The Chinese government has announced plans to create a centralised computer database to store information about cyberattacks and data breaches that take place in the country.
The nation's internet watchdog, the Ministry of Industry and Information Technology (MIIT), said this week (13 September) that online companies, telecommunications firms and domain name providers would all have to report known cyber threats to the repository.
The MIIT is now set to ask companies to provide a record of incidents involving malware, hardware bugs and malicious IP addresses, Reuters reported.
Firms that fail to report data breaches and cyberattacks to the ministry will be hit with "warnings, fines and other administrative penalties".
It remains unclear how the law will be enforced and the full scope of the financial penalities.
The MIIT will reportedly be responsible for helping to resolve cybersecurity issues from 1 January 2018.
China has a strict internet regime and its so-called "Great Firewall" routinely blocks digital content the government does not want citizens to see.
A new cyber law came into effect on 1 June this year and security experts found it gave officials "unprecedented" power over companies operating in the region.
The law is overly broad and its language vague noted Recorded Future, a cybersecurity firm.
"Companies seeking to conduct business in China, especially those in the critical information infrastructure sectors, now face a host of technical, legal, and ethical decisions about operating in China that might not have been previously considered," the firm said.
Earlier this year, MIIT officials introduced new rules which required telecommunications companies to help restrict access to virtual private networks (VPNs).
Such software can be used to circumvent the government's iron grip on information, but were effectively outlawed by the government and may even be banned from February 2018.
In January 2017, the ministry first announced a "clean-up" of the web that would force firms providing VPN software to apply for a government licence to operate legally. This month, a 26-year-old man called Deng Jiewei was jailed for nine months after selling VPN access.
The country has more than 730 million internet users and last year was branded the "worst abuser of internet freedom" by the global internet watchdog Freedom House.