Sangfor Attends IDC 2022 CSO Global Cyber ​​Security Summit (China Station)

time:2022-11-27 04:02:33 source:scripttoolbox.com author:Camera
Sangfor Attends IDC 2022 CSO Global Cyber ​​Security Summit (China Station)

On August 26, the IDC 2022 CSO Global Cyber ​​Security Summit (China Station) was officially held in Shanghai and was broadcast live online simultaneously. The theme of the conference was "Cohesion Data Security Empowers Enterprise Modernization", attracting more than 650 CIOs and CSOs. And CISO participates in the form of online and offline. Zheng Lei, vice president of Sangfor Technology and head of core strategy, was invited to attend the summit and delivered a speech on the theme of "Protecting data processing activities and building a data security system". In-depth insight, leading the innovation and development of data security construction, Lei Zheng shared the current domestic data security situation. He pointed out that with the promotion of the Digital China strategy, the digital transformation of all walks of life is deepening, and data is used as "land, labor, capital, technology." "After the fifth factor of production, its value has received more and more attention. "Driven by value, with the development of new businesses, new uses, new scenarios, and new technologies, data security is facing huge risks and challenges at present and in the future." The Personal Information Protection Law establishes a top-level regulatory framework for data security from three aspects: data carrier, data ontology, and personal rights and interests. Driven by both risk and compliance, the construction of data security in various industries is gradually unfolding, but it is difficult to mechanically dismantle laws and regulations by stacking data security equipment in fragments and implementing data security in the way of traditional network security and partitioning. Implement good data security governance. On the one hand, the chimney-like database is gradually moving towards the era of big data with data center and data lake as the core. Data security risks are widespread, and traditional database security construction methods cannot adapt to new business scenarios; on the other hand, data security It is difficult to protect highly mobile data and carry out effective inter-departmental coordination; in addition, although there are clear laws and regulations at this stage, there is a lack of specific implementation rules, mechanical dismantling According to regulations, it is absolutely believed that data governance is the premise of data security construction, which will lead to high cost, long cycle and difficult implementation of data security. In the long process of data governance, once a data security incident occurs, the consequences will be disastrous. Sangfor reviewed the development history of the data security industry in the past 20 years, made a deep insight into data security, and based on the best practice, summed up the ternary theory, the quartet - the ternary theory, that is, data security is subject to legal compliance, data management The three main factors of network security and network security work together, and ignoring any party to carry out data security will lead to little success. Therefore, the integration of the three factors is the premise. The quartet method, that is, data security is a protracted war, should be comprehensively considered from at least four aspects - classification: classification is the basic condition for data security governance, and it needs to be based on the organization's data resource management work, allowing the business side to participate in it; classification: according to The importance of the classified data, realize the hierarchical protection of the data, and make the security based on the understanding of the data and business; Layering: Data security capabilities should be built and accumulated in layers, which differ from infrastructure, network storage, system platform, and data flow. Level privacy protection and data security monitoring and protection are carried out, rather than blindly stacking equipment; segmentation: consider adapting to the construction of its own development stage, do not copy it mechanically, and effectively affect high-priority and high-risk links, such as operation and maintenance, cross-border environment, personal information collection and processing, etc., to improve the ROI of data security work. Zheng Lei introduced that in the construction of data security, technical capabilities are crucial to the improvement of the protection effect. At present, Sang believes that Obedience has built the core technical capabilities of data security in many aspects - 1. AI-based data asset identification and classification capabilities Identify and manage data and application/API assets through intelligent data classification and classification and sensitive data identification capabilities; Audit capabilities under multiple data transmission channels enable comprehensive audits in scenarios such as peripheral transmission, SaaS application access, software outsourcing, and operation and maintenance access. 2. Data leakage traceability based on STP and DLA Through the data security brain's STP database and algorithm engine, DLA leakage analysis platform, one-key high-speed traceability of data leakage can be realized, and the problem of leakage and traceability afterwards can be solved. 3. The flexible access management and control capabilities based on RBAC and ABAC continuously evaluate the environment, identity, and behavior through a unified zero-trust platform, dynamically adjust user access rights, and discover and deal with risks in a timely manner. 4. The implementation of multi-dimensional data security service supporting technologies includes consulting and evaluation, planning and design, realizing normalized technical operation and operation hosting, supporting high-threshold tasks such as data classification and grading, and data security risk assessment, and continuously optimizing the effect of technology implementation. "Governing data by law and ensuring that data security meets compliance requirements is a prerequisite for data security governance," said Zheng Lei, "However, this does not mean mechanically dismantling compliance requirements. Data security governance needs to be 'adapted to local conditions' and based on the current situation. The first IDC China Top 20 Outstanding Security Projects and the CSO Hall of Fame Award Ceremony were held at the first IDC China Top 20 Outstanding Security Projects and CSO Hall of Fame Award Ceremony. The UnionPay Commerce Digital Security Office Construction Project, which Sangfor cooperated with UnionPay Commerce Co., Ltd., was selected as one of China's 20 Outstanding Security Projects. UnionPay Commerce has introduced the latest zero-trust framework in the industry, realizing the "service-oriented" terminal delivery capability, the "distributed" branch access structure, and the "platform-oriented" office space; Integrated security capabilities such as secure access to business resources, terminal data security governance, and virus risk security control. Through the creation of digital workspaces, UnionPay Commerce has completed the standardization and service access of security terminals at the headquarters and branches across the country, improving the work efficiency and user experience of office staff. In addition, Zheng Lei, vice president of Sangfor Technology and head of core strategy, was named one of the top ten figures in the IDC China CSO Hall of Fame. Sangfor has always adhered to the overall national security concept, fulfilled its responsibility for data security protection, and made a lot of efforts in establishing a sound data security governance system, personnel training, and ensuring that data security protection is in place. (1) Sangfor actively participates in the formulation of national and industry standards and specifications related to data security, laying a solid foundation for the implementation of data security. (2) In terms of talent training and construction, Sangfor has been deeply involved in the industry for many years, established an industrial education center, carried out industry-university-research cooperation, and cultivated a large number of talents in the field of data security for the society. (3) In terms of data technology breakthroughs and product solutions, through the application of artificial intelligence and machine learning in the field of data security, technological breakthroughs in the fields of intelligent classification and classification, data flow monitoring and traceability have been achieved, providing users with more effective data. Support for safety products and programs. To ensure data security, we must not only use the backbone of the core team to provide simple, effective, worry-free and reliable security products and solutions, but also adhere to technological innovation, build an industrial ecology, and adhere to social responsibilities. In the future, Sangfor will increase investment in research and development resources and independent research and development, make breakthroughs in advanced technology, and support the implementation of the country's data security strategy. strength.

(Responsible editor:Graphics card)

Related content