工业网络安全范式的转变

The Paradigm Shift of Industrial Cyber Security

数字化转型背景下,面对日益泛化、复杂的网络攻击,工业网络安全能力建设成为保障企业持续运营的必然选择。传统IT网络安全的惯性引导并不适合工业网络安全的发展。由于行业特性、相对薄弱的技术积累和较短的发展历史,工业网络安全需要探索新的发展范式。本文首先回顾工业网络安全的本质诉求,在分析当前一些典型认识误区和主要障碍之后,从工业网络安全的防护重点、防护粒度、对抗模式、安全目标和协同治理五个方面提出了范式转变的思路。

In the context of digital transformation,in the face of increasing ubiquity and complexity of cyberattacks,industrial cybersecurity has become an inevitable choice to ensure the continuous operation of enterprises.The inertial guidance of traditional IT cyber security is not suitable for the development of industrial cybersecurity.In addition to its industry characteristics,relatively weak technology accumulation and short development history,Industrial cybersecurity is necessary to innovate and explore new paradigms.This article firstly reviews the essential demands of industrial cybersecurity.After analyzing some current typical misunderstandings and major obstacles in developing industrial cybersecurity capability,it proposes a paradigm shift direction from five aspects of industrial cybersecurity,which include protection focus,protection granularity,adversarial mode,security objectives and collaborative governance.