摘要
随着数字化转型的不断深入,中小企业正面临着前所未有的数据安全挑战,对中小企业数字化转型过程中面临的数据安全现状及问题进行了分析。依据相关合规要求,围绕数据使用流程、安全事件状态提出了数据安全防范措施框架,包括数据安全认证、数据安全管理、数据安全事件响应和安全合规4个部分。旨在帮助中小企业提升数据安全防护能力,降低数据安全管理的成本和复杂度,同时指出了政府和数字化转型服务商在中小企业数据安全保护中的作用和支持。
As digital transformation continues to deepen,small and medium-sized enterprises(SMEs)are facing unprecedented data security challenges.This paper analyzes the current status and issues of data security faced by SMEs in the process of digital transformation.Based on the relevant compliance requirements,centering on the data usage process and security event status,this paper proposes a data security precautions framework,including data security certification,data security management,data security incident response and security compliance,which aims to help SMEs improve their data security protection capabilities,reduce the cost and complexity of data security management,as well as pointing out the roles and support of the government and digital transformation service providers in SMEs data security protection.
作者
杨超
邱江
张佳佳
林紫微
YANG Chao;QIU Jiang;ZHANG Jiajia;LIN Ziwei(Chongqing Branch of China Academy of Industrial Internet,Chongqing 401121,China;China Mobile Internet of Things Co.,Ltd.,Chongqing 401336,China)
出处
《信息安全与通信保密》
2024年第6期10-16,共7页
Information Security and Communications Privacy
关键词
中小企业
数据安全
安全评估
事件响应
托管服务
SMEs
data security
security assessment
incident response
hosted service
