摘要
欧盟一直高度重视网络安全政策和立法,2016年通过了网络与信息安全指令,主要内容包括:各国必须制定网络与信息安全国家战略;增强各国之间的战略合作和跨境协作;建立计算机安全事件响应团队并建立欧盟合作网络;区分基本服务运营者和数字服务提供者分别予以监管;确立网络安全事件报告制度;平衡网络安全与产业发展的关系。借鉴欧盟经验,对完善我国网络安全法治提出以下建议:一是制定网络安全国家行动计划和体系化的立法计划;二是分类监管信息系统并突出保护关键信息基础设施;三是建立网络安全信息共享机制以应对网络安全威胁;四是审慎确定监管范围以平衡网络安全和产业发展的关系。
European Union has adopted a set of policies and legislations on network and information security,and finally passed the Network and Information Security(NIS)Directive in 2016.This directive provides:a national strategy on NIS of each Member State; cooperation among Member States; Computer Security Incident Response Teams(CSIRTs) and CSIRTs network; obligations for "operators of essential services" and "digital service providers"; cybersecurity incident notification; balance between cybersecurity and industry development.Based on these experiences,the proposals for our legislation are as follows:formulating national cybersecurity action plan and systematic legislation plan; setting up the regulation framework of typed information systems focused on critical information infrastructure(CII); establishing the mechanism of cybersecurity information sharing to address cyber threats; defining private CII deliberatively to balance cybersecurity safeguard and industry development.
出处
《汕头大学学报(人文社会科学版)》
2017年第1期118-125,共8页
Journal of Shantou University(Humanities and Social Sciences Edition)
基金
国家社会科学基金特别委托项目"大数据时代依法治国战略"(15@ZH012)
中国法学会2016年度研究课题"我国关键基础设施保护立法研究"(CLS(2016)D44)的阶段性成果
关键词
网络安全法
欧盟网络与信息安全指令
基本服务运营者
网络安全事件报告
关键信息基础设施
cybersecurity law
Network and Information Security(NIS) Directive of European Union
operators of essential services
cybersecurity incident notification
critical information infrastructure
