Gartner Releases China Security Technology Maturity Curve 2024

Gartner recently released the 2024 China Security Technology Maturity Curve, which introduces innovations in China's security field. This year, two new innovations were added: AI network security assistant and security information and event management (SIEM) . At the same time, China's privacy protection technology has reached a period of expectation inflation, which is due to the changing regulatory framework and China's ambition to lead the development and adoption of AI technology.

Gao Feng, senior research director at Gartner, said: "The adoption of disruptive technologies such as generative artificial intelligence (GenAI) requires increased investment in security, but Chinese organizations are still constrained by budgets. At the same time, organizations are also investing in digital innovations such as GenAI. These digital investments bring new attack surfaces and may require new security protection mechanisms. Therefore, organizations need to optimize security measures to balance the adoption of new technologies and budget constraints."

(Figure 1: China's security technology maturity curve in 2024)

Privacy protection in China

The Personal Information Protection Law of the People's Republic of China has significantly changed China's legal and regulatory landscape, providing a broader framework for the protection of Chinese citizens' personal data and imposing severe penalties. China's regulatory framework is similar in principle to other regional laws, but companies should carefully study the complex requirements regarding data localization, data authorization principles, and cross-border data transfers, and address these requirements in their privacy policies.

Secure Service Edge (SSE)

SSE products in China combine different security functions (at least secure web gateway [SWG] and zero trust network access [ZTNA]), reducing complexity and improving user experience through additional software as a service (SaaS) security functions. Such products are delivered on-premises or in the cloud. SSE allows enterprises to use a centralized approach to implement security policies across the web, cloud services, and private application access, supporting employees anytime, anywhere. At the same time, SSE reduces the management complexity of running multiple products and can provide clearer visualization of end-user operations in one platform.

IoT Authentication

Internet of Things (IoT) authentication refers to the mechanism of establishing trust in the identity of a single thing (usually a device) when it interacts with entities such as devices, applications, cloud services, or gateways operating in the IoT environment. As the IoT market has seen explosive growth, these connected devices that can connect the network and the physical world have also introduced new attack threats. Comprehensive IoT security requires IoT devices with strong IoT authentication capabilities to mitigate and minimize risks and/or other issues and vulnerabilities.

AI Cybersecurity Assistant

Artificial intelligence (AI) cybersecurity assistants leverage large language models to mine existing knowledge provided by cybersecurity tools and produce content relevant to targeted roles within security teams. AI cybersecurity assistants are mostly offered as auxiliary functions for existing products, but can also be used as dedicated front ends or through integrated software agents to take action. These AI cybersecurity assistants can discover knowledge and create content (usually in the form of summaries or production code/scripts), and this potential for increased productivity has attracted the attention of cybersecurity executives. These assistants may evolve into more autonomous agents that can work based on general instructions without frequent prompts.

Security Information and Event Management (SIEM)

Security Information and Event Management (SIEM) is a configurable security logging system designed to aggregate and analyze security event data from local and cloud environments. SIEM can assist relevant personnel in taking countermeasures to reduce the negative impact of incidents on corporate organizations, while supporting compliance and reporting requirements. One of the core elements of the effective implementation of security projects is to aggregate and standardize security data and visualize the security status of corporate organizations. SIEM can support the security operation center to identify, prioritize and investigate security incidents. Broad visibility is the basis for the security operation center to make decisions in daily security operations.