集团型电力企业信息安全技术防护体系架构研究和设计

Design on Infosec Technology Protection System of Electric Group Enterprise

作为国家关键信息基础设施,电力行业一直面临着较大风险隐患。为确保电力生产管理和信息网络的安全稳定,在前期信息安全规划基础上,通过调研和分析,从基础设施、技术支撑平台、应用三个层面提出了集团型电力企业信息安全技术防护体系框架。同时,提出一系列技术措施研究专题,包括工业控制系统安全、统一安全监测审计系统、数据备份与容灾等,以指导集团信息安全项目持续开展,提升和优化信息安全能力。

Electric power industry, as the key infrastructure of the country, is always faced with great hidden risks, and the serious consequence resulted from Ukraine power network security event is absolutely terrific. Based on the information security planning made earlier, this paper discusses the information security system framework of electric group enterprise from the three aspects of infrastructure, technical support platform, and application, proposes a series of technical-measure topics, including industrial-control-system security, unified monitoring and auditing system, data backup and disaster recovery, thus to guide the continuous development of the group enterprise,s information security projects, enhance and optimize its information security capabilities.