Research on the Evaluation of Emergency Response to Cybersecurity Events in the Securities Industry

Journal of Information Security Reserach ›› 2024, Vol. 10 ›› Issue (4): 368-.

Previous Articles Next Articles

Research on the Evaluation of Emergency Response to Cybersecurity Events in the Securities Industry

Zhu Yidong1,2, Xue Zhi2, Wang Hongtao1, Liu Hong1, Wu Chenwei3, and Hu Guangyue4#br#

#br#

1(Sinolink Securities Co., Ltd., Shanghai 201204)
2(School of Cyber Science and Engineering, Shanghai Jiao Tong University, Shanghai 200240)
3(HAITONG Securities Co., Ltd., Shanghai 200001)
4(Everbright Securities Co., Ltd., Shanghai 200040)

Online:2024-04-20 Published:2024-04-20

证券网络安全事件应急响应评价研究

朱嶷东1,2薛质2王洪涛1刘宏1吴晨炜3胡广跃4

1(国金证券股份有限公司上海201204)
2(上海交通大学网络空间安全学院上海200240)
3(海通证券股份有限公司上海200001)
4(光大证券股份有限公司上海200040)

通讯作者: 朱嶷东硕士，工程师.主要研究方向为安全体系架构设计和实施、网络安全攻防. zhuyidong@gjzq.com.cn
作者简介:朱嶷东硕士，工程师.主要研究方向为安全体系架构设计和实施、网络安全攻防. zhuyidong@gjzq.com.cn 薛质博士，教授.主要研究方向为计算机通信网及信息安全. zxue@sjtu.edu.cn 王洪涛硕士，工程师.主要研究方向为证券期货信息化和标准化. wanghongtao@gjzq.com.cn 刘宏硕士，工程师.主要研究方向为IT架构治理与信息技术规划、合规与风险管理. liuhong@gjzq.com.cn

Abstract

Abstract: The emergency response to cyber security events, spanning multiple departments, covering various levels and scopes, has become a crucial link in routine security operations, serving as a key pillar for ensuring the stable and secure operation of the securities industry. Addressing the issue of inconsistent and overly subjective traditional emergency response capability evaluation indicators in the securities industry, this paper proposes a cyber security incident emergency response process. This process includes detection response, loss prevention and blockage, source analysis, recovery, and reinforcement. The proposed evaluation model covers three tiers, encompassing tools utilization, log coverage, personnel skills, task distribution, notification handling, and publicity education. The fuzzy hierarchical analysis method is employed to determine the weight of each level indicator, while the expert judgment method is used to establish the evaluation indicator set. The fuzzy grey comprehensive evaluation method is introduced to assess the capability of emergency response to cyber security incidents in the securities industry. Through case validation and data analysis summary, the paper achieves quantitative demonstration of the evaluation indicators.

Key words: Cybersecurity events emergency response, expert judgment method, hierarchical analysis method, fuzzy grey comprehensive evaluation method, securities industry

摘要： 网络安全事件应急响应横跨多部门、涉及多层次、覆盖多范围，已成为常态化安全运营中关键链路环节，是证券业务稳定安全运行保障的重要核心支撑.针对证券业传统应急响应能力评价指标不统一且过于主观问题，提出了包含检测响应、止损阻断、分析溯源、清除恢复、加固复验的网络安全事件应急响应流程，涵盖工具运用、日志覆盖、人员技能、职责分工、通报处置、宣传教育指标体系的三级评价模型，运用模糊层次分析法确定各层次指标权重，采用专家判断方法建立评价指标集，引入模糊灰色综合评价方法对证券行业网络安全事件应急响应能力进行评价，并通过实例验证对指标数据进行分析汇总，实现了评价指标的量化展示.

关键词: 网络安全事件应急响应, 专家判断方法, 模糊层次分析方法, 模糊灰色综合评价方法, 证券业

CLC Number:

TP393.08

朱嶷东, 薛质, 王洪涛, 刘宏, 吴晨炜, 胡广跃, . 证券网络安全事件应急响应评价研究[J]. 信息安全研究, 2024, 10(4): 368-.

References

［1］证监会. 证券期货业网络安全事件报告与调查处理办法［J］. 中华人民共和国国务院公报, 2021, 68(23): 5458［2］梁银妍. 证券期货业网络和信息安全管理办法发布全面覆盖行业机构各类主体［N］. 上海证券报, 20230304(002)［3］证监会. 证券期货业信息安全保障管理办法［J］. 中国证券监督管理委员会公告, 2012, 59(9): 15［4］冯涛, 张玉清, 高有行. 网络安全事件应急响应联动系统模型［J］. 计算机工程, 2004, 30(13): 101103［5］张臻, 孙宝云, 李波洋. 美国网络安全应急管理体系及其启示［J］. 情报杂志, 2018, 37(3): 9498, 105［6］陈美华, 张明亮, 王延飞. 美国重大网络安全事件应急响应的情报解析［J］. 情报理论与实践, 2023, 60(6): 110［7］冯旭刚, 魏舜昊, 魏新园, 等. 基于信息熵灰色模糊融合模型的火电机组燃烧检测仪器综合性能评价方法［J］. 中国机械工程, 2022, 33(9): 10981103［8］刘永磊, 金志刚, 郝琨, 等. 基于STRIDE和模糊综合评价法的移动支付系统风险评估［J］. 信息网络安全, 2020, 20(2): 4956［9］蔡青, 关志军, 赵若言. 基于灰色模糊综合评价法的网络防御作战效能评估［J］. 中国电子科学研究院学报, 2022, 17(10): 991996［10］王煦莹, 沈红波, 徐兴周. 基于人工神经网络的金融信息系统风险评价［J］. 信息安全研究, 2022, 8(11): 10551060［11］曹龙, 吉梁, 朱彤. 综合性集团网络安全水平评价指标体系构建与实证研究［J］. 信息安全研究, 2022, 8(1): 101108［12］邓爱民, 张凡, 熊剑, 等. 基于模糊灰色综合评价方法的应急物流能力评价［J］. 统计与决策, 2010, 26(6): 174176［13］刘冲, 沈振中, 甘磊, 等. 基于模糊灰色聚类组合赋权的病险水库康复度综合评价方法［J］. 水利水电科技进展, 2018, 38(3): 3641［14］证监会. 证券期货业信息安全事件报告与调查处理办法［J］. 信息安全与通信保密, 2013 (2): 24［15］魏敏, 王法. 基于层次分析与模糊综合的变电站绿色施工评价方法研究［J］. 能源研究与利用, 2023, 35(2): 5356［16］Wang J, Li J, Li G, et al. An improved FAHPcloudbased security risk assessment model for airborne networks［J］. Journal of Computational Methods in Sciences and Engineering, 2020, 21(2): 115［17］Kumar A Y, Dinesh K. A fuzzy decision framework of leanagilegreen (LAG) practices for sustainable vaccine supply chain［J］. International Journal of Productivity and Performance Management, 2023, 20(7): 19872021［18］van M, Ranko V. Evaluation of montenegrin seafarer’s awareness of cyber security［J］. Trans on Maritime Science, 2020, 9(2): 206216［19］Bjrge J U, Gaute W. A systematic review of cybersecurity risks in higher education［J］. Future Internet, 2021, 13(2): 3939［20］Qingyuan Z, Jianjian L. The study on evaluation method of urban network security in the big data era［J］. Intelligent Automation and Soft Computing, 2018, 24(1): 133138

[1]	. Research on Source Code Vulnerability Detection Based on BERT Model [J]. Journal of Information Security Reserach, 2024, 10(4): 294-.
[2]	. Research Progress and Challenge of Industrial Control Systems Honeypot Based on Simulation [J]. Journal of Information Security Reserach, 2024, 10(4): 325-.
[3]	. Malware Detection and Classification Based on GHM Visualization and Deep Learning [J]. Journal of Information Security Reserach, 2024, 10(3): 216-.
[4]	. Research on Zero Trust Access Control Model Based on Role and Attribute#br# #br# [J]. Journal of Information Security Reserach, 2024, 10(3): 241-.
[5]	. Research on the Evaluation of Emergency Response to Cybersecurity Events in the Securities Industry [J]. Journal of Information Security Reserach, 0, (): 368-.
[6]	. Abnormal Traffic Detection Based on Adaptive Integrated Learning [J]. Journal of Information Security Reserach, 2024, 10(1): 34-.
[7]	. The Method and Practice of “RPA+ Mobile Storage Devices” to Solve Government Data Cross network Exchange Safely [J]. Journal of Information Security Reserach, 2024, 10(1): 81-.
[8]	. Power Sensitive Data Access Control Method Based on Zero Trust Security Model [J]. Journal of Information Security Reserach, 2024, 10(1): 88-.
[9]	. A Scalable Realtime Multistep Attack Scene Reconstruction Method#br# #br# [J]. Journal of Information Security Reserach, 2023, 9(12): 1173-.
[10]	. [J]. Journal of Information Security Reserach, 2023, 9(E2): 13-.
[11]	. [J]. Journal of Information Security Reserach, 2023, 9(E2): 29-.
[12]	. [J]. Journal of Information Security Reserach, 2023, 9(E2): 113-.
[13]	. [J]. Journal of Information Security Reserach, 2023, 9(E2): 49-.
[14]	. [J]. Journal of Information Security Reserach, 2023, 9(E2): 57-.
[15]	. [J]. Journal of Information Security Reserach, 2023, 9(E2): 69-.

Research on the Evaluation of Emergency Response to Cybersecurity Events in the Securities Industry

证券网络安全事件应急响应评价研究

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics