The level of security protection needs to be improved
“Positive progress has been made in the development of the industrial Internet, and the security guarantee capability has been significantly improved.” The relevant person in charge of the Ministry of Industry and Information Technology said that China has built a security management system with multi-department coordination, each taking its own responsibility, enterprise main body and government supervision, and through supervision and inspection and threat information notification and other measures, enterprises’ awareness of security responsibility has been further enhanced; The construction of a national, provincial, and enterprise three-level linkage security monitoring system has basically formed an industrial Internet security monitoring, early warning and disposal capability.
The reporter noted that the “Notice” proposed to establish a hierarchical safety management system for enterprises, improve the safety technology monitoring system, and improve the safety working mechanism.
In the establishment of a hierarchical security management system for enterprises, the Notice requires the introduction of guidelines for the classification and classification of network security for industrial Internet enterprises and the formulation of security protection system standards.
“Industrial Internet security is an important guarantee for the development of the industrial Internet. The industrial Internet connects a large number of important industrial devices, and a security incident has a significant impact.” Chi Cheng told reporters that with the development of China’s industrial Internet into the practice of deep cultivation stage, the level of enterprise security protection needs to be improved, and the security protection system needs to be improved.
In August 2019, the Ministry of Industry and Information Technology and other ten departments jointly issued the Guiding Opinions on Strengthening Industrial Internet Security; In December 2019, the Ministry of Industry and Information Technology published the “Guidelines for Classification and Classification of Network Security for Industrial Internet Enterprises (Trial)” (draft for comment).
Experts believe that the former focuses on emphasizing the overall development and security of the industrial Internet, while the latter requires industrial Internet enterprises to implement the main responsibility of network security by classification and classification, and accelerate the construction of the industrial Internet security system, and believe that under the guidance of the Notice, the relevant legislative process will obviously be further accelerated.
How to improve the level of security protection of industrial Internet enterprises, Chi Cheng suggested that industrial Internet enterprises improve the corporate network responsibility system, set up network security institutions and security management responsibilities, and take corresponding technical protection measures. At the same time, according to the situation, gradually establish and improve the enterprise-level industrial Internet security monitoring platform to achieve docking with the industrial Internet security monitoring platform above the provincial level.
In addition, regular cybersecurity risk assessments are carried out, practical emergency plans are formulated, emergency response mechanisms are established, emergency drills are regularly carried out, and necessary measures are taken to eliminate security risks.