Cybersecurity investment is an unavoidable cost of the digital economy
——Interview with Qi Xiangdong, an expert from the Anti-Virus Alliance of the National Computer Emergency Response Center and vice chairman of the China Cyberspace Security Association
Boao Economic Forum·Expert Interview
From October 18th to 20th, the first conference of the Boao Forum for Asia Global Economic Development and Security Forum will be held in Changsha. This forum is the third global thematic forum launched by the Boao Forum for Asia.
The security and governance of cyberspace is one of the focuses of this forum.
Technology is a double-edged sword. As the protagonist of the IT revolution, the Internet has profoundly changed the face of human life, production and economy.
But at the same time, cyber security threats and risks have become increasingly prominent, and increasingly penetrate into the economic, cultural, social, ecological, and national defense fields.
Critical information infrastructure is facing potential risks, network security prevention and control capabilities are weak, and network attacks are frequent. This is a common problem faced by all countries in the world.
Qi Xiangdong, an expert from the Anti-Virus Alliance of the National Computer Emergency Response Center and vice chairman of the China Cyberspace Security Association, believes that network security will become more and more complex. Investment, this is a cost that every country cannot avoid in the digital economy era.
Digital economy era
Must increase investment in cybersecurity
Beijing Youth Daily: What major and profound changes are taking place in network security technology?
Qi Xiangdong: Network security has entered the "deep water zone", and viruses and network attacks will become more and more serious.
The first feature is data-centric.
It is to attack and steal data as the core. For example, ransomware will exist for a long time, and it will continue to change.
Therefore, network security technology must continue to innovate.
The second feature is that network security technology must be integrated with business systems.
In the past, network security, in our minds, belonged to the kind of perimeter wall security, such as firewalls and anti-virus software. In fact, they all wanted to keep viruses from network attacks outside our system.
However, now more and more ways of network attack penetration are more and more indistinguishable from normal access.
At this time, security technology is required. First of all, it must be integrated with the business. It is necessary to judge whether the network access behavior is an attack or a normal visit through the business. Therefore, the security technology, security system, and security method are all in a deep water state.
The third characteristic is that the defense of network security develops in depth.
It is not enough to repair the wall on one or two floors alone, because the existence of loopholes will definitely be broken.
The fourth feature is that the trend of network security sceneization is very obvious, such as the scene of the Internet of Vehicles, the scene of big data, the scene of data transaction, the scene of the Internet of Things, and the technology and solutions of scene-oriented and personalized network security. Will become more and more prominent.
In short, network security will become more and more complex.
If we want to enjoy the dividends that the future digital era will give us, we must increase investment in network security. This is a cost that we cannot avoid in the digital economy era.
Cybersecurity issues
Should not be solved by consumers
Beiqing Daily: In the context of technological interoperability and network interconnection, no country in the world can stand alone in it.
In your opinion, what kind of international cooperation is needed for the global governance of cyberspace?
Qi Xiangdong: The wave of global digitization is unstoppable. Every country, every company, every organization, every institution, including every person is actually connected to a large network, which we call the Internet of Everything.
In the entire global digital system, there should be no one person, any country, any company, who can stand alone without this background. This is impossible.
In order to ensure network security in the digital age and build a firm bottom line of security, each country and each enterprise must truly assume the responsibility of network security on their own territory.
Beijing Youth Daily: What do you think of privacy protection in the era of big data?
Laws such as the Data Security Law and the Information Protection Law are now being implemented, and some detailed rules are gradually being improved. Among them, what role should the government, enterprises, and users play?
Qi Xiangdong: The problem of network security should not be solved by consumers, and consumers have no ability to solve the problem of network security.
Therefore, the security problems that consumers will encounter in the future are not simply a matter of anti-virus, it should be the responsibility of enterprises, governments and institutions.
Why does not one of the data security law and personal privacy protection law promulgated by the country restrict the common people?
It restricts enterprises, institutions, and governments.
Therefore, for an enterprise in the digital age, it has an extra cost and an extra responsibility. This responsibility will never be shed on him.
Once you say irresponsible, no one will use your product or service.
Protect private data
Is a killer to curb Internet fraud
Beiqing Daily: What do you think is the source of some cyber crimes, such as cyber fraud?
Qi Xiangdong: At present, Internet fraud is more common in Internet crime because it is easier to operate and has a high rate of return.
Why can online fraud be successful online?
It is because of the leakage of data that ordinary people have been deceived when they see scammers describing his own situation clearly on the Internet, and feel that this is true.
Therefore, protecting the private data of ordinary people is a killer tool to curb Internet fraud.
But how to protect the private data of ordinary people from being lost?
Its biggest killer is not to collect privacy excessively, because most companies cannot withstand cyber attacks by hackers.
However, many companies have made many wrong choices in the face of their interests. For example, they collect more private data of the common people. The so-called "draw a picture" of the common people with big data, and use the big data portrait to conduct precise advertising and marketing for this user. Its revenue will increase.
In order to improve their own profits, these companies not only collect too much data during the service, but also do not delete the data after the service ends, and keep it for the next time.
During this preservation process, the preservation will be ineffective and will be stolen by hackers.
These data are constantly being bought and bought, which will make the situation of online fraud more and more serious.
Therefore, the control of online fraud must be done in many ways. One of them is to regulate the collection, storage, and use of enterprises, including transactions, sharing, and sharing of personal privacy data. This must be strictly regulated.
I think this is a process and it will definitely be resolved.
Text/Reporter Wen Jing
Coordinator/Yu Meiying