The internal factors determine the external factors, but “evolution” is about refining the external processes into one’s own immune system.
“Evolution” Is Inevitable
Not developing is the greatest insecurity. Bill Gates once said, “If you missed the internet today, you didn’t just miss an opportunity, you missed an entire era.”
The first industrial revolution replaced human power with steam engines, the second industrial revolution replaced machines with electricity, and the third industrial revolution, through the invention of computers and electronic information technology, ushered humanity into the information age. Each industrial technological revolution has liberated productivity.
Now entering the 21st century, we are transitioning from informatization to digitization and intelligence. The digital transformation of enterprises is no longer a “choice” but a “required course” related to survival and long-term development.
As the pace of digital transformation accelerates, enterprise IT architecture must also adapt to lead change and maintain competitiveness, so as not to be eliminated by the times.
At the same time, enterprises face risks from malware intrusions, ransomware attacks, data leaks, phishing emails or websites, as well as technical risks from data tampering and leakage.
In this era of competition driven by digitization and intelligence, enterprises must continuously undergo transformation to safely navigate through cycles.
Let’s review the evolution of enterprise security construction in the past. A prominent figure in the cybersecurity industry once categorized enterprise security construction into three stages: system protection, physical defense, and cloud defense.
First Stage: Before 2000, the focus was primarily on protecting computer system security. At that time, IT infrastructure was very lacking, and few companies had the capability to build networks. Moreover, security measures were mainly reflected in the management of internal employees, with almost no specific devices or products aimed at security. The so-called security measures were almost all aimed at ensuring the normal operation of individual systems and preventing downtime.
Second Stage: 2000-2014, the PC era, where antivirus software, firewalls, and intrusion detection became the three pillars of network security in the market. Due to the simplicity of network devices at that time, network security rarely involved business, and data assets were relatively low. The “three pillars” basically met the enterprise’s needs for network security. Enterprises still had a clear distinction between internal and external networks, operating business only on internal networks, requiring only firewalls for isolation to ensure safety. Most enterprise security protection relied on stacking boxes and purchasing hardware.
Third Stage: After 2014, with the development of big data and cloud computing, IT infrastructure architecture has shifted from local to cloud, making cloud security protection a primary task for enterprises.
Currently, enterprise security demands have once again changed. With the rise of digital and intelligent technologies and the advancement of digital transformation, security boundaries have blurred. Previously, connected devices were limited to PCs and servers, but now they have expanded to include mobile phones, the internet, industrial internet, cloud infrastructure, and more, ushering in the era of digital security.
This kind of “qualitative change” brings about the primary issue of an expanded risk attack surface, with serious delays in security defenses; secondly, as the attack surface expands, the risks it carries will further increase, and the impact will also expand. Hackers leverage the advantages of the cloud, big data, and artificial intelligence to launch increasingly stronger and more frequent attacks, rendering traditional security defenses ineffective.
For example, in 2021, Colonial, the largest fuel pipeline operator in the U.S., was attacked, interrupting the “artery” of oil supply in the East; in 2022, Costa Rica declared a national emergency due to a ransomware attack… It is evident how the collapse of the digital world can disrupt social production and life.
The higher the degree of digitization and networking, the more attack points and nodes there are. The greater the reliance on digital technology, the more severe the consequences of network destruction.
Looking back at each stage of enterprise security construction, it has almost been a case of “treating the head for headaches and the feet for footaches.” From physical security defense to cloud security, it has been almost identical. Now, in the digital age, traditional security solutions that address single-point issues can no longer meet the specific business scenario security needs of the digital era.
Therefore, for enterprises facing risks brought by digitization, it is necessary to learn different security concepts and evolve and upgrade a security defense system architecture suitable for their own business.
As Zeng Guofan said, we must “build a solid fortress and fight a steady battle,” establishing a robust architecture to respond to all changes.
Unknown risks are unpredictable, and security architecture must be in a state of dynamic development rather than being static. Enterprises must integrate security concepts into their business designs from the outset and build their own “digital security immune framework,” continuously evolving and upgrading to enhance resilience.
Combatting the “Great Plague” of the AGI Era
Major attack incidents are akin to large-scale plague events.
In 2017, the WannaCry ransomware virus wreaked havoc globally, infecting campus networks, government departments, banks, and gas stations in China and abroad to varying degrees.
Going back further, in 2010, the Stuxnet worm attack infected over 200,000 computers worldwide. The Stuxnet virus seemed harmless to ordinary computers but was highly infectious to Windows operating systems, capable of lurking and continuing to infect.
These viruses share a characteristic: they expand their territory like a plague.
At the end of 2022, the ChatGPT craze swept the globe, marking the accelerated application of artificial intelligence technology and the beginning of humanity’s journey into the AGI era.
Enterprises are eagerly joining the wave of GPT applications, but the accompanying security issues have also become an unavoidable part.
From a cybersecurity perspective, generative artificial intelligence can first be used as an attack weapon, such as generating scripts for network attacks or phishing emails, and can also be used to decrypt relatively easy-to-decrypt encrypted data. This significantly lowers the entry cost for threat actors based on skills, expanding the number of potential threats.
Secondly, there are already threat actors using ChatGPT to develop malware. For instance, tools that directly exploit vulnerabilities can be developed within hours of vulnerability disclosure, shortening the time to create malicious software.
Moreover, privacy leaks and misuse for fabricating false information pose threats to content creation fields.
Thus, with the continuous application of generative artificial intelligence, it is highly likely that the next “great plague” event will occur.
Cybersecurity attacks are often sporadic events, but even a single occurrence can lead to irreparable economic losses, user attrition, reputational damage, and declines in public trust for enterprises.
Enterprises must continuously evolve and upgrade their security architecture while leveraging intelligent tools to enhance the automation level of defenses.
Immunity: Preventing Illness Before It Strikes
In addition to “great plague”-type security incidents, enterprises urgently need to protect their core assets: data.
We cannot completely avoid all cyber attacks, as attackers will continuously employ new methods and techniques to attack; therefore, protection should also be dynamically evolving.
Especially in the AGI era, the boundaries of security are redefined. Therefore, enterprises must not only cultivate their internal capabilities but also leverage external technological forces to enhance their security immunity and achieve “new evolution.”
Digital development has now transitioned from quantitative to qualitative change, and the security pain points at each stage of enterprise digitization differ.
In the early stages of digitization, when enterprise IT boundaries were very clear, data security control was relatively easy; enterprises only needed to keep data locally. However, with the development of new technologies such as AGI, the metaverse, and cloud computing, characterized by multi-cloud, multi-branch, multi-party collaboration, and multi-device cooperation, traditional security protection systems are already ineffective.
On the other hand, there is a subjective lack of emphasis on security from enterprise management, still considering security work from a cost perspective, failing to recognize the long-term benefits of a good security system for enterprise development. The methods applied in security construction, the investment of human and material resources, and the digital technology capabilities of enterprises are still led by “inertia.” Tencent Group Vice President and Tencent Security President Ding Ke stated at the recently concluded “Digital Security Immunity Forum” on June 13 that in the digital age, the driving force behind security construction has fundamentally changed. Enterprises should make core business and data assets the defense objectives of all security measures, and rebuild the security value origin point.
In the view of Lei Feng Network, there is an increased need to emphasize the coordinated development of business and security. It has become an established fact that security and business should be integrated in the digital age. However, the biggest contradiction between security and business is that traditional security construction methods may hinder business development, so enterprises urgently need a new security paradigm to solve the dilemma of coexistence between security and business.
“From the perspective of enterprises, building and applying digital tools to increase their top line can efficiently improve efficiency and revenue. However, Tencent’s practice proves that synchronously building security during the development process, or even moderately advancing security construction, can allow business development to proceed without worries,” Ding Ke said.
Ding Ke told Lei Feng Network that, on one hand, enterprises must face changes, which cannot be avoided; on the other hand, they must master changes and understand them; thirdly, in the process of practice, they should utilize existing technologies and capabilities to think about how to achieve greater results with smaller investments. Instead of being led by a pile of concepts and superficial issues, seeming to have made a lot of investments, but upon review, find that the security capabilities accumulated from hard work are minimal.
Since enterprises are their own primary responsible parties, improving their own security immunity and enhancing their organizational health is a form of responsibility to themselves.
Based on reflections from long-term service to clients, Tencent Security and IDC initiated a survey among dozens of enterprise security leaders and security experts in the industry, ultimately forming a consensus: enterprises need to adopt an immune mindset to tackle the challenges of security construction and enterprise development that are difficult to coordinate in the new era.
On June 13, at the “Digital Security Immunity Forum,” IDC and Tencent Security jointly released the Data Security Immunity Model.
Wu Lianfeng, Vice President of IDC China, believes that many enterprise management teams do not neglect security, but due to insufficient understanding of security, the losses caused by insecurity, and the future value of security, as well as the correlation between business innovation and security, the emphasis on security cannot be reflected in specific budgets. When digitization becomes the driving force for enterprise development, management teams urgently need to innovate their concepts.
According to the white paper jointly released by Tencent Security and IDC, titled “Enhancing Digital Security Immunity to Promote Resilient Development in the Digital Age,” digital security immunity emphasizes proactive investment, integrating security elements into the enterprise’s strategy, management, and operational processes, breaking down barriers at the levels of platform, technology, and capability, and emphasizing dynamic, lightweight, and real-time responsiveness, which can achieve a degree of autonomous fault tolerance, error correction, and upgrading.
“The best medicine is to prevent illness.” Tencent Vice President and Tencent Security President Ding Ke believes that enterprises need to shift from passive security to proactive defense, detecting security risks and threats in advance and issuing warnings, enhancing their own “security immunity” like boosting human immunity, which can potentially ward off “viruses” from a distance, delaying or even blocking the spread of cybersecurity incidents, achieving results that are greater than the effort.
In the era of intelligent confrontation, there is no “silver bullet” in security defense. Enterprises should embrace new concepts, enhance their “digital security immunity,” proactively evolve, and improve their security preemptive capabilities, transitioning from treating existing illnesses to preventing future ones, which is the long-term strategy for enterprises to achieve better development in the digital age.
Shopee Hits the Brakes: Internal Strife, Delayed Decisions, and Attacks from All Sides
He Xiaopeng’s Greatest Ambition is Embedded in Autonomous Driving
The Biggest Corruption Soil for Cloud Giants: Double Counting
