Interview with Ye Hong from the Letter Security Committee: Data security is the foundation of cyberspace security, and the protection work is still in its infancy

　　China News Service, September 14th: Interview with Letter Security Committee Ye Hong: Data security is the basis of cyberspace security, and the protection work is still in its infancy

　　China-Singapore Finance reporter Xia Bin

　　In recent years, China has paid more and more attention to data security issues, and it has been a year since the official implementation of the Data Security Law. What does data security mean to China's economic and social development?

How should data protection work?

　　Ye Hong, director of the Information Security Professional Committee of the China Information Association (hereinafter referred to as the "Security Committee"), said in an interview with Zhongxin Finance and other media recently that China has now fully entered the information society. With the promotion and development, the connotation of traditional network security is constantly enriched and extended. New technologies and new applications have brought new risks and new challenges. In particular, the importance of data security has become increasingly prominent.

　　"We can understand that data is the blood of cyberspace and its core element, so data security is the foundation of cyberspace security." Ye Hong said.

　　She believes that in the wave of the digital economy, data has become a new factor of production, and its value and importance are directly related to national security, social stability, enterprise production and operation, and people's daily life. Therefore, data security is the long-term stable development of the digital economy. important guarantee.

　　According to Ye Hong, in addition to the aforementioned data security law, the personal information protection law, the data export security assessment method, and the implementation of data security management certification work are a series of policies, regulations and supporting measures that have been intensively launched in recent years on data security issues. , these are enough to illustrate the importance of data security.

　　Under this general situation, the Information Security Committee has also actively participated in the work of data security protection. Since this year, it has cooperated with enterprises to publish data security-related research reports, conducted exchanges and research between the government and enterprises, and organized meetings to publicize data security governance policies. , regulations, standards and technical solutions and products, organize skills training and competitions in data security, and select and cultivate talents.

　　Recently, under the guidance of the Data Security Technology Work Department of the Information Security Committee, the white paper "Data Security Governance Automation Technology Framework (DSAG)" edited by Beijing Skyguard Network Security Technology Co., Ltd. was released to the public.

　　It is reported that Data Security Governance Automation (DSAG) uses automation technology to identify structured and unstructured data, from the discovery of data resources within the enterprise, to the classification and classification of data, with data classification and classification objects as the core, and user behavior analysis as the enhancement means to configure and implement data security policies, covering every aspect of the data security governance cycle in an all-round way.

　　However, Ye Hong also bluntly said that from the actual situation, whether it is from legal awareness, work behavior and technical means, at the social level, including various application units, manufacturers, etc., data security protection should be said to have just started. , there are some shortcomings.

　　How will data security protection be strengthened in the future?

Ye Hong gave three suggestions.

One is to popularize and strengthen the legal awareness of data security and the training of data protection capabilities, so that all parties realize that whether the government, enterprises or individuals must abide by the relevant legal requirements.

　　The second is to step up the implementation of the supporting measures of the data security law, such as data classification and classification, which requires the government to issue some operational guidelines in a timely manner to give guidance.

　　The third is to encourage scientific research institutions and enterprises to speed up the development of technical products for data security protection, especially focusing on some new technologies and new applications, such as artificial intelligence, privacy computing, etc., to solve the problems encountered in the corresponding data security protection.

(Finish)

　　search

copy