China Cybersecurity: Safeguarding a Digitalizing Economy

THIS MATERIAL IS A MARKETING COMMUNICATION.

China Cybersecurity: Safeguarding a Digitalizing Economy

As China continues to evolve into a digital economy with fast adoption of new technologies such as 5G, cloud computing and the growing number of new applications, network vulnerabilities have been growing in tandem. Cyber-attacks, which hamper the robustness of the entire online ecosystem and compromise data and identity integrity, are increasingly pervasive. According to Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC), the total number of cyber security breaches has risen in the past few years. In addition, enterprises are facing challenges of more sophisticated cyber threat technologies.

In this article we’ll take a closer look at China’s cybersecurity industry, key technology trends and major participants.

Since the establishment of Central Leading Group for Cyberspace Affairs in 2014, Chinese government has been proactively rolling out regulations to promote the growth of cybersecurity spending. In Dec. 2019, MLPS 2.0 (Multi-Level Protection Scheme), a regulatory framework that specifies security protection standards for enterprises and governments was issued. MLPS 2.0 classifies information security risks into five levels, ranging from threats to individual interests, to threats to national safety, and set requirements for each level.

With the temporary impact from Covid-19 on IT spending largely behind, we expect growth of China cybersecurity industry to reaccelerate in 2021, reaching US$9.5bn (+20% yoy vs. +11% in 2020) (Source: IDC, Jan. 2021) . We remain optimistic of the long-term growth at 15-20% per annum (IDC, Jan. 2021). The market is expected to grow to US$14bn by 2023E (IDC, Jan. 2021), primarily driven by 1) the government authorities’ increasing focus on combating cybersecurity attacks, 2) rising awareness of enterprises to protect digitalized assets from potential losses, and 3) a more complicated IT structure and malicious online environment.

However, compared to the United States, China’s cybersecurity spending is lagging. We believe the gap between US and global average is still quite large, which implies significant market potential going forward.

Key Technology Trends

In 2020, hardware (key areas include firewall, UTM (Unified Threat Management), IDS/IPS (Intrusion Detection Systems/Intrusion Prevention System), etc.) still contributed ~53% (IDC, Jan. 2021) of total cybersecurity spending in China, mainly because of on-premise IT deployment for customers in financials, manufacturing and other industries. As more IT workload moves onto cloud, cybersecurity software products are set to grow at a faster pace, and renders emerging technologies such as security analytics, identity management (zero trust), endpoint security, etc.

  • Zero Trust: Nowadays the physical boundaries between internal and external IT environment become blurrier. In fact, hackers now usually hack into internal employee’s computer system through cloud or external links, and they could access all the data and files from inside. This has prompted the emergence of Zero Trust Technology (Architecture).

Zero Trust Security is an IT security model that requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are sitting within or outside of the network perimeter. No single specific technology is associated with zero trust architecture; it is a holistic approach to network security that incorporates several different principles and technologies.

  • Network Security Situation Awareness (NSSA): Cybersecurity situational awareness refers to a proactive understanding (from passively defending phase) of the cyber threat environment within which it operates, associated risk and impacts, and the adequacy of its risk mitigation measures.

Major Cybersecurity Companies

Qi An Xin: Qi An Xin Group was founded in 2014 and specializes in serving the cybersecurity market by offering next-generation enterprise-class cybersecurity products, services and hardware associated with network security solutions for government and enterprises.

The company has been aggressively investing in R&D to develop a comprehensive product portfolio covering cloud, network and terminals. Qi An Xin is a pioneer in new security fields, including zero trust, big data analytics, and others which should be the long-term growth driver for the company.

Sangfor: Established in 2005, Sangfor Technologies is the leading cybersecurity and cloud computing technology vendor in China. The company offers two sets of products: 1) cybersecurity, and 2) HCI (hyper converged infrastructure).

Sangfor has built a track record of consistently expanding its boundary through a series of successful product launches. In the past 20 years, it has transformed from being a single-product virtual private network (VPN) player to a comprehensive cybersecurity platform, and now to a significant player in the private cloud and basic IT space.

Venustech: Venustech is a cybersecurity veteran and has strong relationship with the government, SOEs, and military customers. The company also has a strong track record in providing security operation services, and it is the earliest supplier in China’s SOC (Security Operating Center) market.

China Cybersecurity: Safeguarding a Digitalizing Economy

As China continues to evolve into a digital economy with fast adoption of new technologies such as 5G, cloud computing and the growing number of new applications, network vulnerabilities have been growing in tandem. Cyber-attacks, which hamper the robustness of the entire online ecosystem and compromise data and identity integrity, are increasingly pervasive. According to Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC), the total number of cyber security breaches has risen in the past few years. In addition, enterprises are facing challenges of more sophisticated cyber threat technologies.

In this article we’ll take a closer look at China’s cybersecurity industry, key technology trends and major participants.

Since the establishment of Central Leading Group for Cyberspace Affairs in 2014, Chinese government has been proactively rolling out regulations to promote the growth of cybersecurity spending. In Dec. 2019, MLPS 2.0 (Multi-Level Protection Scheme), a regulatory framework that specifies security protection standards for enterprises and governments was issued. MLPS 2.0 classifies information security risks into five levels, ranging from threats to individual interests, to threats to national safety, and set requirements for each level.

With the temporary impact from Covid-19 on IT spending largely behind, we expect growth of China cybersecurity industry to reaccelerate in 2021, reaching US$9.5bn (+20% yoy vs. +11% in 2020) (Source: IDC, Jan. 2021) . We remain optimistic of the long-term growth at 15-20% per annum (IDC, Jan. 2021). The market is expected to grow to US$14bn by 2023E (IDC, Jan. 2021), primarily driven by 1) the government authorities’ increasing focus on combating cybersecurity attacks, 2) rising awareness of enterprises to protect digitalized assets from potential losses, and 3) a more complicated IT structure and malicious online environment.

However, compared to the United States, China’s cybersecurity spending is lagging. We believe the gap between US and global average is still quite large, which implies significant market potential going forward.

Key Technology Trends

In 2020, hardware (key areas include firewall, UTM (Unified Threat Management), IDS/IPS (Intrusion Detection Systems/Intrusion Prevention System), etc.) still contributed ~53% (IDC, Jan. 2021) of total cybersecurity spending in China, mainly because of on-premise IT deployment for customers in financials, manufacturing and other industries. As more IT workload moves onto cloud, cybersecurity software products are set to grow at a faster pace, and renders emerging technologies such as security analytics, identity management (zero trust), endpoint security, etc.

  • Zero Trust: Nowadays the physical boundaries between internal and external IT environment become blurrier. In fact, hackers now usually hack into internal employee’s computer system through cloud or external links, and they could access all the data and files from inside. This has prompted the emergence of Zero Trust Technology (Architecture).

Zero Trust Security is an IT security model that requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are sitting within or outside of the network perimeter. No single specific technology is associated with zero trust architecture; it is a holistic approach to network security that incorporates several different principles and technologies.

  • Network Security Situation Awareness (NSSA): Cybersecurity situational awareness refers to a proactive understanding (from passively defending phase) of the cyber threat environment within which it operates, associated risk and impacts, and the adequacy of its risk mitigation measures.

Major Cybersecurity Companies

Qi An Xin: Qi An Xin Group was founded in 2014 and specializes in serving the cybersecurity market by offering next-generation enterprise-class cybersecurity products, services and hardware associated with network security solutions for government and enterprises.

The company has been aggressively investing in R&D to develop a comprehensive product portfolio covering cloud, network and terminals. Qi An Xin is a pioneer in new security fields, including zero trust, big data analytics, and others which should be the long-term growth driver for the company.

Sangfor: Established in 2005, Sangfor Technologies is the leading cybersecurity and cloud computing technology vendor in China. The company offers two sets of products: 1) cybersecurity, and 2) HCI (hyper converged infrastructure).

Sangfor has built a track record of consistently expanding its boundary through a series of successful product launches. In the past 20 years, it has transformed from being a single-product virtual private network (VPN) player to a comprehensive cybersecurity platform, and now to a significant player in the private cloud and basic IT space.

Venustech: Venustech is a cybersecurity veteran and has strong relationship with the government, SOEs, and military customers. The company also has a strong track record in providing security operation services, and it is the earliest supplier in China’s SOC (Security Operating Center) market.

AUTHORED BY
Celia Qiu
Investment Analyst

Date: September 2, 2021
Category: Cloud Computing, Insights

Disclaimer & Information for Investors

No distribution, solicitation or advice: This document is provided for information and illustrative purposes and is intended for your use only.  It is not a solicitation, offer or recommendation to buy or sell any security or other financial instrument. The information contained in this document has been provided as a general market commentary only and does not constitute any form of regulated financial advice, legal, tax or other regulated service.

The views and information discussed or referred in this document are as of the date of publication. Certain of the statements contained in this document are statements of future expectations and other forward-looking statements.  Views, opinions and estimates may change without notice and are based on a number of assumptions which may or may not eventuate or prove to be accurate. Actual results, performance or events may differ materially from those in such statements. In addition, the opinions expressed may differ from those of other Mirae Asset Global Investments’ investment professionals.

Investment involves risk: Past performance is not indicative of future performance. It cannot be guaranteed that the performance of the Fund will generate a return and there may be circumstances where no return is generated or the amount invested is lost. It may not be suitable for persons unfamiliar with the underlying securities or who are unwilling or unable to bear the risk of loss and ownership of such investment. Before making any investment decision, investors should read the Prospectus for details and the risk factors. Investors should ensure they fully understand the risks associated with the Fund and should also consider their own investment objective and risk tolerance level. Investors are advised to seek independent professional advice before making any investment.

Sources: Information and opinions presented in this document have been obtained or derived from sources which in the opinion of Mirae Asset Global Investments (“MAGI”) are reliable, but we make no representation as to their accuracy or completeness. We accept no liability for a loss arising from the use of this document.

Products, services and information may not be available in your jurisdiction and may be offered by affiliates, subsidiaries and/or distributors of MAGI as stipulated by local laws and regulations. Please consult with your professional adviser for further information on the availability of products and services within your jurisdiction. This document is issued by Mirae Asset Global Investments (HK) Limited and has not been reviewed by the Securities and Futures Commission.

Information for EU investors pursuant to Regulation (EU) 2019/1156: This document is a marketing communication and is intended for Professional Investors only. A Prospectus is available for the Mirae Asset Global Discovery Fund (the “Company”) a société d’investissement à capital variable (SICAV) domiciled in Luxembourg structured as an umbrella with a number of sub-funds. Key Investor Information Documents (“KIIDs”) are available for each share class of each of the sub-funds of the Company.

The Company’s Prospectus and the KIIDs can be obtained from www.am.miraeasset.eu/fund-literature . The Prospectus is available in English, French, German, and Danish, while the KIIDs are available in one of the official languages of each of the EU Member States into which each sub-fund has been notified for marketing under the Directive 2009/65/EC (the “UCITS Directive”). Please refer to the Prospectus and the KIID before making any final investment decisions.

A summary of investor rights is available in English from www.am.miraeasset.eu/investor-rights-summary.

The sub-funds of the Company are currently notified for marketing into a number of EU Member States under the UCITS Directive. FundRock Management Company can terminate such notifications for any share class and/or sub-fund of the Company at any time using the process contained in Article 93a of the UCITS Directive.

Hong Kong: This document is intended for Hong Kong investors. Before making any investment decision to invest in the Fund, Investors should read the Fund’s Prospectus and the information for Hong Kong investors (of applicable) of the Fund for details and the risk factors. The individual and Mirae Asset Global Investments (Hong Kong) Limited may hold the individual securities mentioned. This document is issued by Mirae Asset Global Investments (HK) Limited and has not been reviewed by the Securities and Futures Commission.

Copyright 2021. All rights reserved. No part of this document may be reproduced in any form, or referred to in any other publication, without express written permission of Mirae Asset Global Investments (Hong Kong) Limited.