According to the Ministry of industry and information technology website, the Ministry of industry and information technology has publicly solicited opinions on the 'guidance on promoting the development of network security industry (Draft)'. According to the draft, it supports the construction of network identity authentication system based on commercial password, fingerprint recognition, face recognition and other technologies.
Address of this article: http://www.eepw.com.cn/article/201910/405658.htm
Based on the basic principles of innovation driven, collaborative development, demand leading, and open cooperation, the guiding opinions aims to cultivate and form a number of network security enterprises with annual revenue of more than 2 billion by 2025, and form a number of network security backbone enterprises with international competitiveness, and the scale of network security industry will exceed 200 billion.
The guiding opinions put forward five major tasks, which are: strive to break through the key technologies of network security, actively innovate the network security service mode, work together to create the network security industry ecology, vigorously promote the application of network security technology, and accelerate the construction of network security infrastructure.
First, we should strive to break through the key technologies of network security. With the goal of building an advanced and complete network security product system, focusing on the needs of network security pre protection, in-process monitoring, post-processing, investigation and evidence collection, vigorously promote the evolution and upgrading of network security products such as asset identification, vulnerability mining, virus detection, border protection, intrusion prevention, source code detection, data protection, tracing and tracing, and strive to improve the status of hidden danger investigation and status Potential perception, emergency response and traceability. Strengthen the analysis of network security threats and risks in emerging fields such as 5g, next generation Internet, industrial Internet, Internet of things, Internet of vehicles, and vigorously promote the research and development of network security technology products in relevant scenarios. Support the application of cloud computing, big data, artificial intelligence, quantum computing and other technologies in the field of network security, and strive to improve the network security defense capabilities such as threat intelligence analysis, intelligent monitoring and early warning, and encrypted communication. New concepts of network security, such as virtual computing and trust, are actively promoted.
Second, actively innovate the network security service mode. In view of the characteristics of network security, such as strong specialization, rapid technological evolution and difficult application, the concept of 'security as service' is advocated, and network security enterprises are encouraged to change from providing security products to providing security services and solutions. Support professional institutions and enterprises to carry out network security planning consultation, threat intelligence, risk assessment, detection and certification, security integration, emergency response and other security services, and standardize vulnerability scanning and disclosure activities. Support legally established certification bodies to carry out network security certification in accordance with the law. We will vigorously develop the public service platform of network security based on cloud mode, and provide remote real-time online vulnerability detection, website protection, denial of service attack resistance, domain name security and other services. Encourage basic telecom enterprises and cloud service providers to give full play to the advantages of network resources and provide value-added services such as network security monitoring and early warning, attack protection, emergency support and so on. Encourage the development of network security integrated operation outsourcing services for smart city construction, e-government and other fields. Explore the development of network security insurance services.
The third is to work together to create the network security industry ecology. Support leading and backbone enterprises to integrate network security innovation chain, industry chain and value chain, establish an open platform for network security technology research and development, standard verification and achievement transformation, smooth the docking and transformation channels of innovation capability, and realize multi-dimensional and multi-contact innovation capability sharing, innovation achievement transformation and brand collaboration among large, medium and small enterprises. Efforts should be made to cultivate small and medium-sized enterprises with outstanding main business, strong competitiveness and good growth, and encourage mutual cooperation with large enterprises by means of specialized division of labor, service outsourcing and shared R & D, so as to form a win-win situation. We should fully mobilize the enthusiasm and initiative of various parks, enterprises, scientific research institutes and financial institutions, and encourage the development of agglomeration, intensification, association, chain formation and cooperation. We should cultivate and build a number of collaborative innovation platforms and laboratories for network security technology and products, carry out joint research on common important issues and market needs, give full play to the leading role of science and technology support, promote the R & D and popularization and application of industrial generic technologies, and guide the gathering of innovation resources. Enterprises, research institutions, universities and industry organizations are encouraged to actively participate in the formulation of national and industrial standards related to network security.
Fourth, vigorously promote the application of network security technology. We will give full play to the role of Party and government organs and relevant industry authorities, and promote the deployment and application of advanced and applicable network security technology products and services in finance, energy, communication, transportation, e-government and other important fields. Strengthen the safety management of industrial Internet, Internet of vehicles and Internet of things, supervise and guide relevant enterprises to take necessary network security technical measures. Vigorously promote the application of Commercial Cryptography Technology in network security protection. The informatization projects invested by the government should construct network security technology facilities simultaneously, and carry out security acceptance independently. We will increase the support and promotion of network security technology application pilot demonstration projects, encourage demonstration enterprises to transform solutions into standard guidelines and carry out special lectures. Encourage the development of network security technology forum and product service exhibition activities.
Fifth, accelerate the construction of network security infrastructure. We will promote relevant industry authorities and local governments to build their own and regional network security situation awareness platform, and strive to improve the ability to support network security management and respond to organized high-intensity attacks. Encourage key industries and key enterprises to build network security infrastructure such as vulnerability database and virus database