摘要
当代信息技术的快速发展使得电网企业面临着更为错综复杂的信息安全威胁,信息安全风险管理的作用也显得更加重要。因此,结合电网企业的特性,针对其信息安全风险管理进行了深入的研究与分析。首先,结合电网企业内外部信息环境的特点,对信息安全的风险进行了科学合理的归类识别;其次,首次结合突变理论构建信息安全风险评估模型,并结合其风险评估的结果设定阈值制定了风险应对的措施;此外,为增加电网企业信息安全的稳定性和可靠性,提出了多维度和多层次的风险防范措施;最后,通过将其方法应用到电网企业信息安全风险管理的实例验证了该方法的有效性和合理性。
The rapid development of modern information technology makes the grid enterprises face more complex information security threats,thus,the role of information security risk management is more important. The information security risk management has been researched and analyzed according to the characteristic of the power enterprise in this paper. Firstly,combined with the environment characteristics of power enterprises internally and externally, the information security risks are classified and identified scientifically and reasonably. Besides,a risk assessment model of information security is constructed for the first time,and the risk reaction measures are worked out by applying the assessment result to set threshold value. What’s more, in order to increase the information security stability of power enterprise,multi-level and multi-dimensional risk countermeasures are proposed. Finally,the efficiency and rationality of this method are verified by applying this method to a power enterprise.
出处
《山西电力》
2014年第4期45-49,共5页
Shanxi Electric Power
关键词
电网企业信息安全
风险管理
突变理论
风险应对措施
风险防范措施
information security of power enterprise
risk management
catastrophe theory
risk countermeasures
risk preventive measures
