Cybersecurity paramount in big data age

Experts urge public-private tie-ups and tighter rules to deal with tech risks

China must strengthen cyberspace regulations and promote public-private partnerships to deal with the growing cybersecurity risks from the rapid development of emerging technologies such as big data and the industrial internet, officials and experts said.

Speaking at the China International Big Data Industry Expo 2021, Du Guangda, deputy director of the cyberspace administration of the Ministry of Industry and Information Technology, said that China will strengthen the top-level design of data security and build a mechanism for better cooperation between government, enterprises and industry associations and further improve the cybersecurity regulations.

More efforts will also be made to introduce policies for better data security protection, boost the development of data security, develop a batch of provincial and ministerial-level key data security labs and actively participate in the formulation of international standards, rules and mechanisms, Du said during the big data expo on Thursday in Guiyang, Guizhou province.

He highlighted the importance of cybersecurity, saying it will play a key role in supporting the healthy development of the digital economy as well as the country's high-quality development.

"Data has become a new type of production factor, having an important impact on economic development, social governance and people's daily lives and work," said Du. "The flow and aggregation of huge amounts of data may involve sensitive information such as personal information and confidential corporate information. Improper use of the collected data will harm user privacy, corporate interests and even national security."

Citing a recent study, he said the number of publicly reported data breaches increased to a staggering 36 billion last year, with businesses incurring costs of $3.86 million on average from the data breaches.

Wei Liang, deputy head of the China Academy of Information and Communications Technology, said China's new investments on information, communications and technologies for data centers amounted to 120 billion yuan ($18.8 billion) to 140 billion yuan annually and said more efforts are needed to tackle cybersecurity issues.

Wei said that Chinese enterprises' awareness about cybersecurity still lags their peers in mature markets such as the United States. China's cybersecurity investments account for just 1.1 percent of the total IT investment, while the level for the United States is 4.8 percent.

There is huge potential for further development of the cybersecurity sector in China, with new types of internet-enabled businesses such as online education, online shopping and telecommuting gaining traction due to the COVID-19 epidemic and providing new impetus to the cybersecurity sector.

"The total value of the cybersecurity industry in the country rose by 8.85 percent to 170.2 billion yuan last year, while the growth in Europe and the United States dropped to 3 percent during the same period," Wei said. "In the next five years, China's cybersecurity industry is projected to see a compound annual growth rate of 15 percent. It is necessary for us to further improve the data security management system, stipulate specific requirements and penalties for violations, introduce more standards and guidelines, increase investment in talent training and enhance the security awareness among netizens."

Last year, ransomware attacks grew by more than 150 percent across the world, Qi Xiangdong, chairman of Chinese security company Qi An Xin Group, said in a new report.

"New cybersecurity challenges have popped up with the development of new technologies such as the internet of things. Governments and enterprises need to ramp up efforts to establish a complete network security system to combat the rising cyberattacks," said Qi.

Looking forward, Zhou Hongyi, founder and chairman of 360 Security Group, believes the future would be powered by software based on running programs.

"Software vulnerabilities are inevitable. Once attacked and controlled by hackers, the consequences can be catastrophic," Zhou said.

"We need to work hard to build a network security prevention and control system at the national level, industry level, and regional level to empower each entity in the market to maintain cybersecurity."