Therefore, this report is based on the current status of digitalization of government and enterprises, analyzes the network security risks caused by the application of emerging technologies in various industries, and explores the digital network security needs of various industries and manufacturer solutions. Analyze the current status and future trends of government and enterprise digital network security development from the three levels of macro policy, technology, and application, explore high-growth areas of network security and future technology hotspots, and provide references for readers who are concerned about the development of China's network security industry.

Current situation of government network security: Affected by the COVID-19 epidemic and international situation, government websites are frequently attacked

With the continuous advancement of digital government and the in-depth application of various digital means, government governance is also facing increasing cybersecurity risks. Against the background of the impact of the COVID-19 epidemic and the complex international situation, from 2019 to 2020, DDoS attacks launched against important units such as China’s party and government agencies and critical information infrastructure became more organized and purposeful, and the overall trend was high frequency and high incidence. In 2019, China's important party and government agencies were attacked by phishing emails from APT organizations more than 500,000 times, which was particularly rampant during major events and sensitive periods in China. In 2019, 515 government websites in China were tampered with.

According to "China's Government and Enterprise InstitutionsData SecurityRisk Research Report", from January 2019 to August 2020, among major global data security incidents, 19.3% occurred in the Internet industry; 14.0% occurred in the IT information technology industry; and 10.7% occurred in government agencies and institutions.

Current status of government network security: Government has become the largest share of the downstream network security market

◆The focus of digital government reform and construction is to promote the integration, opening and sharing of government data. The integration of government data and business has increased the difficulty of network security protection, making the government's network security construction face a more complex situation and severe challenges.

◆《information security"Basic Requirements for Technical Network Security Level Protection" stipulates that the objects that need to build level protection are the information systems of governments, public institutions, and enterprises that provide services to the outside world operating within China, as well as basic networks, cloud platforms, big data, the Internet of Things, and industrial control systems. and mobile Internet and other fields.

◆According to data disclosed by large network security vendors such as Sangfor, Anheng Information, Qi'anxin, NSFOCUS Technology, and Tianrongxin, the government is usually their downstream customer with the largest revenue share, with an average share of more than 30% in 2018.

Government and enterprise network security pain points:

The enterprise safety management system is imperfect

The weak security awareness of enterprises and the imperfect management system lead to enterprises often passively deploy network security products to "patch" after encountering network attacks. However, as the digital transformation of enterprises deepens, their pursuit of new technologies has extended new information security risk points. On the one hand, imperfect management systems will lead to a mismatch between security capabilities and system application capabilities. On the other hand, they will face threats from internal personnel. Error or deliberate sabotage, risk of information theft.

Enterprises are not clear about their own assets

From the traditional perspective of information security, information assets only include hardware, personnel, site services, etc. However, the development of new generation information technology has caused an increase in the number of enterprise data assets, and enterprises are not clear about what assets they have, let alone potential security risks. network security risks. The enterprise network security system must achieve prevention beforehand, processing during the incident, and traceability afterward, and truly implement it to achieve protective effects, which requires networksecurity servicesVendors systematically sort out and design the top-level architecture.

Enterprise security products are siled

In the past, enterprises deployed network security products in a "patching" manner, resulting in the isolation of each network security product or system, and the product effectiveness was not maximized. As the digital transformation of enterprises deepens, the business of enterprises grows and the scale expands. , Enterprise network security planning needs to make up for the shortcomings and adapt to the growth of the enterprise. Enterprises need to have sustainable security operation capabilities.

Lack of enterprise security talents

Cybersecurity is a computer discipline that requires extremely comprehensive capabilities and a wealth of practical experience. The talent growth cycle is long. With the advancement of digitalization, enterprises’ demand for cybersecurity talents is gradually increasing. The scale of demand for cybersecurity talents in the first half of 2019 This represents a month-on-month increase of 104.9% compared with the second half of 2018, and there is a regional imbalance in supply and demand. Cyber security talents are mostly concentrated in first-tier cities such as Beijing, Shanghai and Shenzhen.

Insufficient safety awareness among grassroots personnel
Since most government department staff do not have systematic knowledge of network information security and lack overall security concepts, and are limited by objective reasons, many government department staff do not have the opportunity to receive more systematic security awareness training, making it difficult to A joint force is formed in network information security work, resulting in no one taking responsibility for daily work, and each other passing the blame when problems arise, unable to effectively solve existing problems and hidden dangers.

Lack of funding guarantee

The purchase, maintenance, technical support, and expansion of software systems all require expenses for network equipment and security equipment, and the funds used often cannot directly bring economic or social benefits. It is inevitable that the heads of government departments, especially the main leaders, will have insufficient understanding of the current status of network information security in their units, resulting in a situation where investment and management in security work cannot meet security protection requirements.

Weak emergency response capabilities

The talent gap for cybersecurity professionals in China is estimated to be more than 500,000, while the number of college graduates in cybersecurity-related majors is only about 20,000 every year. Data show that in the context of many industries being affected by the epidemic and the scale of recruitment significantly reduced, the demand for network security talents throughout 2020 still increased by 47.5% year-on-year compared with 2019. The demand for talents is growing rapidly, and the requirements for talents' professional abilities are constantly increasing. However, the growth rate of talent supply is always lower than the growth rate of demand, and the quality of talents is difficult to meet the demand.

Insufficient cybersecurity talent

Due to the different internal organizational structures of various government departments, the internal agencies responsible for network information security are often equal and independent from the departments responsible for specific business systems. There is no upper and lower management authority, resulting in the inability to form a unified emergency response process. In the face of emergencies, When incidents occur, the network information security department and business departments lack an information reporting mechanism and are unable to form a joint effort to deal with the incident in a timely and effective manner.

E-government digital background: The e-government market size will reach 352.1 billion yuan in 2020

The meaning of e-government is to use information technology to break down information islands and data chimneys between and within departments, reshape and optimize government business processes and organizational systems, and create a more transparent and efficient service-oriented government. It is an important link in reform and an important strategic support for promoting the modernization of the national governance system and governance capabilities. The important carriers of e-government are government portals and government service platforms, as well as the supporting big data services and cloud service platforms. The development goal of e-government is to create a digital government that is holistically linked, efficient and benefits the people.

E-government network security risks: Government cloud migration brings new risk categories

The state is encouraging government departments to explore new mechanisms for the construction and operation of government information based on cloud computing to promote the sharing of government information resources and business collaboration. In the construction process of the government cloud, security is a key issue that cannot be ignored or bypassed. Ensuring the security of e-government systems is not only about providing stable and reliable government services, but also a direct reflection of national information security.
Government cloud is a combination of government systems and cloud computing. In the government cloud environment, some targeted protective measures must be taken to protect core assets against the new threats and risks introduced by cloud computing and virtualization technologies.

Key points in e-government network security construction: Government big data protection is difficult and compliance pressure is high

◆The construction of e-government and digital government emphasizes being data-driven. According to statistics, as of the end of 2020, at least 19 provincial institutions have established big data management institutions.
◆The use of government data in the era of big data has significant characteristics such as complex scenarios, many data users, large amounts of data, and large exposure surfaces. It faces the dual difficulties of difficult protection and high compliance pressure.

The main challenges of government data security include:

1. When data is stored centrally and constantly called, data activity will increase and circulation risks will intensify.

2. The data volume, format, and activity of government big data platforms are constantly changing, and security capabilities need to be adjusted accordingly.

Background of digital transformation of public security: The Internet, public security intranet and video private network constitute a complex network structure

◆The construction of the public security information system network mainly includes the construction of basic public security communication facilities and network platforms, the construction of public security computer application systems, the construction of public security work informatization standards and normative systems, the construction of public security network and information security systems, and the construction of public security work informatization operation and management systems. and the construction of the National Public Information Network Security Monitoring Center. The public security information network usually has three components: the first is the public security information intranet that carries internal public security services; the second is the public security Internet that carries external network services; and the third is the public security video private network that carries the management of public security cameras.
◆The public security organs are the supervisory departments of network security. They not only occupy a considerable market share of the network security market, but also play a key role in the overall development of the industry. Several of the most important regulatory policies for the cybersecurity industry, such as waiting protection and network protection operations, also come from the Ministry of Public Security, and the implementation of most cybersecurity policies is also supervised and implemented by the public security department.

Public security network security risks: Xueliang Project brings complex security risks and needs

◆The Xueliang Project, that is, the Internet application of public security video surveillance, takes "full area coverage, full network sharing, full availability, and full control" as the overall goal, with the public security agency video image sharing platform as the core, and hierarchically integrates various types of video images Resources, maximize the network sharing of video image resources in public areas, and provide strong visual information support for anti-terrorism and stability maintenance, public security prevention and control, emergency response, enterprise/individual services, mass services, and urban civilization.
◆The construction of Xueliang Engineering not only faces the requirements of network security level protection and regulatory compliance, but also faces security risks such as video terminal equipment illegally accessing the network and being illegally controlled, the data center encountering malicious intrusion attacks, the spread of malicious code, and video data leakage.

Focus on public security digital network security construction: monitoring, early warning and situational awareness technology to assist network security supervision

◆With the development of network technology and the continuous upgrading of various network threats and attack technologies, traditional passive defense network security measures can no longer meet the needs of network security protection. Situation awareness is the core technology in the field of network security active defense. It can obtain and understand the security element information that causes network situation changes in the network environment, evaluate the network security situation, predict its development trend, and display it to the public in a visual way. Users, help users make corresponding security decisions and actions, thereby achieving proactive and dynamic security defense. For the public security departments responsible for network security supervision, network security monitoring, early warning and situational awareness have become important components of public security digital network security.

Smart city digital background: remarkable construction results, investment scale of nearly 30 billion yuan

◆Smart city is the use of new generation information technology to solve urban development problems, including management, people's livelihood, economy, politics and other aspects, emphasizing systematic and intelligent solution to problems in urbanization. China's smart city pilots have basically covered all provinces, municipalities and autonomous regions across the country, with the urban agglomerations along the Yellow and Bohai Seas and the Yangtze River Delta being relatively concentrated. In 2020, the cumulative number of smart city pilots in China has exceeded 900.

Smart city network security risks: covering multiple levels of strategy, management, technology, construction and operation

◆According to "GB/T 37971-2019 Information Security Technology Smart City Security System Framework", smart city security refers to the maintenance of information confidentiality, integrity and availability in smart cities, as well as the security of applications and services provided accordingly. The security risks faced by smart cities are mainly reflected in the following aspects: security strategic risks, security management risks, security technology risks, and security construction and operation risks.

Focus on smart city network security construction: focus on top-level design, involving protection, management, operation and maintenance

◆The smart city security system is based on the top-level design of smart cities, covering the infrastructure, perception layer, network layer, platform layer, and application layer in smart city construction, and builds a smart city security technology protection system, a smart city security management system, and a smart city security system. Operation and maintenance system.

Enterprise digital network security application analysis

The current situation of enterprise digital transformation: the degree of digitalization matches the scale of infrastructure construction
◆As China's digital transformation evolves from single-point applications to continuous collaboration, traditional industries use digital technology to carry out all-round, multi-angle, and full-chain transformation and upgrading. The digital transformation of enterprises also shows the characteristics of continued increase in investment and closer integration of technology and business. According to the "2021 Chinese Enterprise Digital Security Construction White Paper", many industries in China are in a state of "deep digital dependence", and their degree of digital construction matches the scale of infrastructure construction rather than the number of employees.

Current situation of enterprise network security: Network risks are increasing in various industries, and managers’ attention is increasing year by year.

◆As the digital transformation of enterprises continues to advance, the cyber risks encountered by enterprises have further intensified. Especially as the number of terminals increases, the risk of virus infection further increases. Risk Trojan software, backdoors, and virus infection are the three main threats faced by enterprises. From an industry perspective, virus attacks have varying degrees of impact on education, technology, medical, finance, government and other industries. Among them, education is most affected by viruses, mainly due to the frequent file transfers in the education industry.
◆According to the "Research Report on the Development Trend of Network Security Construction in Large and Medium-sized Government and Enterprise Institutions", the number of commissioned institutions and the number of vulnerability collections have shown rapid growth year by year, and the number of commissioned services and the number of vulnerability collections in the first half of 2019 exceeded that of 2018 All year round. It can be seen that government and enterprise managers attach more and more importance to network security work year by year.

Background of digital transformation of manufacturing industry: policy planning is comprehensively promoted, and the scale of industrial Internet is rapidly increasing

◆In today's complex and volatile international situation and the spread of anti-globalization trends, accelerating the digital transformation of the manufacturing industry will help liberate production efficiency and promote domestic substitution of high-end manufacturing. In recent years, the country has introduced a series of policies to promote the digitalization and intelligent upgrading of the manufacturing industry.
◆The Industrial Internet is a relevant path to realize the digital transformation of the manufacturing industry. According to the "Industrial Internet Innovation and Development Action Guide (2021-2023)" issued by the Ministry of Industry and Information Technology, it is expected that the market size of the core industrial Internet industry will reach 1.24 trillion yuan by 2025, doubling the market size in 2020. According to the "14th Five-Year Plan for Intelligent Manufacturing Development" of the Ministry of Industry and Information Technology, by 2025, manufacturing enterprises above designated size will basically have popularized digitalization, and key enterprises in key industries will initially achieve intelligent transformation.

Manufacturing network security risks: High-risk equipment has high vulnerabilities and hidden dangers, and the industrial Internet security situation is grim

◆According to statistics from the National Information Security Vulnerability Sharing Platform, the number of industrial control vulnerabilities is growing rapidly with the application of new technologies. Especially in 2016, after my country officially proposed "Made in China 2025", the number of new industrial control vulnerabilities over the years has reached a new level. In 2020, there were 591 new industrial control vulnerabilities.
◆The pain points of industrial Internet network security mainly come from: first, the combination of real industrial systems and Internet technology blurs the boundaries between network security and physical security, and increases network security risks; second, the serious form of attack and defense of industrial control systems; third, with the compliance requirements and Display demand has increased, and enterprises' network security needs have surged, but it is still difficult to match the corresponding supporting resources.

Focus on manufacturing network security protection: Industrial Internet security is a reliable guarantee for the digitalization of the manufacturing industry

◆Industrial Internet security is a collective term for information security, functional security and physical security in industrial production, involving all aspects of the industrial Internet field. Its core task is to ensure the security of the Industrial Internet through monitoring and early warning, emergency response, monitoring and evaluation, attack and defense testing, etc. Stable operation and healthy development. According to CCID data, from 2016 to 2021, the market size of the industrial Internet security industry will grow at a compound growth rate of more than 30%.

Industrial Internet platform enterprise security comprehensive protection technology framework

Background of operators’ digital transformation: 5G investment continues to increase, giving full play to the core advantages of cloud and network integration

◆Government and enterprise business is the main engine for operator business growth in the 5G era. In 2020, the three major operators' 5G investment increased by an average of 4-5 times compared with 2019. The three major operators are facing industry needs and leveraging cloud networks
Integrating core advantages to serve the digital transformation of the industry.
◆In the context of traditional business market saturation and traffic dividends disappearing, operators continue to accelerate digital transformation, and cloud computing and IDC revenue are both rising. 2017-2020, China Telecom IDC
and cloud computing revenue ranked first among the three operators. As of 2019, the three major operators accounted for a total market share of 60.0% in China's IDC market, with Telecom accounting for the highest share of 30.6%.

Network security risks for operators: The value of massive data is highlighted, and data security becomes the core issue they face.

◆With the advancement of operators' digital transformation, the value of massive data is further explored and enhanced in the circulation, integration, and sharing, and data has become morehackerIn recent years, the telecommunications industry at home and abroad has achieved the goal of
According to reports, security incidents occur frequently.
◆As of the end of May 2020, the number of mobile phone users of China's three basic telecommunications companies reached 1.59 billion. The operator's big data platform aggregates data on production operations, network hosting, and enterprise management. There are more than 1,600 categories in total, involving 38,000 attributes. It can output core data in eight categories: communication, payment, social networking, Internet access, identity, location, timing, and terminal. ability. The scale of data is growing rapidly. How to ensure data security and improve data security governance has become an important issue for operators.

Operator network security focus: building a protection system from both management and technology aspects

◆Based on the operator's data security requirements, with the protection goal of "data security is manageable, controllable, and visible". The data security protection system uses key data platforms, key network nodes, and sensitive business systems as underlying application systems, and builds a protection system from both management and technical aspects.

Background of digital transformation of financial institutions: Significant growth in information investment, reshaping business value

◆Digitalization of the financial industry refers to the use of emerging technologies to precipitate transaction data to form business middle platforms, open platforms, data middle platforms, etc., to achieve intelligent decision-making and intelligent interaction with data, and to reshape financial institutions.
value.
◆As online financial services have become a habit, the behavior of customer groups has become younger, Internet-oriented, and diversified. In addition, financial technology companies have entered the market, and traditional financial core businesses are facing challenges. Traditional financial institutions are facing challenges.
The institutional service model has begun to be reconstructed, and by increasing investment in information technology, it has provided different dimensions and targeted services to strengthen market competitiveness.

Network security risks of financial institutions: attack methods are flexible and changeable, and data security and privacy protection are the core

◆Standards and specifications such as the "Financial Data Security Classification Guidelines" and "Personal Financial Information Protection Technical Specifications" have been intensively promulgated, giving clear definitions to data security and privacy protection. According to China Financial Network
"Security White Paper", 14.5% financial institutions regard "data security" as their first choice for key investments in the next three years.
◆Relevant detection reports show that there are many types of cyber attacks against financial institutions and the methods are flexible and changeable. The purpose is to steal funds and steal sensitive information, including SWIFT attacks, ATM attacks, and information
Leakage, malware, online fraud, system failure, ransomware and DNS attacks are the main means of attack. The operation and development of financial institutions have been seriously affected and will cause huge losses.

Focus on network security protection of financial institutions: Various regulations are becoming increasingly perfect, and zero-trust applications have attracted much attention

◆In 2020, the People's Bank of China released numerous cybersecurity-related standards to guide and promote the improvement of the industry's overall cybersecurity prevention capabilities.
◆When financial institutions choose network security vendors, they pay more attention to the three major factors of the vendor's technical capabilities, system stability, and service quality. In terms of technology applications, zero-trust network architecture has attracted much attention. Currently, financial
The organization has applied it in multiple business scenarios, especially in scenarios where traditional security solutions are generally difficult to control, such as development and testing of security control of Internet exits, intranet cross-region high-risk port access control,
Zero trust secure remote working, etc.

Background of energy digital transformation: driven by both policy advocacy and efficiency improvement

◆The core of energy digital transformation is to use emerging information technology to fully tap and utilize the data value of the entire energy life cycle. Energy companies optimize their decision-making output by fully exploring and utilizing the value of data flows in the business process, thereby improving the operational efficiency of energy production, transmission, trading and consumption, and ultimately improving the operating efficiency of energy companies and the resource utilization and security of the energy industry. .
◆In September 2020, the State-owned Assets Supervision and Administration Commission issued the "Notice on Accelerating the Digital Transformation of State-owned Enterprises", proposing to accelerate the construction and promotion of smart grids, smart pipe networks, smart power stations, smart oil fields, smart mines and other smart sites, and strive to improve integrated dispatching , remote operation, intelligent operation and maintenance level, strengthen the full-cycle operation management and control capabilities of energy asset resource planning, construction and operation, and achieve collaborative innovation, efficient operation and value enhancement of the entire business chain of energy enterprises.
◆In 2016, the National Energy Administration issued the "Guiding Opinions on Promoting the Development of "Internet +" Smart Energy", requiring that from 2019 to 2025, efforts should be made to promote the diversified and large-scale development of the energy Internet, initially establish an energy Internet industry system, and become an economic important driver of growth.

Security risks of energy digital transformation: high frequency of attacks and deep harm

◆The arrival of the Industry 4.0 era marks the official entry of the energy industry into the Internet era. As with other industries, moving to the Internet means a huge increase in risk. The business form, service objects, and service methods of the energy industry are different from other industries. The equipment and systems are proprietary, which brings huge challenges to network security maintenance. Due to the particularity of basic industries, the downtime of the energy system will undoubtedly have a huge impact on macroeconomic and social development. Especially in today's increasingly complex international situation, the cyber security threats from the energy industry are more severe than ever. .
◆The fourth monitoring of the National Critical Infrastructure Security Emergency Response Center in 2021 screened 2,396 assets (including IoT equipment and IoT-related web assets) in industries such as electric power, petroleum, Internet of Vehicles, and rail transit. Monitoring found that 1,240 assets were attacked, involving 11,490 attack incidents.

Focus on energy network security protection: integrated operations to create a power grid network security system