laitimes

Foresee the pain points of 2022 | prescriptions, and take the pulse of "network security"

Without network security, there will be no national security, no stable economic and social operation, and the interests of the broad masses of the people will be difficult to protect. The enhancement of network security capabilities and the healthy development of the industry are the basic guarantees for building a network power, digital China and a smart society, so it is crucial to take the pulse of network security strategic trends and development trends. This paper will analyze the future trend of network security, summarize the new situation and new requirements of international and domestic network security development, and put forward the development trend of technology and industry in the field of network security, as well as suggestions for promoting the development of network security in the mainland.

The current development situation of network security

Today's world is experiencing major changes unprecedented in a century, and a new round of scientific and technological revolution and industrial transformation have made rapid progress, which has greatly promoted economic and social development. With the integration and development of a new generation of information technology such as 5G, cloud computing, big data, AI, Internet of Things, industrial Internet, and quantum computing, people's production and lifestyle have been greatly changed, while network security is facing new opportunities and challenges. The COVID-19 outbreak in 2020 swept the world, which had a huge impact on global network governance, showing some unique changes, such as cyber attacks, personal privacy and other issues being amplified by the epidemic.

● Network security risks are increasing, and security attacks are frequent

In recent years, the global network security situation is not optimistic, security vulnerabilities, ransomware, data leakage, APT attacks and other network security threats have become increasingly severe under the influence of the epidemic, network intrusions against infrastructure and important information systems at home and abroad have occurred frequently, attack methods have been escalating, network threats have shown an upward trend year by year, and people's lives, economic production, social stability, and national security have encountered huge risks.

In 2021, related enterprises in the fields of global finance, energy, electricity, communications, transportation and other fields were attacked by DDoS, ransomware, APT and other attacks, which triggered adverse consequences such as business stagnation and public panic. In May 2021, Colonial Pipeline, the largest U.S. refined oil pipeline operator, was forced to shut down its key fuel network that supplied fuel to the eastern coastal states of the United States due to a ransomware attack, which seriously affected the supply of some refined oil products; in September, New Zealand telecom operator Voxus suffered a DDoS attack, resulting in a multi-regional network service interruption for 30 minutes, seriously affecting the work and life of a large number of home-based residents under the epidemic; from July to October, Hacking group Lyceum has launched a series of APT attacks against telecom operators in countries such as Israel and Saudi Arabia... According to statistics, under the influence of the epidemic in the first half of 2021, all kinds of enterprise businesses in the mainland continued to migrate online, and the number of DDoS attacks has increased rapidly for four consecutive years, and the intensity, means and sources of attacks have been significantly upgraded compared with the past.

● Global cybersecurity competition is becoming increasingly fierce, and security strategies are frequently upgraded

The cyber security strategy has become an important part of national development, and the European Union and the United States have actively promoted the introduction of cyber security policies, prevented cyberspace security risks brought about by the epidemic through strategic cooperation and strategic upgrading, accelerated the construction of critical information infrastructure protection, and continued to deepen and expand into new areas. In the field of information technology, the risk of global supply chain and industrial chain has increased, and the global cyberspace has entered a period of turbulent change.

In 2020, the US government successively issued important documents such as the National Strategy for 5G Security and the National Strategy for Key and Emerging Technologies, continuing to strengthen investment in cyberspace security, improving the layout of cyberspace, continuously improving cyber attack and defense capabilities, and accelerating the integration of new technologies and applications. In January 2021, the EU released its upgraded cybersecurity strategy, the Cybersecurity Strategy for the EU Digital Decade, to strengthen the EU's ability to counter cyber threats, enhance the reliability of collective defences, and ensure that all citizens and businesses can fully benefit from reliable digital tools. In 2020, the Australian Government released the Cybersecurity Strategy 2020, outlining ways to ensure online safety for families, vulnerable groups, critical infrastructure providers and businesses, and announcing a cyber enhanced situational awareness and response plan.

● The development of network security in the mainland has continued to improve, and legislation and supervision have been intensively introduced

The strategic thinking of network power is an important part of Xi Jinping Thought on Socialism with Chinese Characteristics in the New Era, and at present, network security has risen to the height of national strategy, and the 14th Five-Year Plan determines that network security has become one of the key points of China's development and construction work in the future. In 2021, regulators will intensively formulate and issue heavyweight laws and regulations, and the Data Security Law, the Personal Information Protection Law, and the Regulations on the Protection of Critical Information Infrastructure will be issued one after another, focusing on network construction planning, security protection, security management, risk assessment and other aspects.

While the mainland's cybersecurity supervision is becoming stricter, security law enforcement has also continued to be strengthened. According to statistics, in the first three quarters of 2021, the Ministry of Industry and Information Technology has cumulatively notified 1494 illegal APP and removed 408 APP that refuse to rectify; the regulatory level has successively launched a network security review of Didi Chuxing, Yunman and other enterprises, driving enterprises to increase their attention to network security.

The future of cybersecurity

The research and development of new security technologies, the improvement of network security capabilities, the improvement of the critical information infrastructure guarantee system, the strengthening of data security protection, and the rapid development of the network security industry play an important role in maintaining national security, stable economic and social operation, and the interests of the people, and are also the focus and development trend of network security in the future.

New cybersecurity technologies are booming

The innovation and upgrading of network architectures such as cloud-edge collaboration, cloud-network integration, and computer-network integration promote the development of network security protection in the direction of endogenous, active and intelligent. The endogenous security defense system in cyberspace is developing with each passing day, including the endogenous security technology system of typical technologies such as "zero trust", mimetic defense, decentralization, and trusted computing, which will fundamentally solve the problem of security and credibility; actively carry out research on active defense technologies such as dynamic boundary protection, deception defense, and threat hunting, so as to detect and respond to security threats more accurately and quickly; and intelligent security technologies such as user entity behavior analysis, security orchestration and automated response, and extended detection and response. Will help enable dynamic defense of network security. In addition, the epidemic has created an irreversible trend of "working anywhere", and solutions such as secure access to the edge of services and "zero trust" have become security measures to solve the problem of working anywhere, which is crucial to ensuring enterprise network security in the era of "remote work".

Focus on critical information infrastructure protection

The world's increasingly prominent security threats spread and penetrate into important areas of the country, and the key information infrastructure in the fields of finance, energy, electricity, communications, transportation and other fields is the nerve center of economic operation, the top priority of national network security, and the target of possible key attacks. Cyber threats and cyber attacks on critical information infrastructure are also on the rise year by year, and the security protection of critical information infrastructure is increasingly valued by countries.

On September 1, 2021, the Regulations on the Security Protection of Critical Information Infrastructure (hereinafter referred to as the Regulations) were officially implemented, and network security officially entered the era of "customs protection". The Regulations strengthen the government's guidance and supervision responsibilities and implement the main responsibilities of key information infrastructure operators, which means that enterprises must increase the degree of attention and capital investment in the security of critical information infrastructure, and do a good job in "off-the-line" security protection. Establish a security assurance system for intelligent coordination of critical information infrastructure, strengthen network security situational awareness, monitoring and early warning, risk assessment, attack traceability, incident handling, and other capabilities; increase the deployment and application of security independent products, accelerate the innovative application of domestic products in "off-base" protection; implement "off-base" supply chain management and security risk assessment work, carry out procurement, deployment, use, and maintenance of important network products and services, and reduce supply chain security risks. As a result, the focus on critical information infrastructure security will continue to increase.

The intensity of data protection and personal information privacy protection has been strengthened

In the era of digital economy, data as a factor of production has become the core proposition of network security, and the increasing generalization of data security threats on a global scale has made data security face a more severe situation. At the same time, the normalization of the prevention and control of the new crown pneumonia epidemic and economic globalization have brought new challenges to personal privacy protection and data security. Data security and personal information privacy protection will become the focus of people's attention.

The release of the EU GDPR has protected the personal data and information security of consumers and EU citizens, which has brought great impact to enterprises; the mainland has successively implemented the "Data Security Law" and "Personal Information Protection Law" in 2021, establishing a comprehensive protection of the data field, its importance is self-evident, data security construction in various industries, enterprises will be accelerated on the agenda, data security construction relies on the combination of technology and management to achieve data life cycle protection. At the same time, it is necessary to improve the personal information protection mechanism and strengthen the protection of privacy. In addition, privacy-enhancing computing technology is one of Gartner's eight cybersecurity trends predictions for 2022, providing protection during data at rest, use, and transfer, enabling secure data processing, sharing, cross-border transmission, and analytics, while reducing the risk of data breaches, supporting new forms of computing and sharing, and is currently accelerating into actual projects with commercial value. In addition, data security technology research such as federated learning, multi-party security technology, dense state computing, secure retrieval, and multi-domain collaborative tracking will also be applied.

New digital scenarios and new service security applications have gradually landed

The tracking and research on new technologies and new business security issues such as the Industrial Internet, the Internet of Vehicles, the Internet of Things, and artificial intelligence has been further strengthened, and a number of measures to improve their security monitoring and protection level and reduce security risks have been gradually implemented.

In the future, the full-link protection system of the Internet of Vehicles covering vehicles, platforms and applications will be accelerated, and the application deployment of key scenarios such as remote monitoring, automatic driving, and vehicle-road collaboration will also be gradually implemented. The demand for industrial Internet and industrial control security scenario-based protection around devices, controls, networks, identities, platforms, and data, as well as IoT security applications such as smart agriculture, smart homes, and wearable devices, will further increase. The integration of artificial intelligence and network security continues to deepen, and technologies such as ai-based defense, security threat monitoring and autonomous response, and homomorphic encryption are developing rapidly, while the security, malicious abuse and privacy violation of artificial intelligence itself may become the focus. In addition, new technologies and new scenarios such as quantum computing and space integration will also become the focus of research.

The network security industry continues to grow steadily

In recent years, new industries and new formats in the digital economy have flourished, and driven by multiple factors such as national policies and technological innovation, the demand for security has continued to be released, and a good environment will continue to promote the steady growth of the mainland network security industry.

According to statistics, the size of the mainland network security market in 2020 will be about 53.2 billion yuan, and the growth rate will be higher than the global average. In the first three quarters of 2021, the revenue of most listed network security companies maintained positive growth, and the overall operating income of the industry increased by 23.32% year-on-year. With the increase of policy capital and the emergence of new application scenarios, important segments such as data security, security services, and industrial control security in the network security industry will gain growth momentum, driving the overall development momentum of the market, while users' demand for network security shows a diversified trend, including graded protection, container security, cloud platform, risk assessment and other product categories have become hot spots.

Recommendations for cybersecurity developments

In the face of the complex situation and arduous tasks of network security, we must adhere to active defense, scientific change, overcome difficulties, fully implement the deployment and requirements of the "14th Five-Year Plan", and accelerate the high-quality development of network security technology research and applications in the mainland.

Strengthen policy standard guidance

The supervision of the government and relevant institutions is crucial to the development of network security, and the construction of the network security policy system system should be strengthened, the "Cybersecurity Law" and other relevant laws and regulations should be implemented, and supporting legal systems should be introduced in a timely manner; accelerate the formulation of network security standards, improve the pertinence, standardization and enforceability of standards, and use standards to lead and standardize network security work.

Focus on security technology breakthroughs

After years of development, the progress of the mainland Internet and digital economy is obvious to all, but the core technology is still subject to people and other issues, and in the future, we need to focus on breaking through the core technologies that restrict the development of network security in the mainland, strengthening network security technology innovation, further strengthening the network security system and capacity building, and building a solid national network security barrier.

Cultivate an integrated development ecology

Actively embrace the era of great security, deepen win-win cooperation between upstream and downstream of the industrial chain, coordinate to promote talent training mechanisms, give play to the enthusiasm of all parties in "industry, education and research", jointly build a new network defense system, share industrial chain resources, jointly build a new industrial ecology, open up a new situation in network security development, and ensure the smooth circulation of the "artery" of the digital economy.

Author of this article

Foresee the pain points of 2022 | prescriptions, and take the pulse of "network security"

Wang Shanshan

China Unicom Research Institute

Foresee the pain points of 2022 | prescriptions, and take the pulse of "network security"

Xu Lei

Foresee the pain points of 2022 | prescriptions, and take the pulse of "network security"

Zhang Manjun

End

Author: China Unicom Research Institute

Wang Shanshan, Xu Lei, Zhang Manjun

Editor-in-Charge/Layout: Fan Fan

Review: Shen Qing

Producer: Liu Qicheng

I knew you were "watching"

Read on