[information] expert interpretation of 13th Five-Year new development planning and layout of network security

简单三步,轻松实现全员EHS意识教育
近日,《“十三五”国家信息化规划》(以下简称《规划》)出台。《规划》围绕“十三五”总体发展规划,立足于我国信息化建设进程和新形势,阐明国家战略意图,明确行业信息化发展宏伟目标、主要任务和重大举措,是市场主体的行为导向和政府履行职责的重要依据。为落实习总书记关于信息化与网络安全工作的一系列重要讲话精神和批示,在信息化过程中同步推进网络安全保障能力建设,《规划》对“十三五”期间网络安全工作做出了统一谋划、设计和部署。

Recently, the 13th Five-Year national informatization planning (hereinafter referred to as the plan ) issued. Planning on the 13th Five-Year overall development plan, based on the process of informatization construction in our country and the new situation, clarify the national strategic intent, clear development of information industry, the grand goal of the main tasks and major initiatives, is an important basis for the main body of market orientation and government behavior to perform their duties. For the practice of the general secretary on the information and network safety work of a series of important speech and instructions, synchronization promote network security capacity building in the process of informatization, the planning to 13th Five-Year during the network safety work to make unified planning, design and deployment.
一、《规划》着重强调健全网络安全保障体系,助力我国从“网络大国”迈进“网络强国”

First, the plan focuses on improving the network security system, help our country from the network power forward network power
2014年2月,中央网络安全和信息化领导小组成立,习近平总书记亲自担任组长并提出建设网络强国的目标,网络安全与信息化是一体之两翼、驱动之双轮,被确立为事关国家安全和国家发展、事关广大人民群众工作生活的重大战略问题。“十三五”是我国实现网络强国战略目标的关键阶段,《国民经济和社会发展第十三个五年规划纲要》中提出强化信息安全保障、完善国家网络安全保障体系,网络安全成为我国信息化发展过程中的重要工作。2016年4月19日,习近平总书记在主持召开网络安全和信息化工作座谈会时也指出要“树立正确的网络安全观”、“加快构建关键信息基础设施安全保障体系”、“全天候全方位感知网络安全态势”、“增强网络安全防御能力和威慑能力”,加快推进网络安全工作刻不容缓。
In February 2014, the central network security and information technology leadership team was established, the general secretary Xi Jinping himself as leader and put forward the goal of building a network power, network security and information technology is one of the wings, the driving wheel, was established as a matter of national security and national development, major strategic issues related to the broad masses of working life. 13th Five-Year is a key step to achieve the strategic goal of power network in China, national economic and social development thirteenth five year plan proposed to strengthen information security, improve the national security system, network security has become an important work in the development process of China’s informationization. On April 19, 2016, general secretary Xi Jinping hosted the work of network security and information technology forum also pointed out that to establish a correct concept of network security, accelerate the construction of key information infrastructure security system and all-weather all-round situational awareness of network security, enhance network security defense and deterrence capabilities, accelerate network security urgent.
在这一重要历史时刻,《规划》的出台为我国信息化和网络安全同步推进指明了方向,明确了网络安全保障体系建设的方向目标和实施方案。《规划》提出了“强化网络安全顶层设计”、“构建关键信息基础设施安全保障体系”、“全天候全方位感知网络安全态势”、“强化网络安全科技创新能力”四大战略任务,从法律体系、技术能力等各个层面,全方位绘制出加强网络安全保障能力的内容和方法。可以预见,有顶层设计为指导、基础设施保障体系为基础、态势感知能力为手段、创新能力为核心竞争力,必将推动我国网络安全保障能力更上一层楼。
In this important historical moment, the introduction of the planning for China’s information and network security to promote the direction of a clear direction, clear the direction of the network security system and the implementation of the program. Planning proposed to strengthen the network security top-level design, build critical information infrastructure security system and all-weather all-round situational awareness of network security, strengthen the network security technology innovation ability four strategic tasks, from the legal system, technical ability level, the full range of content and draw methods to strengthen the network security capability. Can foreknow, top-level design guidance, infrastructure security system as the foundation, situation awareness capability means, innovation ability as the core competitiveness, will promote our network security capabilities strive for further improvement.
二、《规划》要求强化网络安全顶层设计,保障信息产业发展
Two, the plan calls for strengthening the top-level design of network security to protect the development of the information industry
随着信息化发展,网络基础设施保护、数据安全、个人信息保护、网络犯罪等网络安全管理日益复杂,涉及主体众多,与社会管理相互交织。我国亟需加强网络安全顶层设计,完善法律规范及标准体系,明确相关主体权责义务,为我国网络安全管理提供法律依据和制度保障。
With the development of information technology, network infrastructure protection, data security, personal information protection, network crime and other network security management has become increasingly complex, involving a large number of subjects, and social management intertwined. China needs to strengthen the top-level design of network security, improve the legal norms and standards system, clear responsibilities and obligations of the relevant subjects, providing legal basis and institutional protection for China’s network security management.
加强终端软件标准化的管理,加强用户的安全基础教育,令其能辨识批着羊皮的“恶意软件”和“流氓软件”,是技术手段不可替代的控制措施。
中央网络安全和信息化领导小组成立后,国家层面频频释放网络安全的政策红利,中国网络空间法制化进程加快,2016年11月7日,十二届全国人大常委会第二十四次会议表决通过了《网络安全法》,我国网络安全工作有了基础性的法律框架。《规划》要求强化网络安全顶层设计,加快制定完善网络安全相关法律规范,健全网络安全管理机制及标准体系,加强网络空间安全学科专业建设。可以期待,通过强化网络安全顶层设计提升网络安全保障能力,信息产业的发展将得到更有效的保障,网络化与信息化将更大范围地便利国家建设和人们的生活与生产。
The central network security and Informatization Leading Group was established, the national level frequent release of network security policy dividend, the legal process of Chinese network space up, November 7, 2016, twelve twenty-fourth meeting of the NPC Standing Committee voted through the security law, China’s network security work has a fundamental legal framework. The plan calls for strengthening the top-level design of network security, speeding up the development of relevant laws and regulations to improve network security, improve the network security management mechanism and standard system, and strengthen the construction of network space security disciplines. You can look forward to, by strengthening the top-level design of network security to enhance network security capabilities, the development of the information industry will be more effective protection of network and information, the wider the convenience of national construction and people’s life and production.

工信部解读《工业控制系统信息安全防护指南》

三、《规划》提出构建关键信息基础设施安全保障体系,筑牢国家安全防线
Three, planning proposed to build critical information infrastructure security system, build a strong national defense
金融、能源、电力、通信、交通等领域的关键信息基础设施是经济社会运行的神经中枢,是网络安全的重中之重,是网络战首当其冲的攻击目标。近年来,以“乌克兰电网事件”及“美国网瘫事件”为代表的针对关键信息基础设施的网络攻击事件层出不穷,引起了世界各国的高度重视。当前,关键信息基础设施已成为各国网络安全保障的重要对象,美、欧、日、韩等国家和地区都不断有涉及关键信息基础设施安全保护的重要政策出台或更新。
Financial, energy, electricity, communications, transportation and other areas of critical information infrastructure is the center of economic and social operation, is the most important network security, network warfare is the first attack target. In recent years, with the Ukraine power grid incident and the United States network paralysis event as the representative of the critical information infrastructure, network attacks emerge one after another, which has attracted the attention of all countries in the world. At present, the key of information infrastructure has become an important object of national network security, the United States, Europe, Japan, Korea and other countries and regions have been an important policy involving the security of critical information infrastructure protection issued or update.
《网络安全法》将关键信息基础设施安全保护制度确立为国家网络空间基本制度,并为关键信息基础设施安全保护搭建了制度框架,我国关键信息基础设施安全保护正式迈入法治化轨道。为落实《网络安全法》要求,切实提升关键信息基础设施安全保障水平,《规划》提出“构建关键信息基础设施安全保障体系”,建立网络安全审查制度及关键信息基础设施清单目录,制定指导性文件,加强关键信息基础设施的防御及威慑能力。此举旨在不断提升我国关键信息基础设施安全防护能力,保障经济社会正常运转,筑牢国家安全防线。
Network security law will be the key information infrastructure security protection system for the establishment of the national network space system, and set up the system frame for the security of critical information infrastructure protection, our critical information infrastructure security officially entered the orbit of the rule of law. In order to implement the requirements of network security law, effectively enhance the security level of safety critical information infrastructure, planning proposed to construct the critical information infrastructure security system, establish a network security review system and critical information infrastructure list, the development of guidance documents, strengthen the defense and deterrence capabilities critical information infrastructure. The move aims to constantly improve our critical information infrastructure protection, protection of economic and social functioning, and build a strong national defense.
四、《规划》要求全天候全方位感知网络安全态势,提升安全防护水平
Four, the plan requires all-weather full range of awareness of network security situation, enhance the level of security
随着“互联网+”、智能制造等新兴业态的快速发展,网络安全牵涉到经济社会发展的各个行业,安全风险关联扩散,安全事件影响力升级。当前,相对安全观已成为共识,单纯的防御措施无法阻止蓄意的攻击者,检测、预警、响应的重要性日益凸显。
With the rapid development of the Internet, intelligent manufacturing and other emerging industries, network security involves all sectors of economic and social development, security risks related to the proliferation of security incident influence upgrade. At present, the concept of relative security has become a consensus, a simple defense measures can not stop the deliberate attackers, detection, warning, the importance of the increasingly prominent response.
近年来,网络安全保障能力建设从“静态、基于威胁的保护”转向“动态、基于风险的防护”,《规划》更进一步明确了加强网络安全态势感知、检测预警和应急处置能力建设的任务,要求准确把握网络安全风险规律,更好地感知安全态势,完善各类安全处置机制与保护制度,开展网络空间安全战略预警和决策指挥工程。在这一系列措施的指导下,全天候全方位的感知网络安全态势,加强风险控制及风险管理能力,我国网络安全防护水平必将大幅提升。
In recent years, network security capacity building from static, threat based protection to dynamic, based on risk prevention, planning to further clarify the strengthening of network security situation awareness, detection and early warning and emergency response capacity building task requirements, accurately grasp the rules of network security risk, perceived security situation better. To perfect the safe disposal mechanism and protection system, carry out the strategy for Cyberspace Security Warning and decision command engineering. Under the guidance of this series of measures, all-weather full range of perception of network security situation, strengthen risk control and risk management capabilities, China’s network security level will be greatly improved.
五、《规划》提出强化网络安全科技创新能力,加强核心竞争力
Five, the plan proposed to strengthen network security technology innovation capability, strengthen the core competitiveness
棱镜门事件之后,网络安全领域的国家创新也提上日程,要提升我国的网络安全保障能力,只能依靠强大的科技实力和自主创新能力。我国在信息化快速发展的过程中,核心技术受制于人,网络安全技术距发达国家有一定差距,已经成为我国网络安全的软肋,创新能力建设更加重要。习总书记也多次强调要加快推进网络技术创新,增强网络空间安全防御能力。
After the prism door incident, national innovation in the field of network security has also been put on the agenda, to enhance our network security capabilities, can only rely on a strong scientific and technological strength and independent innovation capability. The process of China’s rapid development in the information era, the core technology of heteronomy, network security technology from the developed countries have a certain gap, has become China’s network security weakness, innovation ability construction is more important. General Secretary Xi has repeatedly stressed the need to accelerate the network technology innovation, enhance network security capabilities.
《规划》提出强化网络安全科技创新能力。在技术层面,提升网络信息技术能力,构建国家网络空间安全技术体系,并加快推进安全产品的创新研发及应用推广。在产业层面,提高产业化支撑水平,建立良好的市场环境,培育我国网络安全龙头企业。同时,出于网络安全的战略考虑,我国应形成信息技术产品自主发展的生态链,同时加强对新技术、新应用、新业务的网络安全保障和前瞻布局,为信息技术与产业的快速发展提供机遇。
Planning to strengthen network security technology innovation capability. At the technical level, to enhance the ability of network information technology, the construction of national cyberspace security technology system, and accelerate the development of innovative research and application of security products. At the industrial level, to improve the level of industrial support, establish a good market environment, cultivate China’s leading enterprises in network security. At the same time, considering the network security strategy, China should form the ecological chain of information technology products of independent development, and strengthening of new technologies, new applications, new business network security and forward-looking layout, provide opportunities for the rapid development of information technology and industry.
来自:未来网
Coming from: future network

微信扫一扫关注该公众号
Sweep the concern of the public, WeChat

外部供应商的供应商可能会泄露我们的机密数据,所以在供应链的信息安全管理方面,我们要求直接供应商在将我们的数据托管或转包给第三方之前必须获得我们的安全审核,在审核通过,获得正式授权后方可将它们分享给第三方。

猜您喜欢

曲阜市陵城镇举办消防安全知识培训班
网络安全公益短片扫描二维码的安全风险
海外安全培训在线课程,帮助提升海外从业人员及差旅人员的安全防范意识:
郑爽“失踪”多日终现身见拍照忙捂脸
SIMPLESKINCARE SPORTSTREAM
诺贝尔科学奖获得者也无法解决的高科技信息窃贼防范难题由信息安全意识教育来帮忙