摘要
[目的/意义]构建网络安全应急管理体系,对应对日益增多的网络安全事件具有重要意义。作为第一网络强国,美国已形成科学高效的网络安全应急管理体系。全面深入研究该体系,能对我国网络安全应急管理体系建设提供重要参考。[方法/过程]在全面梳理相关政策法规文件基础上,从法律体系、组织体系和运行体系方面系统分析了美国网络安全应急管理体系的内容和特点。[结果/结论]结合我国实际,提出了加快建立法律体系、健全网络安全应急指挥体系、完善事件分级响应机制、建立信息共享机制和多种突发事件的应急协调机制五点启示。
[Purpose/Significance]Constructing a cybersecurity emergency management system is of great significance for dealing with an increasing number of cybersecurity incidents. The United States,as the first cyber power,has formed a scientific and efficient emergency management system of cybersecurity. It is important to carry out a systematic research on the system for its reference value for the construction and improvement of a similarly efficient system in China. [Method/Process]Based on a comprehensive examination of relevant policies,laws and regulations,the U.S. cybersecurity emergency management system is analyzed systematically from the aspects of institutional system,organizational system and operating system.[Result/Conclusion]Combined with present situation of China,five specific enlightenments are given: accelerating the formation of the institutional system,improving the emergency management command system,perfecting hierarchical response mechanism of different cyber incidents,constructing information sharing system and establishing emergency coordination mechanisms for different incidents.
引文
[1]网络安全课题组,王益民.中国网络安全应急体系的问题与对策[J].电子政务,2014(7):20-25.
[2]The White House.Presidential policy directive:U.S.cyber incident coordination[EB/OL].[2017-09-20].https://www.whitehouse.gov/the-press-office/2016/07/26/presidential-policydirective-united-states-cyber-incident.
[3]FEMA.National response plan-cyber incident annex[EB/OL].[2017-09-20].https://www.fema.gov/media-library-data/20130726-1825-25045-8307/cyber_incident_annex_2004.pdf.
[4]GAO.Cybersecurity:DHS's national integration center generally performs required functions but needs to evaluate Its activities more completely[R].US:GAO-17-163,2017,7.
[5]Piret Perni,Jesse Wojtkowiak,Alexander Verschoor-Kirss.National cyber security organisation:United States[R].Tallinn:NATO Cooperative Cyber Defence Centre of Excellence,2016:18-19.
[6]李建勇,杨灵仙.“9·11”后美国信息融合中心网络的形成、作用和启示[J].情报杂志,2015,34(3):21-23.
[7]Center for internet security:MS-ISAC membership FAQ[EB/OL].[2017-09-20].https://www.cisecurity.org/ms-isac/ms-isac-membership-faq/.
[8]DHS:National cybersecurity protection system[EB/OL].[2017-09-20].https://www.dhs.gov/national-cybersecurity-protectionsystem-ncps.
[9]US-CERT.Federal incident notification guidelines[EB/OL].[2017-09-20].https://www.us-cert.gov/sites/default/files/publications/Federal_Incident_Notification_Guidelines.pdf.
[10]NCCIC cyber incident scoring system[EB/OL].[2017-09-20].https://www.us-cert.gov/NCCIC-Cyber-Incident-ScoringSystem.
[11]马民虎,方婷,王玥.美国网络安全信息共享机制及对我国的启示[J].情报杂志,2016,35(3):17-23.
[12]Center for internet security:MS-ISAC Charter[EB/OL].[2017-09-20].https://www.cisecurity.org/ms-isac/ms-isac-charter/.
[13]DHS:Informing cyber storm V:Lessons learned from cyber Storm IV[EB/OL].[2017-09-20].https://www.dhs.gov/sites/default/files/publications/Lessons%20Learned%20from%20Cyber%20Storm%20IV.pdf.