some organizations wantonly steal user information, transaction data, location information as well as enterprises’ commercial secrets, gravely harming the interests of the country, enterprises and individuals, and influencing social harmony and stability.

International competition in cyberspace is rapidly unfolding. At the international level, there is strife for the control of strategic resources in cyberspace, to occupy norm-setting power and strategic commanding heights, and a competition in pursuit of the strategic initiative that is growing more fierce every day. A small number of countries is strengthening a cyber deterrence strategy, aggravating an arms race in cyberspace, and bringing new challenges to global peace.

Opportunities and challenges coexist in cyberspace, and the opportunities are greater than the challenges. We must persist in positive use, scientific development, management according to the law, and enhancing security, persist in safeguarding cybersecurity, use the development potential of cyberspace to the greatest extent, let it extend to China’s 1.3 billion people even better, enrich all of humankind, and persist in safeguarding global peace.

II, Objectives

With the overall national security view as guidance, implement the innovative, coordinated, green, open and shared development concept, strengthen risk consciousness and crisis consciousness, comprehensively handle both domestic and foreign large pictures, comprehensively plan the development of the two great matters of security [internal and external security], defend vigorously, respond effectively, promote peace, security, openness, cooperation and order in cyberspace, safeguard the interests of national sovereignty, security and development, and realize the strategic objective of building a strong cyber power.

Peace: information technology abuse is to be effectively curbed, arms races in cyberspace and other such threats to international peace are to be effectively controlled, conflicts in cyberspace are to be effectively prevented.

Security: cybersecurity risks are to be effectively controlled, national cybersecurity protection systems are to be completed and perfected, core technologies and equipment are to be secure and controllable, network and information systems are to operate stably and reliably. Cybersecurity talents are to satisfy demands, the cybersecurity consciousness of the entire society, basic protection capabilities and their confidence in using the network are to increase substantially.

Openness: information technology standards, policies and markets are to be open and transparent, product circulation and information dissemination is to become ever smoother, the digital divide is to be closed with every passing day. Without distinction between large and small, strong and weak, poor and rich, all countries worldwide, and especially developing countries, are to be able to share in development opportunities, share in development outcomes, and participate fairly in cyberspace governance.

Openness: All countries worldwide are to develop ever closer cooperation in areas such as technology exchange, attack on cyber terrorism and cybercrime, etc., a multilateral, democratic and transparent international Internet governance system is to be completed and perfected, and a community of common destiny in cyberspace with cooperation and win-win at the core is to be progressively realized.

Order: the public’s right to know, right to participate, right to express opinions, right of supervision and other such lawful rights and interests in cyberspace are to be fully protected, personal privacy in cyberspace is to be effectively protected, and human rights are to be fully respected. Domestic and international legal structures, standards and norms for cyberspace are to be established progressively, effective governance according to the law is to be realized in cyberspace, the network environment is to become honest, civilized and healthy, and the free flow of information is organically unified with safeguarding national security and the public interest.

III, Principles

A secure, stable and flourishing cyberspace is of major importance to all countries and even the entire world. China is willing to, together with all countries, strengthen communication, expand consensus, deepen cooperation, vigorously move forward the reform of the global Internet governance system, and jointly protect peace and security in cyberspace.

(1) Respecting and protecting sovereignty in cyberspace

No infringement of sovereignty in cyberspace will be tolerated, the rights of all countries to independently choose their development path, network management method and Internet public policy, as well as to equally participate in international cyberspace governance will be respected. The peoples of all countries are to decide on cyber affairs within the scope of sovereignty of all countries, all countries have the right to formulate laws and regulations concerning cyberspace on the basis of their national circumstances and learning from international experience, to adopt necessary measures according to the law, to manage their national information systems and online affairs within their national territories; to protect all countries’ information systems and information resources from intrusion, interference, attack and destruction, and guarantee the lawful rights and interests in cyberspace of their citizens; to prevent, curb and punish the online dissemination of harmful information endangering national security and interests, and to safeguard order in cyberspace. No country should engage in cyber hegemonies, uphold double standards, use the network to interfere in the domestic affairs of other countries, or engage in, connive in or support online activities endangering other countries’ national security.

(2) Peaceful use of cyberspace

Peaceful use of cyberspace aligns with the common interest of humanity. All countries should abide by the “UN Charter” principles concerning not using or threatening to use armed force, prevent the use of information technology for goals contrary to the maintenance of international security and stability, jointly resist arms races in cyberspace, and prevent conflicts in cyberspace. Persist in mutual respect, equal treatment, seeking common ground while accepting differences, inclusiveness and mutual trust, respect both sides’ security interests and major concerns in cyberspace, and promote the construction of a harmonious online world. Oppose the use of national security as an excuse to use technological advantages to control other countries’ networks and information systems, or collet and steal data from other countries, it can certainly not be the case that other countries’ security is sacrificed in pursuit of one’s own so-called absolute security.

(3) Governing cyberspace according to the law

Comprehensively move forward with bringing cyberspace under the rule of law, persist in governing the web according to the law, running the web according to the law and using the web according to the law, and let the Internet operate healthily and along a rule of law track. Build a good network order according to the law, protect the lawful, orderly and free circulation of information in cyberspace, protect personal privacy, and protect intellectual property rights. Any organization or individual must, when enjoying freedom and exercising their rights in cyberspace, abide by the law, respect other persons’ rights, and take responsibility for their words and deeds online.

(4) Comprehensively manage cybersecurity and development.

Without cybersecurity, there is no national security, and without informatization, there is no modernization. Cybersecurity and informatization are two wings of one body, two wheels of one cart. Correctly deal with the relationship between development and security, persist in protecting development with security, and stimulating security with development. Security is the precondition for development, any development that comes at the price of sacrificing security will be difficult to sustain. Development is the basis of security, not developing is the greatest insecurity. Without informatization and development, cybersecurity will not be protected, and existing security may even be lost.

IV, Strategic tasks

The quantity of netizens in China and the scale of its network ranks first worldwide, protecting China’s cybersecurity well not only is a requirement for ourselves, it is also of major importance in safeguarding global cybersecurity and even world peace. China will devote itself to safeguarding the nation’s interests in sovereignty, security and development in cyberspace, it promotes that the Internet enriches humanity, and promotes the peaceful use and common governance of cyberspace.

(1) Resolutely defending sovereignty in cyberspace.

Manage online activities within the scope of our country’s sovereignty according to the Constitution, laws and regulations, protect the security of our country’s information infrastructure and information resources, adopt all measures, including economic, administrative, scientific, technological, legal, diplomatic and military measures, to unwaveringly uphold our country’s sovereignty in cyberspace. Resolutely oppose all actions to subvert our country’s national regime or destroy our country’s sovereignty through the network.

(2) Resolutely safeguard national security.

Prevent, curb and lawfully punish any act of using the network to engage in treason, separatism, incite rebellion or subversion, or incite the overthrow of the people’s democratic dictatorship regime; prevent, curb and lawfully punish acts of using the network to steal or leak State secrets and other such acts harming national security; prevent, curb and lawfully punish foreign powers using the network to conduct infiltration, destruction, subversion and separatist activities.

(3) Protect critical information infrastructure.

National critical information infrastructure refers to information infrastructure that affects national security, the national economy and the people’s livelihood, where whenever data is leaked, it is destroyed or loses its functionality, national security and the public interest may be gravely harmed, including but not limited to basic information networks providing public telecommunications, radio and television transmission, and other such services, as well as important information systems in areas and State bodies such as energy, finance, transportation, education, scientific research, hydropower, industry and manufacturing, healthcare and medicine, social security, public undertakings, etc., important Internet application systems, etc. Adopt all necessary measures to protect critical information infrastructure and its important data from attack and destruction. Persist in laying equal stress on technology and management, simultaneously developing protection and deterrence, focus on identification, prevention, monitoring, early warning, response, handling and other such segments, in establishing and implementing a critical information infrastructure protection system, expand input in areas such as management, technology, talent and finance, synthesize measures and policies according to the law, and realistically strengthen security protection of critical information infrastructure.

Protecting critical information infrastructure is a common responsibility of government, businesses and the entire society, controlling and operational work units and organizations must, according to the requirements of laws, regulations, rules and standards, adopt the necessary measures to ensure the security of critical information infrastructure, and progressively realize that evaluation happens first, and application afterwards. Strengthen risk assessment of critical information infrastructure. Strengthen security protection in Party and government bodies, as websites in focus areas, grass-roots Party and government bodies’ websites must be built, operated and managed according to the intensification model. Establish orderly cybersecurity information sharing mechanisms for government, sectors and enterprises, and fully give rein to the important role of enterprises in protecting critical information infrastructure.

Persist in opening up to the outside world, and safeguarding cybersecurity in an open environment. Establish and implement cybersecurity examination structures, strengthen supply chain security management, launch security inspections for important information technology products and services purchased and used in Party and government bodies, as well as focus sectors, raise the security and controllability of products and services, prevent product and service providers and other organizations from using their superiority in information technology to engage in improper competition or to harm users’ interests.

(4) Strengthening the construction of online culture

Strengthen online ideology and culture battlefield construction, powerfully foster and practice the Socialist core value view, implement network content construction projects, develop positive and upward online culture, disseminate positive energy, concentrate powerful spiritual forces, and create a desirable online atmosphere. Encourage the expansion of new businesses and the creation of new products, forge online cultural brands that reflect the spirit of the times, and incessantly raise the scale and levels of the online cultural industry. Implement the Chinese excellent culture online dissemination project, vigorously promote the digitization, networked production and dissemination of excellent traditional culture and masterpieces of contemporary culture. Give rein to the advantages of Internet dissemination platforms, promote exchange and mutual learning between Chinese and foreign excellent culture, let the people of all countries understand China’s excellent culture, let the people of China understand the excellent culture of all countries, jointly promote the flourishing and development of online culture, enrich the people’s spiritual worlds, and stimulate the progress of human civilization.

Strengthen online theory and online civilization construction, give rein to the guiding role of morality education, use the excellent achievement of human civilization to nourish cyberspace and restore the online ecology. Build a civilized and sincere online environment, advocate civilized running of the web and civilized use of the web, and create a secure, civilized and orderly information communication order. Firmly attack the dissemination and spread of rumours, obscenities, violence, superstitions, heresy and other such unlawful and harmful information on the network. Raise the online cultural attainments of minors, strengthen the protection of minors online, and create a beneficial online environment for minors’ healthy growing up through the common efforts of government, social organizations, communities, schools, households, etc.

(5) Attacking cyber terrorism, law-breaking and crime.

Strengthen online anti-terrorism, counterespionage and anti-theft capabilities, and strictly attack cyber terrorism and cyber espionage activities.

Persist in comprehensive governance, control at the source and lawful prevention, strictly attack online fraud, online theft, arms and drug trafficking, infringement of citizens’ personal information, dissemination of obscenity and sex, hacking attacks, infringement of intellectual property rights and other such unlawful and criminal activities.

(6) Perfect network governance systems.

Persist in managing and governing the web in a lawful, open and transparent manner, realistically ensure that there are laws to rely on, laws must be relied on, law enforcement must be strict, and violations of the law must be punished. Complete cybersecurity law and regulation systems, formulate and promulgate the cybersecurity law, the regulations for the online protection of minors and other such laws and regulations, clarify the responsibilities and duties of all parts of society, and clarify cybersecurity management requirements. Accelerate the revision and interpretation of existing laws, and make them applicable to cyberspace. Perfect regulatory structures connected to cybersecurity, establish online trust systems, and raise the scientific and standardized levels of cybersecurity management.

Accelerate the construction of a network governance system that combines legal norms, administrative supervision, sectoral self-discipline, technological protection, mass supervision and social education, move forward with the management and innovation of online social organizations, complete joint mechanisms for basic management, content management, sectoral management as well as online law-breaking and crime prevention and attack. Strengthen the protection of telecommunications secrecy, free speech, commercial secrets as well as the right to reputation, property rights and other such lawful rights and interests in cyberspace.

Encourage social organizations to participate in network governance, develop online public interest undertakings, and strengthen the construction of novel online social organizations. Encourage netizens to report online unlawful acts and harmful information.

Persist in innovation-driven development, vigorously create a policy environment beneficial to technological innovation, comprehensively deal with resources and forces, take enterprises as the mainstay, integrate industry, learning, research and usage, work in coordination to storm strategic passes, let one point pull an entire area ahead, and move forward in a comprehensive manner, so as to obtain breakthroughs in key technologies as quickly as possible. Give high regard to software security, and accelerate the dissemination and application of safe and trustworthy products. Develop network infrastructure, and enrich information content in cyberspace. Implement the “Internet Plus” action plan, forcefully develop the online economy. Implement the national big data strategy, build big data security management structures, support innovation and application of big data, cloud computing and other such new-generation information technologies. Optimize market environments, encourage cybersecurity enterprises to grow and strengthen, and lay an industrial base to protect national cybersecurity.

Build and perfect a national cybersecurity technology support system. Strengthen research on basic cybersecurity theory and major questions. Strengthen cybersecurity standardization, authentication and accreditation work, use standards to standardize acts in cyberspace ever more. Do basic work such as multi-level protection, risk assessment and leak discovery well, and perfect cybersecurity supervision, early warning and major cybersecurity incident emergency response mechanisms.

Implement the cybersecurity talent project, and strengthen the establishment of cybersecurity science majors, forge first-rate cybersecurity academies and innovation parks, and create an ecology and an environment beneficial to the fostering of talent, innovation and start-ups. Do the cybersecurity propaganda week activities well, forcefully launch cybersecurity propaganda and education among the whole population. Promote cybersecurity education to enter textbooks, enter schools, and enter classrooms, raise the accomplishments of online media, strengthen cybersecurity consciousness and protection skills among all of society, raise the broad netizens’ ability to distinguish and resist online unlawful and harmful information, online fraud and other such unlawful and criminal activities.

(8) Enhancing cyberspace protection capabilities.

Cyberspace is a new territory for national sovereignty. Build cybersecurity protection forces commensurate with our country’s international standing and suited to a strong cyber power, forcefully develop cybersecurity defence means, timely discover and resist cyber intrusions, and cast a firm backup force to safeguard national cybersecurity.

(9) Strengthening international cooperation in cyberspace.

On the basis of mutual respect and mutual trust, strengthen international cyberspace dialogue and cooperation, and promote the reform of the global Internet governance system. Deepen bilateral and multilateral cybersecurity dialogues, exchanges and information communications with all countries, effectively manage and control differences, vigorously participate in cybersecurity cooperation in global and regional organizations, promote the internationalization of the management of Internet addresses, domain name servers and other such basic resources.

Support the United Nations to play a leading role, promote the formulation of international norms for cyberspace that are universally recognized by all sides, and an international treaty on anti-terrorism in cyberspace, complete judicial assistance mechanisms to attack cybercrime, deepen international cooperation’s in areas such as policies and laws, technological innovation, standards and norms, emergency response, critical information infrastructure protection, etc.

Strengthen support and assistance to developing countries and backward regions to disseminate Internet technology and construct infrastructure, and strive to close the digital divide. Promote the construction of “One Belt, One Road”, raise international telecommunications interconnection and interaction levels, and pave a smooth information silk road. Set up the World Internet Conference and other such global Internet sharing and common governance platforms, and jointly promote the healthy development of the Internet. Through vigorous and effective international cooperation, establish a multi-lateral, democratic and transparent international Internet governance system, and jointly build a peaceful, secure, open, cooperative and orderly cyberspace.

国家网络空间安全战略
信息技术广泛应用和网络空间兴起发展，极大促进了经济社会繁荣进步，同时也带来了新的安全风险和挑战。网络空间安全（以下称网络安全）事关人类共同利益，事关世界和平与发展，事关各国国家安全。维护我国网络安全是协调推进全面建成小康社会、全面深化改革、全面依法治国、全面从严治党战略布局的重要举措，是实现“两个一百年”奋斗目标、实现中华民族伟大复兴中国梦的重要保障。为贯彻落实习近平主席关于推进全球互联网治理体系变革的“四项原则”和构建网络空间命运共同体的“五点主张”，阐明中国关于网络空间发展和安全的重大立场，指导中国网络安全工作，维护国家在网络空间的主权、安全、发展利益，制定本战略。
一、机遇和挑战
（一）重大机遇
伴随信息革命的飞速发展，互联网、通信网、计算机系统、自动化控制系统、数字设备及其承载的应用、服务和数据等组成的网络空间，正在全面改变人们的生产生活方式，深刻影响人类社会历史发展进程。
信息传播的新渠道。网络技术的发展，突破了时空限制，拓展了传播范围，创新了传播手段，引发了传播格局的根本性变革。网络已成为人们获取信息、学习交流的新渠道，成为人类知识传播的新载体。
生产生活的新空间。当今世界，网络深度融入人们的学习、生活、工作等方方面面，网络教育、创业、医疗、购物、金融等日益普及，越来越多的人通过网络交流思想、成就事业、实现梦想。
经济发展的新引擎。互联网日益成为创新驱动发展的先导力量，信息技术在国民经济各行业广泛应用，推动传统产业改造升级，催生了新技术、新业态、新产业、新模式，促进了经济结构调整和经济发展方式转变，为经济社会发展注入了新的动力。
文化繁荣的新载体。网络促进了文化交流和知识普及，释放了文化发展活力，推动了文化创新创造，丰富了人们精神文化生活，已经成为传播文化的新途径、提供公共文化服务的新手段。网络文化已成为文化建设的重要组成部分。
社会治理的新平台。网络在推进国家治理体系和治理能力现代化方面的作用日益凸显，电子政务应用走向深入，政府信息公开共享，推动了政府决策科学化、民主化、法治化，畅通了公民参与社会治理的渠道，成为保障公民知情权、参与权、表达权、监督权的重要途径。
交流合作的新纽带。信息化与全球化交织发展，促进了信息、资金、技术、人才等要素的全球流动，增进了不同文明交流融合。网络让世界变成了地球村，国际社会越来越成为你中有我、我中有你的命运共同体。
国家主权的新疆域。网络空间已经成为与陆地、海洋、天空、太空同等重要的人类活动新领域，国家主权拓展延伸到网络空间，网络空间主权成为国家主权的重要组成部分。尊重网络空间主权，维护网络安全，谋求共治，实现共赢，正在成为国际社会共识。
（二）严峻挑战
网络安全形势日益严峻，国家政治、经济、文化、社会、国防安全及公民在网络空间的合法权益面临严峻风险与挑战。
网络渗透危害政治安全。政治稳定是国家发展、人民幸福的基本前提。利用网络干涉他国内政、攻击他国政治制度、煽动社会动乱、颠覆他国政权，以及大规模网络监控、网络窃密等活动严重危害国家政治安全和用户信息安全。
网络攻击威胁经济安全。网络和信息系统已经成为关键基础设施乃至整个经济社会的神经中枢，遭受攻击破坏、发生重大安全事件，将导致能源、交通、通信、金融等基础设施瘫痪，造成灾难性后果，严重危害国家经济安全和公共利益。
网络有害信息侵蚀文化安全。网络上各种思想文化相互激荡、交锋，优秀传统文化和主流价值观面临冲击。网络谣言、颓废文化和淫秽、暴力、迷信等违背社会主义核心价值观的有害信息侵蚀青少年身心健康，败坏社会风气，误导价值取向，危害文化安全。网上道德失范、诚信缺失现象频发，网络文明程度亟待提高。
网络恐怖和违法犯罪破坏社会安全。恐怖主义、分裂主义、极端主义等势力利用网络煽动、策划、组织和实施暴力恐怖活动，直接威胁人民生命财产安全、社会秩序。计算机病毒、木马等在网络空间传播蔓延，网络欺诈、黑客攻击、侵犯知识产权、滥用个人信息等不法行为大量存在，一些组织肆意窃取用户信息、交易数据、位置信息以及企业商业秘密，严重损害国家、企业和个人利益，影响社会和谐稳定。
网络空间的国际竞争方兴未艾。国际上争夺和控制网络空间战略资源、抢占规则制定权和战略制高点、谋求战略主动权的竞争日趋激烈。个别国家强化网络威慑战略，加剧网络空间军备竞赛，世界和平受到新的挑战。
网络空间机遇和挑战并存，机遇大于挑战。必须坚持积极利用、科学发展、依法管理、确保安全，坚决维护网络安全，最大限度利用网络空间发展潜力，更好惠及13亿多中国人民，造福全人类，坚定维护世界和平。
二、目标
以总体国家安全观为指导，贯彻落实创新、协调、绿色、开放、共享的发展理念，增强风险意识和危机意识，统筹国内国际两个大局，统筹发展安全两件大事，积极防御、有效应对，推进网络空间和平、安全、开放、合作、有序，维护国家主权、安全、发展利益，实现建设网络强国的战略目标。
和平：信息技术滥用得到有效遏制，网络空间军备竞赛等威胁国际和平的活动得到有效控制，网络空间冲突得到有效防范。
安全：网络安全风险得到有效控制，国家网络安全保障体系健全完善，核心技术装备安全可控，网络和信息系统运行稳定可靠。网络安全人才满足需求，全社会的网络安全意识、基本防护技能和利用网络的信心大幅提升。
开放：信息技术标准、政策和市场开放、透明，产品流通和信息传播更加顺畅，数字鸿沟日益弥合。不分大小、强弱、贫富，世界各国特别是发展中国家都能分享发展机遇、共享发展成果、公平参与网络空间治理。
合作：世界各国在技术交流、打击网络恐怖和网络犯罪等领域的合作更加密切，多边、民主、透明的国际互联网治理体系健全完善，以合作共赢为核心的网络空间命运共同体逐步形成。
有序：公众在网络空间的知情权、参与权、表达权、监督权等合法权益得到充分保障，网络空间个人隐私获得有效保护，人权受到充分尊重。网络空间的国内和国际法律体系、标准规范逐步建立，网络空间实现依法有效治理，网络环境诚信、文明、健康，信息自由流动与维护国家安全、公共利益实现有机统一。
三、原则
一个安全稳定繁荣的网络空间，对各国乃至世界都具有重大意义。中国愿与各国一道，加强沟通、扩大共识、深化合作，积极推进全球互联网治理体系变革，共同维护网络空间和平安全。
（一）尊重维护网络空间主权
网络空间主权不容侵犯，尊重各国自主选择发展道路、网络管理模式、互联网公共政策和平等参与国际网络空间治理的权利。各国主权范围内的网络事务由各国人民自己做主，各国有权根据本国国情，借鉴国际经验，制定有关网络空间的法律法规，依法采取必要措施，管理本国信息系统及本国疆域上的网络活动；保护本国信息系统和信息资源免受侵入、干扰、攻击和破坏，保障公民在网络空间的合法权益；防范、阻止和惩治危害国家安全和利益的有害信息在本国网络传播，维护网络空间秩序。任何国家都不搞网络霸权、不搞双重标准，不利用网络干涉他国内政，不从事、纵容或支持危害他国国家安全的网络活动。
（二）和平利用网络空间
和平利用网络空间符合人类的共同利益。各国应遵守《联合国宪章》关于不得使用或威胁使用武力的原则，防止信息技术被用于与维护国际安全与稳定相悖的目的，共同抵制网络空间军备竞赛、防范网络空间冲突。坚持相互尊重、平等相待，求同存异、包容互信，尊重彼此在网络空间的安全利益和重大关切，推动构建和谐网络世界。反对以国家安全为借口，利用技术优势控制他国网络和信息系统、收集和窃取他国数据，更不能以牺牲别国安全谋求自身所谓绝对安全。
（三）依法治理网络空间
全面推进网络空间法治化，坚持依法治网、依法办网、依法上网，让互联网在法治轨道上健康运行。依法构建良好网络秩序，保护网络空间信息依法有序自由流动，保护个人隐私，保护知识产权。任何组织和个人在网络空间享有自由、行使权利的同时，须遵守法律，尊重他人权利，对自己在网络上的言行负责。
（四）统筹网络安全与发展
没有网络安全就没有国家安全，没有信息化就没有现代化。网络安全和信息化是一体之两翼、驱动之双轮。正确处理发展和安全的关系，坚持以安全保发展，以发展促安全。安全是发展的前提，任何以牺牲安全为代价的发展都难以持续。发展是安全的基础，不发展是最大的不安全。没有信息化发展，网络安全也没有保障，已有的安全甚至会丧失。
四、战略任务
中国的网民数量和网络规模世界第一，维护好中国网络安全，不仅是自身需要，对于维护全球网络安全乃至世界和平都具有重大意义。中国致力于维护国家网络空间主权、安全、发展利益，推动互联网造福人类，推动网络空间和平利用和共同治理。
（一）坚定捍卫网络空间主权
根据宪法和法律法规管理我国主权范围内的网络活动，保护我国信息设施和信息资源安全，采取包括经济、行政、科技、法律、外交、军事等一切措施，坚定不移地维护我国网络空间主权。坚决反对通过网络颠覆我国国家政权、破坏我国国家主权的一切行为。
（二）坚决维护国家安全
防范、制止和依法惩治任何利用网络进行叛国、分裂国家、煽动叛乱、颠覆或者煽动颠覆人民民主专政政权的行为；防范、制止和依法惩治利用网络进行窃取、泄露国家秘密等危害国家安全的行为；防范、制止和依法惩治境外势力利用网络进行渗透、破坏、颠覆、分裂活动。
（三）保护关键信息基础设施
国家关键信息基础设施是指关系国家安全、国计民生，一旦数据泄露、遭到破坏或者丧失功能可能严重危害国家安全、公共利益的信息设施，包括但不限于提供公共通信、广播电视传输等服务的基础信息网络，能源、金融、交通、教育、科研、水利、工业制造、医疗卫生、社会保障、公用事业等领域和国家机关的重要信息系统，重要互联网应用系统等。采取一切必要措施保护关键信息基础设施及其重要数据不受攻击破坏。坚持技术和管理并重、保护和震慑并举，着眼识别、防护、检测、预警、响应、处置等环节，建立实施关键信息基础设施保护制度，从管理、技术、人才、资金等方面加大投入，依法综合施策，切实加强关键信息基础设施安全防护。
关键信息基础设施保护是政府、企业和全社会的共同责任，主管、运营单位和组织要按照法律法规、制度标准的要求，采取必要措施保障关键信息基础设施安全，逐步实现先评估后使用。加强关键信息基础设施风险评估。加强党政机关以及重点领域网站的安全防护，基层党政机关网站要按集约化模式建设运行和管理。建立政府、行业与企业的网络安全信息有序共享机制，充分发挥企业在保护关键信息基础设施中的重要作用。
坚持对外开放，立足开放环境下维护网络安全。建立实施网络安全审查制度，加强供应链安全管理，对党政机关、重点行业采购使用的重要信息技术产品和服务开展安全审查，提高产品和服务的安全性和可控性，防止产品服务提供者和其他组织利用信息技术优势实施不正当竞争或损害用户利益。
（四）加强网络文化建设
加强网上思想文化阵地建设，大力培育和践行社会主义核心价值观，实施网络内容建设工程，发展积极向上的网络文化，传播正能量，凝聚强大精神力量，营造良好网络氛围。鼓励拓展新业务、创作新产品，打造体现时代精神的网络文化品牌，不断提高网络文化产业规模水平。实施中华优秀文化网上传播工程，积极推动优秀传统文化和当代文化精品的数字化、网络化制作和传播。发挥互联网传播平台优势，推动中外优秀文化交流互鉴，让各国人民了解中华优秀文化，让中国人民了解各国优秀文化，共同推动网络文化繁荣发展，丰富人们精神世界，促进人类文明进步。
加强网络伦理、网络文明建设，发挥道德教化引导作用，用人类文明优秀成果滋养网络空间、修复网络生态。建设文明诚信的网络环境，倡导文明办网、文明上网，形成安全、文明、有序的信息传播秩序。坚决打击谣言、淫秽、暴力、迷信、邪教等违法有害信息在网络空间传播蔓延。提高青少年网络文明素养，加强对未成年人上网保护，通过政府、社会组织、社区、学校、家庭等方面的共同努力，为青少年健康成长创造良好的网络环境。
（五）打击网络恐怖和违法犯罪
加强网络反恐、反间谍、反窃密能力建设，严厉打击网络恐怖和网络间谍活动。
坚持综合治理、源头控制、依法防范，严厉打击网络诈骗、网络盗窃、贩枪贩毒、侵害公民个人信息、传播淫秽色情、黑客攻击、侵犯知识产权等违法犯罪行为。
（六）完善网络治理体系
坚持依法、公开、透明管网治网，切实做到有法可依、有法必依、执法必严、违法必究。健全网络安全法律法规体系，制定出台网络安全法、未成年人网络保护条例等法律法规，明确社会各方面的责任和义务，明确网络安全管理要求。加快对现行法律的修订和解释，使之适用于网络空间。完善网络安全相关制度，建立网络信任体系，提高网络安全管理的科学化规范化水平。
加快构建法律规范、行政监管、行业自律、技术保障、公众监督、社会教育相结合的网络治理体系，推进网络社会组织管理创新，健全基础管理、内容管理、行业管理以及网络违法犯罪防范和打击等工作联动机制。加强网络空间通信秘密、言论自由、商业秘密，以及名誉权、财产权等合法权益的保护。
鼓励社会组织等参与网络治理，发展网络公益事业，加强新型网络社会组织建设。鼓励网民举报网络违法行为和不良信息。
（七）夯实网络安全基础
坚持创新驱动发展，积极创造有利于技术创新的政策环境，统筹资源和力量，以企业为主体，产学研用相结合，协同攻关、以点带面、整体推进，尽快在核心技术上取得突破。重视软件安全，加快安全可信产品推广应用。发展网络基础设施，丰富网络空间信息内容。实施“互联网+”行动，大力发展网络经济。实施国家大数据战略，建立大数据安全管理制度，支持大数据、云计算等新一代信息技术创新和应用。优化市场环境，鼓励网络安全企业做大做强，为保障国家网络安全夯实产业基础。
建立完善国家网络安全技术支撑体系。加强网络安全基础理论和重大问题研究。加强网络安全标准化和认证认可工作，更多地利用标准规范网络空间行为。做好等级保护、风险评估、漏洞发现等基础性工作，完善网络安全监测预警和网络安全重大事件应急处置机制。
实施网络安全人才工程，加强网络安全学科专业建设，打造一流网络安全学院和创新园区，形成有利于人才培养和创新创业的生态环境。办好网络安全宣传周活动，大力开展全民网络安全宣传教育。推动网络安全教育进教材、进学校、进课堂，提高网络媒介素养，增强全社会网络安全意识和防护技能，提高广大网民对网络违法有害信息、网络欺诈等违法犯罪活动的辨识和抵御能力。
（八）提升网络空间防护能力
网络空间是国家主权的新疆域。建设与我国国际地位相称、与网络强国相适应的网络空间防护力量，大力发展网络安全防御手段，及时发现和抵御网络入侵，铸造维护国家网络安全的坚强后盾。
（九）强化网络空间国际合作
在相互尊重、相互信任的基础上，加强国际网络空间对话合作，推动互联网全球治理体系变革。深化同各国的双边、多边网络安全对话交流和信息沟通，有效管控分歧，积极参与全球和区域组织网络安全合作，推动互联网地址、根域名服务器等基础资源管理国际化。
支持联合国发挥主导作用，推动制定各方普遍接受的网络空间国际规则、网络空间国际反恐公约，健全打击网络犯罪司法协助机制，深化在政策法律、技术创新、标准规范、应急响应、关键信息基础设施保护等领域的国际合作。
加强对发展中国家和落后地区互联网技术普及和基础设施建设的支持援助，努力弥合数字鸿沟。推动“一带一路”建设，提高国际通信互联互通水平，畅通信息丝绸之路。搭建世界互联网大会等全球互联网共享共治平台，共同推动互联网健康发展。通过积极有效的国际合作，建立多边、民主、透明的国际互联网治理体系，共同构建和平、安全、开放、合作、有序的网络空间。