医院网络安全协同联动防御体系建设实践  

作　　者：曹晓均 翟志斌[2] CAO Xiaojun;ZHAI Zhibin(Department of Science,Education and Data Management,Women and Children’s Medical Center Affiliated to Guangzhou Medical University,Guangzhou Guangdong 510623,China;Department of Information,Dongguan Maternal and Child Health Hospital,Dongguan Guangdong 523057,China)

机构地区：[1]广州医科大学附属妇女儿童医疗中心科教与数据管理部,广东广州510623 [2]东莞市妇幼保健院信息科,广东东莞523057

出　　处：《中国医疗设备》2024年第12期64-70,共7页China Medical Devices

基　　金：科技创新2030“脑科学与类脑研究”重大项目(2021ZD0200522)。

摘　　要：目的互联网技术的飞速发展使得以边界防御为核心的传统网络安全防御体系无法满足医院安全要求,本研究旨在探讨以态势感知平台为核心的医院安全协同联动防御体系建设。方法本研究采用态势感知平台,构建全网态势感知、威胁检测以及联动响应三大核心能力,实现以整体防护、协同联动为特征的安全防御体系。结果通过实际应用,态势感知平台实现了全网业务可视化、威胁可视化和攻击与可疑流量可视化。态势感知系统上线后,安全事件数量较上线前明显改善,且差异有统计意义(P=0.002),显著提升了医院的整体安全水平。结论本研究构建的医院网络安全协同联动防御体系能够有效应对现代医院面临的复杂网络安全威胁,提高医院的网络安全防护能力,具有重要的社会意义。Objective With the rapid development of internet technology,the traditional network security defense system based on perimeter defense as the core is no longer able to meet the security requirements of hospitals.This study aims to explore the construction of the hospital security collaborative linkage defense system based on a situational awareness platform.Methods This study used the situational awareness platform to build three major capabilities of whole-network situational awareness,threat detection,and linkage response,which achieved the security defense system characterized by overall protection and collaborative linkage.Results Through actual application,the situational awareness platform achieved visualization of the whole-network service,threats,and attack and suspicious traffic.After the implementation of the situational awareness system,the number of security incidents was significantly improved compared with that before the implementation,and the difference was statistically significant(P=0.002),which significantly improved the overall security level of the hospital.Conclusion The hospital network security collaborative linkage defense system constructed in this study can effectively respond to the complex network security threats faced by modern hospitals,improve the hospital’s network security protection ability,and has important social significance.

关 键 词：互联网 态势感知 协同联动 威胁发现 响应处置 联动响应 防御体系 网络安全 

分 类 号：R197.3[医药卫生—卫生事业管理] TP393[医药卫生—公共卫生与预防医学]