With the arrival of the Internet of Things, cloud computing, and big data, the traditional network security protection concept has been unable to adapt to the current network security situation. According to reports, large-scale cyber attacks will bring economic losses of up to 121.4 billion US dollars, and the losses caused by cybercrime are still rising year by year. It is very important to establish a global view of cybersecurity in the digital economy era.
A large-scale cyberattack could result in economic losses of up to $53 billion, and in extreme cases up to $121.4 billion, the impact of which is comparable to Hurricane Katrina in 2005, the latest research figure released by Lloyd's Insurance Company of the United Kingdom. . In fact, the annual global cybercrime losses are increasing year by year. According to Juniper research's research and analysis, the damage caused by cybercrime in 2019 will be as high as 2.1 trillion US dollars, four times that of 2015. The network security industry is caught in the dilemma of increasing corporate investment, but the security losses are increasing year by year.
"Idea determines action." The traditional concept of network security protection has been unable to adapt to the current network security situation, and our network security concept has reached the point of necessity of innovation.
With the popularity of new technologies such as the Internet of Things, cloud computing, and big data, security executives accustomed to border protection have found that everything becomes so uncontrollable—more and more data is stored in the cloud, surpassing traditional security perimeters; Increasing IoT (Internet of Things) devices are also challenging our protection capabilities. All of this highlights the power of traditional security measures.
The focus of traditional security protection lies in border protection—terminal protection, network protection, host protection, etc., and separate protection systems are built through security devices in different areas. There is a lack of information sharing and protection coordination among each other, and endless loopholes and In the face of advanced attacks, the seemingly strong security fortress has become a display.
Compared with the increasingly weak security measures, the attack methods are becoming more and more advanced - zero-day vulnerabilities, advanced sustained attacks, network arms weapons, etc., have become the means of attackers. The cyberattack has developed into an organized criminal activity by the hacker's personal tactics, and presents the trend of professionalization of the means, commercialization of the destination, internationalization of the source, and the mobilization of the carrier.
We have entered the "great security era" where network attack objects are magnified, attack patterns are diversified, attack normalization, and attacks have far-reaching effects. In the era of big security, we can't control everything within the border, it is impossible to protect all the equipment, and it is impossible to find and fix all the vulnerabilities in advance.
As early as 2016 at the International Security Technology Conference, security experts have issued a warning that “traditional security protection has failed†and believe that the focus of future protection will shift from prevention to detection and response. In the case of inevitable intrusion, timely detection and rapid response to security threats is the realistic choice to reduce security losses.
What kind of security concept is there? Xinhua San believes that in order to successfully cope with the cybersecurity challenge of the "Great Security Era", we first need to establish an overall and overall security concept.
Establish a holistic and global view of cybersecurityThe overall and global security perspective refers to looking at, planning, and managing network security from a holistic, global perspective, rather than just focusing on a single point of security, a single piece of security, or a single piece of protection. This is a prerequisite for ensuring that a complete security system can be built, the security object can be expanded, the compliance can be met, and the truth of the attack can be discovered in a timely manner.
First, build an overall security system. The overall and global security concept requires us to consider the overall and complete security system design when we are building a network security system, including early consultation, evaluation, solution deployment and post-operation and maintenance, so that security becomes an organic component of IT solutions. Instead of post-patching security.
Second, expand the scope of protection objects. We now include not only traditional protection objects - terminals and networks, but also cloud, IoT devices, and application security protection; not only to protect the security of the enterprise's own systems, but also to protect the system security of third-party partners.
Third, to meet the requirements of other insurance compliance. Level protection is the legal responsibility required by the Cyber ​​Security Act. Complex and diverse compliance requirements are often not met by traditional single security vendors and require comprehensive security protection capabilities.
Fourth, timely and accurate discovery of the truth of the attack. In the era of big data, data has become the source of the threat of attack and has become the key to discovering cyber attacks. No matter how the attacker hides his whereabouts, there will always be traces of data. In terms of security protection, we jumped out of a single point of protection thinking, from the overall and global to control the network security situation, change the past lack of information sharing and coordination of island-based protection, and aggregate the traffic and logs of terminals, borders, and clouds. Through big data platform analysis and threat intelligence support, we can change the past situation of “seeing trees and not seeing forestsâ€, achieving full control over the overall network security situation, realizing timely response and disposal of security attacks, and minimizing Security loss.
Nowadays, users need platform vendors with platform integration capabilities to integrate security protection of terminals, borders and clouds, provide a comprehensive security protection system, and provide a one-stop solution for users to focus on business development.
Implementing the global network security concept with the situational awareness system as the coreXinhua San believes that a network security situational awareness system that aggregates massive data, demonstrates security posture and enhances user security capabilities is the best way to implement an overall and comprehensive security concept.
At the “4·19†Network Security and Informatization Work Symposium in 2016, General Secretary Xi Jinping proposed, “To establish a correct network security concept, to fully understand the network security situation around the clock, and to enhance network security defense capabilities and deterrence capabilities.†The importance of the network security situational awareness system is evident.
According to the well-known research institute IDC report, the cyber security risk situational awareness system will be the “command center†of the active security defense system. It can help users recognize the changes in the threat environment, control the threat development trend, and proactively defend and improve enterprise security. ability.
At the 2017 Hefei Cyber ​​Security Conference, Xinhua San released a new network security situational awareness system—by collecting the original traffic data of the entire network, combining machine learning and artificial intelligence, mining and correlating massively heterogeneous security data. The six scenarios of attack, threat, traffic, behavior, operation and maintenance, and compliance are perceived to generate a comprehensive security panoramic view, enabling users to quickly and accurately grasp the overall situation of network security, timely discover threats, handle risks, and support security decisions. And emergency response, establish a security early warning mechanism to enhance overall security protection capabilities.
Data richness is a key factor in the ability of a situational awareness system to function. Different from the situation-aware products provided by other vendors in the market, Xinhua's three-situation-aware system can take advantage of the advantages of industry alliances, collect log and alarm data from all parties, and take advantage of the advantages of new IT leaders to bring together networks. And cloud traffic, giving users a "more complete, more global" security posture.
As a complex system engineering, to truly exert the value of the situational awareness system, there are big challenges for security vendors and users, and it is necessary to coordinate the cooperation from technical support, organizational security, operation and maintenance, and external cooperation. Therefore, Xinhua III regards the situational awareness system as a security service, including pre-research, custom development, deployment, and post-response services. Through the Xinhuasan security experts all over the country, we can provide users with more timely security response and services, and build a security innovation system that “predicts the future, proactive discovery, collaborative defense, and intelligent evolutionâ€.
As a pioneer in the implementation of the national cybersecurity strategy, Xinhua III follows the strategy of first-class and comprehensive protection, and is based on the company with the most comprehensive security delivery capabilities, providing users with a full range of information security products and complete solutions, from the bottom. From information security infrastructure to top-level applications, build comprehensive, secure and trusted protection.
Surface Mount Box,blank surface mount box,electrical mounting box,surface mount electrical box
NINGBO UONICORE ELECTRONICS CO., LTD , https://www.uonicore.com