ChinAI #130: Cloudy with a Chance of Security

Justin Fang on Cloud Security in China

Greetings from a world where…

We are on a record-breaking streak of three consecutive issues with contributors helping out with translation and analysis work: Straton started us off with Chinese academics’ views on smart courts; Shazeda kept us going with a fascinating foray into emotion recognition; and this week we have Justin Fang on cloud security.

…if you appreciate this contributor community, please please subscribe here to support ChinAI under a Guardian/Wikipedia-style tipping model (everyone gets the same content but those who can pay support access for all AND compensation for awesome ChinAI contributors). As always, the searchable archive of all past issues is here.

Feature Translation #1: A Comparative Study on Cloud Security in China and the United States

A big shout-out to Justin for contributing two! translations to this week’s issue: The first is a 37-page June 2020 report by DongXing Securities, a Chinese investment bank, on cloud security in China.

Justin is a senior consultant at Deloitte focusing on applied risk management for innovative technologies. He’s also worked as a product manager for several machine learning teams. He holds a degree in International Political Economy from Georgetown University . Connect with him on LinkedIn here.

Justin’s brief takeaways on the DongXing report:

  1. Chinese cloud security is primarily divided into two major players/groups: large domestic cloud service providers like Tencent or Alibaba and specialist cloud security providers (Sangfor or DAS-Security)

  2. The potential for the cloud security market is still pretty immense. The estimates are that growth could continue at 30-50% rates domestically if specialist cloud security vendors really fill in gaps in the private and hybrid cloud solution spaces.

  3. Really interesting to see case studies of CrowdStrike and Palo Alto Networks. Granted, they seem to be really great leaders in cybersecurity based on my own understanding, but DongXing Securities analysts seemed pretty adamant that Chinese vendors need to look towards international (American) examples and shift from a hardware-focused model towards a more service-oriented model based on SOC (security operations centers).

New stuff that I learned while reading Justin’s translation

  • Why is cloud security so important? Generally, information security makes up 3% of overall IT expenditures, and as cloud computing spreads in China, cloud security will be a good marker for the development of China’s digital economy. Also, in recent years, there has been an increase in large-scale DDoS attacks. For instance, in November 2019, Wangsu Science & Technology, a Chinese IT services company, announced that its cloud security platform had protected against a DDoS attack that peaked at 1.02Terabytes per second.

  • China’s cloud security industry still at its infancy. I think there’s this growing narrative that’s emerging in many circles (cough, DC-based “China-watchers,” cough) that the U.S. builds new tech and China adopts and scales it faster. These folks often cherry-pick a few examples that fit their point, mostly drawn from consumer-facing apps like mobile payments. If you were to more systematically measure a country’s absorption capacity, you would need to account for examples that might not fit the narrative. For example, here’s some statistics on cloud adoption rates from this week’s translation: “In 2018, American companies have already achieved a cloud adoption rate of over 85%, EU rates are around 70%, while Chinese companies in various industries are only adopting cloud technology at a rate of around 40%.” This has implications for cloud security, since it tends to lag behind the cloud computing market by roughly 3-4 years.

FULL TRANSLATION: Information Security: A Comparative Study on Cloud Security in China and the United States

Feature Translation #2: The Xinchuang (信创) Industry — A New Trillion Layer Market

Justin’s second translation provides more clarity on the xinchuang industry, a buzzword that I flagged in a previous translation about China’s localization efforts: ChinAI #123). He found an article from 商业伙伴, a trade group for the IT industry, that provides more background on xinchuang.

This is driven by a push for domestically-produced and secure IT in government operations. This is evidenced by how the article roughly calculates baseline demand for xinchuang like so:

  • Procurement is focused largely on computers, servers, and software. If the individual unit cost for computers is 10,000 RMB, servers are 50,000 RMB each, and a unit of software is 3000 RMB. If the government procures 500,000 computers, 50,000 servers, and 500,000 software licenses each year, then the market is projected at 5 billion + 2.5 billion + 1.5 billion = 9 billion RMB.

ChinAI Links (Four to Forward)

Must-read: Misogyny at Alibaba and Baidu: The struggle of China’s female tech execs

Interviews with four female tech workers: all work at leading Chinese firms

+ a flurry of statistics: for instance, a 2019 National Bureau of Statistics report showed that Chinese women spent more than twice as much time as Chinese men on unpaid household work.

+ deep engagement with academic literature: quotes from two professors who do research this topic

= the gold standard on Chinese tech reporting from Shen Lu in a Protocol article.

Must-read: The Great Shopping Mall: The market nationalist logic of Chinese social media

An Xiao Mina and Xiaowei Wang, as part of a research project at Columbia University that looks at the “logics” of social media, propose the Great Shopping Mall as an image for the Chinese internet that complements the more famous symbol of the Great Firewall.

Should-read: Two other newsletters I’ve enjoyed perusing lately

The Ethical Reckoner

A former student of mine, Emmie Hine, is starting up a biweekly newsletter on the moral state of the tech industry. She’s studying for a Master’s at the Oxford Internet Institute. Her first issue uses the extended metaphor of an “Echo Palace” (instead of echo chambers) to look at disinformation’s role in provoking the storming of the U.S. Capitol.

China Biotech Bulletin

James Haynes, a China RA at the Brookings China Center, has a quasi-weekly roundup of Chinese biotechnology news. He recently did a review of Chinese media and official statements on the Pfizer vaccine, and found that even as multiple official Chinese media reports doubted its safety / efficacy, the vaccine is now being imported into Hong Kong to the tune of millions of doses.

Thank you for reading and engaging.

These are Jeff Ding's (sometimes) weekly translations of Chinese-language musings on AI and related topics. Jeff is a PhD candidate in International Relations at the University of Oxford and a researcher at the Center for the Governance of AI at Oxford’s Future of Humanity Institute.

Check out the archive of all past issues here & please subscribe here to support ChinAI under a Guardian/Wikipedia-style tipping model (everyone gets the same content but those who can pay for a subscription will support access for all).

Any suggestions or feedback? Let me know at or on Twitter at @jjding99