Cyber Risk Reduction in China, Russia, the United States and the European Union

This report provides an overview of cyber risk reduction terminology and regulatory measures within China, Russia, the United States and the European Union. It finds, among other things, that China and Russia excel at clear visuals and steps, yet they also tend to lack linguistic clarity. China, the USA and the EU possess interagency and public–private sector coordination, while facing jurisdictional overlap. All four actors are securing their supply chains, yet China and Russia face challenges with burdensome penalties for non-compliance, and the USA and the EU confront obstacles to enforcement at the state and member-state levels. This report is intended to provide a baseline for engagement among China, Russia, the USA and the EU on their respective approaches to cyber risk reduction.