嘉賓介紹
萬里
杭州海康威視數字技術股份有限公司網絡安全總監
報告摘要
摘要:為了進一步加強海康威視工業控制系統信息安全管理,提高工業控制系統運維水平,保障工控系統安全穩定運行,海康威視自2015年起開展工控安全的系統化梳理和體系化建設工作。依據工業和信息化部有關要求,海康威視網絡安全部從公司工控系統信息的應用系統、信息資產、基礎架構、規章制度、應急保障等五個維度進行安全現狀梳理,并依據指南進行規劃化逐個整改,逐步完成了信息內容保護、安全運行監控、支撐環境保障、安全管理、安全運維等能力的建設,實現了工控系統的防攻擊、防篡改、防病毒、防癱瘓、防竊密,確保工控信息系統安全穩定運行,做到“可視、可控、可管”的集成化管理。
Abstract:Since 2015,in order to further strengthen the information security management and improve the operation and maintenance level of industrial control system,ensure the safety and stability of the system,Hikvision began to carry out the systematic combing of ICS cyber security and construct the protection system. According to the relevant requirements of the ministry of industry and information technology, The network security department of hikvision combed the security status of the company's industrial control system from five dimensions:application system, information assets,infrastructure,rules and regulations,and emergency assurancet,and carried out standardized rectification according to the guidelines,gradually improve the ability of information asset protection,security status monitoring,system environment protection,security management,security operations and maintenance,realize the ability of anti-attack,anti-tamper,anti-virus,anti-paralysis,anti-theft of industrial control system,ensure the safe and stable operation of industrial control information systemt,achieve the visual,controllable,manageable and integrated management.
關鍵詞:主動;深層;立體防御
Key words:Initiative;Defense-in-depth;Three-dimensional
