How can Shanghai build a highland for network security innovation? Today at this forum, industry experts will come to dismantle it
How to respond to new challenges in network security in the digital age? This morning, at the peak forum event of the 2023 National Cybersecurity Awareness Week in Shanghai, multiple experts and scholars from Shanghai universities, research institutions, and industry frontline discussed this issue together around hot topics such as artificial intelligence and AIGC.
Chai Hongfeng, academician of the CAE Member and president of the Institute of Financial Science and Technology of Fudan University, put forward suggestions on the security and ethical issues of financial data and large models in vertical fields in the video message: regulators should strengthen the review and risk assessment of financial models, and establish a review and testing mechanism for key figures and systems to ensure their performance and security. In order to establish a regulatory framework and standards, and ensure that the application of large models in the financial field meets regulatory and ethical requirements, it is necessary to develop relevant policies and guidelines through cooperation between government, industry, academia, and research. For the deployment and use of financial big models, collaborative governance, transparency enhancement, and mechanisms to ensure data quality and interpretability are needed to help users and regulatory agencies understand the decision-making basis of the model and ensure that it is not biased or discriminatory.
Hu Shaoyong, co-founder of Shanghai Guanan Information Technology Co., Ltd., believes that there are still misconceptions among enterprises regarding data security and network security. "Under the concept of traditional network security, such as interface data not being desensitized, it is generally not considered a security risk in network security... However, data security risk refers to data being maliciously exploited." In addition, he reminded that traditional models do not cause data leakage, but large models are a knowledge model that can transfer sensitive information out. Therefore, data holders need to clarify their security responsibility system, establish data security responsibilities from management system, institutional system, and process system, and sort out the background of current sensitive data.
Hu Shaoyong, co-founder of Shanghai Guanan Information Technology Co., Ltd., gave a themed sharing
Huang Daoli, Director and Researcher of the Cybersecurity Law Research Center at the Third Research Institute of the Ministry of Public Security, believes that the biggest challenge facing cybersecurity now is how to transform institutional capabilities into practical governance capabilities. The biggest characteristic of the law is stability, but network security risks and situations are constantly changing, and sometimes their risks may even break through. For example, whether the risks of AIGC will break through the traditional understanding of data security and personal information protection, "there is a huge tension that needs to be legislated. The law needs to be stable, so that all participants can see a stable expectation and make an accurate judgment of behavior." Currently, the problem faced by top-level legislation is the refinement and implementation of rules, which requires the joint efforts of the industry, operators, data processors, and third parties in society. At the law enforcement level, the strength and coverage are also relatively limited, and it is necessary to strengthen the establishment of law enforcement teams and standardize law enforcement processes.
Xu Yu, Vice President of the Innovation Research Institute of Shanghai Information Security Evaluation and Certification Center, pointed out from the perspective of urban data security that as the number of systems increases in scale and complexity, the exposure and vulnerability of data resources will increase. Network security has shifted from being centered around systems and networks to being centered around data. Currently, the supply of data security systems in China is gradually increasing, and Shanghai has also promoted many pilot projects. However, the construction of a data security system for the entire city with a data security centric approach is still in its early stages, and the supply side of data security still needs industrial upgrading. Once efficient products such as one click encryption and data desensitization are launched to meet the needs of data leakage and tampering, the development of the network security industry will be even faster.
Song Haitao, Dean of the Artificial Intelligence Research Institute at Shanghai Jiao Tong University, elaborated on future network security issues from the perspective of a new type of network with computing power. He believes that in the near future, the entire AI's intelligent computing resources are likely to become like the power grid, with computing power entering households and schools, and network security coverage becoming larger. In addition, the emergence of artificial intelligence and AIGC has accelerated people's ability to effectively compress and express information. A large amount of information content is generated through the network, which is a new technological challenge facing network security. He stated that only by further embracing the power and technology of technology, building a talent system for industrial development in the entire factor process, strengthening research and construction of ethical and governance systems in cybersecurity, can we protect the safety of people's lives and property.
Multiple industry experts in cybersecurity engaged in roundtable discussions
"Shanghai is duty bound to embrace new scientific and technological changes." Hui Zhibin, director of the Internet Research Center of the Shanghai Academy of Social Sciences, proposed that Shanghai must develop in the direction of the highland of network security, the highland of security industry, and the highland of security capability, and actively gather a series of excellent security teams and technologies in China. In terms of data export, data security capacity building, and governance of artificial intelligence algorithms, it has become a source of a series of institutional innovations. Actively promote universities, research institutions, application units, and security teams to seek solutions in Shanghai from both theoretical and practical perspectives, and find secure solutions for innovative applications of new technologies.