In recent years, the common characteristics of cyberattacks are rapid, intelligent and covert, and the traditional information security defense system lacks sufficient coping ability, so attackers often get it easily.IDC believes that the information security initiative defense system (hereinafter referred to as 'Active Security Defense System') must be capable of coping with the next generation of advanced attack tactics. Only with capabilities such as multi-platform compatibility, intelligence, collaboration, tightly coupled business operations and prophecy prediction can various types of attackers become keenly aware Attack threat, thereby effectively blocking or substantially reducing all kinds of attacks in the new information environment.Nowadays, the active security defense system is no longer just playing the role of bridge 'guardrail', and it has truly become the 'giant wheel' that bears the weight of the enterprise business 'Hull' of operation - Whenever there are loopholes, the 'big wheel' will face the risk of sunk.
'The current cybersecurity situation is very serious and we have entered the normalization of cyber attacks. In May, ransomware ravaged more than 300,000 devices in 150 countries around the world and many more ransomware ramifications took place. In addition, we experienced an alarming data breach that included multiple data breaches that took place in the cloud, causing a large amount of sensitive information to be leaked. "Zhongzhong Shan, IDC's China vice president, emphasized that IDC data shows that China's information security and defense system Investment in construction is very backward compared with that in the whole world.In 2016, the investment in global information security construction accounts for 3.74% of the total investment in information construction, while the corresponding proportion in China is only 1.84%, less than half of the global average I. From the perspective of development environment, China's cyber security industry is facing a good policy opportunity as the national strategy of 'cybersecurity' has entered a new phase. On June 1 this year, the "Network Security Law," the official implementation of the relevant supporting The regulations are pushing for the construction of cybersecurity in all industries.
Zhong Zhenshan said that China's enterprise user information system security maturity significantly less than behind the protection system, the attacker is actively using machine learning, big data, cloud computing and other advanced technologies to attack the target system. Therefore, the user urgently In the future, based on technologies such as big data analysis and artificial intelligence, a network security risk situational awareness system is constructed, and the various components in the active security defense system are organically combined to make the construction of intelligent Active security system is possible.
So, enterprises in the process of building an active defense system, the most crucial part is what? IDC senior research manager Wang Junmin that, compared with the traditional passive information security defense system, active security defense system must be able to take the initiative to respond to the latest network attacks However, when building an active security defense system, they are also faced with the inherent problems of security defenses and their own fight against each other. 'The network security risk situational awareness system is vividly described as the' brain 'of an active security defense system. Situational awareness systems help users to recognize Threatening the environment, controlling the development trend of risk and threats, and actively proactively defending and enhancing the security capabilities of enterprises. "He explained that 'the network security risk situational awareness system is the' command center 'of the active security defense system, combining enterprise assets through threat intelligence, Machine learning, user and behavioral analysis techniques such as dynamic flow, log and other large amounts of information for in-depth analysis, while associated with enterprise information assets vulnerabilities, and threats to automation, visualization of the entire network security situational awareness, incident response and Coordination of resources.
'The digital transformation sweeping the globe is revolutionizing the user experience, business processes, products and services, and business models, and the adoption of new technologies such as IoT, cloud computing and big data accelerates digital transformation and at the same time enables us to enter cyber attacks The most normalized 'big security era.' "Sun Minglan, senior vice president and chief brand marketing officer of Xinhua III, pointed out: 'Today, it is very conducive to our country's political participation in the areas of national importance, industrial development and laws and regulations. The level of network security construction in enterprises continues to improve.
He believes that in the face of the new cyber threats and challenges in the era of great security, it is necessary to change the traditional security thinking and guide the development of the network security industry with a holistic and global view of security. Users are looking forward to having the overall network security protection capability or integration capability Integrated manufacturers, to fully escort its digital transformation.Therefore, the effective integration of the network security industry will be inevitable.
Zhang Xin, president of Xinhua III Information Security Technology Co., Ltd., explained the security concept and strategy innovation of Xinhua III.He believes that the network security industry needs to realize three changes: from passive response to attacks, to Based on the overall risk-based security shift from simple dependence and obsession technology to the integration of security, from a single point of protection to security platform up. "Enterprise-class users urgently need next-generation security technology - the construction of active security defense system. , The network security risk situational awareness system is the 'command center' of the active security defense system.Using related technologies such as big data / analysis and cognitive systems, the network security risk situational awareness system is constructed, and the various components in the active security defense system are organically combined Together, it is possible to build an intelligent proactive security system. '
Xinhua three latest release of the security situation awareness system core value is to help users enhance their ability to predict the decision-making, to quickly identify and solve problems, improve safety and efficiency, meet safety compliance requirements, to achieve the security risk threat 'foreknowledge, initiative Discovery, Collaborative Defense and Intelligent Evolution. "Zhang Li said that the Xinhua 3 Security Situation Awareness System has four technical characteristics of 'platformization', 'intelligence', 'visualization' and 'service-oriented'. Through collecting the original Traffic data, combined with machine learning and artificial intelligence, excavates and correlates massive heterogeneous security data to sense six major trends such as attack, threat, traffic, behavior, operation and maintenance and compliance, and generate a full range of security panoramas View so that users can quickly and accurately grasp the current security posture of the network, find threats to deal with risks in a timely manner, support security decisions and emergency responses, establish security early-warning mechanisms and enhance overall security capabilities.
China's information security market reached US $ 3354.7M in 2016, an increase of 25.1% over the same period of 2007. IDC predicts that the market for information security software, hardware and services in China will maintain a rapid growth in the next five years. By 2021, the total market will reach US $ 9.6B, with a CAGR of 23.4% from 2017 to 2021. The rapid growth of China's information security market means that future enterprise-level users' investment in information security will continue to increase. For the government, finance, education, and operators And other important industry users, the network security risk situational awareness system will become an important factor in determining the success or failure of its active security defense system.In addition, due to the rapid development of the industry cloud in these industries, the future network security risk situational awareness system may also become A kind of Security as a Service, which provides value-added network security risk situational awareness service to the subordinate units of industrial users.
Of course, since the network security risk situational awareness system plays an important role in the active security defense system, its market size will also become a part of China's information security market and maintain its rapid development.