Three-year action plan for high-quality development of the cybersecurity industry
(2021-2023)
(Draft for comments)
As an emerging digital industry, the cybersecurity industry is a cybersecurity technology, product production and service activity that safeguards national cyberspace security and development interests, and is the basic guarantee for building a manufacturing power and a cyber power. In recent years, my country’s network security industry has made positive progress, especially with the rapid development of new technologies, new businesses and new models such as 5G, big data, artificial intelligence, Internet of Vehicles, Industrial Internet, and Internet of Things, network security, data security and other technologies and products. and services thrive. In order to thoroughly implement General Secretary Xi Jinping’s important thought on strengthening the country through the Internet, implement the Cybersecurity Law of the People’s Republic of China, the Data Security Law of the People’s Republic of China, the 14th Five-Year Plan for National Economic and Social Development of the People’s Republic of China, and the 2035 The Outline of Long-term Objectives, accelerate the construction of a healthy and orderly industrial development ecosystem with strong innovation capabilities, excellent industrial structure, high supply quality, sufficient demand release, deep industry-integration cooperation, and dedicated talent teams, and promote the cybersecurity industry to achieve technologically advanced and industrially developed industries. The goal of high-quality development, and the continuous improvement of national cybersecurity assurance capabilities, formulate this action plan.
1. General requirements
(1) Guiding ideology
Guided by Xi Jinping Thought on Socialism with Chinese Characteristics for a New Era, fully implement the spirit of the 19th National Congress of the Communist Party of China and the Second, Third, Fourth, and Fifth Plenary Sessions of the 19th CPC Central Committee, stand on a new stage of development, implement new development concepts, and build a new development pattern , coordinating development and security, actively grasping the opportunities of digital industrialization and industrial digitalization, accelerating the supply-side structural reform, aiming at promoting the high-quality development of the cybersecurity industry, taking effective demand to lead high-quality supply as the main line, and fully stimulating technological innovation We will give full play to the supporting role of various types of capital, strengthen the support and guarantee of multi-level talents, promote the coordinated development of the innovation chain, industrial chain, and value chain, cultivate a healthy and orderly industrial ecology, and lay a solid foundation for the construction of a manufacturing power and a network power.
(2) Basic principles
Innovation-driven, solid foundation. Strengthen basic, universal, and forward-looking security technology research, accelerate key core technology research, stimulate enterprise innovation, effectively promote the transformation of technological achievements, strengthen industrial basic capabilities, and improve the level of the industrial chain.
Demand traction, supply transformation. Promote key industries to increase investment in network security, and drive supply with effective demand. Guide the transformation of network security products to service-oriented and advanced, and create high-level demand with high-quality supply.
Deep integration and collaborative advancement. Adhere to the integrated development of network security education, technology, and industry, strengthen high-level cooperation between industry, academia, and research, support the construction of innovation consortia, increase the role of capital, and highlight the effectiveness of synergy.
Market-led, government-led. Give play to the role of various market players and encourage differentiated development and competition. Better play the role of government planning guidance, policy support, standard formulation, market supervision, etc., urge enterprises to implement the main responsibility of network security and data security, and create a good development environment.
(3) Development goals
By 2023, the innovation capability of network security technology will be significantly improved, the level of products and services will continue to improve, the demand for economic and social network security will be accelerated, the cooperation between industry and fusion will be precise and efficient, the team of network security talents will continue to grow, and the basic capabilities and comprehensive strength of the industry will continue to increase. The structural layout is more optimized, and the industrial development ecology is healthy and orderly.
– Industry scale. The scale of the network security industry exceeds 250 billion yuan, with a compound annual growth rate of more than 15%.
– Technological innovation. A number of key core technologies for network security have achieved breakthroughs and reached advanced levels. The integration and innovation of emerging technologies and network security has been significantly accelerated, and the innovation capability of network security products and services has been further enhanced.
–Enterprise Development. A group of leading enterprises with quality brands and obvious advantages in operating benefits with the ability to lead the network security ecology have initially formed, and a group of “specialized, special and new” small and medium-sized enterprises for new tracks such as the Internet of Vehicles, Industrial Internet, Internet of Things, and Smart City have been formed. Rapid growth, the number of individual champions of network security products, services and solutions has gradually grown.
– Demand release. The investment in network security in key industries such as telecommunications accounts for 10% of the investment in informatization. The security application in key industries has been accelerated in an all-round way, the network security capabilities of small and medium-sized enterprises have been significantly improved, and the network security protection level of infrastructure in key industries has been continuously improved.
–talent development. A number of cybersecurity talent training bases, public service platforms and training shooting ranges have been built, the training of innovative, skilled and practical talents has been significantly increased, the multi-level cybersecurity talent training system has been improved, and the scale and quality of cybersecurity talents has been continuously improved .
– Ecological cultivation. The integration of industry and finance is more precise and efficient, and the role of capital empowerment continues to increase. The structure of the network security industry was further optimized, and the effect of industrial agglomeration was significantly enhanced. The healthy market order oriented by product and service capabilities has been continuously improved, and the industrial pattern of integrated development of large and medium-sized enterprises has basically been formed.
2. Key tasks
(1) Actions to strengthen industrial supply
1. Speed up the upgrade of traditional security products. Further improve the performance of traditional detection products such as intrusion detection systems, advanced threat detection, network auditing, host and terminal security, and content security, optimize rule extraction algorithms, and improve security detection quality. Promote the intensive development of security capabilities of traditional protection products such as firewalls, anti-denial of service systems, and security gateways. Promote the intelligent development of traditional analysis products such as security operation platforms, network traffic analysis systems, threat information analysis and traceability systems, and improve the application level of big data, artificial intelligence, and cryptography in the security field.
2. Strengthen the supply of network security in key areas. For emerging technology fields such as 5G, cloud computing, and artificial intelligence, accelerate the development and promotion of technology products such as native security, intelligent orchestration, endogenous security, dynamic access control, and trusted computing. For the Industrial Internet, strengthen the capabilities of large-traffic security analysis, vulnerability mining and management, data fusion analysis, and protocol identification analysis. For the Internet of Vehicles and the Internet of Things, promote endogenous integration of lightweight terminal security products or middleware, as well as the application of protection solutions such as communication security, identity authentication, and platform security. Promote the research and application of data security technologies such as federated learning, multi-party security technology, privacy computing, confidential computing, secure retrieval, and multi-threshold collaborative tracking.
3. Strengthen the research and application of data security technology. In response to traditional data security requirements such as data leakage prevention, tamper resistance, and anti-theft protection, product functions and performances such as data security management and classified and hierarchical security protection are further optimized, and the level of data security intelligent protection and management is improved. In response to data security supervision needs, further strengthen monitoring and early warning and emergency response technology research, and improve intelligent risk analysis, threat early warning and automated incident handling capabilities. In response to the needs of data security sharing, vigorously promote the research and deployment and application of technologies such as secure multi-party computing, federated learning, and trusted computing, and promote the safe and orderly flow of data elements.
4. Innovative security service model. Strengthen the cloud-based capabilities of security enterprise technology products, promote the application of cloud-based security products, and encourage security companies with strong comprehensive strength to develop elastic and flexible cloud-based network security services. Develop intensive security services, and encourage enterprises to provide a package of overall solutions including firewalls, user authentication, data security, and application security. Support security hosting and consulting services such as threat management, detection and response. Develop regional-level, city-level, and industry-level security operation services, and improve the level of operation automation, process, and tooling. Encourage basic telecommunications companies and large cloud service providers to give full play to the advantages of networks and basic resources to export security service capabilities, and at the same time upgrade and transform infrastructure to support security companies to embed security service capabilities.
5. Develop innovative safety technologies. Promote the endogenous and adaptive development of network security architecture, and accelerate the development of network security system research and development based on frameworks such as development security operations, active immunity, and zero trust. Accelerate the development of dynamic border protection technologies, and encourage enterprises to deepen the application of technology products such as micro-isolation, software-defined borders, and secure access service edge frameworks. Actively develop intelligent detection and response technologies, and improve the application level of technologies such as user entity behavior analysis, security orchestration and automated response, and extended detection and response. Promote the development of active security defense technologies, and promote the implementation of technical products such as deception defense, threat hunting, and mimic defense. Accelerate the application of blockchain-based protection technology, and promote the development of technical products such as multi-party authentication and trusted data sharing. Strengthen security technology research in the fields of satellite Internet and quantum communication.
6. Strengthen common basic support. Continue to build a network security basic knowledge base such as high-quality threat information, vulnerabilities, malicious code, malicious addresses, and attack behavior characteristics, and strengthen network security knowledge support capabilities. Accelerate the development of underlying engines and tools such as malicious code detection, advanced threat monitoring and analysis, information processing, reverse analysis, vulnerability analysis, and cryptographic security analysis to improve the use of network security knowledge. Accelerate the development of software supply chain security tools such as source code analysis and component component analysis, and improve the security development level of network security products. Actively promote the research on network shooting range technology, build a security twin test bed that combines virtual environment and real equipment, and improve the testing and verification capabilities of network security technology products.
Box 1 Safety Technology and Product Improvement Project for New Facilities and New Elements
5G security. For 5G network infrastructure such as 5G core network and edge computing platform, promote the application of products such as security orchestration and automatic response, in-depth traffic analysis, threat hunting, and signaling security, and promote the building of cloud-edge collaborative security capabilities. Based on technical characteristics such as network slicing and network function virtualization, promote the deployment and application of virtualized security protection products such as container security and micro-isolation, as well as security products such as 5G air interface and signaling protection and detection, and improve 5G endogenous security capabilities and 5G network threat perception ability. For network construction modes such as 5G virtual private network and 5G co-construction and sharing, actively promote the application of security solutions such as security resource pools, zero-trust security architecture, and asset identification, and build on-demand security capabilities.
Cloud security. For new cloud computing architectures such as multi-cloud, cloud-native, edge cloud, and distributed cloud, develop technical products such as multi-cloud identity management, cloud security management platform, cloud security configuration management, cloud native security, and cloud disaster recovery, and promote the security development of cloud architecture. For basic resources such as cloud servers, virtual hosts, and networks in the cloud environment, strengthen the level of basic information collection, and improve the capabilities of security products such as traffic visualization, micro-isolation, software-defined boundaries, and cloud workload protection for dual-stack (IPv4, IPv6) , to ensure the security and reliability of cloud resources. For cloud services, applications and other services, improve the performance of security products such as secure access service edge models, cloud Web application firewalls, and cloud data protection to ensure the safe operation of cloud services.
AI security. Build an artificial intelligence security threat classification system, face the life cycle of artificial intelligence systems, establish an artificial intelligence threat model, and formulate a standard system for artificial intelligence system security detection and evaluation. Research the interpretability, privacy and other security elements of artificial intelligence systems, break through the key technologies of artificial intelligence model attack and defense, design and implement automatic attack and defense platforms for artificial intelligence systems, and build artificial intelligence security shooting ranges.
Data Security. Optimize data security management technology, improve the accuracy and intelligence of basic technology products such as data identification, classification, quality control, and blood relationship analysis, improve the technical capabilities of quality control and blood relationship analysis, and accurately grasp data resources. Manageable and controllable. Improve data application security protection technology, promote data desensitization, data leakage prevention, data encryption, data backup and recovery, fine-grained access control and other technical product upgrades to ensure data application security and controllability. Strengthen data security monitoring, early warning and emergency response technologies, improve the breadth, depth and accuracy of monitoring data flow and abnormal behavior in terminal, network, cloud, and cross-border scenarios, and improve the level of intelligence and automation in event handling. Break through data sharing security technology, promote the practical deployment and popularization of privacy protection and flow traceability technologies such as secure multi-party computing, federated learning, trusted computing, homomorphic encryption, differential privacy, blockchain, and data watermarking, and promote domestic commercial encryption. application to promote the safe and orderly flow of data elements.
(2) Safety demand traction action
7. Promote the upgrading of network security capabilities in the telecommunications and Internet industries. Guide enterprises in key industries such as telecommunications and the Internet to increase investment in network security, promote the simultaneous planning, construction and use of network security and informatization, and improve network security management and technical support systems. Carry out in-depth network security asset mapping, monitoring and early warning, detection and evaluation, and information sharing, and improve the security monitoring and disposal methods for abnormal behaviors such as Trojan horse viruses, mobile malicious programs, and advanced threat behaviors based on the network side. Strengthen network security risk assessment and emergency drills in the telecommunications and Internet industries, enhance network security threat prevention, hidden danger handling and emergency response capabilities, and continuously improve the maturity level of the security protection system. Strengthen the security protection of data throughout the life cycle, implement classified and hierarchical management, carry out data security risk assessment, improve the security protection level of personal data and important data, and ensure the safety of people’s lives and property and personal privacy.
8. Accelerate security applications in emerging convergence fields. Comprehensively promote the implementation of classification and classification of network security in industrial Internet enterprises, and strengthen the construction of classification and protection systems for network security for industries such as raw materials, equipment manufacturing, consumer goods, and Electronic information, and for networked industrial enterprises, platform companies, and identification analysis companies. Facing the safety of the Internet of Vehicles, encourage OEMs to improve the security protection and detection capabilities of vehicles, key network equipment and cloud platforms, strengthen the security of roadside networking facilities, and promote the testing, verification and testing of safety solutions in the Internet of Vehicles demonstration areas, pilot areas and test sites. Demonstration application. Implement the “100 enterprises, 1000 products” product cultivation action for basic security of the Internet of Things, and carry out security detection, abnormal handling and public services of the Internet of Things for the key links of the Internet of Things such as Internet of Things terminals, gateways, and platforms, and create “Internet of Things peace of mind products”.
9. Promote key industry infrastructure to strengthen network security construction. Promote energy, finance, transportation, water conservancy, health care, education and other industries to strengthen the construction of asset identification, equipment protection, border protection, identity authentication, data security, application security and other technical means, and improve the security protection of important systems, key nodes and data ability. Support the establishment of security mechanisms and in-depth protection systems such as situational awareness, notification and early warning, emergency response, and safe operation, and continuously improve risk prevention and emergency response capabilities. Promote the application of zero trust, artificial intelligence and other technologies to improve the effectiveness of the protection system.
10. Promote small and medium-sized enterprises to strengthen network security capacity building. Implement the special campaign of “safely moving to the cloud” for small and medium-sized enterprises, build a network security operation service center, and provide high-quality, low-cost, and intensive network security products and services for small and medium-sized enterprises. Guide small and medium-sized enterprises to flexibly deploy network security products and solutions through one-stop purchase, leasing, subscription, hosting, cloud delivery, etc. of network security products and services. Support the promotion of diversified cybersecurity awareness and skills training, and continuously improve the cybersecurity protection awareness and capabilities of small and medium-sized enterprises.
Box 2 Security capability building project for new digital scenarios and new businesses
Internet of Vehicles Security. Strengthen the security capacity building of the Internet of Vehicles, promote the application of key technologies and products such as lightweight identity authentication, in-vehicle security gateways, in-vehicle firewalls, and intrusion detection for connected vehicles and their key network equipment, and strengthen the construction of defense-in-depth technical capabilities. For V2X communication, promote PKI-based security authentication and auditing technology, and speed up the construction of IoV identity authentication and security trust system. For the Internet of Vehicles platform and application, build a security operation center, and promote the implementation of technical products such as integrated cloud security protection, data compliance protection and security detection, monitoring and emergency response. Promote the application and deployment of network security technology in key scenarios such as OTA upgrade, remote monitoring, autonomous driving, and vehicle-road collaboration.
Industrial Internet and Industrial Control Security. Facing the entire business process of the Industrial Internet, focusing on the protection requirements of equipment, control, network, identification, platform, and data security, speed up the research on industrial control security technologies such as industrial host snapshot rollback, control system vulnerability mining, and control system endogenous security, and break through the reverse analysis of protocols. , lightweight encryption authentication, large traffic security analysis, industrial network security threat information sharing analysis and other industrial Internet security technology research. Strengthen the promotion and application of security products such as industrial-grade protective equipment, trusted access to massive networked devices, platform security, security management of identification resolution, and protection of the full life cycle of industrial data, and improve the security protection capabilities of industrial Internet scenarios.
IoT security. Actively promote network security applications in IoT scenarios such as smart energy, smart agriculture, smart home, and smart wearable devices, and encourage enterprises to develop end-to-end security protection solutions that adapt to heterogeneous IoT scenarios. For the IoT platform, develop platform security products based on technologies such as secure transmission, abnormal behavior analysis, trusted identity, threat analysis, and data leakage prevention. For the trusted access gateway of IoT devices, accelerate the development of identification, protocol analysis and security detection and analysis technologies, and encourage enterprises to integrate more security capabilities into the gateway. For IoT terminals, strengthen the vulnerability mining of IoT devices and firmware, and develop embedded intensive security products that integrate interface protection, security authentication, application security, and sensitive data protection to create a secure IoT.
Smart city security. Adapt to business scenarios such as smart city government affairs, transportation, energy, manufacturing, education, and medical care, build a “one brain, three clouds” network security defense capability cluster, strengthen the linkage level of heterogeneous security capabilities, and create a dynamic security defense system. Encourage the creation of a smart city security brain, build a network security “smart cloud”, build a panoramic security knowledge base, a network security monitoring and analysis engine, and a big data center, and improve network security perception, analysis, response, decision-making and other capabilities from a global perspective. Create a cybersecurity “shooting range cloud”, build a digital twin shooting range, and provide support for urban security capability verification. Build a network security “service cloud”, gather smart city security planning, construction, operation and other service resources to ensure the safe and orderly operation of the city.
(3) Deepening action of industry-integration cooperation
11. Increase investment in industrial funds. Guide government guidance funds such as the National Manufacturing Transformation and Upgrading Fund to tilt towards new technologies, new models, and integration and innovation in cybersecurity, and promote the establishment of a national-level cybersecurity industry guidance fund in a timely manner to accelerate the mature implementation of new products and services in the market. Encourage local governments to include the cybersecurity industry in the investment category of government guidance funds, and support the development of cybersecurity enterprises in the region.
12. Guide capital to accurately support enterprise development. Encourage all kinds of capital to establish science and technology innovation funds, focus on industrial technological innovation and core technology research, explore “technological donations” and intellectual property, option financing models, guide the capital market to invest in early investment and small, help growing enterprises to strengthen their technological advantages, and deepen subdivision Market, do specialize and do fine. Encourage cybersecurity companies with a strong foundation to go public, support leading companies to integrate resources through strategic investment, become bigger and stronger, and improve their ability to lead the cybersecurity ecosystem.
13. Strengthen the construction of industry-fusion cooperation mechanism. Encourage industry-fusion cooperation pilot cities to increase investment and deepen network security industry-fusion cooperation. Improve the dynamic monitoring system of industry and finance, regularly carry out dynamic monitoring of venture capital, equity investment, corporate mergers and acquisitions, and listed company operations in the field of cybersecurity to promote the precise connection between industry and finance. Promote the establishment of an evaluation system that conforms to the characteristics of the cybersecurity industry and targets different stages of development of enterprises, supports the evaluation of high-growth enterprises and high-value projects, and collaborates to do a good job in information sharing and conversion of credit evaluation results.
Box 3 Cybersecurity Industry Capital Empowerment Project
Improve the network security industry-fusion cooperation mechanism. Give full play to the role of the Ministry of Industry and Information Technology as a national industry-finance cooperation platform, strengthen the exchange and sharing of information on fiscal, taxation and financial policies, financing needs, financial products and services, and promote the precise connection between industry and finance in cybersecurity.
Actively carry out safe industry and financial services. The “Cyber Security Industry Capital Innovation Forum” was established to actively carry out multi-level industry-finance docking activities and consulting services such as listing counseling, corporate roadshows, project promotion, financing training, etc., so as to give full play to the role of financial capital in boosting and upgrading industrial development.
Explore the development of cybersecurity insurance. Carry out pilot projects for network security insurance services in the fields of telecommunications and the Internet, industrial Internet, and Internet of Vehicles. Accelerate cybersecurity insurance policy guidance and standard formulation, monitor risk exposure through cybersecurity insurance services, encourage enterprises to build and improve their own cybersecurity risk management systems, and strengthen cybersecurity risk response capabilities.
Explore and carry out cybersecurity enterprise value assessment. According to different stages of enterprises and network security subdivisions, the industry and capital circles are encouraged to jointly establish value evaluation models and detailed indicators, and explore the release of lists of high-growth companies and high-value projects.
(4) Actions for talent team building
14. Give play to the leading role of leading talents. Cultivate a group of leading talents with outstanding abilities in theoretical research, technological innovation, achievement transformation, and practical application. Encourage enterprises, universities, scientific research institutions, etc. to improve the incentive mechanism for leading talents by establishing studios, providing scientific research funds, equity incentives, and talent exchanges. Universities, scientific research institutions, and enterprises are encouraged to attract global high-level talents and innovative teams through international cooperation and other means.
15. Deepen the integration of production and education in collaborative education. Encourage colleges and universities to strengthen the construction of network security disciplines. Promote network security school-enterprise cooperation, support and encourage colleges and universities, research institutions and enterprises to jointly build network security training bases, joint laboratories, etc., create a “double-qualified” teaching team, and enhance the practical ability of network security talents. Give play to the role of universities and vocational colleges with industry characteristics, and develop more network security skills and service-oriented talents. Actively carry out network security education and training activities, encourage the holding of multi-level and diversified network security ability competitions, and cultivate high-quality network security talents.
16. Promote the ability evaluation of network security talents. Implement vocational skills improvement actions in the industrial communication industry, and train and select network security professionals through computer technology and software professional technical qualification (level) examinations, national industrial Internet security technical skills competitions, etc. For key industries such as equipment manufacturing, raw materials, consumer goods, and electronic information, build an “X+ security” talent evaluation system, and establish a sound network security talent selection and evaluation mechanism.
(5) Actions to optimize the industrial ecology
17. Guide the agglomeration of the network security industry. Create a network security industrial park layout with “multi-point support, nationwide coverage, complementary advantages, and coordinated development”, actively promote the construction of national cybersecurity industrial parks in Beijing and Changsha, Hunan, and give full play to the basic advantages of Chengdu-Chongqing, Yangtze River Delta, Pearl River Delta and other industries to accelerate Layout of national cybersecurity industrial parks. Actively build a group of leading and leading demonstration zones for innovative applications of network security.
18. Promote the construction of innovation consortium. Encourage basic telecommunications operators, industry users, scientific research institutions, colleges and universities, security enterprises, etc. to establish joint innovation centers and joint laboratories for network security, strengthen theoretical research on basic network security, promote the application and transformation of research results, and improve the key core in the field of network security. technological innovation capability. Give full play to the role of enterprise alliances and associations in cybersecurity-related industries, promote the flow of innovation elements, integrate technological advantages and resource advantages, and stimulate innovation vitality through various forms such as technical research, project cooperation, talent training, and park construction.
19. Foster a market environment for fair competition. Support the evaluation of network security product service capabilities, network security engineering construction and system operation and maintenance quality evaluation, and security evaluation for new technologies and new businesses. Considering factors such as enterprise product service quality, vulnerability contribution, threat information sharing, malicious competition, etc., strengthen the construction of enterprise credit system, gradually establish enterprise “red and black lists”, continuously improve market transparency, and guide the formation of a benign market oriented by product and service capabilities The competitive environment.
Column 4 Network Security Industry Ecological Cultivation Project
Establish a network security product and service capability evaluation system. Focus on the technical products of key links in the upstream and downstream of the cybersecurity industry chain, draw a map of the cybersecurity industry chain, and continue to conduct research and judgment on major risks in the cybersecurity industry. Comprehensive network security product key function performance, capability maturity, application effect, and network security service level and other factors, respectively formulate network security product and service capability evaluation specifications, and publicly release the evaluation results.
Improve the network security threat information sharing service system and mechanism. Establish a rule mechanism for the mining, disclosure, circulation and utilization of threat information such as driving loopholes, malicious programs, malicious addresses, and attack behaviors, encourage network security enterprises, industry users, scientific research institutions, and universities to actively participate in information sharing, and improve the level of threat information aggregation and Service capabilities.
Strengthen the demonstration and promotion of advanced technology application. For key directions such as 5G, Internet of Vehicles, Industrial Internet, Internet of Things, etc., carry out the selection of excellent security products and solutions, and promote the application and promotion of pilot demonstration projects in various key industries through exchange forums, holding competitions, supply and demand docking, etc., and continue to stimulate Innovation vitality, and promote the transformation of achievements.
Cultivate high-quality enterprise benchmarks for network security. Encourage enterprises to increase investment in research and development, strengthen intellectual property protection and technological innovation. Encourage enterprises with strong comprehensive strength and strong influence in domestic and foreign technologies, standards, markets, etc. to further integrate industrial chains, supply chains and innovation chains, and become leading enterprises in the industrial chain. For outstanding enterprises in the network security product market segment, through policy guidance, project inclination, talent cultivation, etc., strengthen support for technology research and development, product promotion, supply and demand docking, etc., and accelerate the cultivation of network security single champion enterprises and specialization, special and new “small” Giant” company.
3. Safeguard measures
(1) Strengthen organizational leadership. The competent departments of industry and information technology and the communications administrations in all regions should strengthen organizational leadership, strengthen inter-departmental coordination, and actively promote the inclusion of the network security industry in the local “14th Five-Year Plan” overall plan and important content of relevant special plans. Strengthen the classified guidance for the construction of network security in different industries, fields, and entities, promote the differentiated layout of the development of the network security industry, establish and improve the network security guarantee system, and create a favorable environment for the development of the network security industry.
(2) Strengthen policy guidance. Make full use of existing policies such as network security technology application pilot demonstrations, first units (sets), special projects, etc., to promote local governments to combine local actual conditions, and to conduct research on financial finance, talent cultivation, and industrial agglomeration for network security enterprises at different stages of development Formulate targeted support policies, strengthen government-enterprise coordination and ministry-province linkage, form a joint effort, and promote the close integration of the cybersecurity industry and the development of the local digital economy. Encourage local governments to simultaneously build network security technical measures in financially invested informatization projects, and strengthen the review of network security in the project acceptance stage. Enterprises in key industries are encouraged to increase investment in network security, separate network security budgets, and promote the deployment and application of network security technologies, products and services.
(3) Enhance industrial coordination. Establish an expert advisory committee for the high-quality development of the cybersecurity industry of the Ministry of Industry and Information Technology to provide advice on major issues and policy implementation. Give full play to the strengths of industry, academia, and research, strengthen the connection between supply and demand, coordinate the formulation of standards, personnel training and achievement transformation, strengthen industry self-discipline, and create a healthy, orderly, and healthy industrial ecology.
(4) Promote international cooperation. Make full use of bilateral and multilateral mechanisms, actively participate in the formulation of international cybersecurity rules and security international standards in key areas, and strengthen cybersecurity policies, regulations, and industrial exchanges and cooperation. Support enterprises to set up overseas R&D centers and joint laboratories, support various network security conferences, forums, exhibitions and other exchange activities, and strive to build a multi-level and normalized industrial cooperation and exchange mechanism.
The Links: IXSN55N120AU1 SKIM455GD12T4D1