Image source @ Visual China
Text | Industrialist, author | Buckets
From host security to program security to today's cloud security, the curtain is slowly being pulled open.
On the first day of March 2022, Toyota Motor suffered a cyber attack on the parts supplier system, causing the entire supply chain to fail, shutting down all domestic plants in Japan, involving a total of 28 local production lines.
Prior to this, in 2020, Honda had closed 9 factories due to the infection of the virus in its internal systems. In December 2021, Denso, Toyota's largest component maker, was attacked by a group of hackers and leaked the personal information of employees.
The suspension of production means that Toyota's Production Capacity in Japan is completely paralyzed, which is expected to affect the production of 13,000 vehicles – this is only a loss of one day of suspension.
In an exclusive report recently released by 360 Government and Enterprise Security Group, it was publicly disclosed that the US National Security Agency (NSA) launched a large-scale cyber attack against the world in order to achieve the purpose of US government intelligence gathering.
The NSA takes advantage of the core position of the United States in the global network communication and Internet system, and uses advanced technical means to achieve monitoring, interception and automated utilization of network signals.
While the NSA's large-scale attacks on the mainland, the number of infections in the backdoor of the Validator alone is conservatively estimated to be tens of thousands of orders of magnitude, and the number of infections may even reach hundreds of thousands or millions as the continuous attack evolves. It seriously threatens key infrastructure such as electricity, water conservancy, transportation, and energy.
In addition, data security is more in terms of personal privacy, such as the personal information of more than 100,000 employees of the United Nations has been leaked, Internet telecommunications fraud has been repeatedly prohibited, and the "Xu Yuyu" case is painful. All of this is a real threat to the fundamental right to privacy of the individual.
At present, data security has been pushed to a new height of historical development, whether it is at the individual level, enterprise level or national level, promoting the development of the data security industry has become the biggest proposition in the digital age.
What kind of security service providers does the market need? What kind of security capabilities are needed for the progress of the times against the background of science and technology? In the current digital attack, these are becoming the most core propositions.
01 The big blue ocean of data security
According to the Data Age 2025 report released by IDC, the global data volume will reach 60 ZB by 2020 and 175 ZB in 2025, which is close to 3 times the data volume in 2020.
At the same time, IDC predicts that China's data volume will grow the most rapidly, and it is expected to increase to 48.6 ZB in 2025, accounting for 27.8% of the global data circle, becoming the world's largest data circle.
With the increase of data volume, the information that can be mined behind the data is gradually enriched, both the government and enterprises have begun to realize the serious consequences that data leakage may bring, the emphasis on data security has increased significantly, and actively explore ways to maximize the value of data under the condition of security and control.
In addition, according to the statistics of VMR, an overseas market research institute, the global data security market size is about 17.38 billion US dollars in 2019, and it is expected that the global data security market size will reach 57.29 billion US dollars by 2027, with a compound annual growth rate of about 17.35%.
According to the statistics of the China Commercial Industry Research Institute, the scale of the mainland data security market in 2019 was only 3.8 billion yuan, accounting for only 3.4% of the global data security market, and there is still a big gap between the overall data volume of the mainland and 27.8% of the world.
It can be seen that in the future, there is still a large room for growth in China's data security market capacity, and considering that the overall development pace of China's data security market is slower than that of the United States, there is a market space of 100 billion yuan in China's data security market in the long run.
According to the latest network security market size data released by the China Cyber Security Industry Alliance, it is expected that the size of the mainland network security market is expected to reach 80.9 billion by 2023, and according to Wei Wei, director of the Information Security Department of the Institute of Information and Communications Technology, the size of the mainland data security market is expected to reach 9.75 billion in 2023, when data security will account for 12.1% of the overall network security market.
Top 100 Chinese cybersecurity enterprises
On July 16, 2021, the Ministry of Industry and Information Technology issued the "Three-Year Action Plan for the High-quality Development of the Network Security Industry (2021-2023) (Draft for Comments)", which proposes that the network security investment in key industries such as telecommunications will account for 10% of the investment in informatization in the next three years, which will also drive investment in the field of data security.
By measuring the proportion of investment in the field of network security in existing key industries, compared with the ministry of industry and information technology's requirement of 10% of network security investment and the international average investment level, it can be predicted that the investment of the government, finance, medical and health and energy industries in the field of data security is expected to further open up 1 to 3 times the growth space in the future, and there is still nearly 1 times the elastic growth potential space in the overall data security field.
In addition, the current framework of the mainland's data security supervision system has formed a system framework with the "National Strategy for Data Security" as the starting point, the Cybersecurity Law, the Data Security Law (to be implemented soon), and the Personal Information Protection Law as the core, and other special provisions, administrative regulations, industry sector rules, and local regulations as the details supplemented by the system framework.
Through the combing and statistics of the central laws and regulations, the document requirements issued by ministries and commissions, and the policy documents directly related to data security issued by the regulatory departments of various industries, it can be seen that the supervision and attention of the regulatory authorities to data security have increased year by year, and are mainly led by the central government and the Ministry of Industry and Information Technology, and the financial, water conservancy, transportation, education, government, telecommunications and Internet industries in various industries are industries with strict data security supervision.
In general, data backup, data classification, data security risk assessment and auditing are the four sub-areas that supervision attaches the most importance to, in addition, identity and access control, data encryption, and data leakage prevention are also the directions of regulatory attention.
In addition, according to the requirements and standards in the "Basic Requirements for Graded Protection of Network Security" under the Equal Guarantee 2.0 system, companies participating in the Equal Protection 2.0 assessment need to invest in database vulnerability scanning, firewall, audit, data encryption, desensitization, watermarking and other products.
It can be seen that at the macro level, with the release and implementation of data security-related bills, due to compliance requirements, it will also drive the steady growth of the industry.
In other words, in the field of data security, it is still a blue ocean, and there is huge room for growth.
02 The "Security Paradox" of Technology and Requirements
With the growth of the data security industry, the dilemma of industry development has gradually emerged.
The life cycle of data is divided into six stages: collection, transmission, storage, processing, exchange and destruction, and the core technical capabilities of data security are very different at each stage.
In the data collection stage, when users access the Web server, it will involve data classification, identity authentication, permission control, etc.; in the data transmission and exchange stage, it will involve encryption machines, database audits, data dynamic desensitization, data watermarking, data leakage prevention, access control, transmission channel encryption, etc.; in the data storage and processing stage, it will involve vulnerability scanning, data backup and recovery, operation and maintenance management, data encryption, data leakage prevention, isolated storage, user isolation, etc.
With the development of the digital economy, the number of data processing scenarios has also increased significantly, and the magnitude of data processing has increased significantly, and traditional network security technologies have been unable to meet the current scenarios with huge data volume and extremely fast data update speed.
As an emerging technology field, the development time of data security technology is still short, and some technical means and solutions are in the research and development stage, lacking application practice and cannot effectively ensure data security.
For example, digital bloodline tracking technology, data field labeling technology, etc. are not yet mature, and the impact on business operations needs to be further studied, and it will take time for large-scale applications.
In addition, the current mainland data security management system has been initially established, and laws and regulations such as the Cybersecurity Law of the People's Republic of China and the Provisions on the Protection of Personal Information of Telecommunications and Internet Users (Decree No. 24 of the Ministry of Industry and Information Technology) put forward the principled requirements for data security and personal information protection, but the specific requirements and penalty rules for the construction of technical means have not yet been clarified, and it is impossible to effectively promote the research and development and application of data security technology means by enterprises.
Some enterprises are hindered by factors such as operating costs and system performance, less investment in data security technology, relatively lagging behind in the research and development and application of data security technology, and some management requirements such as hierarchical classification and authority management are difficult to truly implement, which in turn affects the overall data security guarantee capabilities of enterprises.
There are three phases to data security
In addition, the mainland data security management started late, and most enterprises are currently facing the problem of data security transformation of existing business systems.
First, it is difficult to sort out data assets. In the early stage, the names of the data fields of various business systems within the enterprise were not uniform, the data types were complex and the number was huge, and it was difficult to effectively carry out the basic work of data asset carding as the construction of data security technical means.
The second is to affect the performance of the existing system of the business and increase the investment of enterprises. Data encryption and decryption, desensitization and other technologies occupy system resources to a certain extent, affecting system performance and user experience, and data security technology transformation requires upgrading hardware equipment and increasing enterprise cost investment.
Third, the risk of affecting the operation of business systems is high. The transformation of data security protection technology is often accompanied by the transformation of core systems, which is more difficult and risky.
At the same time, the transformation of data security technology belongs to the field of emerging technologies, and there are few mature technical solutions and practice cases that enterprises can refer to at present, and enterprises have greater concerns.
In the long run, the decline in downstream customer procurement demand has led to a slowdown in upstream product research and development investment than expected, and the progress of product research and development cannot keep up with downstream customer demand, and customer demand has declined in turn... The vicious circle between R&D and demand is endless.
In fact, problems similar to the above do not only exist in the field of data security. However, unlike other industries, data security technologies tend to be unpredictable and therefore tend to rely more on demand-driven.
For example, there are many ways of virus intrusion, data security service providers can not predict the maximum extent of their attack methods, only after a long period of case accumulation, can not be iterative upgrade technology.
At present, these problems have become an urgent problem for the development of the data security industry.
03 Security Market, Enterprises' "Two Eight Rules"
Compared with the dilemma brought by the industry, the competition pattern between enterprises is more severe.
According to IDC's IDC Global Cybersecurity Spending Guide, 2021V1, government, communications, and finance will remain the top three spending industries in China's cybersecurity market, accounting for about 50% of China's overall cybersecurity market.
For example, Qianxin and Tianrongxin mainly serve the government, the Department of Public Prosecutions and Law, and the military industry, and the three account for more than 50% of their total annual revenue.
In addition, Anheng information customers are mainly distributed in the government, public institutions, finance and education fields; more than half of the revenue of Convinced Service in 2020 comes from the government and institutions; NSFOCUS Technology has a higher proportion of operator and financial customer revenue compared with several other companies, and its proportion in 2020 will reach 21.48% and 20.61% respectively.
It is worth affirming that in the six basic network security fields of data collection, transmission, exchange, storage, processing and destruction, Tianrongxin, Xinxinfu and Venustech have been working in the field of network and infrastructure security for many years, and the core products have undergone research and development and upgrading, and occupy a stable leading position in their respective markets.
Among them, Anheng Information specializes in the application security, security management and data security markets; Qianxin leads the terminal security and security management market; and NSFOCUS's IDS/IPS, WAF and ADS products are in the leading position in the market.
Undoubtedly, for large customers with higher security requirements such as finance, communications, and government, they often choose head enterprises with a long establishment time and stable development. This also forms a high development barrier for small and medium-sized enterprises.
However, in addition to the traditional products that revolve around the life cycle of data, along the data collection, transmission, exchange, storage, processing and destruction process directly related to data or databases, there are also some industries that are closely related to data security.
For example, data security governance, identity and access management ("zero trust" system), privacy computing, etc., they provide methodology and system framework for the development of data security, introduce emerging technologies and application scenarios, and have become an important part of the future data security industry.
For example, Nebulas Clustar is to create a full-stack technology solution for privacy computing through financial scenarios. In 2018, Nebulas Clustar received an angel round of financing of tens of millions of yuan from Sequoia Capital China, and then went through three rounds of financing.
In addition, there is Omniscience Technology, founded in 2017, which focuses on the data flow security governance system, and its focus is on data security methodologies, developing data security products and tools that support relevant methodologies to ensure the flow of data in a safe and controllable environment. In 2021, Omniscience Technology completed a series B financing of hundreds of millions of yuan, which was led by Sequoia Capital China and GGV Jiyuan Capital.
Coupled with the recent fire of DevsecOps manufacturer Suspension Mirror Security, its security-based product layout has enabled it to recently complete an investment of hundreds of millions of yuan.
From the time of establishment and the number of financing rounds, it is not difficult to see that enterprises in the field of data security have built products in different directions, taking customers in the financial, manufacturing and other industries as the entry point to verify different solutions.
The field of data security is ushering in a new round of pursuit.
04 Next Decade: Data Security on the Cloud
In addition to the segments mentioned above, one area that cannot be ignored is data security on the cloud.
In a context of the cloud era, whether it is a head player or a small and medium-sized player, if you want to be invincible in the data security track, it is the general trend to do a good job in data security on the cloud.
According to the "2021 China Enterprise Cloud Index Insight Report", with the development of the market, enterprises are constantly looking for new methods and technologies to improve their management efficiency and reduce business costs. At this stage, 56.8% of China's real economy enterprises choose to give priority to the management system to the cloud.
Under the general trend of enterprise cloud migration, it also forces the increase in data security requirements on the enterprise cloud.
On the one hand, security issues in traditional environments still exist in cloud environments, such as SQL injection, internal ultra vires, data leakage, data tampering, web page tampering, vulnerability attacks, etc., on the other hand, a number of new security issues are constantly emerging in cloud environments.
Among them, the emergence is the major cloud computing vendors.
The first is Alibaba Cloud, which can provide almost all the security products required on the cloud, so Alibaba Cloud is also a representative of "nanny-style" cloud security in the industry, which literally means that it can provide customers with almost nanny-style security services, covering "food, clothing, housing and transportation".
Alibaba Cloud's product, DDoS Defense, claims that 90% of attacks can be automatically defended by AI engines. Product WAF won the report of gartner, Forrester, Frost & Sullivan, IDC and other four internationally renowned consulting institutions. As the core of the attack and defense confrontation on the cloud, it has always been the fist product of Alibaba Cloud.
The second is Tencent Cloud, which released China's first Internet security lab matrix - Tencent Security Joint Lab. It covers Yunding Laboratory, Anti-Virus Lab, Anti-Fraud Lab, etc. Committed to the construction of security technology research security attack and defense system, which covers zero trust, cloud mirror and other security products for specific scenarios.
In addition, Baidu's cloud computing business has also been tied to AI after several integrations. AI is the strategic core of Baidu, so in the field of Baidu cloud security, AI security occupies the majority, and it is also the core of all attack and defense technologies of Baidu Security. The BASS next-generation artificial intelligence security technology stack launched by Baidu Security basically covers all aspects of cloud computing security.
In addition to BAT, Huawei also laid out data security on the cloud early. In terms of product layout, Huawei announced its three major security systems in 2019, namely the anti-attack system, the data security system, the trusted cloud platform, and the cloud service system.
It should be noted that HUAWEI CLOUD has its own very clear dispatch in terms of private cloud security, that is, to pull ecological partners to fight the world together, and its ecological partners include data security companies such as Rising, Tianrongxin, and Qianxin.
In addition, major cloud vendors such as JD Cloud, Kingsoft Cloud, Qingyun, and UCloud have their layouts and strengths in the field of data security.
However, it is worth noting that there are many cloud service vendors in the market, users often deploy their business on multiple platforms, usually involving the infrastructure of two different cloud computing providers, and the scenario of multi-cloud and hybrid cloud will exist for a long time in the domestic market, so multi-cloud security and hybrid cloud security are becoming security pain points that cloud security solutions need to solve.
From host security to program security to today's cloud security, the curtain is slowly being pulled open.