Editor's Note
Communications World All Media launched a series of reports on the "Foreseeing 2022" ICT industry trend, discussing industry trends, conspiring for industrial development, and helping the development of the ICT industry in 2022. In this issue, Yang Peng and Dai Fangfang of the Security Research Institute of the China Academy of Information and Communications Technology are invited to write an article predicting the development trend of network security in 2022.
In recent years, the global digitalization process has continued to accelerate, and the mainland has seized the opportunity of digital development, taking "accelerating digital development and building a digital China" as the strategic goal of the national informatization development strategy in the new stage, and actively promoting the high-quality development of the digital economy. With the acceleration of digital development in all fields of society, new technologies, new formats, and new models continue to emerge, driving changes in production, life and governance methods, accelerating the extension of network security risks to various industries, and it is necessary to think about new security issues under the trend of digitalization from a new perspective.
Digitalization drives the expansion and extension of security protection objects
With the continuous deepening of digital development, network security issues are intertwined, digital technologies, digital products, digital platforms and other emerging digital assets have built a bridge from the network to the physical space, and their security importance has gradually become prominent, and security issues need to be paid attention to.
First, digital infrastructure with a high degree of value convergence is still a front-line position in offensive and defensive confrontation. Digital infrastructure such as 5G, artificial intelligence, and big data provides digital, intelligent, and networked capabilities such as perception, connectivity, storage, computing, processing, and security, and digital infrastructure carrying high-value resources is easy to attract higher-level, higher-complexity, and even national-level attacks. According to NSFOCUS statistics, digital infrastructure in important industries such as finance, operators, enterprises and government has become the top four most popular areas for security attacks in 2020 with a distribution of 35%, 20%, 20%, and 10%, respectively.
Second, digital technology as the core of digital industrialization has brought new security problems. Emerging digital technologies empower the innovation and development of the industry, integrated applications penetrate into all fields of food, clothing, housing and transportation, "contactless services" accelerate the promotion, telemedicine, education, office and other users have grown rapidly, sports, tourism, exhibitions and other industries have launched new online service models. Intangible technology assets such as 5G and AI have gradually become the core support and innovation source of digital industrialization, promoting the rapid development of security assets from the past mainly tangible assets to intangible assets, and the characteristics of intangible technology assets require the industry to think about how to evaluate their security value, how to implement protective measures and how to pass on security risks.
Third, digital products will continue to expand the security attributes of endpoints. Internet technology, artificial intelligence, digital technology, etc. are embedded in traditional product design, so that traditional products are gradually transformed into digital products that integrate functions such as perception, computing, storage, and interconnection. As the basic unit for realizing digital interconnection, digital products realize terminal interconnection, interoperability and interoperability in the field of IT/OT integration. In the digital transformation of the industry, especially the integrated sensory control, computing and storage functions such as industrial Internet industrial control equipment, machine tools and connected mobile terminals, operational reliability and production continuity are particularly important.
Fourth, the digital platform has continuously expanded the impact of security risks. Cloud computing, digital twins, artificial intelligence and other digital platforms, as an important form and carrier of digital economic development, have become an important channel for the integration and interoperability of application functions, efficient replacement of resources, and uploading and issuing digital service chains, with network effects, siphon effects on data and marginal costs tending to zero, and their security determines whether the business carried out by the platform has the security capabilities of the whole domain and the whole process, resulting in the ripple impact of points and surfaces. IDC and Huawei research shows that whether digital platforms have the security capabilities of all regions and processes has become the most concerned attribute in the process of digital transformation of enterprises.
The goal of safety assurance is to create value for safety
While giving birth to new technologies, new formats and new models, digital development will expand security risks to all aspects of production and life, and the impact and loss of security will continue to expand, promoting the transformation of security from the past risk reduction to balancing value and creating value.
In May 2021, Colonial, the largest U.S. fuel pipeline operator, was forced to shut down more than 8,850 kilometers of pipeline transportation systems and pay a ransom of $5 million in may 2021; at the same time, JBS, the world's largest meat producer, was attacked by the REvil virus, and its factories were shut down, affecting nearly a quarter of the supply of the US market, losing more than $11 million.
When there are security risks such as operating systems and servers in the network environment, traditional methods such as patching, downtime and restart are difficult to play a role in the current security situation, and for industries with high requirements for production system continuity (such as the power industry), it is almost impossible to stop for maintenance when encountering network security risks. In the digital scenario, the integration and cascading effect of security risks are prominent, and security threats are involved in different levels such as cloud platforms and applications, industrial control systems and equipment, and industrial production business processes, and the cumulative cost of safe operation and trial and error even increases exponentially. The security goal has gradually evolved from reducing costs and risks to balancing value and creating value.
For example, through the implementation of security planning and assessment in the early stage of digital transformation planning and digital business development, the security considerations are put in the forefront, and new initiatives such as security resource pools and security insurance are combined to achieve security balance value and create value.
Endogenous risks and external uncertainties become new variables for threats
Under the background of digitalization, while industrial digitalization and digital industrialization promote each other and develop in synergy, the internal risk factors and external disturbance factors introduced have continuously expanded the digital threat.
First, ubiquitous IoT devices cause unequal attack and defense. In the digital scenario, huge amounts of device networking, a part of the Internet of Things assets bypass the traditional IT security layer directly connected to the Internet, exposed to the attacker, the attacker only needs to "know one or two", find one or more vulnerable points as a breakthrough to penetrate to a deeper and wider range, while the defender needs to "know the whole picture", for the OT environment asset monitoring and management needs to be compatible with the Industrial Internet of Things (IIoT) asset proprietary protocol (Modbus/TCP, EtherNet/IP, Moxa AOPC, etc.) and device behavior, otherwise limited visibility.
Second, the control of digital technology leads to security uncertainty. Subjective biases by designers, inadequate training datasets, etc. lead to application discrimination, resulting in results that precede the ruling. For example, the COMPAS algorithm predicted a recidivism rate of 45 percent for black offenders, nearly twice as high as the 23 percent for whites, but far from what it actually is. News information and short video applications apply algorithm recommendations excessively, binding the field of user content to the "information cocoon", from the "master" who chooses to obtain information independently to the "slave" who "pursues pleasure" and is swayed by information.
Third, sanctions and suppression have exacerbated external instability factors. In order to maintain dominance and industrial superiority, some countries have implemented a package of sanctions and suppression of products, services, technology, public opinion and other aspects on the grounds of safety, with the intention of curbing the technological upgrading and industrial development of other countries. On the one hand, increasingly stringent import and export controls restrict the research and development and application of basic technologies, resulting in the "inability" of key technologies, products and services. On the other hand, it spares no effort to promote security review, with the intention of "de-Sinicizing" the supply chain, resulting in the overseas business of mainland enterprises "cannot be opened".
Demand-driven pragmatism security measures are gradually becoming mainstream
In the digital age, the implementation of security measures tends to adapt to the iterative new technologies, new businesses, and new threats from a pragmatic perspective. Vertical industries, as the main body of digital transformation and digital business development, have gradually become the protagonists of the digital security stage, differentiated, cross-domain attributes of obvious security needs collide and run into more agile governance measures, need to be more inclusive agile thinking, to solve due to the industry enterprises on the digital world security issues uncertainty and unfamiliarity, resulting in do not want to use, dare not use and will not use the problems.
First, the problem of "not wanting to use", small and medium-sized enterprises in digital transformation are often due to limited costs, there is a fluke mentality for the occurrence of security incidents, and they are unwilling to do security investment before confirming that they can obtain benefits, and they need to explore a new digital security service model with "security services + insurance compensation" to promote the improvement of digital security capabilities, effectively neutralize enterprise security investment, stimulate the demand market, and boost the confidence of small and medium-sized enterprises in digital security.
The second is the problem of "dare not use", when considering the landing of digital technology or the deployment of digital services, enterprises are not sure whether they will violate regulatory requirements and whether they will bring unknown security risks, and need to build trial and error measures to find and prevent and control technology applications, industrial chain collaboration and regulatory security risks in advance.
The third is the problem of "no use", which is often caused by the lack of practical experience in deploying security capabilities according to digital service orchestration, and it is necessary to guide the deployment of end-to-end digital security solutions with a professional digital security toolbox and implementation framework.
Overall, the current security situation is constantly changing with the development of digitalization, while improving the capabilities of digitization, intelligence and networking, it will accelerate the integration of cyberspace and the physical world, and security risks will extend to digital scenarios at the economic and social levels such as production and life through the physical integration space of the network, and changes in new security objects, new targets, new threats, and new measures will lead to new security needs and new capabilities.
Author of this article
Yang Peng
Institute of Security, China Academy of Information and Communications Technology
Dai Fangfang
End
Author: Institute of Security, China Academy of Information and Communications Technology
Yang Peng Dai Fangfang
Editor-in-Charge/Layout: Fan Fan
Review: Shen Qing
Producer: Liu Qicheng
I knew you were "watching"
![Suitable for aging transformation to meet the stage of achievements, where should we go next?[fig]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)