(security group Wen Shu 360 enterprise solution)
An eventful year of network security
In February 2016, hackers use SWIFT system vulnerabilities, resulting in the theft of $81 million, the Central Bank of Ukraine in June was a bank money stealing nearly $10 million at the end of the year, the Russian central bank was hacked $31 million take wings to itself. April, the German Gundremmingen nuclear power plant computer system found malicious programs, power plants were forced to shut down. October, the United States domain name server management service provider Dyn was the largest DDoS attack in the history of the United States, the east coast site collective paralysis. November, the United States, San Francisco subway computer fare system was hacked, hackers ask for 100 bitcoins as ransom. In January 2017, US President elect Trump publicly acknowledged that Russian hackers had invaded the U.S. presidential election and interference.
These events fully show that the hacker attacks have further iterations, has seriously affected people’s production and life, social infrastructure, and even the replacement of state power. There are more and more organized and political hackers. Which in 2016 and the people’s lives are closely related to the infrastructure has become a new hot spot of attack, which also brings new challenges to the field of security.
The sword, the way
As the biggest victim of the global hacker attacks, the government has been carrying out China spare no effort a series of network security legislation and construction, November 7, 2016, the twenty-fourth meeting of the Standing Committee of the Twelfth National People’s Congress passed the People’s Republic of China network security law (hereinafter referred to as the security law), the law is to protect the network security, the maintenance of network space sovereignty and national security, social and public interests, the protection of citizens, legal persons and other organizations of the legitimate rights and interests, and develop and promote the healthy development of economic and social information. There are 7 chapters in the article, in the network security of the General Provisions, but also a separate chapter, for the critical information infrastructure security put forward the provisions of the 9 79.
Following, December 27, 2016, approved by the central network security and Informatization Leading Group, the national Internet Information Office issued a national cyberspace security strategy (hereinafter referred to as the strategy), this paper is to implement President Xi Jinping on promoting the global Internet governance system reform of the four principles and the construction of cyberspace community of destiny the five point proposal, to clarify the position of China on major development and Cyberspace Security, guidance Chinese network security, safeguard the sovereignty, security and development interests of the country in the network space and make. Strategy proposed nine strategic tasks, of which third points clear on the definition of critical information infrastructure and protection requirements are described.
Chart: National Network letter office issued the national cyberspace security strategy to defend the sovereignty of cyberspace and other tasks
The definition of strategy of critical information infrastructure: national key information infrastructure refers to the relationship between national security and data leakage, beneficial to the people’s livelihood, once the destruction or loss of function may seriously endanger national security, public interests and information facilities, including but not limited to the basic information network to provide public communications, radio and television transmission services, important the information system of energy, finance, transportation, education, scientific research, water conservancy, industrial manufacturing, health care, social security, public utilities and other fields and state organs, the important Internet application system.
Whether it is the security law or strategic we can be regarded as the national level of all kinds of network attack strategy guide, which is a text description of the critical information infrastructure protection requirements, showing its important degree high. In particular, the strategy put forward several key issues of critical information infrastructure protection:
Take all necessary measures to protect critical information infrastructure and critical data from attack. Adhere to the technology and management of both, protect and deter simultaneously, focus on recognition, protection, detection, early warning, response, disposal and other aspects, the establishment and the implementation of critical information infrastructure protection system, increase investment in technology and management, personnel, funds, in accordance with the comprehensive measures to strengthen the security of critical information infrastructure protection.
Critical information infrastructure protection is the common responsibility of the government, enterprises and the whole society, in charge of operating units and the organization, in accordance with laws and regulations, system requirements, to take the necessary measures to ensure the security of critical information infrastructure, and gradually realize the evaluation before use. Strengthen critical information infrastructure risk assessment. Strengthen the party and government organs and the security of key areas of the site, the grass-roots party and government organs to the construction and management of the website according to intensive mode. The establishment of government, industry and enterprise network security information orderly sharing mechanism, give full play to the important role of enterprises in the protection of critical information infrastructure.
Basic protection, there are still insufficient
Domestic has the critical information infrastructure of national departments, enterprises and institutions, after years of development of information security, security technology support compared to other organizations, a relatively complete technical ability with more comprehensive, have higher comprehensive security strength. But whether it is the disclosure of events or policy guidance, we can also find some new security challenges.
Two wheel drive, effective coverage
360 enterprise security safety protection combined with the concept of big data, relying on the Internet gene and its self-protection ability strong, to secure data and threat intelligence as the main line of linkage from the cloud, network, terminal multidimensional perspective, with critical information infrastructure of the enterprise, to build the whole temporal defense in depth professional ability:
Security intelligence data capabilities, 360 has a strong, diverse, continuous high speed expansion of the technical database, the composition of a massive Threat Intelligence Data source. It is the detection and identification and evaluation based on large data network security risk and enterprise unknown threats at the same time, is also the 360 in order to provide the premise of information sharing with critical information infrastructure at the state department or enterprise;
Data storage and computing capabilities, 360 to build a self controlled, large-scale data storage and computing environment, the formation of the operational basis of threat intelligence. At the same time, the intensive operation and management experience of the 360 large-scale computing power, the relevant safety management system, can be transplanted and shared with the key information infrastructure of the national department or enterprise;
The ability of data mining, machine learning, intelligent use of 360 to build independent mining environment and other leading technology, from massive data information, rapid and accurate identification of unknown threats, the threat intelligence technology support. The ability to enhance the technical effectiveness of risk assessment, especially for the threat identification and detection of the site, the effect is more prominent;
The ability of security visualization analysis, 360 through the real-time rendering technology, the full path of the threat of the portrait, and the realization of the human visual visualization and intelligent protection of the security products visualization. In the enterprise security personnel present threat discovery, forensics, origin, development and the latest threat intelligence data to 360 safety protection equipment, the realization of cloud, network, terminal collaborative linkage, effectively achieve safety loop 360 cloud network security information sharing and identification, protection, detection, early warning, response and disposal;
Through the analysis of the capabilities, we find that the technology of the enterprise completely covers the mission requirements of the strategic information infrastructure. 360 not only can have critical information infrastructure at the state department or enterprise to provide safety information sharing and network security closed-loop technical support, at the same time, can be reduced 360 gathered computing environment safe operation and management experience, management system and customer share and customization.
Offensive and defensive tactics, depth protection
Through the day embankment wisdom of firewall, the use of network threat detection and response model, the integration of Internet Security Threat Intelligence, visualization, abnormal behavior modeling and analysis technology, at the same time, cooperating with terminal, sandbox, cloud defense capability, to achieve against known threats, find advanced threats, resolve violations of security incidents, and threat source analysis, achieves the intelligent network boundary protection;
Through cloud monitoring and cloud protection, with the help of cloud WEB application security monitoring, early warning, protection technology, effectively hide the true path of the site, a strong complement to local defense capabilities;
The eye, the ability of large data security technology deployed in the Enterprise Cloud Security localization, big data and enterprise local full flow data, and then, fully coordinated collision, the unknown attacks suffered internal tracing technology, reduction, attack, capture surface portrait evaluation, make up the short board of traditional security products;
Through the cloud security platform, from the physical layer, Hypervisor layer, virtual host virtual host layer, network layer, application layer, data layer cloud cloud cloud level, environmental protection enterprises full range. At the same time, 360 with the mainstream cloud vendors to conduct in-depth cooperation, docking, and successfully passed a number of cloud vendors official strict testing to ensure the stability and reliability of cloud protection;
Through the sky in the public test platform, customer authorization, leveraging the country’s top white hat public test ability, red and blue against network security exercises in actual customer environment;
Through the 360 security services, emergency procedures, verification of reinforcement strain measures, with the aid of the operation and demonstration, to explain the link, to help customers experience, familiar with the network security emergency response capability in real combat exercises in the hands, eyes, body, method, step;
Through 360 security operation and maintenance services to help customers improve system security operation and maintenance of life cycle management capabilities. Involved in the enterprise application system from the code development, on-line systems, operating environment, system changes, data cleaning, system offline, such as security operation and maintenance of the entire life cycle.
360 the value of full time depth defense
We are not only concerned about the product, more concerned about the company’s own security capabilities and enhance the effectiveness of real protection!
Please dial the relevant advisory telephone 4008-989-360, turn the solution department.
The author of the article has set up the need to be able to leave a message
Sweep the concern of the public, WeChat