Network security status and demand analysis
I. Network security status and demand analysis
Requirement 1: security status requirement
01 Viewing from technology
It does not have the ability of safety supervision and analysis covering the whole network. It is unable to achieve unified supervision and in-depth analysis of safety issues of the whole network safety equipment;
1）Distributed bidding and decentralized bidding lead to the lowest level of overall integration. At the same time, each safety equipment is mutually exclusive and forms isolated safety measures, which cannot be coordinated and linked as a whole; 2) lack of comprehensive information collection means; 3) massive historical data accumulated and large amount of new data generated in real time are all "dead data";
02 from an operational perspective
The safety operation process system is not established, which can’t ensure the timely and efficient handling of safety incidents;
1）"emphasis on technology and light management", "emphasis on products and light on services", placing safety on products and technology;
2) pay attention to the technical process of finding safety problems, while ignore the process of dealing with safety problems;
03 From the perspective of security personnel
The number of network security technical personnel is small, the division of labor is not reasonable, the ability level is uneven, unable to effectively deal with complex network security problems;
1）the number of security personnel is small, and most of them are part-time;
2）highly overlapping division of labor, mismatch consumption of human resources and low service efficiency;
3) technical personnel are not competent for complex security issues.
Requirement 2: regulatory and policy requirements
1. Strengthen network security situational awareness
General secretary Xi Jinping on April 19, "network security and informatization work symposium speech," clearly pointed out that "all-weather and all-round perception of network security situation. Know yourself and your enemy, and you will win a hundred battles. “
The “13th five-year plan” calls for "strengthening network security situational awareness, monitoring and early warning and emergency response capacity building. “
2. Strengthen the construction of network security operation and management
The cyber security law of the People's Republic of China clearly stipulates that "monitoring, defending and dealing with cyber security risks and threats from inside and outside the People's Republic of China, and protecting critical information infrastructure from attack, intrusion, interference and damage".
The newly released Hierarchy Protection 2.0, the "security operations" and "safety management center" put forward the higher request, the protective ideas are also changed to "to the security management center for support, security operations to ensure the safety of the protective architecture", especially for loopholes and risk management, security incident disposal, emergency plan management and so on several aspects, concerning which specific requirements are put forward.
3. Strengthen the construction of network security personnel
As early as 2016, general secretary Xi Jinping proposed that "competition in cyberspace is ultimately competition for talents".
The newly released Hierarchy Protection 2.0 clearly requires that "a certain number of system administrators, audit administrators and security administrators shall be provided; there should be a full-time security administrator, not concurrently; key business positions should be jointly managed by multiple people".