面向工业企业的信息安全应急响应体系研究  

作　　者：王敏 原真 Wang Min;Yuan Zhen(Beijing Venustech Cybervision Co.Ltd.,Beijing,100193)

机构地区：[1]北京启明星辰信息安全技术有限公司,北京100193

出　　处：《工业信息安全》2023年第5期51-59,共9页Industry Information Security

摘　　要：数字化转型推动着工业企业生产业务、生产场景向网络化、数字化、智能化转变。在网络互联互通的背景下,5G、云计算、大数据、人工智能等新技术的引入,使企业生产效率和最终效益快速提升。然而,这同时也导致了勒索病毒攻击等工业互联网安全事件的频发,造成企业重大经济损失甚至停产。因此,强化安全生产,有效提升网络安全保障能力不容忽视。面对网络安全风险与挑战,工业企业需要加强管理、技术、人员、流程等多方面优化,提升应急支撑团队人员技术能力,建立起事前快速预警、事中有效控制、事后积极处理的工业互联网安全应急响应支撑体系。本文对大中型工业企业开展调研评估,以落实遭受网络攻击场景下的威胁检测与应急响应工作为目标,围绕重大工业互联网安全事件应对能力建设,结合工业企业特点,提出了一套完整的工业互联网安全应急响应支撑体系,以最大程度减少工业企业损失,突出对应急工作的系统化及全生命周期的控制管理能力。Digital transformation promotes the industrial enterprise production business,production scene to network,digital,intelligent transformation.Under the background of network interconnection,the introduction of new technologies such as 5G,cloud computing,big data,artificial intelligence and so on,makes the production efficiency and final benefit of enterprises increase rapidly.However,this also led to blackmail virus attacks and other industrial Internet security incidents,resulting in major economic losses and even lead to production.Therefore,it should not be ignored to strengthen safety production and effectively enhance the ability of network security protection.In the face of cyber security risks and challenges,industrial enterprises need to strengthen the optimization of management,technology,personnel,processes and other aspects,enhance the technical capacity of emergency support team personnel,and establish an emergency response support system for industrial internet security with pre-warning,effective control during the event and active handling afterwards.Based on the investigation and evaluation of large and medium-sized industrial enterprises,this paper puts forward a set of complete emergency response support system for industrial enterprises,aiming at the implementation of threat detection and emergency response under cyber attack,focusing on the construction of response capability for major industrial Internet security incidents and combining the characteristics of industrial enterprises,so as to minimize the losses of industrial enterprises and highlight the control and management capability of emergency response in the whole life cycle.

关 键 词：安全生产 工业互联网安全 应急响应管理 工业控制系统 

分 类 号：F424[经济管理—产业经济] TP309[自动化与计算机技术—计算机系统结构]