摘要
从安全治理的角度讨论了金融关键信息基础设施保护的实践。首先,界定了金融关键信息基础设施保护所包括的内容,区分了不同的关键信息基础设施保护;然后,分析了关键信息基础设施保护在网络安全中的重要作用,尤其是对于高度数字化/信息化的金融行业;最后,从“良好实践”的角度探讨了金融关键信息基础设施保护的两个层次。同时,也对“治理”和“管理”异同之处进行了初步的探讨,这也是强调治理重要性的原因所在。
This paper discusses the practice of financial critical information infrastructure protection from the perspective of security governance.First,it defines the contents of financial critical information infrastructure protection,and distinguishes different critical information infrastructure protection.Then,it analyzes the important role of critical information infrastructure protection in network security,especially for the highly digitized/informationized financial industry.Finally,two levels of financial critical information infrastructure protection are discussed from the perspective of"good practice".At the same time,the similarities and differences between"governance"and"management"are preliminarily discussed,which is also the reason for emphasizing the importance of governance.
作者
谢宗晓
甄杰
董坤祥
Xie Zongxiao;Zhen Jie;Dong Kunxiang(China Financial Certification Authority;Chongqing Technology and Business University;Shandong University of Finance and Economics)
出处
《中国质量与标准导报》
2021年第6期18-21,共4页
China Quality and Standards Review
关键词
信息安全治理
关键信息基础设施保护
金融行业
information security governance
critical information infrastructure protection(CIIP)
financial industry
