《電子技術(shù)應(yīng)用》
您所在的位置:首頁 > 通信與網(wǎng)絡(luò) > 設(shè)計(jì)應(yīng)用 > 基于實(shí)戰(zhàn)化的集團(tuán)企業(yè)網(wǎng)絡(luò)安全主動(dòng)防御技術(shù)研究與實(shí)踐
基于實(shí)戰(zhàn)化的集團(tuán)企業(yè)網(wǎng)絡(luò)安全主動(dòng)防御技術(shù)研究與實(shí)踐
信息技術(shù)與網(wǎng)絡(luò)安全 5期
姚 卓
(北京啟明星辰信息安全技術(shù)有限公司,北京100193)
摘要: 面對(duì)復(fù)雜多變的國際網(wǎng)絡(luò)空間安全形勢(shì)以及日益嚴(yán)峻的惡性網(wǎng)絡(luò)攻擊態(tài)勢(shì),,針對(duì)集團(tuán)化企業(yè)面臨的主機(jī)安全,、設(shè)備安全、網(wǎng)絡(luò)安全,、數(shù)據(jù)安全,、業(yè)務(wù)安全等安全威脅,論述了基于實(shí)戰(zhàn)化的防范網(wǎng)絡(luò)對(duì)抗的關(guān)鍵技術(shù)與策略,,包括基于網(wǎng)絡(luò)對(duì)抗的主動(dòng)誘捕系統(tǒng)設(shè)計(jì),、基于分級(jí)分類的安全自動(dòng)編排技術(shù)(SOAR)、基于輕量級(jí)零信任策略的設(shè)備監(jiān)控技術(shù),、數(shù)據(jù)和供應(yīng)鏈的安全防護(hù)與管控技術(shù)等,,并詳細(xì)討論了攻擊暴露面的全面收斂和平戰(zhàn)結(jié)合的對(duì)抗性網(wǎng)絡(luò)應(yīng)急實(shí)訓(xùn)、不同安保時(shí)期的網(wǎng)絡(luò)應(yīng)急措施,、應(yīng)對(duì)惡意攻擊的平臺(tái)聯(lián)動(dòng)與安全運(yùn)營等實(shí)戰(zhàn)化網(wǎng)絡(luò)安全運(yùn)營實(shí)踐與措施,。
中圖分類號(hào): TP393
文獻(xiàn)標(biāo)識(shí)碼: A
DOI: 10.19358/j.issn.2096-5133.2022.05.004
引用格式: 姚卓. 基于實(shí)戰(zhàn)化的集團(tuán)企業(yè)網(wǎng)絡(luò)安全主動(dòng)防御技術(shù)研究與實(shí)踐[J].信息技術(shù)與網(wǎng)絡(luò)安全,2022,41(5):25-31.
Research and practice of active defense technology based on actual combat for cyberspace of group companies
Yao Zhuo
(Beijing Venus Cybersecurity Tech. Co.,,Ltd.,,Beijing 100193,China)
Abstract: In the face of the complex and changeable international cyberspace security situation and the increasingly severe threat of cybersecurity attacks, aiming at security threat of collectivized industry intelligent manufacturing enterprises, such as host security, device security, network security, data security, business security and other security threats, this paper discusses the key technologies and strategies for preventing network confrontation based on actual combat, including threats active trapping system design based on network confrontation, security automatic orchestration technology based on hierarchical classification, equipment monitoring technology based on lightweight zero-trust strategy, data security protection technology for full life cycle control and network supplies chain,,etc. It also discusses in detail the practical cybersecurity operation practices and measures, covering adversarial network emergency training based on the combination of the comprehensive convergence of the exposed surface of interconnected attacks and peacetime and wartime combining, the network emergency measures in different security periods, and the platform linkage and security operation responding to malicious attacks.
Key words : active defense,;trap technology;classification and grading,;situational awareness,;security operation

0 引言

集團(tuán)化大型國有企業(yè)是我國數(shù)字經(jīng)濟(jì)的核心支柱,而當(dāng)前網(wǎng)絡(luò)攻擊呈現(xiàn)組織化,、專業(yè)化,、商業(yè)化、國際化等嚴(yán)峻網(wǎng)絡(luò)安全局勢(shì),,大型國有企業(yè)成為網(wǎng)絡(luò)攻擊的重點(diǎn)對(duì)象,。安全保障是國家深入推進(jìn)工業(yè)智造企業(yè)數(shù)字化轉(zhuǎn)型升級(jí)的前提,國資委2020年發(fā)布的《關(guān)于加快推進(jìn)國有企業(yè)數(shù)字化轉(zhuǎn)型工作的通知》明確提出:加快集團(tuán)數(shù)據(jù)治理體系建設(shè),,提升數(shù)據(jù)洞察能力,;建設(shè)集團(tuán)級(jí)態(tài)勢(shì)感知平臺(tái),強(qiáng)化安全檢測(cè)評(píng)估,,開展常態(tài)化攻防演練,。5G、云計(jì)算,、工業(yè)互聯(lián)網(wǎng)等新一代信息技術(shù)與工業(yè)經(jīng)濟(jì)的深度融合,,在促進(jìn)數(shù)字經(jīng)濟(jì)發(fā)展的同時(shí),也加劇了數(shù)字化轉(zhuǎn)型中國有企業(yè)網(wǎng)絡(luò)安全的風(fēng)險(xiǎn),,同時(shí),,隨著集團(tuán)化工業(yè)企業(yè)的部分運(yùn)營系統(tǒng)、數(shù)據(jù)等上云,,網(wǎng)絡(luò)平臺(tái)環(huán)境日趨技術(shù)復(fù)雜化,、操作專業(yè)化、數(shù)據(jù)密集化,、數(shù)據(jù)要素化,、用戶分布化、價(jià)值擴(kuò)大化,,導(dǎo)致網(wǎng)絡(luò)空間攻擊的戰(zhàn)場(chǎng)逐漸從傳統(tǒng)的網(wǎng)絡(luò)環(huán)境轉(zhuǎn)移到“云大物移工”的環(huán)境[1],,數(shù)據(jù)價(jià)值化應(yīng)用的趨勢(shì)也導(dǎo)致攻擊的目標(biāo)開始瞄準(zhǔn)大數(shù)據(jù)場(chǎng)景。為應(yīng)對(duì)當(dāng)前網(wǎng)絡(luò)空間攻擊逐步呈現(xiàn)“手段專業(yè)化,、目的商業(yè)化,、源頭國際化、載體移動(dòng)化、攻擊隱形化”等復(fù)雜多變的網(wǎng)絡(luò)安全局勢(shì),,亟待構(gòu)建與之相適應(yīng)的網(wǎng)絡(luò)安全體系,,采取基于實(shí)戰(zhàn)化、常態(tài)化,、系統(tǒng)化思維的主動(dòng)防御技術(shù),,從設(shè)備安全、控制安全,、網(wǎng)絡(luò)安全,、應(yīng)用安全、數(shù)據(jù)安全,、工業(yè)APP、供應(yīng)鏈安全等多維考慮,,實(shí)現(xiàn)“設(shè)備-云端-應(yīng)用”的一體化縱深防御安全防護(hù)體系,,同步建立數(shù)據(jù)流轉(zhuǎn)規(guī)范和安全運(yùn)營機(jī)制,實(shí)現(xiàn)“人,、機(jī),、料、法,、環(huán)”的統(tǒng)籌調(diào)配,,形成以風(fēng)險(xiǎn)動(dòng)態(tài)監(jiān)測(cè)、分析,、檢查,、安全事件處置等機(jī)制為一體的安全運(yùn)營體系,切實(shí)保障集團(tuán)化企業(yè)的生產(chǎn)運(yùn)營安全運(yùn)行,。




本文詳細(xì)內(nèi)容請(qǐng)下載:http://forexkbc.com/resource/share/2000004243





作者信息:

姚  卓

(北京啟明星辰信息安全技術(shù)有限公司,,北京100193)


此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載,。