Article 51 The State establishes a network security monitoring, early warning and information notification system。The national network information department shall coordinate the relevant departments to strengthen the collection, analysis and notification of network security information, and uniformly release network security monitoring and early warning information in accordance with regulations。

Article 52 Departments responsible for the security protection of critical information infrastructure shall establish and improve network security monitoring and early warning and information notification systems in their own industries and fields, and submit network security monitoring and early warning information in accordance with regulations。

Article 53 The national cyberspace administration shall coordinate relevant departments to establish and improve the working mechanism for cybersecurity risk assessment and emergency response, formulate emergency plans for cybersecurity incidents, and organize regular exercises。

Departments responsible for the security protection of critical information infrastructure shall formulate emergency plans for network security incidents in their own industries and fields, and organize regular exercises。

The emergency plan for network security incidents shall classify network security incidents according to factors such as the degree of harm and scope of influence after the occurrence of the incident, and provide corresponding emergency disposal measures。

Article 54 When the risk of network security incidents increases, the relevant departments of the people's governments at or above the provincial level shall take the following measures in accordance with the prescribed authority and procedures, and according to the characteristics of network security risks and the possible harm caused:
(1) Require relevant departments, institutions and personnel to collect and report relevant information in a timely manner and strengthen monitoring of cybersecurity risks;
(2) Organize relevant departments, institutions and professionals to analyze and evaluate network security risk information and predict the possibility, scope of impact and degree of harm of incidents;
(3) Issuing early warnings of cybersecurity risks to the society and issuing measures to avoid and mitigate the harm。

Article 55 In the event of a network security incident, the emergency plan for a network security incident shall be immediately launched, the network security incident shall be investigated and evaluated, and the network operator shall be required to take technical measures and other necessary measures to eliminate potential security risks, prevent the expansion of hazards, and timely release warning information related to the public to the society。

Article 56 Where the relevant departments of the people's governments at or above the provincial level, while performing their duties in the supervision and administration of network security, find that there is a large security risk or a security incident occurs in the network, they may interview the legal representative or the principal person in charge of the network operator according to the prescribed authority and procedures。Network operators shall take measures as required to rectify and eliminate hidden dangers。

Article 57 Emergencies or production safety accidents due to network security incidents shall be dealt with in accordance with the provisions of the Emergency Response Law of the People's Republic of China, the Production Safety Law of the People's Republic of China and other relevant laws and administrative regulations。

Article 58 In order to maintain national security and social and public order and deal with major social security emergencies, temporary measures such as restrictions on network communications may be taken in specific areas upon decision or approval by The State Council。