In a data-intensive environment,the ability to accurately identify and manage data risks is essential for maintaining cybersecurity,preventing potential threats,supporting decision-making,and enabling effective post-i...In a data-intensive environment,the ability to accurately identify and manage data risks is essential for maintaining cybersecurity,preventing potential threats,supporting decision-making,and enabling effective post-incident analysis.Existing approaches to data risk identification are typically structured around the stages of the data lifecycle,offering a broad perspective but often lacking alignment with the specific dynamics of business operations.This study proposes a data-driven framework for data risk identification that reflects practical business contexts.The framework incorporates 25 categorized risk sources and 13 defined risk-triggering events,using data analysis to examine their interactions and influence.The approach demonstrates strong alignment with documented risk incidents and effectively captures relevant risk factors across operational scenarios.The implementation of this framework enables organizations to identify critical risk points more precisely,enhance the accuracy and timeliness of risk response strategies,and strengthen data governance practices.It also facilitates more informed strategic planning and cross-functional coordination,contributing to improved resilience and operational efficiency.展开更多
基金supported by grants from the National Natural Science Foundation of China(T2293774,72571269,72201265)National Key Research and Development Program of China(2022YFC3321104)+2 种基金China Postdoctoral Science Foundation funded project(2023T160635,2022M723105)Fundamental Research Funds for the Central UniversitiesMOE Social Science Laboratory of Digital Economic Forecasts and Policy Simulation at the University of Chinese Academy of Sciences.
文摘In a data-intensive environment,the ability to accurately identify and manage data risks is essential for maintaining cybersecurity,preventing potential threats,supporting decision-making,and enabling effective post-incident analysis.Existing approaches to data risk identification are typically structured around the stages of the data lifecycle,offering a broad perspective but often lacking alignment with the specific dynamics of business operations.This study proposes a data-driven framework for data risk identification that reflects practical business contexts.The framework incorporates 25 categorized risk sources and 13 defined risk-triggering events,using data analysis to examine their interactions and influence.The approach demonstrates strong alignment with documented risk incidents and effectively captures relevant risk factors across operational scenarios.The implementation of this framework enables organizations to identify critical risk points more precisely,enhance the accuracy and timeliness of risk response strategies,and strengthen data governance practices.It also facilitates more informed strategic planning and cross-functional coordination,contributing to improved resilience and operational efficiency.
