From the legislative push to science and technology policy landing, the network security market is expected to accelerate at a faster rate than expected, the next three to five years the industry's compound growth rate will reach 25% -30%, a trillion-dollar market is waiting to be opened.
In January this year, Minister of Science and Technology Wan Gang pointed out at the 2017 National Science and Technology Work Conference, "Science and Technology Innovation 2030 - Major Projects" will be prepared as soon as possible to complete the implementation program. National cyberspace security was included as one of the six major science and technology projects, blowing the general horn of cybersecurity science and technology innovation.
Security can be controlled how to emphasize are not excessive
Not sensational, complex technical combinations of attacks have been overwhelmingly pulled the "security alarm", network security and information technology is increasingly becoming an important factor in the field of security in our country to pull one hair and affect the whole body.
Liu Li, general manager of Dawning's network security products division, said to a reporter from Science and Technology Daily, "How can I describe the current grim network security situation to you? From the public data, there are more than tens of millions of controlled zombie servers or devices in China, and the attacks we suffer are growing every year."
As described in Cisco's 2017 Annual Cybersecurity Report, published by Cisco Security Research, there is a constant, unending tug-of-war between attackers and defenders, with attackers trying to gain more time to act, and defenders battling to eliminate the opportunities that the attackers are attempting to exploit.
Security and control cannot be overemphasized in such a situation.
"Failure to achieve security control over cyberspace is like building a house on someone else's foundation, and the series of potential security risks it brings will make national cybersecurity impossible to talk about." Dawning company president Li Jun said in an interview with Science and Technology Daily reporter, although China's network security industry is still in a relatively weak state of development, a considerable portion of the core technology is still subject to others, the core equipment can not be completely safe and controllable, the industry's localization needs to be improved. But in order not to the industrial chain of the "lifeblood" in the hands of others, vigorously promote the research and development of domestic hardware and software products, to cultivate a number of leading enterprises with a strong ability to grow their own brand, to drive the whole society to deal with network threats is a viable path.
Li Jun said: "It is foreseeable that, in order to truly realize the localization of network governance, the relevant enterprises will pay more attention to the cultivation of network security personnel, through the safe and reliable network products, combined with cloud computing, big data, Internet of Things and other types of important information technology and applications, from the source of the industry chain to provide security for the network. "
"National cybersecurity is included in the 'Science and Technology Innovation 2030-Major Projects', although it is necessary to realize the 'development of cyberspace security technology system covering both information and network levels, and to enhance information protection, network defense and other technological capabilities' this big goal still needs a multi-pronged approach, but the act of landing this policy is a very big incentive for us." Jiang Tianyi, CEO of Zhixiang Technology, told the Science and Technology Daily reporter: "Because cloud, Internet of Things and other technologies started a little later than the developed market, China's security needs and technological innovation is relatively lagging behind, and the investment in the field of security is inferior to that of developed countries. However, a large number of companies aiming at visualization, user behavior analysis and other security applications of the megatrend, the use of big data, machine learning, visualization and other advanced means, and quickly launched the layout of all aspects of security such as threat perception, data protection, identity authentication and user behavior analysis, and next-generation firewalls."
The shift from a "bordered" to a "borderless" concept
In the history of network security development, "border security products" represented by intrusion detection, firewalls and anti-virus
In the history of network security development, intrusion detection, firewalls and anti-virus products, represented by the "border security products" have always occupied a dominant position, these products are designed on the basis of the concept that the outside of the enterprise border is dangerous, full of viruses, Trojans and other security threats, security products are like a gateway to the border of the enterprise coupled with a variety of "locks", will be dangerous to keep out of the enterprise door.
Troublingly, the U.S. CSI/FBI survey shows that 80% of security threats come from internal employees or outsourcing personnel intentional or unintentional violations. With the opening of the Internet of Everything era, the "border security products" on the internal threat prediction and prevention is more and more incompetent, "lock" is no longer an effective security. However, according to Jiang Tianyi, the current domestic security market, the traditional "border security products" occupy more than 80% of the share.
When we are still using the "blocking" approach to passive defense, the logical framework of foreign network security has risen from the simple border protection to the protection of the entire cyberspace, the formation of a "know" as the core of the cyberspace management, prevention and control of systematized The program. In this "borderless world", based on user behavior analysis, big data business risk control, visualization and other technologies, "know" has become the key to security protection, network security to faster (machine learning, artificial intelligence, automation), more accurate (behavioral identification. visualization) and other directions to accelerate the evolution of network security, Visualization) and other directions to accelerate the evolution.
In fact, Amit Yoran, President of RSA, emphasized in his keynote speech at the RSA Conference, "Wake Up, Sleeper," that traditional cybersecurity defense technologies are no longer able to combat new security threats, and that passive defense strategies represented by firewalls are failing, and that the industry needs to change. The use of big data technology, artificial intelligence and technology learning and other new technologies to make security visible, unknown threat detection, visualization, analysis and disposal response has become the new development direction of the network security industry.
While most of the domestic security vendors are still struggling with the "prevention and blocking" approach, companies and their innovative products, such as Sky Guard, which focuses on content identification, Meran Technology, which focuses on detecting new types of attacks, and Zhixiang Technology, which focuses on cyber-space data security and big-data risk control, have begun to emerge and are on par with leading technologies and products in the international arena. The leading technologies and products are on par with the international ones, advancing network security in the direction of visibility and expanding the protection of network security from boundary to no boundary.
Jiang Tianyi told the Science and Technology Daily reporter: "The innovation of network technology has brought about new demands for information security, and the attention and investment in cyberspace security by the national strategy have created the conditions for the security market in China to usher in an outbreak. In the past two years, around this direction of the domestic outstanding security team and innovative products continue to emerge, around the user behavior analysis, security visualization, big data risk control and other directions of security innovation technology, or will give birth to new security unicorn enterprises."
Technical protection network to protect personal information security
In just over a year's time, all people seem to instantly understand that national network security is more than just a "superstructure" or security vendors "lobbying, enclosure" of the cold words, it is inseparable from the security of the people. It is inseparable from the safety of the people. In particular, the "Xu Yuyu case" and several other network telecommunications fraud cases caused by the tragedy, more intensified the public's deep concern about online security. A series of new high-risk online frauds designed by criminals have made many traditional fraud prevention knowledge and awareness obsolete.
After the issue of personal information leakage and protection was mentioned again at a news conference held on March 4 at the fifth session of the 12th National People's Congress, Fang Xingdong, president of the Internet Research Institute and director of the Internet Laboratory at Shantou University, said that it would be a great advantage if the Cybersecurity Law shifted its focus to the interests of the general public, especially personal information, which is the most catastrophic issue that is currently affecting all of us. The protection of personal information is currently the most disastrous, and everyone suffers from it, which will be of great benefit.
In fact, not only does the Cybersecurity Law clarify the principle of cyberspace sovereignty and the security obligations of network product and service providers and network operators, but it also specifies the basic rules for personal information protection. China has already paid attention to and emphasized the protection of personal information in a number of laws and regulations, and raised the security of personal information to the level of national strategy at the policy level.
China's telecom operators have also built an institutional and technologically advanced three-dimensional protection network for corporate data and customer personal information security.
According to China Mobile's press office, China Mobile has pulled together a framework for a big data security assurance system involving security policy, security management, security technology, security operations, compliance evaluation, and service support. Under this system, special emphasis is placed on: strict control of security risks in the process of opening up data to the outside world, to ensure that sensitive data does not go out of the network, does not go out of the country, and does not stay out of the network; improving internal control of data security, to ensure that the full life cycle of security management of big data resources; protection of user privacy information, to ensure that users before the opening of the data are explicitly authorized; to ensure that the synchronization of big data security protection capabilities in the planning, construction, and operation; and to ensure that data Emergency response and rapid disposal of security incidents.
For key operations involving users' sensitive information, it adopts the principle of "key operations, multi-person completion, and separation of powers and checks and balances", and separates operations from authorization, blurs sensitive information, and other means, to ensure that all sensitive operations are strictly controlled, and implements a comprehensive audit of all operation and maintenance operations. This protection method is known in the industry as the "vault model", and has become one of the nine industry standards completed by China Mobile.
Not only that, China Mobile has also taken the lead in completing seven international standards, and participated in the formulation of four cutting-edge technology standards of the National Information Security Standard Committee, providing strong technical support for operators to carry out international and industry cooperation and governance.
All of the above content from the network, hope to help you, hope to adopt