In recent years, with the rapid development of Internet and Information Technology and the subsequent cybersecurity problems, it appears to be of particular significance to provide legislative guarantee to cybersecurity by establishing the legislative system. Therefore, various jurisdictions have introduced cybersecurity laws and regulations and supporting polices to regulate cyberspace behaviors so as to safeguard national cybersecurity and public interests. With three specially created corpora of cybersecurity laws and regulations of the United States, China and European Union, this study integrates quantitative and qualitative approaches: on one hand, the corpus analysis software, Sketch Engine, is utilized to deal with the data in three corpora; on the other hand, from a semiotic perspective, this study attempts to investigate the convergence and divergence of cybersecurity laws in the United States, China and European Union respectively and to probe into the potential reasons for this so as to provide enlightening insights into legal interpretation and transplantation concerning cybersecurity and the improvement of the China cybersecurity legal system. Through preliminary data analysis, a semiotic interpretation and empirical research, several conclusions are drawn as follows: First of all, ″information (data)″ is a high-frequency word in three corpora, which indicates that ″information (data)″ is the key regulated object of cybersecurity law in the United States, China and the European Union. Furthermore, the collocations of ″information″ ″data″ “信息” and “数据”,are examined. It is found that the legal hierarchy of Chinese cybersecurity laws and regulations is relatively low with fewer epistatic laws, which is evidenced by the legal constitution of each corpus and laws and regulations concerning ″sensitive information″. Moreover, the types of information regulated by law are distinct from one another in the three corpora, and even for the same information type mentioned by different jurisdictions, its legal meaning may be constructed in various ways, such as ″sensitive information″ and ″copyright management information″, which is mainly attributed to distinct legal systems, ICT levels as well as social development situations in different jurisdictions. Therefore, as legal signs, the cybersecurity law and its legal terms are spatial and their meanings can be interpreted in various ways in different jurisdictions. Only in a particular jurisdiction can the meanings of cybersecurity law and its legal terms exist. In addition, due to its temporality, a cybersecurity law and its legal terms may change with the times and technological innovations, which results in the occurrence of new types of information. It is mainly reflected in three aspects: the lawmaking based on new cybersecurity challenges and crises arising in the society; the lawmaking or revision relevant to new technologies and business; and the formulation of basic cybersecurity law. For instance, due to the technological advances and social development, the content ranges of ″special categories of data″ and of ″personal data″ prescribed in the 1995 European Union Data Protection Directive are expanded in the European Union's 2016 General Data Protection Regulation. Thus, it can be concluded that the meanings of cybersecurity law and its legal terms should be reconstructed to accommodate the creative and dynamic society. Additionally, due to the conflict between the traditional legal system and terms and the rapid development of virtual cyberspace, the system of accusation and the standard of criminal penalty should be contextually reconstructed to adjust to the cyberspace. Thirdly, the imbalance of social development, law development and a country’s Internet technology levels decides the necessity of legal transplantation, during which the spatial feature of cybersecurity law and its terms, national conditions as well as the compatibility between foreign law and domestic law need to be taken fully into account, and foreign law and its terms cannot be deemed as texts in a vacuum. The legal meanings of the traditional cybersecurity legal system and legal terms should be reconstructed to adapt to the development and changes of the virtual cyberspace. Additionally, every construction, deconstruction and reconstruction of cybersecurity law and its legal terms serving as legal signs is the interaction between law and society. The roles of relevant social institutions should be given full play through social surveys in order for specific issues to serve as proof or evidence for defining and revising the law. Last but not the least, the quantitative corpus approach contributes to mining new contents and analytical methods for traditional scientific research, which is conductive to digging out the textual meanings of legal signs and to a better understanding of the divergence and convergence of meanings of legal terms in different jurisdictions.