Supervision uncovered the effectiveness of the three-year plan to enhance the network and information security of securities firms, focusing on the industry's transformation and upgrade of technological architecture.

Securities firms' "Network and Information Security Three-Year Enhancement Plan" has come to a close, and the China Securities Regulatory Commission (CSRC) is currently assessing the situation and verifying the effectiveness of the three-year enhancement plan's implementation. It has been reported that this assessment involves 71 core issues, with a focus on technology investment, specifying that the average information technology investment from 2023 to 2025 should be at least 10% of net profit or 7% of revenue, while also requiring that technology staff account for no less than 7% and security staff account for 3% of the technology team, with a minimum of 2 people. As securities firms accelerate their digital transformation, the trend towards migrating from traditional centralized architecture to "cloud + distributed" hybrid architecture has become prominent, making it an implicit focus of this evaluation. The assessment also involves whether securities firms are compatible with new technologies such as cloud computing and distributed architecture, as well as the progress of the transformation and upgrading of core system technology architecture.