基于CMMC的供应链网络安全管理模式分析
Analysis of supply chain network security management mode based on CMMC
刘冬 1贾晖 2周嵩琛 1程曦 1刘阳1
作者信息
- 1. 国家工业信息安全发展研究中心,北京 100040
- 2. 中国信息通信研究院,北京 100191
- 折叠
摘要
[目的/意义]随着供应链网络安全事件的日渐增多、安全风险威胁的日益加剧和攻击手段的持续升级,供应链已然成为网络安全攻防的焦点.为了有效地应对这种新形势,更好地保障我国供应链网络安全,对国内外安全事件情况和各国供应链网络安全管理现状进行梳理分析与研究.[方法/过程]通过透析美国国防部发布的《网络安全成熟度模型认证》(CMMC)等代表性供应链网络安全管理实践,从CMMC的安全管理内容、管理模式和预期成效等方面进行深入论述,探索我国供应链网络安全管理的思路和作法.[结果/结论]为我国强化提升工业领域供应链网络安全管理能力提供指导和支持,助力我国更好地适应和抵御不断变化的网络安全威胁.
Abstract
[Purpose/Significance]With the increasing frequency of supply chain network security incidents,the intensifying threats posed by security risks,and the continuous evolution of attack methods,the supply chain has become a focal point in the realm of network security offense and defense.To effectively respond to this new situation and better safeguard the network security of our country's supply chains,it is imperative to analyze and research the status of security incidents domestically and internationally as well as the current state of supply chain network security management in various countries.[Method/Process]By analyzing representative supply chain network security management practices,such as the U.S.Department of Defense's"Cybersecurity Maturity Model Certification"(CMMC),this study delves into the security management content,management models,and expected outcomes of CMMC.This exploration aims to provide insights and reflections on the management of supply chain network security in our country.[Results/Conclusion]This research aims to offer guidance and support for enhancing the management capabilities of supply chain network security within our industrial sector,thereby assisting our country in better adapting to and resisting the continuously evolving threats in network security.
关键词
供应链网络安全/安全管理/风险控制/成熟度模型/工业领域供应链网络安全Key words
supply chain network security/security management/risk control/maturity model/industrial supply chain cybersecurity引用本文复制引用
出版年
2024
NETL
NSTL
万方数据