摘要
《中华人民共和国网络安全法》明确了等级保护是我国网络安全的落实标准,进一步推进了等级保护逐步走出政务和国企领域,更多地落实到民营企业和外资企业。然而,等保落地工作的安全投资估算一直是企业信息安全工作人员进行预算编制的难点。这个难点增加了企业网络安全工作推进的决策难度,延缓了企业落实网络安全法责任的速度,增加了企业网络安全的风险。因此,拟通过一个通用等级保护工作模型,定义等级保护工作中最简工作成本维度,形成成本估算模型,从而帮助企业信息安全工作人员进行等保工作的成本估算,促进等级保护工作在企业层面的落地。
Cybersecurity Law of the People’s Republic of China makes it clear that classified security protection is the implementation standard,thus further promoting the classified security protection gradually out of the field of government affairs and state-owned enterprises,and more implemented in private enterprises and foreign-funded enterprises.However,the security investment estimation of the implementation of security has always been the difficulty for the enterprise information security staff to prepare the budget.This difficulty increases the decision-making difficulty of promoting enterprise network security work,thus delaying the speed of implementing the responsibility of network security law and increasing the risk of enterprise network security.This paper intends to define the simplest work cost dimension in classified security protection work through a general working model,and form a cost estimation model,so as to help enterprise information security staff to estimate the cost of classified security protection task,and promote the implementation of classified security protection at the enterprise level.
作者
戴璐
DAI Lu(Information center of Shanghai Water Bureau,Shanghai 200050,China)
出处
《电声技术》
2021年第3期77-80,共4页
Audio Engineering
关键词
网络安全
等级保护
成本估算
cyber security
classified security protection
cost estimation
