BEIJING—China’s government has approved a broad new cybersecurity law aimed at tightening and centralizing state control over information flows and technology equipment, raising concerns among foreign companies operating in the country.

The law, passed by the standing committee of China’s rubber-stamp parliament and made public on Monday, says agencies and enterprises must improve their ability to defend against network intrusions while demanding security reviews for equipment and data in strategic sectors. The law also makes...