Lu Zhe, chief scientist of Shiping information: building data and personnel centered security capabilities

Into the digital age , Data becomes a key factor of production , It is a national strategic resource . With the deepening of digital transformation of industry , The value of data is increasingly prominent , At the same time, the accompanying data security risks are also increasing , The data reveal that 、 Various security threats such as illegal data transactions continue to intensify . How to prevent data security risks , In data sharing 、 Prevent the occurrence of “ Data streaks ”, It is particularly important in the process of digital construction and development in China .

In recent days, , Lu Zhe, chief scientist of Shiping information, was invited to attend “ Escort data · Safe future ” Online salon activities , And around “ Data security ” The theme , In view of the construction of data security governance and technical system in the context of the digital era, talk with the big players in the industry . Experts from Lu zhe think , The key to data security governance in the new era , It's about building security capabilities that focus on data and people , According to the data security characteristics and key needs in the digital era , According to legal requirements and national norms , Build a technical framework system for data security management and monitoring , Realize the standardization of various business data processes by landing 、 Refined security management .

multivariate 、 flow 、 Real time data environment and data processing characteristics , Accelerate the release of data security governance requirements

At the meeting , Lu Zhe, an expert, shared with online audiences the characteristics of information systems and the new information technology environment in the digital era , And analyzes the current industry situation 、 Cutting edge response and development trend . Experts from Lu zhe think , The traditional network security technology for systems and boundaries can no longer meet the information security needs under the new situation , At present, data security risks are mainly characterized by four aspects ： Data dependency 、 Endogenous 、 Business relevance and high diffusion , After analysis , Business data and internal personnel are the key .

In response to the above risks , Experts Lu zhe pointed out , In the digital era, the core of data security governance is to go deep into the business process for data sensitivity 、 Security attribute sorting and control , The focus is on compliance with data and people 、 Risk analysis, evaluation, prediction and monitoring , must “ Refined data 、 Down to business 、 Prevent people , Both static and dynamic 、 Both inside and outside ”.

At present, the management and control of data and personnel is mainly reflected in the following five urgent needs ：

1. Data classification - Data asset discovery and management

2.  Data security compliance and risk management

3.  Data and human centered security

4.  Go deep into the refined security control of business

5. Comprehensive monitoring of endogenous data leakage risk

Data security capabilities = Data governance + Data security governance （ Management specification + Technical measures ）

Talking about the construction of data security capability , Experts Lu zhe proposed that we should first refer to national legal requirements and norms , Take data security governance as a means , Take the data security capability maturity model as the standard , Achieve the comprehensive improvement of the maturity of data security capability .

From the supply side of the industry , The data security governance needs of government and enterprise units have not been fully met . Expert LU zhe introduced the data security governance mode of Shiping information online —— Build layers of protection DCTII Data security management and monitoring technology framework system , Build data and personnel centric security capabilities .

This model focuses on meeting the diversified data security governance needs of government and enterprise units , It is a big data platform for all industries 、 Cloud computing 、 Data asset management and protection in complex environments such as collaborative applications and the Internet provide a complete technical foundation , Effectively improve the user data security capabilities .

The value of data does not lie in the data itself , Digital transformation and innovation of industry , In essence, it is value creation based on data . In the digital age , Can we master data resources and transform them into production factors , Whether the data security risks can be resolved in time in the process , Build a complete data security capability , It has become a measure of an enterprise 、 The level of competitiveness of an industry or even a country is an important factor . Before the tide of the times , Shiping information will also take advantage of the momentum , Continue to promote product innovation and service upgrading , Seize the high ground of data security , Provide strong support for the development of digital construction in China .