academician wu jiangxing talks about cybersecurity: "we need more secure digital products, not more cybersecurity products"
2024-09-24
한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina
hunan daily, september 24 (all-media reporter huang weixin) "today's network security defense is stuck in a 'whack-a-mole' dilemma." on september 24, at the 2024 world computing conference on the construction of the network security ecosystem, wu jiangxing, an academician of the chinese academy of engineering, used a vivid metaphor to describe the current state of network security. he believes that the key to solving this dilemma lies in producing safer digital products, rather than more network security products.
in recent years, digitalization has spawned new security situations and new demands, driving the security boundaries to continue to expand into the space of cyber-physical integration. talking about the current status of cybersecurity, wu jiangxing believes that users bear more responsibilities and risks: "the protagonist of 'whack-a-mole' is still the user side." he explained that digital product design and manufacturers lack the motivation and incentive mechanism to take cybersecurity issues seriously, and there is a habitual "normalization of deviations" - it is assumed that all software products have defects that must be fixed through patches, and most of them can only be patched after being exploited by malicious actors. the current cybersecurity approach is trapped in a vicious cycle of continuous "patching", making it difficult to cope with multiple security challenges.
how to solve the inherent problems of the network? wu jiangxing said that network security issues force the underlying driving paradigm of the digital ecosystem to transform to design security. "we need more secure digital products, not more network security products." wu jiangxing believes that the security of digital products needs to be placed at the forefront and center of the product life cycle, and security design should be considered from the beginning.
wu jiangxing suggested that network resilience design based on the theory of network intrinsic security should be used to solve network security problems. at present, digital infrastructure or information-physical systems enabled by intrinsic security have been mass-produced, and hundreds of intrinsic security network resilience products in more than 40 categories such as it, ict, and ics have been developed. he believes that through "actual combat" and network resilience design enabled by intrinsic security, a secure "reinforced concrete" can be built to fundamentally solve uncertain security threats.
