[目的/意义]随着计算机与网络通信技术的快速发展,针对信息系统的攻击日益严重,且呈现出有组织化的趋势。如何应对针对信息系统安全的网络攻击成为世界各国普遍关注的焦点问题。欧盟是信息系统安全治理机制建立和发展较为完备的地区,对其进行系统研究能够为我国的信息系统安全治理机制的建立提供有益的参考和借鉴。[方法/过程]通过对欧盟网络攻击视角下的信息系统安全治理实践进行探索,系统分析其治理原则和治理机制,探讨欧盟信息系统安全的治理框架。[结果/结论]建议我国建立涵盖事前监测预警、事中应急响应、事后惩治与恢复的“三位一体”治理框架,以期实现对信息系统网络攻击的有效治理。%Purpose/Significance] With the development of computer technology and network technology, the attacks against informa-tion system present growing seriousness and organized trend. How to establish information system governance mechanisms from the per-spective of cyber attacks becomes the focus worldwide. EUˊs information system governance mechanisms from the perspective of cyber at-tacks established a good example for the establishment of information system security governance mechanism in China. [ Method/Process] By exploring the security governance of the EU information systems from the perspective of cyber attacks, and systematically an-alyzing the governance principles and mechanisms, the governance framework of the EU information system can be deduced. [ Result/Conclusion] We should establish a"Trinity" governance framework, which means that monitoring and warning before the event, respon-ding and disposing during the event, punishing and recovering after the event, so as to achieve the effective governance of information sys-tems from the perspective of cyber attacks.
展开▼