Journal of Information Security Reserach ›› 2022, Vol. 8 ›› Issue (9): 901-.

Previous Articles     Next Articles

Research on Data Security Endogenous Mechanism on Complex  Adaptive Organizations

  

  • Online:2022-09-02 Published:2022-09-02

组织数据安全自适应评价机制研究

范晓娟1,2刘玉岭3吴迪4   

  1. 1(中国科学院信息工程研究所知识保存与传播工作室北京100101)
    2(山东农业大学公共管理学院山东泰安271000)
    3(中国科学院信息工程研究所第六研究室北京100101)
    4(中国网络安全审查技术与认证中心北京100101)
  • 通讯作者: 范晓娟 博士,副教授.主要研究方向为数字安全、数字合规与安全评估. 1403860778@qq.com
  • 作者简介:范晓娟 博士,副教授.主要研究方向为数字安全、数字合规与安全评估. 1403860778@qq.com 刘玉岭 博士,高级工程师.主要研究方向为安全态势感知、网安大数据分析、安全测评. liuyuling@iie.ac.cn 吴迪 博士,高级工程师.主要研究方向为数据安全、安全评测. wudi@is ccc.gov.cn

Abstract: At present,theoretical and practical studies concerning organizations pay more attention to data security governance and maturity capability building other than the endogenous mechanism of data security of complex organizations from the perspective of adaptive management of organizations. In this paper, the author pays attention to the lack of security adaptive management under the characteristics of complex and diverse organizations that may lead to resource imbalance or ineffective allocation, taking “departmental organization effective interaction” oriented by the adaptive operation and management goals of complex critical safety organizations as the main line, focus on the analysis of the influence and evaluation strategy of data security on organization adaptive evaluation, and construct effective evaluation index and reintervene index system of data security and effective function. The work of this paper is beneficial to improve the adaptive learning ability under data security underlying logic, and then promote effective innovation of organization adaptive safety management style under data security regulatory environment at home and abroad.

Key words: data security, complex adaptive organizations, capability assessment, department interaction, critical safety industry

摘要: 目前国内外研究普遍关注组织机构的数据安全治理与成熟度能力构建理论和实践,从组织体自适应性管理角度对复杂组织机构数据安全内生机制的研究较少.针对组织复杂多样特征下数据安全自适应机制的缺失易导致内组织和社会外部资源不均衡或无效配置的问题,围绕建立复杂关键性安全组织自适应运营管理目标导向的“部门机构有效关联”主线,着重分析了数据安全对组织自适应性评价的影响和评价策略,构建了数据安全有效作用评价及评价失灵后的再干预指标体系.该研究有利于提高组织数据安全底层逻辑的自适应学习能力,进而促进国内外数据安全监管环境下组织适应性安全管理运营方式的有效革新.

关键词: 数据安全, 复杂自适应组织, 能力评估, 部门交互作用, 关键性安全行业