The 2021 World Internet of Things Expo Summit with the theme of “Intelligence Connecting Everything, Numbers Leading the Future” will be held in Wuxi, Jiangsu Province on October 23. As one of the World Internet of Things Expo summit forums, the “2021 World Internet of Things Expo Information Security Summit Forum and the 13th Information Security Vulnerability Analysis and Risk Assessment Conference” (VARA Conference) will be held on October 22. As a professional academic conference with an early start in the domestic network security field, the VARA conference has been held for 12 consecutive sessions, witnessing the development of the field of information security vulnerability analysis and risk assessment. The spokesman of the conference, Wang Jun, chief engineer of China Information Security Evaluation Center (hereinafter referred to as “Evaluation Center”), accepted an interview with the reporter of this magazine, reviewed the development process of the VARA conference, and introduced the highlights of this year’s VARA conference and other related situations. .

Original mission: to create the most influential communication platform in the field of domestic information security

Wang Jun recalled that in order to implement the spirit of the central leadership’s instructions, unite the forces of government, industry, academia, research, and use to lead the development of vulnerability analysis and risk assessment technology, share the latest achievements in the field of vulnerability analysis and risk assessment, and adhere to the “authoritative high-end”. Based on the main functions assigned by the central government, the evaluation center held the first VARA conference in Beijing in December 2008. VARA is the abbreviation of “vulnerability analysis and risk assessment” in English.

The first VARA conference mainly discussed topics such as source code security risk assessment, integer overflow vulnerability detection in binary programs, risk assessment practice and development, Vista security mechanism research, etc., for participants in information security vulnerability analysis and risk assessment and related fields. Build a good communication and exchange platform.

On this basis, considering that the research in the field of vulnerability analysis and risk assessment has just started, and the technological innovation and research strength still need to be improved, the VARA conference began to absorb various forces and jointly hold the conference. The second VARA conference in 2009 was hosted by Tsinghua University. The evaluation center and Tsinghua University jointly solicit papers from the society, collect the excellent papers received into a collection of papers, and recommend some excellent papers to be published in the “Journal of Tsinghua University”.

Since then, the VARA conference has become an annual industry event held by the evaluation center, and the scale and influence of the conference have gradually spread in the industry. The VARA conference is supported by the Central Cyberspace Administration of China, the Ministry of Industry and Information Technology and other national government ministries and commissions, academicians and field experts such as He Dequan, Ni Guangnan, Shen Changxiang, and partner universities. From the second session in 2009 to the eighth session in 2015, the VARA conference adopted the mode of cooperating with universities, and has successively cooperated with Tsinghua University, Peking University, University of Science and Technology of China, Shanghai Jiaotong University, Beijing University of Posts and Telecommunications, Central South University, Beijing Jiaotong University, Beijing Institute of Technology, Zhejiang University, Southeast University and other well-known domestic universities cooperate to organize the conference.

Since 2016, China Information Security Evaluation Center and Wuxi Municipal Government have started strategic cooperation, focusing on the development strategy of the Internet of Things industry, in the research and innovation of information security technology, and the application and promotion of information security technology achievements. Taking the World Internet of Things Expo as an opportunity, Wuxi City introduced the “Information Security Vulnerability Analysis and Risk Assessment Conference” (VARA) brand of China Information Security Evaluation Center, and set it as the World Internet of Things Expo Information Security Summit Forum. It can be said that the integration of VARA Conference and Wuxi Internet of Things Conference is also an innovation.

After more than ten years of development, the VARA Conference has been recognized by well-known academicians, experts and scholars in the field of information security, major domestic scientific research institutions and institutions of higher learning, users of national key information infrastructure, and relevant management departments of national network security and informatization. , becoming one of the most influential communication platforms in the field of domestic information security.

Sustained Development: Helping Enhance my country’s Network and Information Security Guarantee

With the gradual improvement of the top-level design of national cybersecurity and informatization work, the successive promulgation of relevant laws and regulations, the continuous expansion of the scale of the cybersecurity industry, the increasing exchanges between enterprises and personnel in the cybersecurity industry, and the increasing number of conferences on various topics. more and more.

Compared with other conferences in the field of network security, Wang Jun mentioned that the VARA conference has three characteristics. First, start early and have a great impact. The theme setting and speech content of the VARA conference have led the research hotspot of vulnerability analysis and risk assessment for a certain period of time. Second, the integration of various parties, the form is flexible. The organizer of VARA Conference adopts the mode of combining academics and industry, oriented to government, industry, academia and research, and strives to integrate multiple parties to achieve innovation in content and form. Third, keep exploring and keep pace with the times. The agenda setting of VARA conferences and the speech themes of the guests over the years will aim at the development trend of the industry and discuss the focus and hot issues of the industry.

The VARA conference will include vulnerability analysis and risk assessment and other forms that reflect the main business into the conference agenda. At the third VARA conference held in October 2010, the evaluation center released the “Progress Report on the First Anniversary of the Release of China’s National Information Security Vulnerability Database”, and provided strong support and made outstanding contributions to the construction of the national vulnerability database. and individual awards. At the 8th VARA Conference in 2015, the evaluation center also held the award ceremony for outstanding national registered information security professionals (CISP) and the award ceremony for the third batch of technical support units of the National Information Security Vulnerability Database (CNNVD).

As expected by the supporters of the VARA conference, the VARA conference aims to become the most high-end open communication platform in China in the field of network security. They will jointly carry out research and exchanges on theoretical methods and technologies, share the latest research progress and technological achievements in the field of network security, and help strengthen my country’s network security assurance capabilities.

Wang Jun summed up the role played by the VARA conference into four aspects: first, leading the development. The topic setting and discussion topics of the VARA conference lead the technological innovation and research hotspot of vulnerability analysis and risk assessment for a period of time. Second, the bridge link. The VARA conference has been held for 12 consecutive sessions, and it has become a good platform for communication and exchanges between the government, industry, academia, and research. Third, explore and discover. The VARA conference has become a communication position for relevant units, industry organizations, participants and evaluation centers to jointly explore the development path and future direction of vulnerability analysis and risk assessment. Fourth, continuous innovation. The 2021 VARA Conference is already the thirteenth session. As one of the summit forums of the World Internet of Things Expo, it will continue to adhere to the concept of innovation, and insist on gathering elites in the field of cybersecurity at home and abroad to share cutting-edge technologies in the industry and innovative research results at home and abroad.

Keeping pace with the times: discussing the frontiers and hot issues of network security technology

Wang Jun introduced that this year’s VARA conference will continue to adhere to the tenet of “authoritative high-end, academic frontier, and industrial application”, and invite domestic and foreign academicians in the field of information security, leaders of relevant authorities, well-known scholars, industry users, and security enterprise representatives to serve the network. Industry experts, academic researchers and government, industry and enterprise users in the field of security and informatization provide an open communication platform to share the latest progress and technical achievements of vulnerability analysis and risk assessment theories, methods, technologies and practices.

The theme of this year’s VARA conference is “Innovation, Controllable Intelligence, and Co-creation of Network Security”. The guests will discuss the practice and development of network security in the new era, national network security construction and international development from the requirements of national network security and informatization development. News, exchange of key issues related to the development of cutting-edge technology and the application of the latest technology. This year’s VARA conference will set up a main forum and five sub-forums, including vulnerability analysis, critical information infrastructure protection, threat discovery and traceability, Internet of Things basic and application security technologies, and seminars on major cyberspace security events. Technical experts in related fields will be invited to conduct In-depth discussions and exchanges, sharing research and application results.

Wang Jun concluded that this year’s VARA conference will focus on vulnerability analysis and risk assessment, focusing on hot issues of network security. The first is to reflect professionalism and technology. The guests who delivered the keynote speeches of the conference are all carefully selected “experts” in the field of network security. Their speeches will focus on and excavate the network security issues that the industry is concerned about, reflect their profound and unique insights, and give attendees some insight. Inspired. The second is to reflect openness and internationality. The conference invites international experts with a pioneering international vision to explain in depth the hot issues of global cyber security and share the cutting-edge concepts of global cyber security technology.

Wang Jun specially reminded that at that time, please pay attention to the relevant regulations of the location of the meeting and the relevant epidemic prevention requirements of the place where the participants belong, and participate in the meeting safely.