On June 13, Tencent Security, together with IDC and other institutions, held a research and discussion forum in Beijing, and released the "Digital Security Immunity" model framework, proposing to use immunity thinking to deal with the challenge of difficult coordination between security construction and enterprise development in the new era. Ding Ke, vice president of Tencent Group and president of Tencent Security, said at the forum that in the new stage of digital intelligence, development-driven development has become a general consensus on security construction. Enterprises need to change from passive security to active defense, and target data assets and business assets. A new security paradigm and framework.
Ding Ke said that there is a common gap between security and development in enterprises at present, and the reason behind this is that the driving force for security construction in the digital age has undergone fundamental changes. Entering the new stage of "digital intelligence", enterprises have begun to become the cells of the digital society. Many enterprises have gradually completed the exploration of business digitalization to digital business, and data has become one of the core assets of enterprises. "Enterprises should enhance their digital security immunity, take a more active and proactive view of security, and replace 'cure the disease' with the idea of 'preventing the disease'."
In Ding Ke's view, digital security immunity has three major upgrades compared to traditional security paradigms: the core goal of enterprise security construction, from building security to protecting the two major assets of enterprise data and business; The new paradigm upgrades the security confrontation mode of individual combat to systematic confrontation; the third is to change the security thinking of enterprises and use the paradigm of active security to establish a flexible, adaptive and scalable digital security immune system.
Focusing on how to build a digital immunity framework, Ding Ke further pointed out that the model takes the core business of the enterprise and enterprise data assets as the defense goals of all security, and rebuilds the value origin for security. In the middle of security operations and management, build a set of "immune central system" with people as the core, look at security operations and management from the perspective of business top-line, let security play the value of dynamic flow because of "people", eliminate security borders. At the outermost layer, the "fence" of traditional software and hardware security is removed, and the platform idea and plug-in idea are used to make security tools and security technologies available on demand.
The concept of digital security immunity fully condenses Tencent's own large-scale security practices. According to Ding Ke, in the past 20 years of security construction, Tencent Security has accumulated three atomic capabilities: AI capabilities, threat intelligence capabilities, and offensive and defensive confrontation, and has been fully verified in 1 billion-level users and massive business scenarios. At present, Tencent Security has served millions of customers in 18 major industries, covering more than 80% of financial companies , more than 90% of leading energy companies , and more than 20 leading car companies . At such an important moment as the Olympic Games, we provide re-insurance services for live events.
Ding Ke said that in the process of deepening the industrial Internet in the past, Tencent Security used the brand-new concept of "development-driven" to help thousands of industries practice security and help customers reconstruct the new paradigm of security in the digital age. In the future, Tencent Security will continue to improve its digital security service capabilities, and continue to work hard to build a security ecosystem from the perspective of security industry development.
The following is the transcript of Ding Ke's speech:
Distinguished guests, media teachers, hello everyone, I am Ding Ke from Tencent.
Recently, AI and large models have attracted widespread attention, indicating that general artificial intelligence based on data and algorithms is very likely to reconstruct social productivity in the future and become another driving force for the digital transformation of enterprises. On the other hand, driven by data and models, the security threats and challenges faced by enterprise business development are becoming increasingly complex.
In this context, for enterprises to achieve high-quality development goals, it is a "must" to coordinate safety and development. Whether it is the National 14th Five-Year Digital Economy Development Plan, or the overall layout plan for the construction of Digital China issued in February this year, clear guidelines have been given; especially in March this year, the National Data Bureau was established to provide security for the data element market. , Long-term operation mechanism innovation Press the accelerator key.
On the macro level, it is already the consensus of the country and the industry to coordinate development and security through system construction and escort development through security; but at the micro level, the digitalization of enterprises is advancing by leaps and bounds, and digital security construction tends to lag behind, slowing down the overall progress.
A few days ago, we conducted a survey for customers and found that in the process of digitalization, the gap between security and development is common in many companies.
The first fault is reflected in the insufficient budget investment. Internationally, there is a relatively objective baseline: digital security budget investment should account for 5% of the overall investment in enterprise digitalization; important national departments and key enterprises should spend up to 10%. According to survey data, 70% of enterprises are below this baseline, and there are even more than 10% of enterprises whose security investment is less than 1%, that is, almost no investment. This means that when facing an attack, an enterprise is basically in a state of "defenseless" and at the mercy of others.
The second fault is the lag of safety concept. The digitalization of enterprise business is gradually deepening, but security construction is still stuck in the traditional chimney-building stage of "treating the head if you have a headache, and treating the foot if your foot hurts". Our survey found that less than 20% of CSOs rated their company's security investment above 80 points; more than half of them were below the passing line of 60 points. The underlying logic behind it is that the driving force of security construction in the digital age has undergone fundamental changes.
In the information age, the digitalization of enterprises has just started. Some small amount of forms and management software need to be processed on the computer. Enterprises choose the most conservative security defense strategy and configure a set of hardware boxes to achieve static security.
In the stage of digitalization, the Internet of Things, big data, and cloud computing are widely used, and the overall digitalization of enterprises has increased exponentially. The supply chain has become more and more complex, and the security risks faced by enterprises have expanded rapidly. A new stage driven by comprehensive factors such as offense and defense, events, and compliance.
Entering the era of "digital intelligence", enterprises have begun to become the cells of the digital society. Digital business has become the backbone of the organization, and data has become the core asset. The paradigm of security construction has changed from "passive security" to "active defense", which is the core consideration of enterprise security construction at this stage.
With data assets and business assets as targets, enterprises urgently need to rebuild a new set of security paradigms and security frameworks.
So, what is the new security paradigm applicable to the current enterprise development? Tencent Security and IDC have successively conducted surveys on more than 1,500 corporate CSOs, more than 50 entrepreneurs and industry experts, and "development-driven" has become a common consensus among everyone.
If the next definition can be summed up as "digital security immunity". Just like we exercise, strengthen the body's immunity, and inject vaccines to suppress and prevent diseases, the concept of digital security immunity advocates a more active and proactive security concept, replacing "curing the disease" with the concept of "preventing the disease".
The framework of digital security immunity can be abstractly understood as an "onion" model, which draws on the thoughts from customers and experts.
On the one hand, it is necessary to rebuild the core goal of enterprise security construction. On the other hand, it is necessary to change the way of confrontation and upgrade individual combat to systemic confrontation through a new paradigm of security immunity. The most important thing is to change the security thinking of enterprises, and use the paradigm of active security to establish a flexible, adaptive, and scalable digital security immune system.
Here it can be expanded from several levels of the model: the innermost layer, rebuilding the "target" of enterprise security construction, and answering "why do security". The model regards the core business of the enterprise and enterprise data assets as all security defense targets, and rebuilds the origin of value for security.
The security operation and management in the middle build a set of "immune central system" with people as the core from the perspective of business top-line. Fully incorporate the characteristics of the collaboration of multiple departments of the enterprise, so that security can play the value of dynamic flow because of "people". Remove the security boundary, and truly achieve defense everywhere and safety everywhere.
At the outermost layer, the "fence" of traditional software and hardware security is removed, and the platform idea and plug-in idea are used to incorporate endpoint security, border security, and application development security into the platform, so that security tools and security technologies can be used as needed.
A good security concept must be dynamically changed, developed, and fully verified by practice; from this perspective, Tencent's past, accumulation, and business practices have just verified the construction concept proposed by the digital security immunity model.
First of all, the underlying advantages accumulated by Tencent in security are also our "atomic capabilities", including AI capabilities, threat intelligence capabilities, and powerful offensive and defensive capabilities. Behind them are Tencent's technology, data accumulation, and talent echelon.
Secondly, it is Eating your own dog food that the team usually likes to say, eating your own dog food. No matter what kind of product it is, it needs to be fully applied within Tencent, go through challenges from many brother departments, and undergo countless negations and iterations before it can be oriented to customers. Tencent has 1 billion users and massive business scenarios, more than 100,000 employees worldwide, and a cloud platform serving millions of customers. This is the best driving range for us to "eat dog food".
Third, the scientific practice paradigm also needs to be verified with customers. We have covered more than 80% of the financial industry customers and more than 90% of the leading energy companies. We also provide re-insurance services for live events such as the World Cup in Qatar and the Beijing Winter Olympics.
For example, in cooperation with SF Express, it is necessary to fully consider the characteristics of the complex logistics industry system and the long upstream and downstream ecological chains, so as to deal with risks without accidentally injuring them; it is also necessary to achieve linkage between security and infrastructure such as networks, terminals, accounts, and emails. Improve the openness and intelligence of the security defense system. In the end, the two of us worked together to build a complete integrated solution for zero trust security and unified threat detection and response across the network.
In cooperation with Bank of Jiangsu, we jointly explore the application method of "federal learning" technology in financial scenarios. On the premise that the data of both parties does not go out of the domain, a series of continuously updated model matrices are constructed, and AI risk prediction is innovatively extended from pre-lending to multiple business links, greatly improving loan efficiency and overall risk control level.
In the process of deeply cultivating the industrial Internet in the past, Tencent Security has used the brand-new concept of "development-driven" to help thousands of industries practice security and help customers reconstruct the new paradigm of security in the digital age. In the future, we will continue to improve our digital security service capabilities, and continue to work hard to build a security ecosystem from the perspective of security industry development.
thank you all.