信息安全研究 ›› 2024, Vol. 10 ›› Issue (1): 55-.

• 学术论文 • 上一篇    下一篇

金融机构ICT供应链信息安全风险分析及应对措施研究

丁丽媛   

  1. (银联数据服务有限公司上海201201)
  • 出版日期:2024-01-10 发布日期:2024-01-21
  • 通讯作者: 丁丽媛 工程师.主要研究方向为信息安全管理. dly8688151@163.com
  • 作者简介:丁丽媛 工程师.主要研究方向为信息安全管理. dly8688151@163.com

Research on Risk Analysis and Countermeasures of Financial Institution ICT Supply Chain Information Security

Ding Liyuan   

  1. (China UnionPay Data Services Co., Ltd., Shanghai 201201)
  • Online:2024-01-10 Published:2024-01-21

摘要: 供应链是一个日益复杂的全球网络,由大量且不断增加的第三方合作伙伴组成.对于金融机构来说供应链信息安全对于保障用户资金安全、保障用户个人信息安全尤为重要,所以必须提前谋划、构建安全可控的供应链信息安全体系.针对金融机构的信息通信技术(information and communications technology, ICT)供应链信息安全风险进行分析,提出了基于全生命周期的ICT供应链信息安全综合防控体系框架.通过该框架的闭环管理流程和技术措施可以实现金融机构ICT供应链信息安全的精准防控,从而保障金融业务安全稳定运行和发展.


关键词: 供应链, 信息安全, 第三方管理, 数据安全, 金融科技

Abstract: Supply chain is an increasingly complex global network composed of a large and growing number of thirdparty partners. For financial institutions, supply chain information security is particularly important for ensuring the security of user funds and personal information. Therefore, it is necessary to plan and build a secure and controllable supply chain information security system in advance. This paper mainly analyzes the information and communication technology (ICT) supply chain information security risks of financial institutions, and proposes a comprehensive prevention and control system framework for ICT supply chain information security based on the entire lifecycle. Through the closedloop management process and technical measures of this framework, precise prevention and control of ICT supply chain information security in financial institutions can be achieved, thereby ensuring the safe and stable operation and development of financial business.

Key words: supply chain;information security;third party management, data security;Fintech

中图分类号: