关键词: 数据安全, 数据安全治理, 数据滥用, 数据安全风险控制, 数据安全运营

Abstract: With the in-depth implementation of the “Data Security Law” and the further development of data element marketization, the technologies and practices related to data security governance will also develop continuously. However, so far, neither a unified understanding of the relevant practices of data security governance has been formed within the industry, nor relevant national and industrial standards have been introduced. This paper attempts to explore an effective data security governance practice from the aspects of data security governance objectives and methods. This paper also puts forward a set of data security governance system architecture, and describes in detail one by one the requirements of data security governance practice mechanism in terms of management, technology, evaluation and operation, etc., with key measures and technical requirements involved in the practice of data security governance introduced.

Key words: data security, data security governance, data abuse, data security risk control, data security operation