Abstract:







[Security Trends in financial Industry]

2017 P2P network lending industry annual Report



Summary:

By the end of December 2017, the number of normal operating platforms in the online loan industry reached 1,931, 517 fewer than at the end of 2016, and the number of normal operating platforms throughout the year has been on a unilateral downward trend. As the platform rectification process has not yet been completed, it is expected that the number of operating platforms in the online lending industry will still decline further in 2018. The specific rate of decline depends on the filing and compliance situation. According to current information estimates, the number may fall to about 800 by the end of 2018.

In 2017, the rectification process of P2P online lending industry has entered the final stage, and the number of platforms that quit the industry has significantly decreased compared with 2016. The number of suspended and problematic platforms in the whole year was 645, compared with 1713 in 2016. The proportion of the number of problem platforms continues to decrease. In 2017, the number of problem platforms only accounted for 33.49%, and 66.51% of platforms chose benign withdrawal. The above data all indicate that the supervision of P2P online loan industry in China is effective, and the industry development environment will be more healthy in the future. (Source: Wangdaizhijia)



Comment on:After more than a year of heavy regulatory pressure, the P2P industry is nearing the end of its rectification period, and it is becoming increasingly clear that safety compliance will be an important factor in staying in the market. For the sensitive business related to capital, with a large amount of customer information, the security risk of this industry increases greatly. Therefore, we must consider timely using more advanced and efficient technical measures to ensure the safe operation of business. Because the negative impact of every security incident may lead to the loss of valuable business qualifications.




【 Financial Industry Security Trends 】 Risk control,

One of the four new key words of insurance industry transformation

Summary:

Zhou Yanli, vice chairman of THE International Financial Forum (IFF) and former vice chairman of the China Insurance Regulatory Commission (CIRC), recently revealed at the 2017 Meeting of the International Financial Forum hosted by The China News Service that the penetration rate of insurance technology is increasing, 76% of insurance companies through their own official website, mobile App, cooperation with third-party platforms and other ways to display their products. He noted that from 2012 to 2016, China’s Internet premium income increased from 10.6 billion yuan to 229.9 billion yuan, an increase of about 20.7 times. This jump reflects the positive role of insurtech in driving the sales of the insurance industry, and is also the result of shifting momentum in the insurance industry.



Zhou proposed that the application of insurance, technology and digital economy can improve the application management level of the insurance industry in the future. On this basis, insurtech can drive the transformation and upgrading of the insurance industry. The next step is to do more work on risk prevention. For example, how to effectively cover multiple supervision, network security risks, information infrastructure risk supervision, attaching importance to legal risks, financial institutions’ functional supervision, Internet technology can serve the real economy, and credit moral risk supervision are the seven major risks concerned by “insurance + Science and Technology”. (Source: Sina.com)


Comment on:The problem of information security and network security has more and more influence on the insurance industry and the whole financial industry. In recent years, several security risk trends for insurance and financial industry are: account and password privacy disclosure; The black industrial chain is increasingly rampant, and the destructive behavior is diversified; Automated Webshell hacking tools improve intrusion efficiency; The number of events that database application is used increases, which will become the breakthrough point of hacker invasion. Weak passwords are a particularly vulnerable point for hackers; Vulnerability scanning evolves into distributed clustering; Internal education and safety awareness among employees are also at risk. To address these risks, improve visibility in a timely manner
Discovering asset changes is the first step; Second, the use of emerging technologies, such as cloud computing, machine learning, right
Large scale security numbers

According to the effective correlation, analysis and mining to generate the final value; And refine the granularity of access control.



[Security Trends in financial Industry]

Central bank to issue bar code payment standards

Summary:

The central bank pointed out that bar code payment has certain technical risks. Sweep active scan code for the users (main) payment and payment code be swept sweep (be) model, is because esau’s security is relatively higher, comprehensive security and convenience factors, outside to static bar code to make some technical requirements, the central bank through the static limitation of bar code way to guide the users more use by scanning mode, but for small businesses widely used main mode is not completely limited. (Credit: International Online)



Ali Cloud Security: 2017 Annual Inventory

Summary:

In 2017, Ali Cloud from security products and solutions, security ecology and technology, data security and compliance to give customers all-round protection; Shared with the industry colleagues in the security field of new ideas, new concepts. In one year, Ali Cloud helped enterprises repair 6.13 million vulnerabilities and reduce losses caused by vulnerability risks; When WannaCry broke out, Ali Cloud security team “cloud early warning” 28 days in advance, give security advice within 9 hours; Through the compliance ecology of waiting for guarantee, the time cost of “waiting for guarantee” has been reduced from 2 years to 2 months on average, and the cost has been reduced by 80%. Wevin public welfare fund and industrial safety support plan, to help safety talent and entrepreneurs through the first stage of growth and development; Release the 11-layer enterprise cloud security architecture, lay the foundation for enterprise security, draw the blueprint, and achieve the ultimate security; From Germany’s C5 most rigorous data protection certification to the 2017 Security White Paper, the first principle of data privacy protection is implemented with practice.