Guan'an Information Zhang Zhaolong: Data security and network security are two different tracks

In the past two years, the safety circle is very lively, but the figure of Guan'an information is rarely seen in the circle.

Although the company has been founded for five and a half years, it has completed multiple rounds of financing and has more than 1,400 employees, which is small in the field of data security.

Choosing a company hidden from the public's horizon originated from the founder Zhang Zhaolong's perception of data security of the main track -data security and network security are two completely different tracks. "Data security and business are highly bundled. Entrepreneurs need to bow to enter the game, learn and familiarize with customers' business processes, and solidly understand the value of the value behind the data in order to do this."

Therefore, in the past five years, Zhang Zhaolong has been guided by the "umbrella -shaped strategy" and led the team to work hard and work, and gradually expanded from a single enterprise to the matrix layout of three industries, four regions, and five product lines.

He believes that with the development of the industrial Internet, all things will continue to increase data. The premise of "data sharing, security is based on", and the premise of release of data value is the first to do a good job of protection of data security.

Cyber ​​security is the "wealthy disease" in the digital age

Question: Why is the attention of network security in policies, markets, and public in the past two years?

The underlying reason is that the digital pace of various industries is accelerating, and data security needs are derived. Data is generating huge value, so it becomes more and more valuable. Like people, people will buy insurance when they have money. After the house becomes larger, they will ask security, install cameras and monitor, and change to better door locks -network security is the "rich disease" in the digital era. The more "wealthy" you, your safety and safety needs will naturally increase, and your investment in safety construction will also increase.

Q: What makes the data more and more "valuable"?

The core of the digital transformation and the establishment of the data factor market is the circulation of data, as well as increasing data sharing and data exchange. In the process, the value of data naturally increases the value of data. At the same time, at the level of enterprise operation, enterprises need to be more advantageous than competitors, and they need to be more refined management capabilities, including the improvement of prediction capabilities and corporate efficiency. These are realized through data and big data AI analysis capabilities. Play a key role.

Question: What was the original intention at that time?

In 2016, there was an important incident. Palantir, a big data analysis company in the United States, can be positioned to a international criminal gang through big data analysis. Give me a lot of shock and inspiration. Therefore, our positioning to the company is hoping that in China, we can also use big data analysis to help network security and enterprise security, and provide accurate analysis capabilities of artificial intelligence and digital algorithms. This was a original intention of our founding company at that time.

Question: How does this original intention extend to data security and even network security tracks?

The benchmark big data analysis company Palantir is our starting point, and then in the second half of 2016, during the process of making big data analysis, we found that a large amount of data on the enterprise and public network is circulating. So is it valuable that these data are valuable? Intersection More importantly, the process of data circulation, whether the data of the data has confirmation and whether there is recognition of the use of data.

At that time, we thought about a problem. In the future, the use of data will become larger and larger, and more and more data sharing will be used. Data security will inevitably become an important key point. Therefore, we speculate that in the future, data security must be the protection direction that the country, enterprises, and individuals attach great importance to. So we have deployed data security since the second half of 2016. At that time, our idea was to use the analysis capabilities of big data to improve the efficiency of analysis and identification and the efficiency of risk control. Based on this idea and layout, we set up a laboratory and research institute for Guan'an Information.

Q: What direction does the laboratory study?

The team focuses on two directions, and uses data models and artificial intelligence models to be applied to the analysis of network security. In the second half of 2016, data security began. Our first product was data desensitization. Starting from this product, we gradually expanded to various fields of data security. The maturity model and data security of data security are the all -life cycle of data security, followed by the data security operation model we are doing now -that is, how to protect the data security of enterprises, industries, and network space in the daily operation process.

The company's survival is more important than anything else

Question: After starting the data security track, does the company encounter any difficulties?

In 2016, we did lay out earlier in the fields of big data, artificial intelligence, and data security, but the market capacity at that time was small. Therefore, how the company survived first was a very important issue for us. In the future, data security is important, but in that moment, we must first consider survival.

From the end of 2016 to the beginning of 2017, the Cyber ​​Security Law was released and implemented, which was a very good signal. We have also begun to lay out some distinctive network security products associated with regulations and compliance.

The first product is a honeypot, also known as the temptation system; the second is Web dynamic defense, security detection and real -time protection for external websites and applications; the third, we have made NTA, through traffic analysis and artificial intelligence algorithm algorithms To judge the attack of hackers; the fourth is the product that is based on APT attack analysis; the fifth, through full traffic analysis and analysis of hackers' attack events, just apply our big data, artificial intelligence models, and algorithm capabilities in it. Therefore, in the field of network security, we focus on these five network security products. At the same time, based on the data collection of these five products, we have made another situation. Since the launch of the market in 2018, the situation is quite good.

Question: Can I understand this way, since 2016, the company has always focused on two main lines of data security and network security?

Yes, the core ability behind the two main lines is still the analysis ability of big data to support the underlying data capabilities for these two main lines. Therefore, compared with traditional network security companies, we have a relatively large difference in technical level. We use big data analysis and models to use the ability of artificial intelligence to make data security and network security.

Umbrella -type strategy: only one thing in one stage

Q: What are the stages and milestones since the company was founded?

Our company basically plans and advances in accordance with the rhythm of two years.

From 2016 to 2018, it was the company's survival, and we were only doing pilots and exploration of some customers. The first customer we started was an operator company. We helped the company to do a trend perception and improve the accuracy and effectiveness of identifying the identification of hackers through the embedded artificial intelligence algorithm.

Our strategic layout is a "umbrella strategy".

Almost from 2019 to 2020, Guan'an Information developed to a fast channel. From an operator customer to the industry, the industry, from a platform to three platforms and four products, that is, the situation perception platform, data management and control platform, asset management platform, as well as honeypots, web dynamic defense, APT attack protection, data Desertension products. At the end of 2018, there were only three or four hundred people in the company. At the end of 2020, we nearly 700 people had doubled in two years.

From 2020 to the present, we have expanded the layout to the current "Three -Five Five" in one and a half years. There are four regions: Shanghai, Beijing, Greater Bay Area, and Chengdu -Chongqing; there are five product lines, digital management platforms, asset management platforms, SDCs, and offensive and defensive series.

Our company now has more than 1,400 people. The development status should be ranked first among security companies without listing, but we just just separated from survival and entered the development period. We are still in the entrepreneurial stage.

Question: What is the "umbrella strategy" just mentioned?

What is a "umbrella strategy", to put it plainly is to do only one thing at a stage. First do the umbrella handle, make a ability to be strong, and then do the umbrella bone. After the umbrella bones are done one by one, make the umbrella surface. From the point to the line to the face, the layer by layer, instead of spreading it out from the beginning.

Take the three stages just mentioned as an example. In 2016, there were only 40 or fifty people in the company. We cannot expand on a large scale. The company also needs to do research and development, products, and research. It is also the most successful thing. We serve our customers with good efforts, and use artificial intelligence algorithms to be applied to situation perception. Do only one thing. The rest of the research work, such as data security, but I bring a small team to do research.

Beginning in 2018, we have expanded from a customer to an industry, that is, the operator industry. Nevertheless, we focus on a region, the Shanghai region. Because the company had only more than 300 people at that time, it was impossible to start throughout the country.

I think every step of entrepreneurship must be solid. We have always done this with the company's least resources and the smallest consumption to achieve the biggest results.

Question: Guan'an information seems to be relatively low -key in the safe circle. Is this related to the "umbrella strategy" just mentioned?

correct. I think the core of the business operation is that you have enough income and profit support. If the actual business ability of the enterprise is insufficient, it is unhealthy to blindly play brands and popularity. The high -rise building started quickly, and it may collapse quickly in a blink of an eye.

We have always developed companies in a solid manner and seized the nature of operations. We cannot ignore the nature of operations because of the security market of the entire industry in recent years. We have blindly exaggerated and promoted the brand. I personally think that the branches, subsidiaries, and laboratories of various places are not the correct practices of corporate operations. At least it is necessary to clarify the project's source and income.

Data security and network security are two different tracks

Question: Among the customers who are currently served by Guan'an Information, most of the large government and enterprises are formed step by step?

The first customer we served was a large operator company, followed by operators, followed by two nets, three barrels of oil, and some of the digital government projects. So far, our main line of service is still the operator industry, energy industry, and digital governments. It has always been around this main line. Therefore, you will see what you see. Guan'an information serves most of the large government and enterprise customers.

Question: Does serving large government and enterprise customers mean that the privatization deployment is mostly? Will people's investment heavier? I think it depends on the positioning of the company. Our service target itself is not a C -end user, not the consumer Internet, but the B -end enterprise, which is the industrial Internet. Cyber ​​security is also the primary driving force, so large government and enterprise will pay more attention to network security and data security in this regard. At the same time, large -scale government and enterprises, as the name suggests, indicate that the amount of data is very large, the data is very important and sensitive. Naturally, it will be mainly privatized, or the mixed cloud will basically not be a public cloud.

Now I am talking about interconnection. I think there is a misunderstanding of this: interconnection is not directly placed on the Internet, but first do the data of data desensitization, encryption transmission, confirmed power, data back traceability and other functions. After these guarantees are sound, they can be shared and interoperable.

Indeed, the privatization deployment will definitely be harder. This is not a standardized product, and it is not a matter of overnight. In our opinion, we can do a good job of reorganizing, doing well, and truly serving customers, and doing a good job of safety construction, so that we can win the trust of customers.

Question: During the process of serving these customers, have you encountered difficulty in solving?

Of course. In terms of network security, the situation will be better, because the mode of hacking attacks is basically the same, and the basic security is relatively strong.

In the field of data security, it will be much more difficult. Because data security is completely bundled with business, first of all, we must understand the customer's business process. If we do not understand the business, there is no way to help customers do data security. Cyber ​​security is more static protection and state protection, but data security is a procedural protection and liquidity protection. It is necessary to closely combine with the business, understand its data attributes, and effectively classify the data in order to truly do data Safety.

To understand the business process of a customer, we need to study solidly and in -depth learning, and need a lot of personnel and energy to invest. Each industry has the commonality and characteristics of their business processes. This is why our company takes the "umbrella -shaped strategy". Why do you always carry out business around the three industry lines instead of taking regional development and blindly investing in various industries, but it is not familiar with the business on the surface.

I often say that data security does not belong to network security, because companies doing network security may not be able to do data security. They are two completely different tracks.

Data security is the prerequisite for data value release

Q: How do you understand the relationship between data security and data value?

I think this is a causal relationship and mutual relationship. Data will become asset -oriented in the future, and the value of data will gradually magnify. Everyone can think about, if a thing has the attributes of assets, what does its core need to do? Naturally, it is necessary to protect its asset safety. Therefore, there are causes and effects, the value of data is amplified, and the importance of data security is also increasing. At the same time, with the protection of data security, the data value can be further reflected, and the two are indispensable.

I remember that the Shanghai Library invited me to write a sentence, and I wrote the premise of "data sharing, security -based". The premise of data sharing and release of value must be the protection of data security.

Question: For many years of rooting data, what do you think is the biggest challenge facing the domestic data security industry?

The most prominent problem is the concept. Don't think that data security is network security. It is half related to traditional network security. The other half has nothing to do with network security. For example, such as law firms, accounting audit companies, privacy computing companies, blockchain companies, these companies do data security, which may be more handy and advantageous than traditional network security manufacturers.

Therefore, either these companies understand network security and technology as soon as possible, or network security manufacturers understand business and data value as soon as possible. Who can make up for the shortcomings faster, who can enter the data security field earlier and deeper.

Question: What are the advantages of Guan'an Information in the field of data security?

I think first, we know the business of customers better than traditional cyber security companies, and understand the value of data and the requirements for using data. Of course, this is also limited to our main line -the operator industry, the energy industry, and the digital government. This is our important core competitiveness.

Second, we have studied many artificial intelligence algorithms to analyze the abnormalities, irregularities, and sensitivity of the data use process. We can provide strong underlying support capabilities through the algorithm.

Third, we have a good technique in the protection of the entire life cycle of data.

Fourth, the landing nature of each of our technologies is very strong, and it is verified by large customers. It is a practical experience that the team has accumulated for many years.

Q: How do you understand the Industrial Internet?

In the past, we emphasized that the consumer Internet is aimed at personal Internet services. Now with the interconnection of all walks of life, the industrial Internet appears.

We must not understand the industrial Internet as a new consumer Internet. It is different. The industrial Internet first has the attributes of the industry. It is divided into independent industry Internet, cross -industry Internet, regional Internet, and cross -regional Internet. It cannot only become a network.

In addition, the industrial Internet is developed and promoted in all directions, but in different industries, the speed and width of the advancement are different. You cannot use a unified method and ideas to look at all industries and industries.

Question: In the next few years, what layout and expectations are there in the next few years?As mentioned earlier, the company's current development is basically a small step in two years, so from 2023 to 2024, our key work is to enter the open capital market and complete the IPO.Secondly, based on our capabilities in data security and network security, the layout of transactions and sharing in the data factor market.The third focus is on the security of the industrial Internet.

In terms of business expansion, in addition to the current "three -four -five", that is, three industries, four regions, and five product lines, it will also increase the two industries, the financial industry, the Internet of Vehicle and the automobile manufacturing industry.

— Baichuan Plan 011 ——

- END -