Natto Thoughts

Natto Thoughts

State Entities

China’s Cybersecurity Powerhouses Face PLA Procurement Curbs

Regulatory squeeze on TopSec, VenusTech, Qi An Xin and other cybersecurity giants has tightened since 2024

Eugenio Benincasa's avatar
Natto Team's avatar
Eugenio Benincasa and Natto Team
Jul 15, 2026
∙ Paid

The Natto Team’s previous reports, published in early 2024 on leaked documents from the Chinese company i-SOON, discussed the complex network of China’s cybersecurity companies and their precarious relationships with their “clients,” particularly government and military entities. We found that, to win official procurement contracts, companies such as i-SOON often teamed up with other firms to strengthen their bids through bid-rigging schemes. Collusive bidding appeared to be a known practice in China’s cybersecurity industry, used to manipulate procurement processes. However, in the first half of 2026, the Chinese military’s official procurement website, Military Procurement Network (军队采购网), announced that numerous top Chinese cybersecurity companies were being suspended or banned from military contracts due to alleged procurement violations such as collusive bidding. These companies included Beijing TopSec Network Security Technology Co., Ltd. (北京天融信网络安全技术有限公司), a subsidiary of TopSec Technologies Group (天融信科技集团股份有限公司); Venustech Group Inc (启明星辰信息技术集团股份有限公司) and its subsidiary Beijing Venustech Cybervision Co., Ltd (北京启明星辰信息安全技术有限公司); and Qi An Xin Legendsec Information Technology (Beijing) Co., Ltd. (奇安信网神信息技术(北京)股份有限公司), a subsidiary of Qi An Xin Technology Group (奇安信科技集团股份有限公司). These companies have, to varying degrees, allegedly supported China's state-sponsored cyber operations or to the broader ecosystem that supports them.

How did this happen? How should we understand military procurement violations? What has driven the apparent tightening of the military procurement process? Which cybersecurity companies have been exposed? And what does this mean for China’s cybersecurity industry? We explore these questions in this piece.

The Appendix provides a list of the cybersecurity companies we identified as being suspended or debarred since 2024, along with the year, issuing authority, violation details, debarment or suspension period, and whether each company was publicly listed.

Natto Thoughts is a reader-supported publication. To receive new posts and support the Natto Team’s work, consider becoming a free or paid subscriber.

User's avatar

Continue reading this post for free, courtesy of Natto Team.

Or purchase a paid subscription.
© 2026 Natto Thoughts · Privacy ∙ Terms ∙ Collection notice
Start your SubstackGet the app
Substack is the home for great culture