Core Viewpoint - The 2025 Autonomous Trusted Computing Innovation Forum was held in Beijing, highlighting the importance of trusted computing and cybersecurity in China's digital economy, with Anheng Information becoming a key player in the collaborative innovation mechanism for autonomous trusted computing [1][4]. Industry Overview - The construction of the cybersecurity grading protection system is a significant initiative in China's cybersecurity field, with trusted computing serving as a core technological support for building proactive defense systems and ensuring the controllability of information systems [3][5]. Company Highlights - Anheng Information has extensive experience in the cybersecurity field, contributing to grading protection construction, trusted computing technology research and development, product implementation, and application in various scenarios [3][6]. - The company recently launched the "Grading Protection Evaluation Report Analysis Intelligent Agent," which integrates AI and core standards to create a multi-dimensional intelligent review engine, marking a new era in intelligent report auditing [6]. - Anheng Information was the first company to complete the initial "Enhanced Trusted Execution Environment Basic Capability Special Test" organized by the China Academy of Information and Communications Technology, focusing on privacy computing technologies [6]. - The company aims to build a secure data flow infrastructure and develop trusted data space products, utilizing advanced technologies such as Big Data Trusted Execution Environment (BDTEE), Multi-Party Computation (MPC), and federated learning to ensure reliable, controllable, and traceable multi-party data joint computing processes [6].

Core Insights - The article emphasizes the importance of proper classification and evaluation of information systems to enhance efficiency in compliance processes [1][4][8] Group 1: Classification and Evaluation - Proper classification is crucial and should be based on standards such as GB/T 22240-2019, considering the system's impact scope, social influence, and data sensitivity [1][4] - Common confusion arises regarding how to classify systems, often leading to either overestimation or underestimation of the classification level, which can result in increased costs or compliance risks [4][5] - A significant portion of business systems, approximately 78%, are classified at level two, while only core systems are classified at level three, which can alleviate compliance pressure [7] Group 2: Registration Process - The registration process should focus on clarifying security responsibilities rather than merely completing paperwork, with essential materials prepared in advance [5][6] - Establishing a centralized registration material database can facilitate quicker reuse for similar systems, particularly in large enterprises [5][6] Group 3: Evaluation Tools and Methods - Utilizing intelligent tools, such as the QianKun Cloud Integrated Machine, can help simulate evaluations and identify issues before the actual assessment [6][8] - The evaluation process should not be limited to vulnerability scanning; it must also include checks on management processes and compliance with national standards [6][7] Group 4: Industry Practices and Collaboration - Merging multiple systems for registration can enhance efficiency, as seen in practices by major internet companies that consolidate submissions [7][8] - Successful classification and evaluation require collaboration across departments, ensuring that business, security, and IT teams work together effectively [8]