At the end of 2023, Gartner released the key trends of China's cybersecurity in 2024 and beyond, in which "cyber resilience" was listed as one of the three technology trends to address the threat quadrant. Gartner has identified seven major trends this time, among which there are not many technology trends that can be implemented, and the term "cyber resilience" has always heard similar voices from major security vendors in recent years, and how to implement it is also in the process of trying.
Gartner defines "cyber resilience" as: "Cyber resilience is the ability to adapt and respond to threats or failures in the digital business ecosystem." Cyber-resilient organizations are able to ensure that software and technology infrastructure and services are reliable, secure, and accessible after rapid recovery in the event of any type of malicious or adverse service disruption. Cyber resilience strategies enable more effective application of resilience principles to minimize or eliminate business losses from outages, but it is not currently possible to eliminate all security incidents. ”
In April last year, Security 419 was invited to participate in the new product launch conference held by Micronics Technology in Beijing, and at that time, Micronics released a new architecture of a "resilient" data security system. As the proposer and main builder of the concept and architecture, what is the current overall construction and implementation of its "resilient" data security system? Recently, we also communicated with Zhou Jie, CTO of Micronics, with such questions.
Network security has a history of decades of development, and the underlying logic of network security is to reduce the occurrence of security risks by building a corresponding defense system, and then build a deep protection system from the computing environment to the border and then to the network according to different IT construction situations and environments, which has played a significant role in the past few decades. Zhou Jie believes that when the digital age comes, the security system will be broader, and the construction of a "resilient" data security system can be extended to the data security defense system more often, and its core value is to solve the existing dilemma of frequent network security incidents and poor data protection.
Data is an asset, and the focus of the digital economy era is to make data flow. Zhou Jie believes that how to effectively protect the data in circulation is essentially completely different from the attack and defense on the battlefield of network security. That is, the scenario of data security is oriented to the use process, and data security can be reflected from the network security side, that is, from the network side to break through and steal data, which is also the usual definition of external risk, and internal risk is also another key scenario to be solved by data security.
If our network will be breached, if there will always be internal ghosts stealing our data, or inadvertently leaking our important data, then the occurrence of security incidents is not a matter of probability, but an inevitable problem. Zhou Jie emphasized that this is also the significance of why we need to establish a "resilient" data security system. When cybersecurity incidents are unavoidable and data is becoming more and more important but protection is not effective, establishing a "resilient" data security system will provide rapid awareness, intervention and recovery, which will serve as a bottom-line defense and make enterprises more resilient to risks.
It can also be understood in this way that the security system standards followed by the current network security industry are to resist the enemy thousands of miles away, but in fact, no one dares to say that if I do a good job in the corresponding security construction, there will be no network security incidents. As attack technologies and methods are also developing simultaneously, enterprises need to consider the overall security investment cost, and it is impossible to invest in security construction without a bottom line. Security 419 also believes that the establishment of a resilient network or a corresponding defense system is also a new way to find a new way, and its focus is to ensure that business and data can not be destroyed in the worst case, and can always be in the hands of the enterprise itself.
Zhou Jie once again reiterated that the 'resilient' data security system proposed by Micronics has three goals, the first is resilience, the second is adaptive evolution, and the third is the visibility of complex systems. Its system framework as a whole is asset-centric, identity-boundary, risk-oriented, and multi-dimensional data security scenario-based, technical, and capable-based implementation to adapt from the framework to specific customer needs.
Micronics' current four major production lines of data security, disaster recovery and backup, intelligent operation and maintenance, and data management can cover the system framework to a certain extent, such as the redundancy capability required by resilience, and the ability to quickly rebuild data and systems, but the corresponding capabilities of the framework also need a comprehensive platform to connect tools to achieve more capability delivery, such as improving comprehensive visibility and timely intervention capabilities.
Zhou Jie also emphasized to Security 419 that the network security platform has been the mainstream development trend in the world in the past one or two years, and Micronics is also strengthening the construction of technology and products in this regard. In order to adapt to the "resilient" data security system, Micronics' security products are also developing in the direction of cloud architecture, which aims to remove all the complexity of endpoints into the cloud management center, so as to facilitate technology integration and security management.
Zhou Jie also admitted that the "resilient" data security system proposed by Micronic still has a long way to go, but the technical system can now be implemented in stages and scenarios. Zhou Jie also introduced to Security 419 its implementation plan on the "resilience" solution of enterprise anti-ransomware and building a trusted computing environment in the data circulation environment, but it will take some time to complete the implementation of the expected complete technical route.
In a specific application, we can also see that the platform product deployed by Micronics for a customer in the power industry can not only connect the security products of other competitors to conduct system log analysis, but also carry out correlation analysis around the dimensions of assets and identities, so as to achieve the visibility of complex systems proposed in its "resilient" data security system. When attacks become visible, the response capability can quickly keep up, and it is natural that early intervention can be carried out.
As a professional data security vendor, Meichuang has a wide range of data security products, and its disaster recovery and backup capabilities corresponding to the bottom-line defense of the "resilient" security system are also not inferior to professional manufacturers in the field. Platform-based integrated disaster recovery products have led the transformation of disaster recovery products. Micronics not only provides a variety of disaster recovery and backup products, but also pays more attention to assisting customers in daily drills after the implementation of its products and solutions, and its focus is to make the bottom-line defense it provides truly established. It is understood that recently, Micronics has helped its 36 enterprise customers in different industries to complete phased disaster recovery drills.
Zhou Jie told Security 419 that the "resilient" data security system proposed by Micronics Technology is a long-term plan, from the proposal of last year's plan to the next four to five years, the product system of Micronics will evolve in this direction, of which the ability improvement in the architecture system and the development of single products to the platform are its main directions. In addition, everyone must have a process of acceptance of a new security system, during which Meichuang will also work with universities, academic institutions, industry friends and businessmen to further mature and promote the system.
Zhou Jie concluded that the data security market will follow the development law of the network security market in the future, but data security is not the same as network security. Data security cannot be dealt with by the traditional network security protection system, and data as an asset always has the characteristics of flow, so this is why Micronics insists on building a new system of "resilient" data security. In addition, data security should always be a part of the business, and when we are carrying out business construction, we need to take data security into account in order to grow healthily in the future digital era.
What we can see from this understanding is that "resilience" as a shift in defense concepts has been understood and fully supported by more and more security vendors. Nowadays, a single vulnerability can cause thousands of enterprise business systems around the world to collapse, and the business has fallen into shutdown causing tens of billions of dollars in losses, which is why we believe that there will never be absolute security in theory, and "resilient" security can establish an overall technical mechanism, bottom line defense, rapid perception and intervention are all important components of it.
Cyber resilience emphasizes that even if something happens, it can be relatively safe, and bottom-line defense is especially important for enterprises to protect business continuity. We have also previously written that "resilience" is an emerging concept, and from the concept to the implementation, various institutions and security vendors have different views, so the current stage of choosing to build "resilient" security is to consider whether its system architecture is perfect, whether its security capabilities are diversified, and whether it can be truly implemented, which is a long way to go for any vendor who proposes this concept.
Data Security