Only the security business after cloudification has the possibility of large-scale volume growth, and can become the second growth curve of 360 in the true sense, and the network security industry, which has long been a red ocean, has the possibility of "turning blue".
Some say that in the security cloud space, other vendors may be just forming ideas, and 360 may already be running on the track. Although it is an exaggeration, it is not too much to describe the 360 security cloud with "born with a golden spoon" -
In the year when cloud computing and AI have successively made major breakthroughs, 360 Security Cloud was born, which is the time of day; At the 11th ISC, which is attended once a year, nearly 5,000 people attend, Zhou Hongyi, who is the first to speak, delivered the baby, which is a favorable location; Two weeks after the official release, the number of customers of 360 Security Cloud reached the order of hundreds, not counting the number of traditional security customers, this is people.
Based on the concept of "security as a service", 360 Security Cloud will accumulate 360 security capabilities in the past fifteen years to fully cloudify, and open these capabilities to customers in the form of personalized subscription payment of "free software and hardware, service charges".
Despite its low profile, 360 seems to be quite good at this "catfish behavior." As early as the anti-virus software war, 360 sacrificed the magic weapon of "free antivirus", directly cutting off foreign Kaspersky and domestic Ruixingjiangmin. The status of the network security leader was also established at that time.
Now 360, after focusing on the cloudified security business, with the possibility of large-scale volume, can it truly become the second growth curve of 360, and the network security industry, which has long been a red sea, has the possibility of "turning blue".
Cybersecurity enters the cloud era
On August 31, 360 released its 2023 half-year report. This is the first report card handed over by Zhou Hongyi after launching the "artificial intelligence mobilization", and the second quarter is the initial stage of 360's "full embrace of the big model". During this period, not only the general "360 intelligent brain" was iterated to version 4.0, the overall capability was increased by nearly 20% compared with the first generation, and the first deliverable security industry model "360 security model" was also released, and the artificial intelligence large model capability began to empower the development of network security business, which was also reflected in the financial report.
Financial report data shows that during the reporting period, the company's total revenue was 4.503 billion yuan, and the revenue in the second quarter was 2.537 billion yuan, a year-on-year increase of 10.42% and a month-on-month increase of 29.08%. Among them, the company's security business achieved revenue of 908 million yuan, of which the revenue in the second quarter was 654 million yuan, a year-on-year increase of 98.76%, a month-on-month increase of 157.16%, and the second growth curve of safety has been fully formed.
Another notable note is the continued increase in R&D investment. During the reporting period, 360's R&D expenses were 1.56 billion yuan, accounting for 34.64% of revenue, an increase of 1.21 percentage points over the first half of 2022 and nearly 3.59 percentage points over the first half of 2021. According to statistics, 360 safety R&D investment ranks first in the industry, which is equivalent to the sum of the 2nd to 10th.
This is only the growth rate of 360 network security business in the "pre-security cloud era".
After the official arrival of the security cloud era, whether it is an operation platform for defense against attacks, analysis and traceability, terminal and host data probes, security big data, or security threat experts, they will provide services for network security customers in the form of 7×24 hours cloud response in the cloud.
This is exactly what Zhou Hongyi mentioned at the ISC conference.
It can be imagined that when the original costly, offline network security deployment, which includes software and hardware and personnel expenses, becomes a secure hosting service called in the cloud, the quality of network security products will not shrink for customers. For 360, the service capabilities of the same scale of network security resources after cloudification have also doubled, and the growth of network security business revenue level is a foreseeable trend.
At the industry level, the once homogeneous and red sea network security industry has more possibilities for growth because of the 360 sample of "security cloud".
Traditional network security thinking is not good
If you pay a little attention to the dynamics of Internet vendors this year, you will find such a trend: the proportion of enterprise assets digitization is getting higher and higher.
For example, at the ISC conference site, the host was replaced by a digital host from a real person; In the booth at the venue, there are also Elon Musk digital people generated based on network data; Even among the guests who spoke, Shang Bing, chairman of the Internet Society of China, also participated in the speech in the form of a digital human.
Behind these digital people, it is not just "puppets" recorded in advance. To prove this, Zhou Hongyi interacted with digital humans on the spot. Zhou Hongyi asked the theme of his speech at last year's ISC conference, and asked the moderator to write ten related topics for this year's conference.
"Although (the digital host) still has a dull expression and a stiff voice, it can save money, and maybe there will be no need to hire a host at a large amount of money for future conferences." Zhou Hongyi said.
However, once these digital people encounter cyber attacks and do some behaviors that endanger enterprises, people, and national security, the consequences are also unimaginable. And this is just the tip of the iceberg of countless enterprise digital scenarios.
According to data released by the "Cloud Computing White Paper (2023)", the scale of the mainland cloud computing market will reach 455 billion yuan in 2022, an increase of 40.91% over 2021. It is estimated that in 2025, the overall market size of China's cloud computing will exceed one trillion yuan. With the acceleration of enterprises migrating to the cloud, the provision of SaaS-based managed security services has become a clear trend, that is, through professional security operation services, to make up for the lack of customers' own personnel and professional capabilities, so as to achieve the improvement of security capabilities.
This also provides the soil for the "cloudification" of network security, technology and market.
"Because vulnerabilities cannot be avoided, there is no network that cannot be breached, so digital enterprises and digital government cities have become the main targets of cyber attacks, and important critical infrastructure and cities, smart cities, and digital governments will become the main targets of advanced threat attacks."
In Zhou Hongyi's view, the field of network security is still stuck in the stage of "selling goods" and "integrated thinking", with problems such as stacking products, lack of operation and lack of systematic combat capabilities, and cannot adapt to the rapid digitalization of enterprise assets.
What is "selling thinking"? This is similar to building a hospital. If you are keen to sell X-ray machines, MRIs, and CT machines to patients every day, but lack experienced doctors, empty equipment and lack of services, it will definitely be ineffective.
The same is true of feedback from traditional cybersecurity users. Zhou Hongyi also bluntly said at the meeting that one of the ideas of network security now is to stack equipment and stack products. However, countless practices have proved that it is impossible to automatically resist ransomware attacks with products alone;
Although there are also operations, but more around the product, if you buy several network security products at the same time, you must be equipped with different operation and maintenance, the cost is naturally high, the real level of security experts, because of the high cost of hiring, but ignored.
This has caused a "lose-lose" situation between network security manufacturers and customers, with customers complaining that "spending money is ineffective" and manufacturers complaining that "customer investment is not enough", which is very unfavorable to the development of the network security industry.
The first crab of the security cloud, 360 eats first
How to organically combine network security products and network security data through "security as a service" is what 360 Security Cloud is doing.
Specifically, traditional security services still stay in after-sales service, remediation services and on-site services, and cannot truly establish a security operation system. However, in the new security cloud context, the connotation of services has been expanded, and "security as a service" has been extended to eight distinct categories - data as a service, intelligence as a service, knowledge as a service, capability as a service, experts as a service, platform as a service, tools as a service, and probes as a service.
To achieve the eight "security as a service", the requirements for network security companies resources and technology have increased exponentially. But under the precipitation of decades of network security experience, 360 also has the capital to make such a turnaround:
In terms of service scale and response speed, 360 has more than 1.5 billion end users in 225 regions around the world, more than 56 billion cloud kills every day, and more than 13 million newly captured samples alone. This also provides the most direct data raw material for 360 to conduct network security big data analysis;
In terms of computing power resource reserves, 360 has more than 200,000 servers and more than 210 data centers, 4000G of export bandwidth and 1000P computing power, providing sufficient space for 360's security cloud services and large models.
At the expert reserve level, 360 has 2,000 core security experts and tens of thousands of contracted experts, as well as urban service centers and 5,800 ecological partners covering the whole country.
Obviously, if the enterprises of the network security track are now "all on the cloud", and other manufacturers are still "all roads to Rome", 360 was directly born in Rome.
According to Zhou Hongyi, enterprise-level customers now want to deploy network security services in the cloud, and now they only need 4 steps:
One is cloud platform construction. Enterprises do not need to buy additional equipment, build computer rooms, and can directly build their own security operation platform on the security cloud.
The second is to deploy a lightweight cloud-based probe on-premises and access it to the cloud.
The third is to pass data, and 360 network-wide security data empowers users.
The fourth is to do operations, the first three things are done, to help users create a cloud operation system.
360 also realizes two levels of hosting - first, platform hosting, the entire operation platform design, construction, maintenance are hosted to 360, users as long as they move in with their bags, directly use. Second, operation hosting, data analysis and judgment, security incidents, and security attack response and disposal are entrusted to 360 security experts.
The business model of network security has also changed from simply selling equipment and servers to charging hosting fees and service fees, which is equivalent to creating a new game rule in the safe "red ocean market" and opening up a new "blue ocean market", which is the most fundamental change. This will likely turn the original non-security customers into security customers, and make the industry "cake" bigger, just as 360 does "free antivirus" to turn past non-users into users, to a certain extent, it will be another industry change.
Network security on the cloud, "Pifu" has the responsibility
After enterprise customers "migrated to the cloud", there are two most direct changes in the experience. One is that the cost has decreased, and the investment in network security is only one-third to one-quarter of the original. The second is to improve service quality. For example, due to attacks from the Internet exposure surface, the overall security capability of a government department could not respond to the latest security attacks in a timely manner, resulting in its security system being breached and notified by the regulatory authorities.
Through the Internet exposure surface and supply chain security package of 360 hosting service, with the blessing of 360 national security defense system, the latest security services are obtained in real time, and its Internet assets and supply chain related assets are comprehensively scanned and strengthened, and comprehensive 7*24-hour monitoring is implemented.
This is just the most basic cloud hosting service. After purchasing other deep hosting services, the 360 security team can also help them issue security operation reports every month, handle more than 4,000 effective alarms, find and patch 18 high-risk vulnerabilities, and find 2 suspected APT attacks that use customers as a springboard, and jointly report to relevant departments with 360.
Although the mainstream users of network security products are concentrated in the B-side and G-side, through the accumulation of the two eras of mobile Internet and AIGC, C-end individual users have gradually owned a lot of digital assets.
They can be everyone's own social platform accounts, game accounts and computer data, for some Internet bloggers living on the Internet, they are rice bowls, capital for survival; But more directly, it is everyone's Alipay wallet, WeChat wallet and virtual currency keys, which are funds directly stored on the Internet.
From the rare cases of game account recovery, virtual currency theft, and blogger data kidnapping for ransom, it can also be found that after the digital economy gradually penetrated into the social fabric, network security has changed from a specific demand of one industry or several industries to a universal demand of society. But this part is still not satisfied.
However, with 360 security cloud pearls ahead, network security services suitable for individual users will definitely emerge through the form of cloud. How to reclaim this sleeping blue ocean requires the joint efforts of the network security industry, including 360. However, judging from the significant increase in security revenue in the second quarter, 360 will be a strong competitor in this market.