摘要
伴随着《中华人民共和国数据安全法》的正式施行,数据安全治理的重要性愈发得到重视.首先对数据安全治理的发展现状以及存在的问题进行了全面分析.在相关分析的基础上,提出了一种可实现量化评价与持续优化的数据安全治理新框架——数据安全复合治理模式,从数据安全战略、数据安全运营管理和数据安全治理科技3个层面对数据安全复合治理的基本框架和核心内涵进行了阐述,并对其建设思路进行了全面介绍,旨在为组织开展数据安全治理实践提供有益参考.
With the formal implementation of the“Data Security Law of the People’s Republic of China”,the significance of data security governance has been paid more and more attention.First,the development status and existing problems of data security governance are analyzed comprehensively.On the basis of relevant analysis,a new framework for data security governance is proposed,which can achieve quantitative evaluation and continuous optimization—the data security composite governance framework.The basic framework and core connotation of data security composite governance are explained from its fundamental components,namely data security strategy,data security operational management and data security governance technology.Its construction ideas are comprehensively introduced,aiming to provide a useful reference for organizations to carry out data security governance practices.
作者
郭亮
张吉智
陈心怡
刘威歆
肖含笑
马冰珂
Guo Liang;Zhang Jizhi;Chen Xinyi;Liu Weixin;Xiao Hanxiao;Ma Bingke(Ant Group Co.,Ltd.,Hangzhou 310023)
出处
《信息安全研究》
2021年第12期1110-1120,共11页
Journal of Information Security Research
关键词
数据安全
数据安全复合治理
数据安全战略
数据安全运营管理
数据安全治理科技
多视角安全度量
量化评价
持续优化
data security
data security composite governance
data security strategy
data security operational management
data security governance technology
multi-angle security metric
quantitative evaluation
sustainable improvement
