组织数据安全自适应评价机制研究  被引量：4

作　　者：范晓娟 刘玉岭 吴迪 Fan Xiaojuan;Liu Yuling;Wu Di(Knowledge Preservation and Dissemination Studio,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100101;Institute of Public Administration,Shandong Agricultural University,Taian,Shandong 271000;Lab 6,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100101;China Network Security Examination Technology and Certification Center,Beijing 100101)

机构地区：[1]中国科学院信息工程研究所知识保存与传播工作室,北京100101 [2]山东农业大学公共管理学院,山东泰安271000 [3]中国科学院信息工程研究所第六研究室,北京100101 [4]中国网络安全审查技术与认证中心,北京100101

出　　处：《信息安全研究》2022年第9期901-907,共7页Journal of Information Security Research

基　　金：国家重点研发计划项目(2021YFF0307203)。

摘　　要：目前国内外研究普遍关注组织机构的数据安全治理与成熟度能力构建理论和实践,从组织体自适应性管理角度对复杂组织机构数据安全内生机制的研究较少.针对组织复杂多样特征下数据安全自适应机制的缺失易导致内组织和社会外部资源不均衡或无效配置的问题,围绕建立复杂关键性安全组织自适应运营管理目标导向的“部门机构有效关联”主线,着重分析了数据安全对组织自适应性评价的影响和评价策略,构建了数据安全有效作用评价及评价失灵后的再干预指标体系.该研究有利于提高组织数据安全底层逻辑的自适应学习能力,进而促进国内外数据安全监管环境下组织适应性安全管理运营方式的有效革新.At present,theoretical and practical studies concerning organizations pay more attention to data security governance and maturity capability building other than the endogenous mechanism of data security of complex organizations from the perspective of adaptive management of organizations.In this paper,the author pays attention to the lack of security adaptive management under the characteristics of complex and diverse organizations that may lead to resource imbalance or ineffective allocation,taking“departmental organization effective interaction”oriented by the adaptive operation and management goals of complex critical safety organizations as the main line,focus on the analysis of the influence and evaluation strategy of data security on organization adaptive evaluation,and construct effective evaluation index and re-intervene index system of data security and effective function.The work of this paper is beneficial to improve the adaptive learning ability under data security underlying logic,and then promote effective innovation of organization adaptive safety management style under data security regulatory environment at home and abroad.

关 键 词：数据安全 复杂自适应组织 能力评估 部门交互作用 关键性安全行业 

分 类 号：TP309.2[自动化与计算机技术—计算机系统结构]