摘要
[目的/意义]随着计算机与网络通信技术的快速发展,针对信息系统的攻击日益严重,且呈现出有组织化的趋势。如何应对针对信息系统安全的网络攻击成为世界各国普遍关注的焦点问题。欧盟是信息系统安全治理机制建立和发展较为完备的地区,对其进行系统研究能够为我国的信息系统安全治理机制的建立提供有益的参考和借鉴。[方法/过程]通过对欧盟网络攻击视角下的信息系统安全治理实践进行探索,系统分析其治理原则和治理机制,探讨欧盟信息系统安全的治理框架。[结果/结论]建议我国建立涵盖事前监测预警、事中应急响应、事后惩治与恢复的"三位一体"治理框架,以期实现对信息系统网络攻击的有效治理。
[ Purpose/Significance] With the development of computer technology and network technology, the attacks against information system present growing seriousness and organized trend. How to establish information system governance mechanisms from the perspective of cyber attacks becomes the focus worldwide. EU's information system governance mechanisms from the perspective of cyber attacks established a good example for the establishment of information system security governance mechanism in China. [ Method/ Process] By exploring the security governance of the EU information systems from the perspective of cyber attacks, and systematically analyzing the governance principles and mechanisms, the governance framework of the EU information system can be deduced. [ Result/ Conclusion] We should establish a "Trinity" governance framework, which means that monitoring and warning before the event, responding and disposing during the event, punishing and recovering after the event, so as to achieve the effective governance of information systems from the perspective of cyber attacks.
出处
《情报杂志》
CSSCI
北大核心
2016年第8期17-24,共8页
Journal of Intelligence
基金
陕西省社会科学基金项目“基于IT国际供应链国家安全审查的IT供应商法规遵从与应对研究”(编号:13F060)的阶段性成果
陕西省软科学项目“陕西省大数据环境下个人信息数据挖掘的法律规制研究”(编号:2014KRM73)的阶段性成果
信息网络安全公安部重点实验室开放课题项目“面向大数据安全的欧盟个人数据保护法律框架及借鉴研究”(编号
C13604)的阶段性成果
基本科研业务费项目“网络安全政策与法律问题研究”(编号:C16253)的阶段性成果
关键词
国家安全
网络攻击
信息系统
欧盟
national security cyber attacks information system EU
