"Currently, China's cyber security still has major hidden dangers. On the one hand, the construction of a basic security protection system based on compliance requirements and known security risk protection has achieved good results, and has basically formed the ability to respond to commercial-level security risks; But at the same time, due to the lack of the system, security problems will still occur frequently. From the perspective of the risk of national confrontation, the current network security in our country is no different from "streaking" in this scenario." Recently, China Power Great Wall Internet System He Weidong, general manager of Application Co., Ltd., said in an interview with reporters.
He Weidong said that whether it is a central enterprise or other security enterprises, in response to the new changes in commercial and national threats and risks, it is urgent to build an independent and controllable IT product system and a new dynamic security system that supports national security to achieve intrinsic security (domestic-made In-depth integration of chemical substitution) and process safety (industrial chain safety).
In recent years, my country’s cyber security work has aimed to implement graded protection requirements, and has done a good job in various tasks. The organizational system, management system, technical system, and construction and operation and maintenance systems are basically complete, based on compliance requirements and known security risks The construction of the basic security protection system for protection has achieved good results ("protected well"), and has basically formed the ability to respond to commercial-level security risks.
But while achieving results, we must also see that from the perspective of dynamic offensive and defensive confrontation, there are still a large number of unknown or known "backdoors" and "vulnerabilities" risks. The essence behind these risks is that since the confrontation capabilities cannot be immediately transformed into protection products and deployed to form protection capabilities, the handling of these risks must rely on real-time or rapid response. It can be seen that the rapid use of security confrontation capabilities requires the construction of a confrontation service system to deal with it, that is, to make up for it with high-capacity security services. Because of the lack of the system, security problems will occur frequently. Therefore, from the perspective of the risk of national confrontation, my country's current network security in this scenario is tantamount to "streaking."
According to He Weidong, the fundamental reason for "good protection" and "streaking" is that the threat to the new situation has undergone major changes. Currently, the cyber security threats facing our country can be divided into commercial-level threats and national-level threats. The core threat to national cyber security is national cyber threats, that is, cyber attacks and deterrence between countries. A series of incidents such as the "Prism Gate" and the Iranian nuclear power plant show that the current national cyberspace security is a systematic confrontation of national-level cyber security capabilities.
By analyzing the development trend of foreign network security, we found that developed countries are already in the era of intelligent defense 3.0 characterized by intelligent iterations, some developing countries have entered the era of active defense 2.0 characterized by security and control, and less developed countries are in compliance guarantee. Features passive defense 1.0 era. my country is now in the era of passive defense 1.0 for compliance protection, and the level of protection only belongs to the category of commercial-grade security. Compared with the current situation in developed countries, the gap between my country's protection capabilities and the requirements for national-level confrontation is obvious, and it is concentrated in the four aspects of development stage differences, technological generation gaps, capacity generation gaps, and limited investment.
There is a difference between national cybersecurity and commercial cybersecurityHe Weidong introduced that there are significant differences between national network security and commercial network security in terms of risk sources, attack objectives, attack methods, investment methods, and protection modes.
The risk of national cyber security comes from national cyber warfare forces and national capabilities; the purpose of the opponent’s attack is to control or destroy the country’s critical infrastructure; the attack methods used are software and hardware backdoors, cyber warfare weapons, and national security capabilities; investment methods are state investment , To achieve the goal of confrontational deterrence; technically, adopt an autonomous and controllable, threat-based active defense model. The source of commercial network security risks is hacker teams; the purpose of the attack is to obtain commercial benefits; the attack methods used are to find loopholes and penetrate layer by layer; the investment method pursues compliance and cost-effectiveness, and the enterprise invests independently; adopts a compliance defense model; Protection capability is the security capability of a single manufacturer in the industry.
National cyber security faces the threat of national-level confrontation, a contest of top wisdom among nations. What should be adopted is a national cyber security strategy, based on capability deterrence, benchmarking against the offensive and defensive capabilities of advanced countries, adopting national security economic investment, building a technical support system for the entire industry, supplementing legal deterrence, and researching breakthroughs in core technologies to create public To build a technology trust system based on national technology identification capabilities to support the protection of critical information infrastructure. Special investment is needed to advance in an orderly manner.
Commercial network security faces the threat of extreme individuals, hacker groups, and economic crimes. Commercial network security strategies should be adopted, with legal deterrence as the core, highlighting technology traceability and law enforcement capabilities, and meeting commercial network security goals; building a single manufacturer or some manufacturers based on investment capabilities A technical support system with limited confrontation capabilities, sound offensive and defensive capabilities, purchase and deployment of large-scale replicable non-public products and services, and its technical capabilities are based on commercial trust and market competition.
Three strategies to solve national cybersecurity issuesHe Weidong said that our country attaches great importance to network security. It has established the Central Cyberspace Administration of China, formulated and promulgated the National Cyber ​​Security Law, and that cyber security and informatization have become a national strategy.
To solve national network security issues, we must first follow the economic laws of network security. Faced with the objective reality of "the cost of attack is getting lower and the cost of defense is getting higher", how much money is spent and how to spend it to ensure security have always been important issues of concern to the security community in recent years. Network security covers from terminal to network, from application to system, from software to hardware, and from management to law. The wide range and the variety of categories can easily cause network security to be overwhelming. So, how much money needs to be invested in security? There does not seem to be an absolute answer to this question. Security is dynamic. From a technical point of view, any information system is flawed. The cyber security product itself is a solidification (productization) of the existing technology, so when it comes on the market, its technology is outdated. Therefore, security should be relative, and absolute security may only exist in theory. In practice, it is necessary to balance security and cost, that is, to use the "minimum" cost to achieve the "best" effect. This also causes the new information security theory to shift to the "active defense based on attack environment" model. The technical characteristics are embodied in autonomous controllable, trusted computing and dynamic monitoring. The business model is reflected in the convergence of platforms and service vendors.
Second, we must gain insight into the evolution direction of the network industry. At present, network security technology has moved towards real-time monitoring and risk prevention and control, and the network security format has also moved from the original "product format" to the "service format". The provision of network security will be completed by professional network security service providers, rather than some specific product manufacturers.
Finally, grasp the evolution route of network security technology. In view of the commercial-level and national-level threats and risks faced, in order to achieve the goal of national security, it is urgent to build a security service system that supports national security, and build a country's heavier: the eye of discovery-the golden eye for risk and threat early warning and monitoring; protection; The dome of the sky-building a diamond cover for the protection of the country's key information infrastructure; the sword of tracking-forging a killer tool that can control the enemy and effective deterrence; the emergency team-forming a quick response team with rapid response, orderly command, and strong support ; The ability to rebuild—enhance the resilience of the reconstruction of cyberspace infrastructure; the long-term talent—build a new height for the training of cyberspace offensive and defensive talent teams.
How to deal with "vulnerabilities" and "backdoors"He Weidong suggested that the platform sharing economy model should be used to effectively aggregate service capabilities, and pay for results to solve the problem of dynamic security "vulnerabilities" and the interaction of national capacity transmission.
The aggregation model is to give full play to the advantages of the sharing economy, platform economy, and smart economy, accumulate various resources through the platform, and effectively realize the synergy of capabilities and needs. This is like the "expert consultation" model of a hospital. Network security is similar to seeing a doctor. The way to meet customer needs has changed from "single doctor consultation" to "expert consultation", which has promoted the transformation and upgrading of the industrial chain from a single supply chain to a composite supply system, and solved national security and commerce through military-civilian integration. Security requirements for different security service capabilities. By building a network security assurance platform based on the establishment of a "four in one" of the country, product suppliers, security service providers, and users, the integration of multi-dimensional security monitoring, supervision and business service systems is an important part of the national network security system. Promote the conversion of dynamic capabilities, discuss heroes based on results, and solve the problem of overcharging and bad money expelling good money. Therefore, platformization is the only way for the industrial upgrade and scientific development of the security service industry to scale, intensify, and aggregate.
At the same time, with the deep integration of security throughout the entire process of the security service industry chain, an active protection system based on the context of attack is established to promote IT products with their own immune capabilities and become secure IT products to solve "backdoor problems."
From the development of the global network security industry pattern, it can be found that the development trend of network security products has gradually begun to shift to "secure IT products." Network security products are becoming more specialized, and horizontal mergers and acquisitions are obvious. Small network security product developers are constantly being merged by large IT vendors to improve their products, making new IT products not only business processing capabilities but also security immune capabilities.
At present, our independent and credible industrial ecosystem is advancing in an orderly manner. A basically complete industrial chain has been formed. Possess key core technologies including CPU (central processing unit), DDR4 (fourth generation memory), network chips, network equipment, disaster recovery, basic software, and application system development platform. With trusted technology as the link, a new dynamic security system that deeply integrates intrinsic safety and process safety, basically realizes an independent, controllable and safe IT product system and application.
China Electronics' advanced layout has formed multiple experiencesAccording to He Weidong, based on the ultimate goal of national security requirements, China Electronics has created a network security protection system, namely intrinsic security (localized substitution) and process security (industrial chain security).
Based on the situation of its subsidiaries, China Electronics has clarified that Great Wall Internet is the leading company for "process safety". It faces the security needs of Chengdu, Zhongshan and other local governments and important industry information systems such as energy, broadcasting and television. It adopts aggregation, sharing, co-construction and co-control strategies. In accordance with the target framework of “discoverable, preventable, controllable, replaceable, and capableâ€, creative and customized information security services are carried out, and an industrial chain of intrinsic safety, process safety and trusted technology systems has been basically established.
One is the formation of a system pattern in platform construction. A networked industrial service system pattern of "1 security data analysis center, 5 regional nodes, 2 municipalities directly under the central government, and 9 regional sub-nodes" has been built. Online security service models, industry-customized service models, and secure IT resource service outsourcing models have all been applied in many places.
The second is a substantial breakthrough in core technology research. Trusted Huatai, a company affiliated to Great Wall Internet, builds intrinsic security around trusted computing, and establishes a dual-system system that integrates an active defense immune system and a computing system. It has major innovations in computing and the construction of a trusted dual structure, and has generally reached the international advanced level. , Reliable active dynamic measurement control and other technologies have reached the international leading level.
Third, the construction of the ecological circle has achieved remarkable results. Construct an industrial ecosystem and a user ecosystem, and form an ecological chain of safety services. It strengthened close cooperation with public security, security, industry and information, confidentiality and other departments, established an ecosystem composed of more than 80 partners, improved the industrial capacity for international confrontation, and formed an industrial pattern of "national advancement and popularization".
The fourth is to build a new network information industry system. In terms of intrinsic safety, it has key core technologies including CPU (central processing unit), DDR4 (fourth generation memory), network chips, etc.; in terms of process safety, it has realized high-end information security from protection, discovery, control, disposal, capacity building to ecosystem Construction of the industrial chain of the service industry; in terms of building a new security system, forming a new dynamic security system that uses trusted technology as the link and deeply integrates intrinsic safety and process safety.
The fifth is to explore and form a new business model. The “IOS†service model and the aggregate service model have been explored and practiced. The platform has been put into practice on the project, which fully demonstrates that the aggregate service model of crowd testing and crowd division, offline and online integration, and payment based on analysis results can effectively improve security service capabilities. Through the "national advancement and the promotion of the people", a secure big data open analysis platform was established, a trusted computing innovation community was launched, and "double innovation" was jointly promoted through industrialization, and a win-win industrial environment for state-owned enterprises to enter and promote private enterprises was built.
The structure of the Chip Mounter can be roughly divided into a body, a PCB transmission device, a placement head and its driving positioning system, a feeder, and a computer control system.
The accessories of the Chip Mounter include Ball Scraw, Guide , Motor, Valve , PCB Board ,Moving Camera,Single-Vision Camera,Multi-Vision Camera,Backlight Unit,Laser Unit,Locate Pins,Nozzle,Feeder, Camera Line, Motor Line, etc. We are a professional Chinese manufacturer of other SMT machine parts, and look forward to your cooperation!
Panasonic Chip Mounter Parts,Panasonic Smt Nozzle,Panasonic Cm602 Nozzle,Cm602 Smt Nozzle
Shenzhen Keith Electronic Equipment Co., Ltd. , https://www.aismtks.com