上海君澜律师事务所 关于杭州安恒信息技术股份有限公司 2024 年年度股东大会的法律意见书 一、 本次股东大会的召集、召开程序 1.1 本次股东大会由公司董事会召集。 公司董事会于 2025 年 4 月 29 日召开第三届董事会第十三次会议，审议通 过了《关于公司<2024 年年度报告>及摘要的议案》《关于公司 2024 年度 总经理工作报告的议案》《关于公司 2024 年度董事会工作报告的议案》 《关于公司 2024 年度财务决算报告的议案》《关于公司 2024 年度利润分 配方案的议案》《关于续聘公司 2025 年度审计机构的议案》《关于公司 2024 年年度募集资金存放与实际使用情况专项报告的议案》《关于公司 1 上海君澜律师事务所 法律意见书 致：杭州安恒信息技术股份有限公司 根据《中华人民共和国公司法》（以下简称"《公司法》"）、《中华人民 共和国证券法》《上市公司股东会规则》（以下简称"《股东会规则》"）等法 律、法规、规章、规范性文件及《杭州安恒信息技术股份有限公司章程》（以下 简称"《公司章程》"）的规定，上海君澜律师事务所（以下简称"本所"）接 受杭州安恒信息技术股份有限公司（以下简称"公司 ...

Investment Rating - The investment rating for the company is "Buy" (maintained) [5] Core Insights - The launch of Hengnao 3.0 marks a new era in AI security, addressing the dual mission of responding to security risks posed by rapidly evolving AI technologies and reconstructing security defense systems to tackle increasingly complex cyber threats [1][2] - The continuous evolution of Hengnao models from 1.0 to 3.0 reflects the company's progression from exploration to leadership in the AI security field [2] - AI is fundamentally transforming the cybersecurity industry, shifting it from a labor-intensive to a technology-intensive model, with the global AI market in cybersecurity projected to reach $25.89 billion in 2024, growing at a CAGR of 16.2% from 2024 to 2029 [3] - The company is building competitive advantages through three dimensions: - Technological integration, enhancing core scenarios such as data classification and leakage prevention, achieving efficiency improvements of 30 times and 50 times respectively [3] - Ecosystem development, actively participating in national data infrastructure construction and initiating strategic partnerships [3] - Strategic collaboration with various technology vendors, resulting in 182 new compatible products in 2024 [3] - The company is expected to establish a differentiated advantage in the AI security sector through the continuous iteration of Hengnao models, maintaining a leading market position amid the wave of intelligent transformation [4] Financial Forecast and Valuation - The company’s revenue projections for 2025-2027 are estimated at 21.46 billion, 22.71 billion, and 24.21 billion yuan, with net profits of 0.47 billion, 1.26 billion, and 1.72 billion yuan respectively [10] - The earnings per share (EPS) is projected to be 0.60 yuan in 2025, 1.59 yuan in 2026, and 2.17 yuan in 2027, with a price-to-earnings (P/E) ratio of 78.67 in 2025, decreasing to 21.67 by 2027 [12]

Core Viewpoint - The article discusses the challenges and transformations in the cybersecurity industry, particularly in the context of AI technology, highlighting the shift towards AI-driven security solutions and the competitive landscape among cybersecurity firms [2][4]. Group 1: Industry Challenges - Qi Anxin, a leading cybersecurity firm, reported a loss exceeding 1.3 billion yuan in 2024, reflecting the "red ocean" dilemma faced by the cybersecurity industry due to market saturation, price competition, and tightening client budgets [2][5]. - The cybersecurity sector, which previously thrived on compliance-related demands, is now experiencing a peak in growth, prompting major firms to seek new opportunities for the next decade [2][4]. - The industry is witnessing a significant shift as clients increasingly develop in-house security capabilities, reducing their reliance on external cybersecurity services [4][11]. Group 2: AI Integration and Opportunities - The emergence of AI technology has led to a new phase of competition where both attackers and defenders utilize AI, creating a "cat-and-mouse game" in cybersecurity [2][10]. - The introduction of generative AI has significantly lowered the cost of attacks by 75%, necessitating a reconfiguration of defense systems and presenting new market opportunities for cybersecurity firms [7][11]. - Three key incremental market opportunities for cybersecurity firms in the AI era include compliance-driven service upgrades, vertical industry-specific demands, and the growth of cloud-native security solutions [7][8]. Group 3: Market Dynamics and Future Outlook - The cybersecurity market is becoming increasingly saturated, with product homogenization and a singular business model limiting growth potential [7][8]. - Major cybersecurity firms are launching vertical AI models to integrate their security products and data, aiming for systematic delivery to clients [10]. - The balance between technological innovation and risk management will be crucial for cybersecurity firms to thrive in the evolving landscape shaped by AI [11].

Core Insights - The core viewpoint of the articles highlights the significant challenges faced by the cybersecurity industry, particularly the financial struggles of leading companies like Qihoo 360, which reported a loss exceeding 1.3 billion yuan in 2024, reflecting a saturated market and intense competition [1][4]. Group 1: Industry Challenges - The cybersecurity industry is experiencing a "red ocean" dilemma characterized by market saturation, price competition, and tightening customer budgets, leading to a decrease in project availability [1][3]. - Major cybersecurity firms are reporting substantial losses, with Qihoo 360's loss of over 1.3 billion yuan and other firms like Green Alliance Technology and Starry Stone Network also facing losses ranging from 100 million to 400 million yuan [4]. - The shift in client behavior is evident as enterprises are increasingly developing their own cybersecurity solutions, reducing reliance on external vendors [3][8]. Group 2: AI Integration and Future Opportunities - Leading cybersecurity firms are investing in AI technologies, launching products like Qihoo 360's "Q-GPT" and Green Alliance Technology's "Fengyunwei," indicating a strategic pivot towards AI-enhanced security solutions [2][7]. - The emergence of generative AI is reshaping the threat landscape, with attackers leveraging AI to enhance the efficiency of phishing attacks and other cyber threats, thus necessitating a rethinking of defense strategies [5][6]. - Three potential growth markets for cybersecurity firms in the AI era include compliance-driven service upgrades, vertical industry-specific demands, and cloud-native security solutions, with the latter expected to grow at a compound annual growth rate exceeding 30% [6][5]. Group 3: Challenges of AI in Cybersecurity - The integration of AI into cybersecurity presents a dual challenge, as both attackers and defenders utilize AI, leading to a "cat-and-mouse" dynamic where the effectiveness of AI security products against zero-day attacks remains insufficient [7][8]. - Current AI security products have a low interception rate for zero-day attacks, and issues such as high false positive rates due to model "hallucinations" pose additional challenges for cybersecurity firms [7][8]. - The industry's ability to balance technological innovation with risk management will be crucial for firms to gain a competitive edge in the evolving cybersecurity landscape [7].

Core Insights - The article discusses the risks associated with the Multi-Agent Collaboration Protocol (MCP), particularly the potential for tool poisoning attacks that could manipulate AI agents to perform unauthorized actions [1][8][9] - The emergence of AI agents is highlighted as a transformative trend, with predictions indicating that by 2028, at least 15% of daily work decisions will be made autonomously by AI agents [2][4] - The commercial viability of AI agents is emphasized, with a focus on their ability to meet consumer needs and create a self-sustaining economic cycle [3][10] Group 1: Agent Ecosystem and Trends - The development of AI agents is expected to either replace traditional applications or enhance them with intelligent, proactive capabilities [2][4] - The introduction of DeepSeek has accelerated the adoption of AI agents, with a notable increase in inquiries and revenue generation in the industry [3][10] - The transition from single assistants to collaborative networks of agents is anticipated, leading to the formation of an "Agent Economy" [4][9] Group 2: Security Risks and Challenges - Security challenges are identified as critical for the stable operation of agent systems, with vulnerabilities in the MCP protocol posing significant risks [7][9] - Tool poisoning attacks (TPA) are highlighted as a major concern, where attackers can embed malicious instructions within the MCP code, leading to unauthorized actions by AI agents [8][9] - The lack of adequate security mechanisms during the design phase of protocols like MCP and A2A has resulted in hidden vulnerabilities that could be exploited [9][12] Group 3: Safety Measures and Industry Response - The industry is urged to implement proactive security measures across the entire value chain to mitigate risks associated with AI agents [11][12] - The responsibility for security varies depending on the application context, with general SaaS products having different security obligations compared to industry-specific applications [11][12] - Collaboration between AI model developers and security firms is essential to address both internal and external security challenges in the deployment of AI agents [12][13]

杭州安恒信息技术股份有限公司 2024 年年度股东大会 会议材料 2025 年 5 月 21 日 安恒信息 2024 年年度股东大会 股东大会须知 为保障杭州安恒信息技术股份有限公司全体股东的合法权益，维护股东大 会的正常秩序，保证股东大会的议事效率，确保本次股东大会如期、顺利召开， 根据《中华人民共和国公司法》《杭州安恒信息技术股份有限公司章程》《杭 州安恒信息技术股份有限公司股东大会议事规则》及中国证券监督管理委员会、 上海证券交易所的有关规定，特制定本须知。 一、股东大会设会务组，由公司董事会秘书负责会议的程序安排和会务工 作。 二、为保证股东大会的严肃性和正常秩序，切实维护与会股东（或股东代 表）的合法权益，除出席会议的股东（或股东代表）、公司董事、监事、高级 管理人员、见证律师及董事会邀请的人员外，公司有权依法拒绝其他人员进入 会场。 三、出席会议的股东（或股东代表）须在会议召开前 20 分钟到会议现场办 理签到手续，并请按规定出示证券账户卡、身份证或法人单位证明、授权委托 书以及参会回执等，经验证后领取会议资料，方可出席会议。 四、股东（或股东代表）依法享有发言权、咨询权和表决权等各项权益。 如股 ...

Core Insights - The industrial information security industry in China is experiencing rapid growth, with the market size projected to reach approximately 28.734 billion yuan in 2023 and around 39.152 billion yuan in 2024, driven by increasing awareness of information security and the rise of cyber threats [1][10] - The demand for industrial information security spans various sectors, including electricity, petrochemicals, manufacturing, and transportation, highlighting the critical need for security measures in these industries [10] Industry Definition and Classification - Industrial information security refers to the protection of information during industrial operations, encompassing industrial control systems (ICS), industrial internet, and industrial IoT, aimed at ensuring confidentiality, integrity, and availability of industrial production processes [2][4] Industry Chain Analysis - The industrial information security industry chain includes upstream hardware suppliers, software technology providers, and network infrastructure providers, with midstream solution providers and system integrators, and downstream industrial users and regulatory bodies [4] Development History - The industry has evolved through three stages: passive foundation, independent breakthroughs, and ecological restructuring, transitioning from policy-driven compliance to technology-led initiatives [6] Current Industry Status - The number of registered companies in the industrial information security sector has steadily increased, with 106,349 companies registered in 2023, and this trend is expected to continue as demand grows due to initiatives like Industry 4.0 and Made in China 2025 [8] Market Composition - The market composition shows that security hardware accounts for 45%, security software for 30%, and security services for 25%, indicating the significant role of hardware in safeguarding industrial information security [12] Key Companies Analysis - Major players in the industry include Qihoo 360, NSFOCUS, Inspur, and others, each specializing in different aspects of industrial information security, such as comprehensive protection systems, cloud security, and terminal security [14][15] Future Development Trends - Key trends include technological integration, where AI, big data, IoT, and blockchain converge to enhance security measures, and ecological collaboration among manufacturers, software developers, and service providers to create a robust security ecosystem [21][22] Regulatory Impact - Strengthening compliance requirements is significantly influencing the industry, prompting companies to enhance their security measures and invest in compliance with new regulations, thereby raising industry standards [23]

Core Insights - The conference "2025 China Data Valley · West Lake Sword Conference" emphasizes the importance of data flow for enabling various industries and the critical role of data in the AI revolution [2][6] - The lack of high-quality datasets is identified as a significant bottleneck in the deep integration of data and AI, which is essential for advancing from AI to AGI [2][3] Group 1: Data Flow and AI Integration - Data is considered the key element in the AI revolution, akin to fuel for a rocket, highlighting its necessity for intelligent systems [2] - The current limitations in data flow are attributed to security and quality issues, particularly concerning private data that is essential for model application in specific scenarios [3][5] - The industry is exploring synthetic data to address the scarcity of quality data, which affects model performance [3] Group 2: Trusted Data Space - The concept of a trusted data space is proposed as a solution to reconcile the development and utilization of data elements with security protection [6][10] - Trusted data spaces are designed to ensure secure and controllable data flow through a combination of hardware and software solutions, including privacy computing and blockchain technologies [10][11] - The national plan aims to establish over 100 trusted data spaces by 2028, with a focus on creating a comprehensive set of rules and standards for data security [11] Group 3: AI's Role in Data Security - The transition from static to dynamic data security is necessary to address the challenges in data flow, with AI playing a crucial role in this transformation [11][12] - AI technologies can enhance data classification and security by understanding the context and value of data, as well as identifying normal versus abnormal API usage [12] - The integration of AI in data security applications is seen as a significant opportunity for improving data management and protection [12]

Group 1 - The establishment of a quantifiable evaluation system in cybersecurity is essential, emphasizing the integration of AI to drive innovation and high-quality industry development [1][2] - The development of AI agents is categorized into three levels: conditionally autonomous, highly autonomous, and fully autonomous, with a focus on proactive defense and collaborative intelligence sharing [1][2] - The transition from static to dynamic data security is necessary, requiring a deeper understanding of data, business, and behavioral intentions, with security AI agents being the key solution [2][3] Group 2 - The brain-computer interface industry is at a critical stage of technological breakthroughs and regulatory framework development, recognized as a national strategic sector [3] - The conference highlighted significant achievements in data factor marketization, key technological innovations, and industry applications, showcasing the leadership and innovation of Hangzhou High-tech Zone in the digital economy [3][4] - The release of the "Security AI Agent Cube: Maturity Model Evaluation Research Report" introduces a multidimensional maturity assessment framework for security AI agents, aiming to enhance AI applications towards being "trustworthy and controllable" [3]

Group 1 - The 2025 China Digital Valley West Lake Forum opened on May 10, focusing on the integration of data element marketization and artificial intelligence, aiming to inject new momentum into the high-quality development of the digital economy [1][3] - Key discussions included the challenges of data elementization, the need for a data-centered organizational structure, and the establishment of clear legal frameworks for data assets [3][6] - The forum featured multiple sessions, including a main forum and parallel discussions on AI applications, data security, and the role of AI in digital transformation [3][4] Group 2 - A significant initiative was launched to promote the integration of data elements and artificial intelligence, emphasizing institutional, technological, organizational, and ecological innovations [6][9] - The forum highlighted the construction of a trusted data space for the marine economy, which has gathered 277 types of high-quality marine data resources and developed over 40 innovative application scenarios [7][9] - Discussions on the evolution of data security governance emphasized the need for a dynamic data security system to address the increasing scale and speed of data circulation [10][9] Group 3 - The importance of AI in enhancing data security and operational sustainability was underscored, with AI being positioned as a key solution to evolving security challenges [10][4] - The forum also addressed the governance challenges posed by rapid technological advancements, advocating for a balanced approach to innovation and security [10][4] - Strategic collaborations were initiated, including agreements between various institutions to strengthen the digital economy's development [6][9]