Core Insights - The recent security assessment of AI large models revealed 281 vulnerabilities, with 177 being specific to large models, indicating new threats beyond traditional security concerns [1] - Users often treat AI as an all-knowing advisor, which increases the risk of privacy breaches due to the sensitive nature of inquiries made to AI [1][2] Vulnerability Findings - Five major types of vulnerabilities were identified: improper output vulnerabilities, information leakage, prompt injection vulnerabilities, inadequate defenses against unlimited consumption attacks, and persistent traditional security vulnerabilities [2] - The impact of large model vulnerabilities is less direct than traditional system vulnerabilities, often involving circumvention of prompts to access illegal or unethical information [2][3] Security Levels of Domestic Models - Major domestic models such as Tencent's Hunyuan, Baidu's Wenxin Yiyan, Alibaba's Tongyi App, and Zhiyun Qingyan exhibited fewer vulnerabilities, indicating a higher level of security [2] - Despite the lower number of vulnerabilities, the overall security of domestic foundational models still requires significant improvement, as indicated by a maximum score of only 77 out of 100 in security assessments [8] Emerging Risks with AI Agents - The transition from large models to AI agents introduces more complex risks, as AI agents inherit common security vulnerabilities while also presenting unique systemic risks due to their multi-modal capabilities [9][10] - Specific risks associated with AI agents include perception errors, decision-making mistakes, memory contamination, and potential misuse of tools and interfaces [10][11] Regulatory Developments - The National Market Supervision Administration has released 10 national standards and initiated 48 technical documents in areas such as multi-modal large models and AI agents, highlighting the need for standardized measures to mitigate risks associated with rapid technological advancements [11]

Core Viewpoint - The 22nd China-ASEAN Expo and China-ASEAN Business and Investment Summit highlighted the theme of "Digital Intelligence Empowering Development, Innovation Leading the Future," showcasing the significant role of artificial intelligence (AI) in enhancing cooperation between China and ASEAN countries in the "Digital Intelligence Era" [1]. Group 1: AI Integration in the Expo - The expo served as a vivid application scenario for AI in the exhibition industry, featuring real-time translation in seven languages during the opening ceremony, facilitated by iFlytek's technology [2]. - An AI assistant named "AI Dongbo" was launched prior to the expo, covering 17 application scenarios to assist exhibitors and attendees in planning schedules and matching business opportunities [3]. - The exhibition area reached 160,000 square meters, with AI technology integrated into navigation and product information services, enhancing the overall experience for participants [3]. Group 2: AI Applications and Innovations - China Communications Construction Company showcased its infrastructure projects in ASEAN countries, emphasizing the integration of AI in various sectors, including green and low-carbon development [4]. - Various AI products were highlighted, including consumer-grade smart glasses and humanoid robots, indicating a strong presence of innovative AI solutions at the expo [5]. - The establishment of a dedicated AI pavilion attracted nearly 200 leading AI companies, showcasing a wide range of advanced products and solutions [5]. Group 3: Collaborative Opportunities - The expo facilitated discussions on the vast potential of AI across multiple sectors, including agriculture, education, transportation, healthcare, and manufacturing, fostering a strong willingness for collaboration [6]. - China announced a three-year action plan to enhance AI capabilities in ASEAN countries, focusing on technology exchange, industry empowerment, and talent cultivation [7]. - The establishment of the China-ASEAN AI Application Cooperation Center was announced, aiming to promote practical cooperation projects and enhance AI technology accessibility [7]. Group 4: Regional Perspectives on AI - Representatives from ASEAN countries expressed optimism about AI collaboration with China, highlighting the importance of investment and talent development in the AI sector [8]. - Indonesia emphasized the need for more investment in AI to drive economic growth, while Laos recognized the potential of AI in addressing development challenges [8].

Core Viewpoint - The cybersecurity industry in China is experiencing significant growth and transformation, driven by advancements in technologies such as artificial intelligence, quantum communication, and 6G, alongside a shift from compliance-driven to risk-driven security needs [1][4][7]. Market Growth and Trends - The global cybersecurity market is projected to reach $216.8 billion in 2024, with a year-on-year growth of 12.3% [1]. - China's cybersecurity market is expected to grow from $11.2 billion in 2024 to $17.8 billion by 2029, reflecting a compound annual growth rate (CAGR) of 9.7% over five years [1]. - Global cybersecurity IT investments are forecasted to increase from $244.4 billion in 2024 to $416.2 billion by 2029, with a CAGR of 11.2% [2]. Industry Development and Challenges - The cybersecurity industry in China is transitioning from pure market expansion to a focus on high-quality and sustainable development, influenced by digital transformation and improved regulations [2]. - The number of new cybersecurity companies in China has been increasing, with 30 publicly listed firms by mid-2025, and 12 of 24 analyzed companies projected to achieve revenue growth in 2024 [4]. - The market share of leading cybersecurity firms is declining, while mid-tier and small enterprises are gaining ground, indicating a shift in competitive dynamics [4]. Standardization and Governance - China is advancing its cybersecurity standards framework, which includes developing standards for software supply chain security and data classification, to support healthy industry growth [3]. - The establishment of standards is crucial for the governance of emerging technologies, such as artificial intelligence, providing compliance baselines and technical references [3]. Collaboration and Innovation - Industry stakeholders are encouraged to collaborate to enhance the cybersecurity ecosystem, focusing on key areas like chip technology and artificial intelligence [5]. - The integration of AI in cybersecurity is rapidly evolving, with companies deploying AI-driven solutions to improve operational efficiency and threat response [6]. Emerging Threats and Opportunities - The rise of AI technologies presents both opportunities and risks, as they can be exploited for sophisticated cyberattacks while also enhancing defensive capabilities [7]. - Experts emphasize the need for a comprehensive security framework that incorporates AI capabilities into security management and operational practices to effectively counter evolving threats [7].

奇安信科技集团股份有限公司 2025 年第二次临时股东大会会议资料 2025 年 9 月 1 / 8 奇安信科技集团股份有限公司 2025 年第二次临时股东大会会议资料 证券代码：688561 证券简称：奇安信 | 一、会议须知 . | | --- | | 二、会议基本情况 …………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………… 5 | | 三、会议议程 . | | 中文 (1),工艺(文字),四八六年纪六十年出学习中学生产品之一。 ( | （三）出席会议的股东及股东代理人须在会议召开前 30 分钟到会议现场办 理签到手续，并请按规定出示身份证明文件或法人单位证明、授权委托书等，经 验证后领取会议资料，方可出席会议。 （四）股东及股东代理人依法享有发言权、质询权和表决权等各项权益。股 东及股东代理人参加股东大会，应认真行使、履行其法定权利和义务，不得侵犯 公司和其他股东的合法权益，不得扰乱股东大会的正常秩序。 （五）要求现场发言 ...

Group 1 - The event showcased advancements in network security technology, emphasizing the shift from passive defense to intelligent perception and proactive protection [2] - A variety of new technologies and applications were presented to enhance network security, addressing real-life needs and concerns of the public [2] - The exhibition featured interactive experiences, allowing attendees to engage with AI-driven security solutions and learn about their practical applications [3] Group 2 - The "gPass" framework by Ant Group integrates various biometric technologies to ensure secure authentication and enhance user experience with smart glasses [3] - The event highlighted the importance of public awareness in network security, with initiatives aimed at making security education more relatable to everyday life [3] - Companies like China Telecom and Qihoo 360 demonstrated innovative solutions for drone detection and AI model security, showcasing the integration of AI in safeguarding information [2][3]

Group 1 - The 22nd China-ASEAN Expo successfully showcased unprecedented "AI content," creating new opportunities for cooperation between China and ASEAN, and contributing to global economic growth [2][5] - The expo featured over 3,200 exhibitors, an increase from 1,505 in the first edition, and expanded the exhibition area from 50,000 square meters to 160,000 square meters [2] - The trade volume between China and ASEAN surged from $105.8 billion in 2004 to $982.3 billion in 2024, highlighting the expo's role as a catalyst for long-term growth and innovation [2] Group 2 - The expo emphasized AI technology, with nearly 200 companies showcasing 1,200 cutting-edge AI products and solutions, including advanced surgical robots and fire-fighting drones [3] - A total of 155 projects were signed at the expo, with 44 projects specifically focused on "AI+" applications across various sectors such as manufacturing, services, agriculture, and cultural tourism [3] - The event facilitated significant cooperation opportunities, including AI translation devices and an "AI intelligent matchmaking" system to connect ASEAN businesses with buyers [4] Group 3 - The expo provided a refreshed procurement experience for buyers, featuring an AI pavilion that allowed early exposure to future technologies and cultural showcases from ASEAN countries [5] - The Guangxi region aims to continuously expand the functions of the expo and summit platforms to deepen exchanges and cooperation across various fields, contributing to the construction of an AI international cooperation hub [5] - With the upcoming implementation of the upgraded China-ASEAN Free Trade Area 3.0, the expo is expected to further strengthen the China-ASEAN community of shared destiny [5]

Core Viewpoint - The article discusses the increasing scrutiny and criticism of Chinese cybersecurity companies by U.S. experts and institutions, particularly focusing on the actions of Dakota Cary and the implications for the cybersecurity industry. Group 1: Criticism of Chinese Cybersecurity Companies - Dakota Cary, a prominent figure in U.S. cybersecurity, has accused several Chinese companies, including Alibaba and Baidu, of being "weapons suppliers" for state-sponsored hacking, distorting the nature of penetration testing services [1][3][6] - Cary's claims are seen as part of a broader strategy to isolate Chinese cybersecurity firms from international collaborations, particularly the Microsoft Active Protections Program (MAPP) [6][7] - Following Cary's accusations, Microsoft announced restrictions on Chinese companies' access to vulnerability information, which was celebrated by Cary as a victory [7][8] Group 2: Historical Context and Evolution - The article traces the origins of U.S. criticism of Chinese cybersecurity back to a 2012 congressional hearing where Richard Bejtlich accused the Chinese government of extensive cyber espionage [9][13] - This hearing marked the beginning of a decade-long focus on China as a primary adversary in cyberspace, leading to a series of reports and accusations against Chinese firms [13][14] - The narrative has evolved, with newer figures like Cary taking the lead in shaping public perception and policy against Chinese cybersecurity entities [17][20] Group 3: The Role of U.S. Cybersecurity Firms - U.S. cybersecurity firms, such as SentinelOne, have benefited from the political climate by increasing government contracts, with SentinelOne's government orders rising from 12% in 2021 to 37% by 2025 [32][33] - The article highlights a pattern where U.S. cybersecurity companies publish reports that criticize Chinese firms, which in turn helps them secure government contracts and funding [32][34] - The rise of companies like CrowdStrike and SentinelOne is linked to their ability to align with U.S. government interests and narratives against China [33][34] Group 4: Response from Chinese Cybersecurity Firms - In response to the accusations, Chinese cybersecurity companies have begun to publish their own reports exposing U.S. cyber activities, aiming to counter the narrative and assert their capabilities [36][37] - Reports from firms like Qihoo 360 and Antiy have detailed U.S. cyber attacks, marking a shift towards a more aggressive defense strategy against U.S. claims [35][36] - The article notes that these responses are part of a broader struggle for legitimacy and recognition in the global cybersecurity landscape [34][38] Group 5: Future Implications - The ongoing conflict between U.S. and Chinese cybersecurity firms reflects a larger geopolitical struggle, with implications for international cybersecurity cooperation and competition [48][49] - The article suggests that the U.S. is conducting a comprehensive assessment of China's cybersecurity capabilities, which may signal preparations for future cyber confrontations [48][49] - The narrative constructed by U.S. experts may influence policy decisions and funding allocations within the U.S. government, further entrenching the divide between the two nations in the cybersecurity domain [57][58]

Core Viewpoint - The article discusses the increasing scrutiny and criticism of Chinese cybersecurity companies by U.S. experts and institutions, particularly focusing on the actions of Dakota Cary and the implications for the cybersecurity industry [1][3][9]. Group 1: Criticism of Chinese Cybersecurity Firms - Dakota Cary, a prominent figure in U.S. cybersecurity, has accused several Chinese companies, including Alibaba and Baidu, of being "weapons suppliers" for state-sponsored hacking [1][3]. - Cary's claims are based on the misinterpretation of penetration testing services, which are standard in the cybersecurity industry and not inherently malicious [3][7]. - The U.S. cybersecurity landscape has seen a rise in anti-China rhetoric, with Cary and others labeling Chinese firms as threats to national security [9][10]. Group 2: U.S. Cybersecurity Strategy and Actions - The Microsoft Active Protections Program (MAPP) has been a focal point, with Cary pushing for the exclusion of Chinese firms from this initiative, arguing that they pose a risk of leaking vulnerabilities to state actors [7][8]. - Following Cary's pressure, Microsoft announced restrictions on Chinese companies' access to vulnerability information, indicating a shift in U.S. cybersecurity policy [8][9]. - The article highlights a pattern where U.S. cybersecurity firms gain government contracts and funding by promoting narratives that vilify Chinese companies [34][35]. Group 3: Historical Context and Evolution - The narrative against Chinese cybersecurity firms has roots in earlier U.S. congressional hearings, such as the 2012 USCC hearing, which established China as a primary adversary in cyberspace [16][18]. - The article traces the evolution of U.S. cybersecurity firms' strategies, noting how they have leveraged political narratives to secure government contracts and enhance their market positions [19][36]. - Recent hearings in 2022 further solidified this trend, with experts calling for direct sanctions against Chinese entities, reflecting a more aggressive stance [20][23]. Group 4: Response from Chinese Cybersecurity Firms - In response to the accusations, Chinese cybersecurity firms have begun to publish reports exposing U.S. cyber activities, aiming to counter the negative narratives [36][38]. - Companies like Qihoo 360 and An Tian have released findings on U.S. cyberattacks, showcasing their capabilities and challenging the claims made by U.S. experts [37][41]. - The article emphasizes the ongoing struggle between U.S. and Chinese cybersecurity firms, with each side attempting to assert its narrative in the global cybersecurity landscape [40][49]. Group 5: Implications for the Future - The article suggests that the increasing scrutiny of Chinese cybersecurity firms may lead to a more fragmented global cybersecurity environment, with potential implications for international cooperation [49][50]. - The actions of U.S. experts and firms may also signal a broader strategy to undermine Chinese technological advancements in cybersecurity [56][59]. - The ongoing conflict in narratives and actions between U.S. and Chinese cybersecurity entities reflects a larger geopolitical struggle, with significant consequences for the industry as a whole [59].

Group 1 - The event showcased advancements in network security technology, emphasizing a shift from passive defense to intelligent perception and proactive protection [3] - New technologies such as AI algorithms and cloud collaboration were highlighted, particularly in the context of drone detection and control systems [3] - The integration of biometric technologies for secure authentication was demonstrated, with a focus on enhancing user experience through seamless interactions [4] Group 2 - The event featured various interactive experiences aimed at raising public awareness about network security, making it more relatable to everyday life [4] - Companies presented innovative solutions to address real-life security needs, reinforcing the importance of network security for the public [3][4] - The exhibition included demonstrations of AI-based security products and solutions, showcasing the application of AI in safeguarding information security [3]

Group 1 - AI presents both new risks and opportunities in cybersecurity, with experts highlighting the complexity of AI security issues compared to traditional cybersecurity problems [1][2] - The emergence of AI-powered attack agents has lowered the cost and increased the unpredictability of cyberattacks, posing significant risks to various sectors [2][3] - AI's integration into cybersecurity is a critical research direction, with companies exploring the combination of AI and security technologies to enhance protection measures [3] Group 2 - The development of dedicated large models for security oversight is suggested to address the safety issues arising from AI's operational processes [3] - Establishing a "red domain" for large model training and management can help control risks by segmenting different operational areas [3] - High-quality data governance and monitoring mechanisms are essential to ensure AI systems function correctly and align with desired outcomes [3]