In the tide of digital transformation to , enterprises' cloud access and data center development towards marginalization has become a general trend. Although the evolution of technology has facilitated the operational efficiency of governments, enterprises and other institutions, it has also made the issue of security vulnerabilities increasingly prominent, and security technology has become the most concerned topic of enterprise IT departments. With the domestic "digitalization" moving towards " digitalization ", more and more companies are investing in digital innovative technologies, especially the rapid development of industries such as cloud computing , big data, artificial intelligence , Internet of Things, e-commerce, etc., companies have discovered that how to protect digital assets has become a very important task for managers.
In view of this, Gartner recently released the first "Gartner China Security Technology Curve" report. Gao Feng, senior research director of Gartner, analyzed representative technologies in the Chinese market in the field of security, at different stages of maturity in the curve.
Gartner Senior Research Director Gao Feng
Technical Maturity Curve
According to Gartner's division of security technology development, the technology maturity curve is divided into five stages, namely the technology germination period, the expectation expansion period, the bubble burst trough period, the steady climb recovery period and the production maturity period.
The germination period of technology is a technology startup stage, which usually quickly arouses the interest of media and industry insiders after the technology is displayed publicly and the product is released. Then, the technology entered a period of expected expansion. The new technology will attract a large number of industry resources and be widely promoted and financing . However, most projects have failed to pass this period of blind follow-up investment. As the bubble bursts and falls into the valley, its popularity will also dissipate at any time. But there are also many products and projects that will survive this trough. Through some targeted events and work, people have begun to understand their applicability and risks more and more, and commercial methods and tools will be born. Therefore, new technologies have steadily climbed and recovered, and entered the mature stage of production.
CPS, ASM and cloud security resource pool are the introverted technology representatives
Information physical system security is also called CPS. It is an engineering system that can coordinate sensor computing, control, and interact with the physical world through network analysis. It is mainly used in the governance of smart city , and uses the collection of key data such as urban transportation, construction, utilities, environment, and public services. The infrastructure that collects this data information is usually deployed many years ago and is constantly adding new things to the development of history. These built-in infrastructures in different periods often leave a large number of security vulnerabilities. The information physics system security is to integrate and eliminate the security risks in the entire smart city system.
attack surface management is also called ASM. This technology emerges because many companies' digital assets are not within the physical boundaries of the company. For example, some cloud-based digital assets may be distributed in users' homes, or even abroad. These digital assets beyond the physical boundaries of the company may face the risk of core data leakage. Attack surface management continuously discovers all assets of the enterprise by reasonably configuring personnel, process technology and services, and stores and manages them. Improving visibility of the attack surface can help businesses reduce threats. In the future, the technology can also help companies identify known and unknown assets, thereby reducing risks and providing early warnings.
cloud security resource pool is a unique security innovation technology in China, and there are no similar products abroad. This is due to China's special national conditions that have allowed Chinese enterprises, governments and other entities to deploy private cloud in large quantities, while Europe and the United States basically use public cloud as the main and private cloud as the supplement. It is precisely because of the special nature of private cloud security protection that many security manufacturers have provided cloud security resource pools, a security product that is very targeted to protect private clouds at this stage. The cloud security resource pool is a collection of security tool resources from the software, integrating tools such as management, monitoring, security orchestration and automation on the "cloud".
SASE, IoT identity authentication is the expected expansion period technology representative
SASE, that is, the edge technology of secure access services, mainly to provide a converged WAN , and edge security access capabilities for multiple edge access scenarios.Enterprises have a variety of tools for edge protection, such as VPN, SWG, etc. As a converged platform product, SASE can integrate these separate and separate edge protection tools, reduce the operation and maintenance complexity of the enterprise, and provide unified visualization functions, which also improves the security capabilities of the system.
In recent years, with the rapid advancement of 5G technology and infrastructure, the Internet of Things has also started some optimization processes and discovered new opportunities for revenue generation. Internet of Things identity authentication is the product of this background. In popular IoT fields such as Internet of Vehicles, smart cities, smart furniture and smart wearable devices, their devices require a trusted identity and powerful device authentication to reduce the possibility of it being attacked. These needs have greatly promoted the promotion of IoT identity authentication technology.
Multi-party security computing and zero-trust network access have entered the bottom period
In Gartner's research, multi-party security computing and zero-trust network access technology are currently at the bottom after overheating.
Multi-party security calculation is a type of privacy calculation. In layman's terms, it uses multiple parties to secure calculations, and at the same time ensures the privacy of the input data. It can not only determine the correctness of the calculation, but also ensure that the calculation is completed without a third party to obtain the data. Although the technology is advanced and reliable, the application of multi-party security computing needs to consider specific scenarios. In most implementation projects, enterprises need to make many customized deployments, which leads to the fact that this technology can only be used in very personalized products and is difficult to be quickly copied and promoted to other different companies for use. Therefore, the foam expansion stage has not been widely used.
is similar to multi-party computing. The concept of zero trust is also a concept that has been well-known for a long time. It has been in the Chinese market for more than ten years. Zero-trust network access mainly provides authorization based on user identity and scenario logic, and can hide user applications. External customers without access rights are invisible, and only internal authorization or designated users can access data.
offensive and defense drills, network security situational awareness has entered a steady recovery period
offensive and defense drills are a technology that the government has vigorously promoted in recent years. It is also because of the government's vigorous promotion that it has entered a steady recovery period and is in a stable and mature application state. In addition to the regular offensive and defensive drills organized by the state, as the development of the Internet, there are more and more unpredictable attacks, and many companies will also conduct some offensive and defensive drills and tests in daily life, which will make this technology more acceptable to the industry.
The concept of network security situation awareness does not come from China, but productization is carried forward in China. China's cybersecurity situation awareness technology extends from the security information and event management platform. It is a modern and centralized form that can be integrated with other security tools. Then collect data such as asset information, network traffic, logs, vulnerabilities, user behavior and threats, and make trend predictions of security trends based on these data and provide them to customers. Many network security situation awareness technologies are used in security operation and maintenance centers to provide enterprises with predictions, real-time understanding of the company's situation and discover problems.
Through the China Security Technology Curve Report released by Gartner, we can clearly see that the main body of the Chinese security market is still Chinese manufacturers. The application of its technology is quite specific to China's national conditions and provides a reliable reference for the investment and technology adoption of Chinese companies. Gartner's original intention and mission to persist in releasing analysis reports is to understand China in depth, pay attention to China's innovation, and conduct targeted updates at any time. (Text/Xu Peiyan)
