关键信息基础设施保护的合作治理

Cooperative Governance of Critical Information Infrastructure Protection

关键信息基础设施保护是网络安全治理的重中之重和难点所在。关键信息基础设施安全具有公共属性,在无法完全通过市场机制由私主体独立提供的情况下,政府规制具有正当性。关键信息基础设施保护的治理对象需要系统分类指定和审慎动态调整。在关键信息基础设施保护的主体架构上,层级制与部门化的政府组织结构局限性明显,合作是必然的选择,这就需要在高效统一的领导和广泛深刻的政府协同基础上,形成紧密的公私合作伙伴关系。关键信息基础设施保护需要系统性的过程控制,事前审批和事后处罚等传统行政活动方式的实效性不足。为更好实现保护关键信息基础设施的目的,需要综合运用"规制—担保—给付"等多元行政活动方式,基于公私合作采取全过程风险治理措施。

Critical information infrastructure protection is the top priority and difficulty of cybersecurity governance.The security of critical information infrastructure has public attributes,and government regulation is justified in the absence of full availability in the private sector through market mechanisms.Governance objects for critical information infrastructure protection must be designated through systematic classification and adjusted prudently and dynamically.In the main framework of critical information infrastructure protection,limitations of hierarchical and departmentalized structures of government organizations are obvious,thus making cooperation an inevitable choice.This requires a close public-private partnership on the basis of an efficient and unified leadership and extensive and deep government collaboration.Critical information infrastructure protection entails systematic process control.However,traditional administrative activities such as ex-ante approval and ex post punishment are insufficient.In order to better achieve the purpose of protecting critical information infrastructure,it is necessary to comprehensively apply multiple administrative activities,such as“regulation-guarantee-payment”,and adopt full-process risk management measures based on public-private partnership.