Company News
Building a secure defense line for the development of intell
With the rapid iteration of artificial intelligence technology, intelligent agents, as an important carrier for the deep integration of artificial intelligence and the real economy, are profoundly influencing production and lifestyle, and reconstructing security boundaries.
At the 14th Internet Security Conference held recently, experts said that we should use core technology to tackle key problems and consolidate internal skills, build a solid barrier with system and rule construction, and lead industry norms with standard system construction, so as to create a path of coordinated development and security in the era of agent.
Intelligent agents bring new risks
Currently, artificial intelligence is undergoing a crucial transition from large models to intelligent agents. When intelligent agents begin to make autonomous decisions, call tools, and execute tasks, security risks also arise.
"Compared with the past information systems, agents are no longer a question and answer tool for passive execution, but are given the ability of independent perception, decision-making and execution. This leap in technological characteristics has profoundly changed the offensive and defensive situation of network security." said Zhao Zhiguo, vice president of the China Internet Association and former chief engineer of the Ministry of Industry and Information Technology.
With the accelerated penetration of intelligent agents into key fields such as manufacturing, finance, and energy, any security risk may trigger a chain reaction across networks and industries in a short period of time through the autonomous scheduling capability of intelligent agents, which poses higher requirements for risk prevention and emergency response.
Zhao Zhiguo stated that once intelligent agents have autonomous decision-making capabilities, security risks expand from "technical failures" to "decision-making loss of control". Once deviations or disturbances occur, intelligent agents may take actions that deviate from human expectations, and the consequences are unpredictable. This endogenous risk poses a fundamental challenge to safety controllability. In addition, intelligent agents operate autonomously in the system in a highly anthropomorphic manner, and traditional identity based trust mechanisms face the risk of failure. When intelligent agents autonomously sign contracts, execute transactions, and call resources, how to define security responsibilities and characterize unauthorized behavior have become urgent practical problems that need to be solved.
According to Wu Hequan, an academician of the CAE Member and honorary chairman of the Internet Security Conference, agent attacks show the technical characteristics of independent decision-making, cluster collaboration and continuous evolution. Traditional cyber attacks heavily rely on manual operations, while agent driven attacks fundamentally change this pattern.
Specifically, intelligent agents can autonomously perceive the environment, plan attack paths, and perform penetration tasks, and multiple agents can share information and collaborate. This clustered attack can be launched simultaneously from multiple entrances in a very short period of time, leaving defense systems exhausted from responding. What needs to be more vigilant is that intelligent agents have the ability to continuously learn and iterate, and every attack and defense confrontation will become the material for their optimization, with attack methods constantly changing over time.
Zhou Hongyi, founder of 360 Group and chairman of the Internet Security Conference, believes that AI has brought down maintenance to the network security industry. Taking the Mythos model as an example, the fully automated vulnerability mining and attack chain construction capabilities have increased vulnerability discovery speed by two orders of magnitude and reduced costs to less than one thousandth.
The transformation of digital security thinking
Identity forgery, model failure, permission management vulnerabilities, malicious extortion... As intelligent agents enter the commercial application stage, various new risks continue to emerge. At the same time, risks such as hidden data mining driven by artificial intelligence also have an impact on model accuracy and decision reliability.
Zhao Chunjiang, academician of the CAE Member and vice president of the Chinese Association of Artificial Intelligence, introduced that AI system security risks cover four dimensions: data layer, model layer, application layer, and foundation layer. The security problems faced by different dimensions are also different, and targeted measures need to be taken.
In Wu Hequan's view, for a long time, the idea of security work has been to extinguish fires wherever they occur. This passive response mode can withstand human attacks, but in the face of saturated attacks from intelligent agent clusters, the response speed is always half a beat.
Who was stronger in the past and who will be faster in the future? China must establish independent and controllable AI vulnerability mining capabilities. ”Zhou Hongyi said.
The security paradigm must shift from passive defense to active immunity, "said Wu Hequan." We need to build a systematic security operation framework that covers the entire life cycle of prediction, defense, detection, response, and recovery. We need to integrate processes, personnel, and technology into a closed-loop capability, so that the security system can also have intelligent agent perception, prediction, and adaptive capabilities, and achieve a shift from post remediation to pre warning and in-process blocking.
This is not just icing on the cake, but a life and death reconstruction of capabilities. Without active immunity, there can be no digital security in the era of intelligent agents, "said Wu Hequan.
Zhao Zhiguo believes that it is necessary to give prominence to the research and development of core technologies for intelligent agent security, strengthen research and development investment in key areas such as algorithm interpretability, data privacy protection, and system robustness, enhance proactive defense capabilities from the source, and take the initiative in development. Accelerate the establishment of security standards and evaluation certification mechanisms that adapt to the characteristics of intelligent agents, implement graded and classified management for high-risk intelligent agents, clarify the responsibility boundaries of research and development, deployment, and operation, and ensure that there are rules and regulations to follow. Under the national standard framework, promote the deep integration of industry, academia, research and application, and accelerate the formation of protection standards covering the entire life cycle of intelligent agent research and development, implementation, operation and maintenance.
Shift from selling products to selling ability
According to a report by International Data Corporation (IDC), the Chinese cybersecurity market has maintained steady growth due to the continuous strengthening of policies and regulations, increased willingness of enterprises to invest in security, and accelerated application of new technologies. It is expected that by 2026, the overall market size is expected to exceed 80 billion yuan, with a compound annual growth rate of 8.9% from 2024 to 2029. Cybersecurity has become an essential foundational capability in the development of the digital economy.
Currently, intelligent agents are accelerating their penetration into vertical industries such as finance, manufacturing, and healthcare, becoming the core components of real business systems. However, most industry users do not yet have the ability to develop their own intelligent defense systems, and traditional security vendors are still accustomed to selling firewalls, detection tools, etc., resulting in a clear mismatch between supply and demand.
Whoever can complete the transformation from a product provider to a service provider first will be able to take the lead in the new field of intelligent agent security, "said Wu Hequan. Digital security enterprises in the era of intelligent agents must shift from selling products to selling capabilities, which means providing security hosting services covering the entire lifecycle of intelligent agents, reviewing security during the development phase, conducting real-time monitoring and abnormal response during the operation phase, conducting risk assessments and proposing reinforcement suggestions during the iteration phase. This is a paradigm shift and a hurdle that the industry must overcome.
Zhao Zhiguo suggested that a collaborative security platform between industry, academia, and research should be established to integrate network resources and promote deep cooperation among enterprises, universities, and research institutions in the research and development of intelligent agent security technology, emergency response collaboration, and promotion of best practices. A governance pattern should be constructed with government guidance, corporate responsibility, and social participation to address common challenges with an open and collaborative attitude.
At present, relevant industry enterprises are taking action to accelerate the cultivation of new talents for the era of intelligent agents. During the 14th Internet Security Conference, the awarding process of 360 Artificial Intelligence Agent Engineer (ADE) certified lecturer and 360 Public Welfare Foundation AI Talent Special Scholarship were launched simultaneously, providing a practical carrier for the in-depth collaborative education of industry, university and research from the perspectives of talent cultivation and education inclusive.
Zhao Zhiguo stated that it is necessary to actively promote government departments, leading enterprises, and research institutes to accelerate the development of industry standards and group standards in the fields of intelligent agent security capability assessment, risk classification, data security compliance, etc., providing institutional basis for the standardized development of the industry and addressing the uncertainty of security risks with the certainty of high-quality development. In addition, we should actively participate in the formulation and coordination of global artificial intelligence security governance rules, build an intelligent agent security dialogue platform, jointly explore the collaborative path of global network security governance in the era of intelligence, work together to build a community of shared future in cyberspace, and contribute Chinese wisdom and strength to the healthy development of the global intelligent agent industry. (Economic Daily reporter Lai Qi, Chun Huang Xin)
(






