Summary of proposals for the National Two Sessions in 2018
2018 Government Work Report of the Two Sessions (Full Text) 2018 Two Sessions Education Reform 2018 Two Sessions Real Estate Tax Two Sessions 2018 Medical Reform and Medical Treatment 2018 Two Sessions China Must Do These 60 Major Things 2018 Two Sessions House Price Trends Two Sessions 2018 Reform of public institutions 2018 during the two sessions Pension increases and salary increases Personal tax reform 2018 during the two sessions Teachers’ salaries
1. Information security - ensuring the effective implementation of e-government cloud
There are two words that have been mentioned frequently in recent years, namely cloud computing and big data. In all walks of life, cloud computing and big data have played an important role, and they have brought us a cross-era change. The promotion and application of cloud have also opened up a new path for e-government. The key point in the construction of e-government cloud is whether information security can be effectively guaranteed. There are three problems that my country's e-government cloud currently faces. The first is imperfect laws, regulations and standards; the second is the security threat of virtualization and multi-tenancy; and the last is the threat caused by the concentration of applications and data.
In terms of law, the absence of relevant laws and regulations will lead to the existence of many hidden dangers; in terms of technology, cloud computing is quite different from traditional IT. Our country's development is not perfect, and it is still lacking in terms of interface, platform, environment and resources. status; and the risks brought about by the centralized integration of resources through cloud computing and big data will also pose a threat to security. In short, these aspects pose greater challenges to the management, products, and technology of e-government cloud. We should establish a complete set of standards and plan every step from top to bottom to avoid data leakage. At the same time, the government should encourage and guide cooperation between manufacturers and enterprises to establish a good environment, thereby forming a complete security system to ensure the reliability of information security from the inside out. For cloud vendors, they should also start from themselves, strengthen the security and reliability of the system, and solve security risks from the most fundamental point of view.
2. Autonomous change—Safety information is at your fingertips
my country's security information industry is developing rapidly, and the product system is gradually improving, moving towards integrated and systematic development. With the opening up of the network security and information industry, a series of problems such as short product life cycles and security leaks have also arisen. The core content of chips, operating systems, software and other products currently in use is still in the hands of foreign investors. Due to political, market and other reasons, this issue is particularly important. If the country no longer pays attention to the safety system and does not have a complete system and system, it will not be able to effectively prevent supply chain risks, and we will face huge challenges.
Conducting network security reviews of important information technology products and services is conducive to improving my country's network security review system. But if the review content remains at the technical level, there will also be threats. Therefore, a comprehensive review is necessary to ensure that information security is autonomous and controllable. If each supplier can provide the network security review and filing agency with information on the upstream and downstream links of the supply chain, the entire supply chain can be transparent and clear, and can be mastered and controllable through transparency. Divide the scope of critical infrastructure, sensitive departments, and government agencies in detail; establish a detailed and transparent supply chain registration directory; standardize procurement behavior in critical infrastructure, sensitive departments, and government agencies. Through the comprehensive implementation of the above three points, I believe that we can Effectively control the controllability of information security in the supply chain.
3. Clear leadership - Promote the reliable development of the security information system
Most of my country's current information security assurance systems are built on the basis of equal protection and sub-insurance systems, which only need to meet compliance requirements, and do not pay attention to being effect-oriented. As a result, the information security assurance system still remains at a relatively low level. level. If the entire industry continues to cycle at low levels, then security capabilities will certainly not be effectively improved. At this time, the country needs to stand up and establish a new system to break this long-term unchanged system.
The position of Chief Information Security Officer was established to provide a more detailed division of labor and to be responsible for the security system from a more professional and clear responsibility perspective. The implementation of the chief information security officer system in critical infrastructure, sensitive departments, government agencies, etc. is expected to play a guiding role based on the user's perspective, promote the development of manufacturers, and form a good ecological environment for my country's security industry. Of course, the implementation of this system also requires strict assessment of personnel to ensure the professionalism of the chief information security officer.
All in all, establishing a comprehensive network security system is of great significance to national enterprises and individuals. It is believed that in the near future, through the establishment of various network security systems and the integration of the industry, the user rights of everyone can be ensured. ;