摘要
[研究目的]大数据时代衍生的信息安全管理问题,使得完善信息安全管理政策,消除信息安全风险成为首要问题。开展信息安全管理政策文本量化研究,对完善政策设计具有重要意义。[研究方法]以2003—2021年中央层面信息安全管理政策为研究对象,运用内容量化分析和社会网络分析方法。从政策工具、政策目标、主体要素和外部特征四个维度,对我国信息安全管理政策展开分析。[研究结论]工具维度,偏重基础型政策工具,缺乏有效规制和引导教育;目标维度,注重物理环境与数据安全,忽视网络系统和应用安全;主体维度,多元主体参与不足,技术与监管发展缓慢。针对存在的问题,提出优化我国信息安全管理政策的相关建议。
[Research purpose] The information security management issues derived from the era of big data make the improvement of information security management policies and the elimination of information security risks become the primary issue. Carrying out quantitative research on information security management policy text is of great significance to improve policy design. [Research method] Taking the information security management policies released in 2003-2021 as the research object, using quantitative analysis of content and social network analysis methods, it analyzes the information security management policy from the four dimensions of policy tools, policy objectives, main elements and external characteristics. [Research conclusion] Tool dimension, preferring basic policy tools, lacking effective regulation and guidance instruction;target dimension, focusing on physical environment and data security, ignoring network system and application security;subject dimension, insufficient participation of multiple subjects, slow technology and regulatory development. In response to these existing problems, relevant suggestions for optimizing information security management policies are put forward.
作者
周付军
Zhou Fujun(School of Public Administration,Central South University,Changsha 410075)
出处
《情报杂志》
CSSCI
北大核心
2023年第1期174-181,共8页
Journal of Intelligence
基金
中南大学中央高校基本科研业务费专项资金资助项目(编号:2021zzts0004)研究成果之一。
关键词
信息安全管理
社会系统论
政策工具
政策目标
政策效力
information security management
social system theory
policy tools
policy objectives
policy effectiveness