摘要
随着工业企业数字化进程不断加快,工业数据作为新的生产要素,其重要性在生产经营过程中逐渐凸显,但如何确保工业数据在机密性、完整性、可用性的基础上释放潜在价值,是工业企业面临的一大难题。提出一套集管理、技术、运营为一体的治理思路,融合DSMM成熟度模型理论,围绕数据采集、传输、存储、处理、分享、销毁等全生命周期,分别从数据安全管理能力、数据安全技术能力以及数据安全运营能力等方面进行全面治理,并通过“知”“识”“控”“察”“行”5个步骤,将工业数据安全落地,释放潜在价值,为今后工业数据安全治理提供理论参考依据。
With the continuous acceleration of the digitization process of industrial enterprises,the importance of industrial data as a new factor of production has gradually become prominent in the process of production and operation.However,how to ensure that industrial data releases its potential value on the basis of confidentiality,integrity and availability is a major problem faced by industrial enterprises.This paper proposes a set of governance ideas integrating management,technology and operation,integrates DSMM maturity model theory,and comprehensively governs data security management capability,data security technology capability and data security operation capability around the whole life cycle of data collection,transmission,storage,processing,sharing and destruction.Through the five steps of"knowledge","cognition","control","observation"and"action",the industrial data will be safely implemented and the potential value will be released,so as to provide a theoretical reference for the future industrial data security governance.
作者
马跃强
陈怀源
李晨
Ma Yueqiang;Chen Huaiyuan;Li Chen(Nsfocus Technologies Group Co.,Ltd.,Beijing 100089)
出处
《信息技术与网络安全》
2022年第4期45-51,共7页
Information Technology and Network Security
关键词
工业数据
安全治理
分类分级
数据资产
industrial data
security governance
classification and grading
data assets
