On March 12, 2026, the National People’s Congress approved the “Outline of the 15^th Five-Year Plan for National Economic and Social Development (15^th FYP) of the People’s Republic of China” (中华人民共和国国民经济和社会发展第十五个五年规划纲要) (15^th FYP), the country’s highest-level development blueprint, which covers the years 2026 to 2030. Over the years, the Western cybersecurity industry, the US government and other private and public organizations have reported that China’s cyber operation targets are closely aligned with its strategic plans, including the FYP. Therefore, examining the strategic objectives in the FYPs is necessary to identify the likely intelligence requirements of China’s cyber operations. Meanwhile, the Natto Team has observed that China has incorporated relevant cybersecurity strategies into its FYPs since the 11th FYP (2006–2010) – from “strengthening the information safety (or security) guarantee” in the 11^th FYP to “strengthening network and information security” in the 12^th FYP, to “strengthening information security,” “safeguarding” national security, and “ensuring” national information security in the 13^th FYP, to “building a cyber superpower” in the 14^th FYP. The 15th FYP (2026-2030) expands on this, calling for integrating cybersecurity into every layer of digital development as a means to “ensure national economic security” (保障国家经济安全) while accelerating the effort to build a cyber superpower. The Natto Team believes that understanding China’s cybersecurity strategy within this context is essential for gaining clearer insight into cyber targeting originating from China. For example, our analysis of why and how provincial bureaus of the Chinese Ministry of State Security play a role in China’s cyber operations highlights this insight.

The following comments about the cybersecurity strategy in China’s 15^th FYP were written by Mei Danowski, co-founder and chief of Natto Thoughts. On March 17, 2026, Mei joined a forum with a group of experts to evaluate the diverse role of technology in China’s 15^th FYP, hosted by the DigiChina Project at Stanford University Cyber Policy Center. Mei’s comments have been revised from their original version since they were first published. To read other experts’ input, please check the DigiChina link here.

China’s 15th Five-Year Plan (15th FYP) outlines a cybersecurity strategy based on integrating cybersecurity into every layer of digital development—from core infrastructure to international governance. This is not surprising, given the rapid development of cybersecurity in China.

Accelerating the construction of a “cyber superpower” (网络强国, transliterated wǎngluò qiángguó) is one of five superpower-building areas highlighted in Part II of the 15th FYP. The other four areas mentioned are: manufacturing superpower, quality superpower, aerospace superpower, and transportation superpower. (The term wǎngluò qiángguó, prominent since 2014, refers to “competing to stand at the forefront” of technological development and “gaining greater autonomy in technological capabilities and greater influence in global governance,” as a 2018 Digichina analysis phrased it. The Natto Team has discussed this “superpower” goal and the development of offensive capabilities here, here and here.)

More detail for how to pursue this goal appears in Part XIV, “Safeguarding National Economic Security,” in the section titled “Enhancing Cybersecurity Capabilities.”

Particular emphasis is placed on protecting critical information infrastructure through cybersecurity reviews and cloud service assessments, as well as improving technical resilience by building disaster recovery and backup systems. There are also safeguards for industrial control systems and emerging technologies and applications. This is the first time that technical resilience—especially building disaster recovery and backup systems—has been included in the FYP. This likely reflects China’s recognition of the urgency amid growing technological competition and geopolitical tensions with Western nations.

At the same time, the 15th FYP promotes the growth of the cybersecurity industry as a pillar of economic and technological development. It calls for increased innovation, the integration of cybersecurity into the modernization of manufacturing through intelligent transformation, digital transition, and network integration (智改数转网联), and the production and adoption of “secure and reliable” information products and services, – by which it means reducing dependence on foreign products and services.

Beyond technical and industrial priorities, the 15th FYP underscores the importance of shaping a “healthy” cyberspace. Initiatives such as the “Qinglang” (Clean and Bright, 晴朗) campaigns, which first began in 2016, continue to curb online misinformation, cyber violence, and other unapproved content. Crackdowns on cybercrime - often with the help of private companies such as Qi An XIn’s Pangu team - as well as enhanced personal information protection and tighter oversight of platform algorithms and data practices, reinforce state control over the digital environment.

Internationally, China aims to participate in rule-making processes and strengthen cooperation on cybersecurity, data protection, and cross-border law enforcement. Through these combined efforts, the 15th FYP advances a vision of cybersecurity that supports both domestic stability and a broader international “community of shared future” in cyberspace, particularly by expanding the focus of international cooperation to specifically include cybersecurity.

Overall, the cybersecurity strategy in the 15th FYP, compared to that of the 14th FYP, introduces more granular requirements, such as product standards for the development and use of “safe and reliable” information products and services, as well as guidelines for technical resilience through disaster recovery and backup systems. There are also new security assessments specifically for cloud computing services.

How these requirements are further specified and implemented may be worth continued attention over the next five years. In the past, the Natto Team observed that Chinese government organizations and cybersecurity companies have hosted “live-fire” drills and hacking competitions, such as the Tianfu Cup and Matrix Cup. Additionally, a policy update in 2025 required security assessment organizations to maintain dedicated attack-defense labs as part of efforts to improve technical resilience. It is likely that these efforts will continue over the next five years.