摘要
当前网络安全指导思想从合规交付向能力输送转变,传统安全运维向持续化安全运营转变。安全运营是传统安全的集中和升华,在安全运营基础上,通过人、设备、数据和流程的有机结合,通过主动探测和动态防御,持续输出安全价值,解决安全风险,保证各类业务的实时安全稳定运行。本文从网络安全运营角度出发,详细阐述了网络安全运营管理体系的设计思想、基本框架、管理流程和流程间的关系。
At present,the guiding ideology of network security has changed from compliance delivery to capability delivery,and traditional security operation and maintenance has changed to security operation.Security operation is the centralization and sublimation of traditional security.On the basis of security operation and maintenance,through the organic combination of people,equipment,data and processes,through active detection and dynamic defense,security value is continuously output,resolve security risks and ensure real-time secure and stable operation of various services.Starting from the current situation of security operation,this paper expounds in detail the design idea,basic framework,management process and the relationship between processes of the network security operation management system.
作者
王晟
赵建福
李超峰
张怡晨
赵帅
WANG Sheng;ZHAO Jian-fu;LI Chao-feng;ZHANG Yi-chen;ZHAO Shuai(China Mobile Group Shandong Co.,Ltd.,Ji'nan 250001,China)
出处
《电信工程技术与标准化》
2020年第12期37-41,共5页
Telecom Engineering Technics and Standardization
关键词
安全运营
网络安全
持续监测
安全管理
security operation
cyber security
continuous monitoring
safety management
