Abstract:Since 2015,in order to further strengthen the information security management and improve the operation and maintenance level of industrial control system,ensure the safety and stability of the system,Hikvision began to carry out the systematic combing of ICS cyber security and construct the protection system. According to the relevant requirements of the ministry of industry and information technology, The network security department of hikvision combed the security status of the company's industrial control system from five dimensions:application system, information assets,infrastructure,rules and regulations,and emergency assurancet,and carried out standardized rectification according to the guidelines,gradually improve the ability of information asset protection,security status monitoring,system environment protection,security management,security operations and maintenance,realize the ability of anti-attack,anti-tamper,anti-virus,anti-paralysis,anti-theft of industrial control system,ensure the safe and stable operation of industrial control information systemt,achieve the visual,controllable,manageable and integrated management.
关键词:主动;深层;立体防御
Key words:Initiative;Defense-in-depth;Three-dimensional
摘要:为了进一步加强海康威视工业控制系统信息安全管理,提高工业控制系统运维水平,保障工控系统安全稳定运行,海康威视自2015年起开展工控安全的系统化梳理和体系化建设工作。依据工业和信息化部有关要求,海康威视网络安全部从公司工控系统信息的应用系统、信息资产、基础架构、规章制度、应急保障等五个维度进行安全现状梳理,并依据指南进行规划化逐个整改,逐步完成了信息内容保护、安全运行监控、支撑环境保障、安全管理、安全运维等能力的建设,实现了工控系统的防攻击、防篡改、防病毒、防瘫痪、防窃密,确保工控信息系统安全稳定运行,做到“可视、可控、可管”的集成化管理。
Abstract:Since 2015,in order to further strengthen the information security management and improve the operation and maintenance level of industrial control system,ensure the safety and stability of the system,Hikvision began to carry out the systematic combing of ICS cyber security and construct the protection system. According to the relevant requirements of the ministry of industry and information technology, The network security department of hikvision combed the security status of the company's industrial control system from five dimensions:application system, information assets,infrastructure,rules and regulations,and emergency assurancet,and carried out standardized rectification according to the guidelines,gradually improve the ability of information asset protection,security status monitoring,system environment protection,security management,security operations and maintenance,realize the ability of anti-attack,anti-tamper,anti-virus,anti-paralysis,anti-theft of industrial control system,ensure the safe and stable operation of industrial control information systemt,achieve the visual,controllable,manageable and integrated management.
关键词:主动;深层;立体防御
Key words:Initiative;Defense-in-depth;Three-dimensional