Core Viewpoint - The Ministry of Education has announced the proposed establishment of 15 new higher education institutions, including the Cybersecurity College, aimed at enhancing the country's cybersecurity talent pool and supporting national strategic goals [1][4]. Group 1: New Institutions - The proposed institutions include both public and private universities, with notable mentions such as Tianjin Vocational University (public), Nanchang University of Science and Technology (private), and the Cybersecurity College located in Hubei [2][4]. - The Cybersecurity College is positioned as the first higher education institution in China dedicated to cybersecurity, focusing on cultivating high-end talent in this critical field [5][6]. Group 2: Strategic Importance - The establishment of the Cybersecurity College is a response to the increasing demand for cybersecurity professionals due to rapid advancements in technologies like artificial intelligence and quantum technology [6]. - The college aims to bridge the gap in core technology research and development, addressing the current talent shortage in the cybersecurity sector, which is projected to reach a shortfall of 3.27 million professionals by 2027 [7]. Group 3: Educational Approach - The college will adopt an innovative application-oriented educational model, emphasizing deep integration of industry and education, and fostering collaboration between government, industry, and academia [7][15]. - Initial academic offerings will include programs in cutting-edge fields such as autonomous driving security, artificial intelligence security, software engineering security, and data science security [14]. Group 4: Infrastructure and Resources - The college will utilize the National Cybersecurity Talent and Innovation Base, which hosts over 200 cybersecurity companies, providing a rich ecosystem for practical learning and industry collaboration [13]. - Advanced facilities such as a password engineering laboratory and a cybersecurity protection and operation laboratory have already been established to support the educational mission [16].

网信部门认定，其行为超出了实现个人信息处理目的最小必要范围，同时违反网络安全法、个人信息保 护法等法律法规，依法责令其改正，并予以警告、罚款处罚。 网络安全法与数据安全法、个人信息保护法等共同构成我国网络安全和数据安全法律体系，做好法律之 间的衔接十分重要。 "本次网络安全法的修改加强与数据安全法、个人信息保护法、行政处罚法等相关法律有机衔接，推动 形成治理合力。"中国信息通信研究院互联网法律研究中心主任何波表示。例如，在个人信息保护方 面，此次修改做好与民法典、个人信息保护法等法律的衔接，明确网络运营者处理个人信息的法律适 用。 当前，一些主体仍然存在依法履行网络安全义务的意识不强、投入不够等问题。完善法律责任制度，确 保过罚相当，是网络安全法此次修改的重要内容。 2025年10月28日，十四届全国人大常委会第十八次会议表决通过关于修改网络安全法的决定，修改后的 法律自2026年1月1日起施行。中央网信办网络法治局有关负责人表示，本次修法回应现实关切，明确支 持人工智能发展的措施和安全规定，优化网络安全法律责任，有助于积极应对网络安全风险挑战。 近年来，人工智能技术迅猛发展，成为网络安全风险挑战的新变量，也 ...

原标题：新修改的网络安全法本月起施行—— 加强安全监管，促进人工智能健康发展（法治聚焦） 对销售或提供未经安全认证的网络关键设备增设罚则 近年来，人工智能技术迅猛发展，成为网络安全风险挑战的新变量，也是提升网络安全保护水平的新增 量。新修改的网络安全法第二十条规定：国家支持人工智能基础理论研究和算法等关键技术研发，推进 训练数据资源、算力等基础设施建设，完善人工智能伦理规范，加强风险监测评估和安全监管，促进人 工智能应用和健康发展。此外，该法同时明确支持运用人工智能提升网络安全保护水平。 "网络安全法的这一修改，体现了统筹发展和安全的立场。"中国政法大学法治政府研究院院长、教授赵 鹏表示，"既要支持、鼓励技术的创新与发展，又要推动其平稳地融入社会之中，从而保护受影响的法 律权益。" 不久前，北京某企业开发的APP被查明，在后台运行且用户未使用任何功能情况下，收集上传用户应用 程序安装、卸载信息。用户使用上传AI头像等功能时，调用非必要存储权限。 网信部门认定，其行为超出了实现个人信息处理目的最小必要范围，同时违反网络安全法、个人信息保 护法等法律法规，依法责令其改正，并予以警告、罚款处罚。 网络安全法与数据安 ...

2025年10月28日，十四届全国人大常委会第十八次会议表决通过关于修改网络安全法的决定，修改后的 法律自2026年1月1日起施行。中央网信办网络法治局有关负责人表示，本次修法回应现实关切，明确支 持人工智能发展的措施和安全规定，优化网络安全法律责任，有助于积极应对网络安全风险挑战。 此前，某省税务部门一采购项目进行招投标。某通信运营商原本已经中标，但后被查出所投网络关键设 备在开标之日前没有通过国家强制安全认证，不具有销售资格，涉嫌虚假应标，导致中标无效。 新修改的网络安全法对于销售或者提供未经安全认证、安全检测或者安全认证不合格、安全检测不符合 要求的网络关键设备和网络安全专用产品的，增设了相应的罚则。这有利于促进有关主体履行义务，保 障法律有效实施。 赵鹏表示，新修改的网络安全法提高了处置处罚精度。例如，对于网络运营者怠于履行信息安全管理义 务的，其处罚标准在原来"一般违法""拒不改正或者情节严重"两种情形的基础上，增加了"造成特别严 重影响、特别严重后果的"情形，并设定了更高的处罚标准，最高罚款1000万元。这有利于区分不同违 法情形的法律责任，也有利于推动相关主体依法履行相应的义务。 网信部门认定， ...

Core Viewpoint - The article highlights a case of a woman, Ms. He, who experienced a potential fraud attempt through a malicious software download, emphasizing the importance of cybersecurity awareness and immediate action in preventing financial loss [5][6]. Group 1: Incident Overview - Ms. He, a freight worker, was instructed to download a software via a QR code for business purposes, which later turned out to be problematic [3][5]. - In the early hours, her phone screen lit up and began to execute unauthorized transactions, leading her to suspect remote control of her device [5]. Group 2: Response Actions - Ms. He took immediate steps to secure her finances by disconnecting her phone from the network to prevent further remote access [6]. - She transferred her funds to a card that was not linked to any online payment systems and unlinked all her bank cards to stop any outflow of money [6]. - To eliminate potential threats, she performed a factory reset on her phone and reported the incident to the police, who praised her timely actions [6][7]. Group 3: Expert Recommendations - Cybersecurity experts advise users to develop good mobile usage habits, avoid clicking on unknown links, and refrain from downloading unofficial applications [8]. - It is recommended to install security software, such as anti-fraud apps, and to avoid connecting to unknown Wi-Fi networks in public places [8].

Core Insights - China Unicom has announced the winners of the 2025 National Finals of the Network and Information Security Skills Competition, highlighting the achievements of its employees in the field of cybersecurity [1] - The competition saw participation from 53 units and over 2,600 participants, with 133 teams and 545 individuals advancing to the finals after rigorous selection processes [1] - The event emphasizes practical skills in cybersecurity, data security, AI, and 5G, testing participants' technical abilities and stress management [1] Group 1 - The competition is recognized as one of the top-tier professional events in the cybersecurity field organized by China Unicom and its labor union [1] - The finals included both individual and team competitions, with innovative formats such as CTF and RDG, and introduced dynamic scoring mechanisms [1] - A participant, Ping Jianxin, achieved second place in the individual competition and was awarded the title of "China Unicom Technical Expert" [1][2] Group 2 - Ping Jianxin's success is attributed to his solid technical foundation and experience gained through participation in various national and provincial cybersecurity competitions [3] - He has quickly adapted to his role in local network security, effectively combining compliance requirements with practical experience [3] - His contributions include penetration testing, defense drills, and emergency response training, earning recognition from local authorities for his commitment and performance [3]

Group 1 - The insurance industry is facing increasing targeted cyberattacks, with risks from third-party system vulnerabilities and social engineering scams posing significant challenges to data security and compliance [1][3] - The company has launched a "Cybersecurity Knowledge Classroom" initiative to enhance cybersecurity awareness and enforce security responsibilities across all levels of the organization [1][6] Group 2 - The protection of sensitive information such as customer data, policy information, and financial documents is crucial for safeguarding customer rights and maintaining the company's brand reputation [3] - The initiative focuses on three core areas: educating on data classification and protection standards, breaking down high-frequency risk scenarios, and strengthening emergency response capabilities [3][6] - The training format includes morning meetings, case analyses, and interactive Q&A sessions to ensure effective knowledge transfer and engagement among employees [6] Group 3 - The company emphasizes a culture of "safety first, compliance foremost," with all employees participating in cybersecurity training and assessments to reinforce security responsibilities [6] - The initiative aims to establish a protective system where every employee is considered a security officer, contributing to a comprehensive safety framework [6] - The company plans to make cybersecurity training a regular practice, refine protective measures, and ensure specific accountability to safeguard customer interests and support sustainable development in the insurance industry [6]

Core Viewpoint - The article argues that "secure keyboards" used in mobile banking apps do not effectively protect user accounts and may actually encourage less secure password practices [1][8][14]. Group 1: History and Evolution of Secure Keyboards - The concept of secure keyboards originated from the need to bypass hardware keyloggers in public computers, leading to the development of software-based on-screen keyboards [4][6]. - In 1997, China Merchants Bank launched its online banking service, highlighting the early adoption of internet banking despite low personal computer penetration at the time [2][6]. Group 2: Current Implementation and Standards - Current mobile banking apps in China utilize a "secure keyboard" that replaces standard keyboards with a custom input method, as outlined in various industry standards [6][7]. - The standards JR/T 0068-2020 and JR/T 0092-2019 recommend measures like custom keyboards and character encryption to protect sensitive information [6][7]. Group 3: Limitations and Risks of Secure Keyboards - The article points out that secure keyboards may inadvertently promote the use of simpler, less secure passwords due to user convenience and familiarity [12][14]. - Many secure keyboard implementations restrict the use of password managers, which can lead to users resorting to easier-to-remember passwords, thus reducing overall security [14][18]. Group 4: Broader Implications for Security Practices - The discussion emphasizes that convenience often trumps security in user behavior, leading to the adoption of less secure practices despite the presence of security measures [15][20]. - The article suggests that effective security strategies must balance user experience with robust security protocols, as overly complex systems may lead to user frustration and non-compliance [20][19].

Core Viewpoint - The EU's enforcement of the Digital Services Act has escalated tensions between the US and Europe, with the US imposing travel restrictions on EU officials in response to a significant fine levied against Musk's platform X [1][3][5]. Group 1: Regulatory Context - The EU's Digital Services Act, passed in 2022, mandates large internet platforms to prevent the spread of illegal content and hate speech, impacting major US tech companies like Apple, Google, and X [3][5]. - The first fine under this act was imposed on X, amounting to €120 million (approximately $130 million), which has drawn strong discontent from the US [3][5]. Group 2: Political Implications - The US sanctions against EU officials are seen as a challenge to the EU's digital governance authority, indicating a shift from mere policy disagreements to a deeper political conflict [3][6]. - The US government has previously threatened retaliation against the EU's digital regulations, using them as leverage in trade negotiations [6][7]. Group 3: Internal Pressures - Both the US and EU face internal pressures to adopt more aggressive stances in their digital regulatory disputes, with US lawmakers advocating for harsher measures against EU officials [7][10]. - The EU Commission's cautious response to US sanctions has sparked debate within Europe, with some leaders calling for a stronger stance against US actions [10][12]. Group 4: Future Outlook - The ongoing digital dispute reflects fundamental differences in governance philosophies between the US and EU, with potential for further escalation as both sides prepare for future regulatory actions [15][16]. - The EU's ability to assert its digital sovereignty and respond effectively to US pressures will be critical in shaping the future of transatlantic relations [16].

Core Viewpoint - The year 2025 is a significant milestone for Vietnam's information and communication technology (ICT) sector, marked by important decisions in various areas such as institutional mechanisms, organizational structure, cybersecurity, data, and strategic technologies, aimed at accelerating digital transformation and shaping the long-term development framework of a digital nation. Group 1 - The National Assembly of Vietnam passed a series of important laws to establish a solid legal framework for science and technology, innovation, digital transformation, and the field of news and communication [1] - The Vietnamese government, National Assembly, and various departments and localities are committed to implementing the Central Committee's resolution on technological innovation and national digital transformation [2] - The Ministry of Information and Communications has been merged into the Ministry of Science and Technology, with some functions transferred to the Ministry of Public Security and the Ministry of Culture, Sports, and Tourism [3] Group 2 - The National Assembly approved the Cybersecurity Law and the Personal Data Protection Law, drafted by the Ministry of Public Security [4] - The government issued Decree No. 1131, announcing 11 strategic technology areas and 35 key product categories for Vietnam [5] - Vietnam hosted the signing ceremony for the UN Convention on Cybercrime and the Hanoi Convention, with participation from 72 countries, highlighting Vietnam's proactive role in shaping cyberspace governance and deepening international cooperation [6] Group 3 - The government issued a decree to pilot the development of a cryptocurrency market [7] - The government legally prosecuted several key opinion leaders and public figures for disseminating false advertisements and selling counterfeit goods online [8] - The National Credit Information Center of Vietnam suffered a cyberattack [9] - Vietnam has begun developing its low-altitude economy [10]