Dialogue with Li Xueying: Network security must have a systematic construction idea

On August 26, at the CSO Global Cyber ​​Security Summit hosted by IDC, Li Xueying, Chairman and CEO of Tianrongxin, won the “China CSO Hall of Fame (Top Ten People)” award. Based on this, Leifeng.com had a dialogue with Li Xueying.


(Li Xueying, Chairman and CEO of Tianrongxin)

Li Xueying is a Ph.D. of the Graduate School of the Chinese Academy of Sciences, the Chairman and CEO of Tianrongxin, and a practical tutor for doctoral students at the University of Science and Technology of China. He has been responsible for more than ten research projects related to the Ministry of Science and Technology, the National Development and Reform Commission, and the Ministry of Industry and Information Technology. The scientific research and industrialization projects undertaken involve next-generation networks, localization, big data, cloud security, security cloud services and other fields. He has won three provincial and ministerial-level scientific and technological progress awards and two PLA scientific and technological progress awards.

Dr. Li Xueying has presided over a number of national projects, mainly including the 2018 Industrial Internet Innovation and Development Project, the National Next-Generation Internet Information Security Project, the Electronic Information Industry Development Fund Tendering Project, the Zhongguancun Modern Service Industry Comprehensive Pilot Project, and Industrial Transformation and Upgrading-Industrial Internet project etc.

In addition, as the backbone of the project, he has participated in the funded projects of the National Cyber ​​Security Sustainable Development Plan Fund, the National “973” Key Basic Research and Development Planning Fund-funded projects, and the Knowledge Innovation Engineering Fund of the Chinese Academy of Sciences, and has made important contributions to the project.

Dr. Li Xueying, as the technical leader of Tianrongxin Technology Group, continues to expand the layout of new technologies and make breakthroughs in core technologies. At present, Tianrongxin has won two national science and technology progress awards and five provincial and ministerial level scientific and technological progress awards. Award, an Army Science and Technology Progress Award.

The following is the content of the conversation between Leifeng.com and Li Xueying. Leifeng.com has edited and sorted out the original meaning.

Leifeng.com: First of all, congratulations to you for winning the top ten awards in the China CSO Hall of Fame. CSO is one of the most influential industry conferences in the global network security field. Can you talk about your own thoughts and comments?

Li Xueying: The Global CSO Cybersecurity Conference is one of the most influential industry events in the global cybersecurity field. I am very pleased that IDC has introduced the conference to China for the first time this year, and I feel very honored to have won this award for the first time. This award is not actually a reward for me personally, but also a recognition of Tianrongxin’s contribution and efforts in the field of network security in the past 26 years.

Why do you say that? Based on the situation of Tianrongxin, I will simply make a summary.

First, Tianrongxin is a company that does not forget its original intention. Tianrongxin is the earliest established company among the listed companies in the network security industry. Founded in 1995, the company has witnessed the entire development of China’s cybersecurity industry in the past 26 years. At the same time, with the continuous change and development of the needs of China’s network security field, Tianrongxin has continuously launched innovative products and solutions, and has continued to cultivate the industry for 26 years.

Second, Tianrongxin is a company that keeps pace with the times. During the company’s 26 years of development, network security technologies and scenarios have continued to develop and change. As the founder of China’s first self-developed commercial firewall, Tianrongxin has also become China’s leading network security, big data and cloud service provider. In addition to basic network security, Tianrongxin has a complete set of solutions in cloud security, data security and other fields, and has complete solutions in new application scenarios including industrial Internet, Internet of Vehicles, and Internet of Things. Industry customers provide comprehensive services.

Third, Tianrongxin is a trustworthy company. In the 26 years of development, Tianrongxin has served more than 100,000 customers in total, covering government, finance, operators, energy, education, medical care, transportation, manufacturing and many other industries. contributed strength.

In the future, Tianrongxin will continue to innovate in the entire network security field as always, serve customers with better products, technologies and solutions, and contribute to the country’s network security.

Leifeng.com: At present, the world economy is stepping into the era of digital economy based on the Internet. Digital transformation promotes the development of digital economy, and network security is the top priority of digital transformation. Could you please talk about the development trend of China’s network security industry in this context?

Li Xueying: In the era of the data economy, the development of informatization has transformed from the enterprise-level application of traditional IT informatization to enterprise digitalization, and digital transformation has also promoted the rapid development of the digital economy. Network security is the cornerstone of digital transformation. Throughout the 26 years of the development of China’s cybersecurity industry, the development of informatization, changes in threat confrontation and the drive of national policies have become the three core driving forces for the development of the cybersecurity industry. In this context, China’s network security industry has grown from scratch and has continued to grow. At present, it has shown the “four modernizations” development trends of localization, industrialization, serviceization and intelligence.

Localization consolidates the industrial foundation of network security, industrialization expands the industrial boundary of network security, service-oriented enhances the delivery capability of network security, and intelligence promotes the upgrading of network security capabilities.

First, localization – the future development of network security products and technologies will be based on localized core technologies, including the localization of hardware, software, and core components, which is an inevitable trend in the development of the network security industry; second, industrialization – Network security has penetrated into all aspects of digitalization and informatization. Network security is deeply integrated with industry business needs. Scenario-based security solutions serve industry segmentation and development. New application scenarios such as cloud services provide industrialized solutions; third, service-oriented – the essence of network security is the confrontation between people, products have gradually become tools, and the delivery of the entire security capability has been transformed to service-oriented, delivering services. Fourth, intelligentization —artificial intelligence has entered a stage of vigorous development, and intelligence has gradually played a role in digitization and informatization. The development of technology has made network security and intelligentization possible. The combined intelligence can greatly improve the safety efficiency.

Under this trend, “convergence” has become the key word for the development of the network security industry. The integration and innovation of the network security industry requires the integration of security capabilities, the integration of security and applications, and the integration of network security and data security. The upgrading of technology, the extension of scenarios, and the construction of ecology are the paths to achieve high-quality development of the industry, covering big data, The integration of cloud computing, artificial intelligence and other technical aspects, the integration of application scenarios such as the industrial Internet, the Internet of Vehicles, and the Internet of Things, as well as the ecological integration covering the upstream and downstream of the industrial chain, integration and co-creation, and jointly empower the high-quality development of the network security industry.

Leifeng.com: Doing a good job in major special network security work is actually a stressful task. Do you agree with this point of view? Do you have any suggestions and opinions on reducing the pressure in this area?

Li Xueying: Yes. During the twenty-six years of development, especially in recent years as the situation at home and abroad has been constantly changing, the entire cyberspace has faced enormous attacks and risks. In the process of major network security assurance, all customers and manufacturers are in a state of high mental tension, just like fighting a “big battle”. For major security, from the perspective of Tianrongxin, all security work should be done in peacetime, and the corresponding basic work should be done in peacetime:

Network security needs to have a systematic construction idea, rather than expecting that all problems can be solved through a certain product, a certain technology, or a certain person.

In the process of systematic construction, there are several tasks that must be done in place: First, the basic security guarantee must be solid, and the basic protection, testing, management and services must be complete. Second, after the basic guarantee is in place, in the entire safety operation process, the overall safety operation should be carried out based on the concept of continuous optimization, and the entire safety system should be continuously optimized and improved. Third, there is never an indestructible network, so it is necessary to build a complete emergency support system. This system is not a framework or theory, but must be able to be put into practice, and it must be practiced continuously and regularly in practice, to check for deficiencies during the practice, and to continuously improve the system.

Once the basic work has been done, the basic ability will be acquired in the major security assurance, and various problems that may arise during the major security assurance process will be able to be dealt with. However, doing the basic work well does not mean that all problems can be solved. Therefore, in every major guarantee, Tianrongxin will also face and undertake corresponding tasks together with customers.

Leifeng.com: Under the new technologies, new trends and new threats, the state invests in some scientific research projects and major special work every year. What do you think are the problems or difficulties in some innovation strategies of Chinese cybersecurity companies? Need to solve, how to empower these security capabilities to users?

Li Xueying: In recent years, the entire IT technology has produced tremendous development, including cloud, artificial intelligence, Internet of Things, Industrial Internet, Internet of Vehicles and other directions. The development of these technologies also brings new threats and challenges, such as cloud security issues and data security issues brought about by digital transformation. Due to the rapid application of these technologies, security issues have not only existed in the past basic information networks, but have expanded to include the Industrial Internet in the industrial field, the Internet of Vehicles related to vehicles, people-related and various things-related things. In new scenarios such as networking.

In response to these security issues, the state has supported many major projects in recent years, including some key technologies and breakthrough technologies, such as data security, artificial intelligence and other directions, as well as special projects for industrialization, including industrial Internet, Internet of Vehicles, etc. In the past few years, Tianrongxin has participated in these key projects, and found in the special work that the difficulty of the project lies in the pain points that customers urgently need to solve, and whether the security solution can be quickly launched, applied and solved. Security issues, in some cases, are a pair of contradictions.

There are several key tasks to address this problem: First, to quickly launch corresponding products and solutions for the pain points of customers, that is, to form a quick response method first. Second, in terms of practice, in the actual environment of typical customers, these methods can be practiced, implemented, verified, and improved according to the pain points, that is, practice and benchmarking. Thirdly, with the products and solutions, using the service support system of Tianrongxin for the whole industry and the whole region, we can quickly promote the solution to the entire customer group, serve customers as soon as possible, and realize industrialization.

It can be simply summarized as follows: there must be means, to be able to put into practice, to set benchmarks, and to be able to promote and apply quickly.

In addition, all work needs people to complete, and the cultivation and construction of talents is very important . Tianrongxin has made the following practices in the cultivation and construction of talents:

First, for fresh blood, that is, the empowerment of students in school, so that students in school have the ability to quickly master products and technologies, and once they graduate and enter the society, they can quickly solve problems. Therefore, school-enterprise cooperation is very necessary. Tianrongxin has carried out a lot of work in school-enterprise cooperation, and has carried out corresponding skills training for school students.

Second, Tianrongxin is an industry veteran who has been fighting on the front line. In the face of new technologies and new scenarios, the ability of Tianrongxin’s technicians has also been rapidly improved. To some extent, it also belongs to Tianrongxin’s technical staff. vocational training in these new fields.

Third, in terms of special training, Tianrongxin also has a lot of practice. For example, data security is a very important and complex issue that requires processing personnel to have professional knowledge. In the past few years, Tianrongxin has launched special trainings for data security. For example, Tianrongxin is the authorized operation center of the CISP-DSG (Registered Data Security Governance) special certificate, which enables the professionals participating in the training to have the ability to conduct data security. Governance plays a role and value. In addition, it is currently advocated to set up data security officers in enterprises. For data security officers, Tianrongxin has recently launched a special training of CISP-DPO (registered information security professional – data security officer) to meet the training needs of technical personnel.

Tianrongxin improves the ability of personnel through special training such as school students and in-service personnel, so that these professionals can quickly apply their abilities in the face of new technologies and new scenarios.

Supplement: I am very grateful to IDC for its support to Tianrongxin over the years. Tianrongxin is a comprehensive network security manufacturer that produces products, technologies and solutions. A lot of knowledge about the industry comes from customers. However, these understandings are obviously not enough. In the past few years, IDC has provided a lot of help, opinions and suggestions to Tianrongxin for the development of the global and Chinese network security market, and has also played a role in the development of enterprises. great effect. So this time, I would like to take this opportunity to thank IDC for its help. In the future, we will continue to do a good job in our work to better serve customers and serve the country’s network security construction.

This article is reprinted from: https://www.leiphone.com/category/gbsecurity/aHkJtJvAssbZtzbB.html
This site is for inclusion only, and the copyright belongs to the original author.

Leave a Comment