PDF(2239 KB)
Development Status, Trends, and Prospects of Cybersecurity Strategies and Methods
Jiangxing Wu, Xinsheng Ji, Lei He, Yu Xie, Yukun Niu, Fan Zhang
Strategic Study of CAE ›› 2025, Vol. 27 ›› Issue (1) : 14-27.
PDF(2239 KB)
PDF(2239 KB)
Development Status, Trends, and Prospects of Cybersecurity Strategies and Methods
Under the impetus of the paradigm shift driven by the global digital ecosystem, cybersecurity has become a critical issue of ever-increasing importance. This study provides an in-depth analysis of the current state and future trends of cybersecurity strategies and methods, offering a comprehensive assessment of the changes in the global cybersecurity landscape. It details the development of international cybersecurity strategies, with a focus on the policies of the United States and the European Union. The study also explores mainstream cybersecurity methods such as cyber resilience, security by design, and zero trust, as well as China's original theories on endogenous safety and security and the mimic defense technology. Based on this, this study points out that the cybersecurity development in China has advantages such as a vast-market application scenario, a complete information industry chain, a systematic talent training system, and original technical theories. However, there is still room for improvement in security responsibility allocation mechanisms, legal system completeness, and security standards development. The study recommends accelerating the formulation of cybersecurity policies and regulations with Chinese characteristics, constructing a cybersecurity architecture based ons endogenous safety and security, and shifting cybersecurity responsibilities from the user side to the manufacturing side. These measures aim to provide strong support for establishing a comprehensive cybersecurity responsibility and quality control system, enhancing the overall security of digital products.
cybersecurity strategies / cybersecurity methods / endogenous safety and security / cybersecurity responsibility shift
| [1] |
Gianmarco B, Josefa B, Gil G D, et al. Cybersecurity, our digital anchor: A European perspective [R]. Luxembourg: Publications Office of the European Union, 2020.
|
| [2] |
Ross R, Pillitteri V, Graubart R, et al. Developing cyber resilient systems: A systems security engineering approach [R]. Gaithersburg: National Institute of Standards and Technology, 2021.
|
| [3] |
何占博, 王颖, 刘军. 我国网络安全等级保护现状与2.0标准体系研究 [J]. 信息技术与网络安全, 2019, 38(3): 9‒14, 19.
He Z B, Wang Y, Liu J. Research on the status and 2.0 standard system of network security classified protection in China [J]. Information Technology and Network Security, 2019, 38(3): 9‒14, 19.
|
| [4] |
Petrenko S. Cyber resilience [M]. New York: River Publishers, 2022.
|
| [5] |
Stafford V. Zero trust architecture [R]. Gaithersburg: National Institute of Standards and Technology, 2020.
|
| [6] |
Bodeau D, Graubart R, Picciotto J, et al. Cyber resiliency engineering framework [R]. Bedford: MITRE Corporation, 2011.
|
| [7] |
Bodeau D, Graubart R. Cyber resiliency design principles [R]. Bedford: MITRE Corporation, 2017.
|
| [8] |
Bodeau D, Graubart R, McQuaid R, et al. Cyber resiliency metrics, measures of effectiveness, and scoring: Enabling systems engineers and program managers to select the most useful assessment methods [R]. Bedford: MITRE Corporation, 2018.
|
| [9] |
Bodeau D, Graubart R, Heinbockel W, et al. Cyber resiliency engineering aid-the updated cyber resiliency engineering framework and guidance on applying cyber resiliency techniques [R]. Bedford: MITRE Corporation, 2015.
|
| [10] |
邬江兴, 季新生, 贺磊, 等. 内生安全赋能网络弹性研究 [J]. 信息通信技术, 2023, 17(4): 4‒11.
Wu J X, Ji X S, He L, et al. Research on network elasticity of endogenous security empowerment [J]. Information and Communications Technologies, 2023, 17(4): 4‒11.
|
| [11] |
Souppaya M, Scarfone K, Dodson D. Secure software development framework (SSDF) version 1.1: Recommendations for mitigating the risk of software vulnerabilities [R]. Gaithersburg: National Institute of Standards and Technology, 2022.
|
| [12] |
U.S. Department of Defense. DoD zero trust strategy [EB/OL].(2022-11-07)[2024-11-15]. https://dodcio.defense.gov/Portals/0/Documents/Library/DoD-ZTStrategy.pdf.
|
| [13] |
邬江兴. 论网络空间内生安全问题及对策 [J]. 中国科学: 信息科学, 2022, 52(10): 1929‒1937.
Wu J X. Cyberspace's endogenous safety and security problem and the countermeasures [J]. SCIENTIA SINICA Informationis, 2022, 52(10): 1929‒1937.
|
| [14] |
沈昌祥, 张焕国, 王怀民, 等. 可信计算的研究与发展 [J]. 中国科学: 信息科学, 2010, 40(2): 139‒166.
Shen C X, Zhang H G, Wang H M, et al. Research and development of trusted computing [J]. SCIENTIA SINICA Informations, 2010, 40(2): 139‒166.
|
| [15] |
胡俊, 沈昌祥, 公备. 可信计算3.0工程初步 [M]. 北京: 人民邮电出版社, 2017.
Hu J, Shen C X, Gong B. Preliminary study on trusted computing 3.0 project [M]. Beijing: Posts and Telecommunications Press, 2017.
|
| [16] |
邬江兴. 网络空间内生安全发展范式 [J]. 中国科学: 信息科学, 2022, 52(2): 189‒204.
Wu J X. Development paradigms of cyberspace endogenous safety and security [J]. SCIENTIA SINICA Informationis, 2022, 52(2): 189‒204.
|
| [17] |
邬江兴. 网络空间拟态防御研究 [J]. 信息安全学报, 2016, 1(4): 1‒10.
Wu J X. Research on cyber mimic defense [J]. Journal of Cyber Security, 2016, 1(4): 1‒10.
|
| [18] |
邬江兴. 网络空间内生安全—拟态防御与广义鲁棒控制(下册) [M]. 北京: 科学出版社, 2020.
Wu J X. Intrinsic security in cyberspace: Hypothetical defense and generalized robust control (Volume 2) [M]. Beijing: Science Press, 2020.
|
| [19] |
Ross R. Security and privacy controls for federal information systems and organizations [R]. Gaithersburg: National Institute of Standards and Technology, 2020.
|
| [20] |
Souppaya M, Morello J, Scarfone K. Application container security guide [R]. Gaithersburg: National Institute of Standards and Technology, 2017.
|
/
| 〈 |
|
〉 |
AI Summary
