Russian version of the theory of information security

与其相忘于江湖,不如点击“蓝字”关注哦
2016年12月5日,俄罗斯联邦总统普京颁布646号总统令,批准俄罗斯联邦新版《信息安全学说》,即日起生效。同时宣布,2000年10月9日颁布的俄罗斯《信息安全学说》(1895号总统令)失效。俄罗斯历来十分重视信息安全问题,此前受西方“信息战”理论和实践冲击,俄在2000年颁布的《信息安全学说》,正式把信息安全作为战略问题来考虑,从理论和实践上加紧准备和建设,认真探讨进行信息战的各种措施。此次发布的新版学说,是对2000年版《信息安全学说》的更新升级,内容更加丰富,任务更加明确。
新版信息安全学说的地位和意义普京在批准新版安全学说的文件中写道:“为了保障俄联邦信息安全,我下令批准提交的俄联邦信息安全学说。”
信息领域的国家利益
新版学说指出,在战略稳定性和平等战略合作方面,“建立国际信息空间的平等国际关系体制是信息安全保障的战略目的。”
“基于对主要信息威胁的分析和对信息安全态势的评估”,明确了“信息安全领域的国家利益”,提出了“信息安全保障的战略目标和主要方向”。
明确信息安全学说的战略地位新版学说“是俄联邦信息安全保障领域的战略规划性文件”,是在2015年12月31日俄总统683号令批准的《俄联邦国家安全战略》基础上形成,并且发展了“其他信息安全领域战略规划文件的理论。”

传统企业如何管理分散的数据?云城数据做了一套存储管理系统

延续俄信息安全战略俄联邦政府相继制定和颁布了一系列纲领性文件和政策法规,基本形成了“多层级”信息安全法律体系,体现了俄信息安全顶层设计的大体脉络。1997年颁布的《俄罗斯国家安全构想》明确,信息安全是保障国家安全的重中之重。2001年,《俄联邦信息和信息化领域立法发展构想》分析了俄联邦信息和信息化领域立法的现状和发展趋势。2013年8月,俄罗斯联邦政府公布《2020年前俄罗斯联邦国际信息安全领域国家政策框架》,细化了《2020年前俄罗斯联邦国家安全战略》等俄罗斯联邦其它战略计划文件中的某些条款。

邯郸磁县积极打造”三位一体”安全舆论宣传模式

信息安全保障的战略目标和主要方向
明确俄信息安全领域面临的问题和威胁根据这一学说,当前俄在信息安全领域面临诸多问题,这些问题同时构成对俄国家信息安全的威胁,主要集中在以下几个方面:
外国在俄情报活动与日俱增新版学说有两处提出对外国在俄情报活动的担心,一处描述显示“对俄罗斯国家机关、科研机构和国防工业企业进行技术侦查的活动与日俱增”,另一处描述表明“外国对俄罗斯的侦察活动越来越多,使用信息技术损害俄罗斯的主权和领土完整,对政治和社会稳定的威胁明显增加。”
恐怖组织和激进组织影响加剧新版学说指出:“各种恐怖组织和激进组织广泛利用信息对个人、团体和社会意识的影响力,加剧民族间和社会的紧张对立,挑起宗教与民族的仇恨或敌对,宣扬过激思想,甚至拉拢新追随者参与恐怖活动。”
俄网络犯罪规模不断扩大新版学说提出,随着网络犯罪大规模增长,特别是在金融信贷领域,“使用信息技术收集个人数据,这些数据涉及不可侵犯的个人生活隐私和家庭隐私。”
国外媒体对俄报道存有偏颇新版学说指出,一方面,“国外大众媒体运用大量数据报道否定俄联邦国家政策”的趋势在上升;另一方面,“俄罗斯的大众传媒经常遭到国外露骨的歧视”,这使俄罗斯媒体记者从事职业活动受到影响。
“信息对俄罗斯民众的影响也在增加,首先是针对年轻人”。此外,“利用信息对个人、团体和社会意识的影响加剧民族间和社会的紧张对立”、“挑起宗教与民族的仇恨或敌对”、“宣扬过激思想”等,都是对俄意识形态安全的威胁,特别是“试图破坏俄罗斯的传统精神道德和价值观”。
该学说指出,使用信息技术如不与保障信息安全紧密结合,就会大大增加信息威胁出现的可能,就“难以建立保障战略稳定和形成权利平等的战略伙伴关系为目标的国际信息安全体系”。
信息技术能力不足是受制约因素新版学说指出,在信息通信技术及产品竞争力方面,俄罗斯同国外主要国家相比,具有一定差距,“有竞争力的信息安全技术和产品不足,国家给予信息安全产业政策扶持力度不够”,致使俄罗斯“部分电子设备、软件、处理技术和通信设备”受制于其他国家。由于外国“攻击俄联邦关键信息基础设施(电网、交通控制系统等)”,加上俄周边一些国家增强军事目的的信息技术能力提升,俄信息技术能力不足已成为新学说提出的“影响信息安全形势的主要消极因素”。
保障经济信息领域的主要目标和方向
“消除不良信息对民众的心理影响”是学说关注的国家意识形态领域安全,目的是保护其国民的“爱国主义传统”。
保障国家和社会安全领域的战略目标是“保卫国家主权,保持政治和社会稳定,保护俄罗斯的领土完整,保障公民的基本权利和自由,以及保卫关键信息基础设施”。学说指出在这个领域的主要方向,体现在国家建设的硬件和软件两个方面。
保障经济和科技教育领域信息安全战略目标主要是“研制和生产有竞争力的信息安全保障设备,提高信息安全保障领域的扶持规模和质量。”学说就此提出的主要方向是,通过“改革”和“创新”,发展俄的信息技术和电子工业,创新“有发展前景的信息技术和信息安全保障设备”。
保障网络空间信息安全的战略目标是形成“稳定的、不冲突的国家间关系”。学说提出,“保卫俄联邦网络空间的主权,实行独立自主的政策,在信息领域实现国家利益。”同时,“参与国际信息安全保障体系建设”、“建立国际法律机制”、“推进和宣传俄罗斯的立场与观点”,并“开展互利合作”。

走出安全意识培训的误区
信息安全基础保障与建设
新版信息安全学说的不足与各方评价虽然此次发布的新版学说是对旧版学说的升级,但是也存在一些问题,正如俄罗斯政治研究中心网络安全问题专家奥列格·杰米多夫(Oleg Demidov)所说,“其本身也有所遗漏”。根据杰米多夫的评述,新学说疏漏了三个方面的系统性问题。
学说中关于关键信息基础设施的主要操作者角色不明。杰米多夫认为,“像卡巴斯基实验室、Infowatch、Group-IB这样的公司在承担着保护俄罗斯免受网络攻击的安全保障工作。企业应在学说中占据优先位置。”
学说在国际合作方面的内容不够清晰。杰米多夫认为,俄罗斯必须提高与上海合作组织(SCO)、集体安全条约组织(CSTO)和其他盟友的国际合作水平,要确保政府和行业组织面对威胁做出反应,“要举行更多的联合演练,模拟可同时破坏多个国家部门工作的大型跨国网络攻击场景。”
该学说并非法律文件,不能发挥直接效力。学说文本只是为后续文件和法案的制定提供了框架和基础,有助于针对关键性信息基础设施设计基本法案。杰米多夫指出:“联邦安全局2013年设计的最新方案被束之高阁。如今这一法律漏洞有可能被补上。” 2013年2月,俄罗斯总统网站公布了新版俄罗斯对外政策构想。早在2000年和2008年,俄也曾两度出台对外政策构想。
各方声音
该学说的出台与新形势的“推特革命”和潜在的网络攻击威胁不无关系。奥列格·杰米多夫在专稿中指出:“阿拉伯之春表明,脸书、推特和其他即时通讯工具能大量传播威胁社会和政治稳定的内容。重要的是,目前还没有封锁类似过程的有效模式。”因此,学说十分关注国外媒体对俄的报道偏颇,恐怖组织和激进组织对俄影响加剧,以及俄青年传统道德和价值观受影响等意识形态安全。这些内容体现在新版学说中,也与俄领导人注重防范新形式的推特革命的意识提升有关。

百万年薪并不难,就用这些信息安全证书去敲门吧

——尼古拉·利托夫金(Nikolay Litovkin)
俄《国防》杂志主编指出,2010年Stuxnet行动期间,美国和以色列特工部门对伊朗核设施进行了“打击”,外部侵入致使伊朗铀浓缩离心机极限工作模式被启动并大量损坏,伊朗的核能力倒退了八年。此后,俄罗斯改变了其对网络安全的看法。正如奥列格·杰米多夫所说:“这个版本的新学说对俄罗斯的军事技术安全威胁进行了非常好的阐述,如强调防范外国特工部门有针对性的网络行动,以及打击外国情报部门在俄罗斯的活动。”
——伊戈尔·科罗特琴科(Igor Korotchenko)
12月8日的报道援引俄罗斯互联网创始人之一安东尼克的说法,认为学说是该国领导层的心理和意识形态的产物,反映出俄当局完全不信任任何其他国家。该报道还刊发了乔治·华盛顿大学设在莫斯科的杂志编辑玛丽亚·李普曼评论。她说,新的信息安全学说本身将指导当局的行动,同时,也反映了当局对媒体越来越强烈镇压的态度,以及更广泛的言论自由限制。
——美国之音(VOA)
在2016年12月9日的报道中指出,与美国相比,俄罗斯的信息安全学说体现了其更广泛的信息安全观,因此,为了“应对俄罗斯的网络威胁”,美国必须“抓住”这个更广泛的概念。同时,文章也指出,在路透社和塔斯社的报道中,也强调了俄对社会、文化、心理等诸多“精神方面”方面可能受到袭击的担心。
——福布斯(Forbes)
微信扫一扫关注该公众号
With the better known in the arena, click the blue attention oh
On December 5, 2016, President Putin of Russian Federation issued the Presidential Decree No. 646 and approved the new version of Russian Federation’s theory of information security. At the same time, announced in October 9, 2000, Russia’s information security doctrine (No. 1895 presidential decree) failure. Russia has always attached great importance to the issue of information security, previously by the western information warfare theory and practice of impact, Russia in 2000 promulgated the information security doctrine, officially the information security as a strategic problem, from theory and practice to prepare and construction, seriously explore various measures of information warfare. The release of the new version of the theory, is the 2000 edition of information security theory, the update and upgrade, the content is more abundant, the task is more clear.
The status and significance of the new version of the theory of information security in the approval of the new version of Putin’s theory of security documents wrote: in order to protect the Russian federal information security, I ordered the approval of the Russian Federal Information Security Theory submitted.
National interests in the field of information
The new theory points out that the establishment of an equal international relations system of international information space is the strategic goal of information security.
Based on the analysis of the main information threats and the assessment of the information security situation, the paper defines the national interests in the field of information security.
Clear the strategic position of the information security theory of the new theory of strategic planning documents Russian federal information security field, in December 2015 31 Russian President Decree No. 683 approved by the Russian Federation national security strategy on the basis of the formation, development and the other information security strategic planning document theory.
The continuation of the Russian Information Security Strategy of the Russian federal government has formulated and promulgated a series of programmatic documents and policies and regulations, the basic form of the legal system of multi level information security , reflects the general context of the Russian Information Security top-level design. 1997 promulgated the Russian national security concept clear, information security is a top priority to protect national security. 2001, the Russian Federation of information and information technology in the field of legislative development of the Russian Federation of information and information technology in the field of the status quo and development trends. In August 2013, the Russian Federation government announced the 2020 Russian Federation international information security field of the national policy framework, certain provisions of refinement before 2020 Russian Federation national security strategy Russian Federation strategic plan in other documents.
Strategic objectives and direction of information security
Clear the Russian field of information security issues and threats according to this theory, the current Russia in the field of information security is facing many problems, these problems at the same time of the Russian national information security threats, mainly in the following aspects:
Foreign intelligence activities in the Russian version of two theories grow with each passing day of foreign intelligence activities in Russia worried that a description of the display technical investigation on Russian state organs, scientific research institutions and defense industry enterprise activities, another grow with each passing day shows the foreign to Russian reconnaissance activities more and more, the use of information technology damage to Russia’s sovereignty and territorial integrity, threat to political and social stability increased significantly.
Influence of terrorists and militant groups intensified new theory pointed out: all the terrorists and militant group wide use of information on individuals, groups and social awareness of the influence, increasing tensions between nation and society, provoke religious and ethnic hatred or hostility, promote bowel thinking, even draw new followers to participate in terrorist activities.
Russian cyber crime continues to expand the scale of new theory, with the massive growth of network crime, especially in the areas of financial and credit, the use of information technology to collect personal data, these data relates to the inviolability of personal privacy and the privacy of the family.
Foreign media have biased new theory of Russia reported that, on the one hand, foreign media reported the use of large amounts of data the negative national policy of the Russian Federation in the rising trend; on the other hand, the Russian mass media often discriminated against blatant abroad, the Russian media reporter Ross is engaged in the occupation activity affected.
The impact of information on the Russian people are also increasing, the first is for young people. In addition, the use of information on individuals, organizations and social awareness of the impact of intensified ethnic and social tensions and provoke religious and ethnic hatred or hostility and advocating extreme thoughts and so on, are on the Russian ideology security threat, especially trying to undermine Russia’s traditional spirit and moral values.
This theory pointed out that the use of information technology such as not closely combined with information security, information will greatly increase the threat may arise, it is difficult to establish security strategic stability and the formation of equal rights of the strategic partnership of international information security system as the goal.
Information technology is the lack of capacity constraints in the new theory, information communication technology and product competitiveness, Russia and major foreign countries compared to a certain gap, competitive information security technology and products, information security industry to give policy support is not enough, resulting in the Russian part of electronic equipment, software, processing technology and communication equipment by other countries. The foreign to attack the Russian Federation critical information infrastructure (network, traffic control system), plus Russia and neighboring countries to enhance military information technology capability, the Russian information technology capacity shortage has become the main negative factors affecting the new situation of information security theory proposed.
The main objectives and direction of economic information
The elimination of bad information on the psychological impact of the public is the focus of the theory of national security in the field of ideology, the purpose is to protect their citizens’ patriotic tradition.
Security strategic goal in the field of national and social security is to safeguard national sovereignty, maintain political and social stability, protect Russia’s territorial integrity, safeguard basic civil rights and freedom, and protect critical information infrastructure. The theory points out the main directions in this field, embodied in the two aspects of hardware and software in the country’s construction.
The main goal of ensuring information security in the field of economy and science and technology education is to develop and produce competitive information security equipment, and to improve the scale and quality of support in the field of information security. The main direction of this theory is that through the reform and innovation, the development of Russia’s information technology and electronic industry, innovation and development of information technology and information security equipment.
The strategic goal of ensuring the security of cyberspace information is to form a stable, non conflict between countries. The theory proposed that defending the sovereignty of the Russian Federation cyberspace, the implementation of an independent policy to achieve national interests in the field of information. At the same time, to participate in the construction of international information security system, the establishment of international legal mechanisms, promote and promote Russia’s position and views, and to carry out mutually beneficial cooperation.
Basic guarantee and construction of information security
The deficiency and evaluation of the new information security theory, although the new theory of the release of the old version of the doctrine of the upgrade, but there are also some problems, as the center of the Russian political research network security expert Oleg Jamidorf (Oleg Demidov) said, it also omit. According to Jamie Dov’s comments, the new theory has neglected the systematic problems of three aspects.
The main operator role in the critical information infrastructure is unknown. Jamie Dov believes that, like the Kabasiji lab, Infowatch, Group-IB, such as the company is responsible for the protection of Russia from cyber attacks security work. The enterprise should occupy the first position in the theory.
The theory is not clear enough in international cooperation. Jamie Dov believes that Russia must improve with the Shanghai Cooperation Organization (SCO), the Collective Security Treaty Organization (CSTO) and the level of international cooperation and other allies, to ensure that the government and industry organizations face the threat response, to hold joint exercises more, simulation can damage multiple national departments at the same time large multinational network attack scenarios.
The doctrine is not a legal document, can not play a direct effect. The theory text only provides the framework and foundation for the subsequent documents and bills, which is helpful for the design of key information infrastructure. Jamie Dov pointed out: the Federal Security Agency in 2013 designed the latest program was shelved. Today, this loophole is likely to be filled. February 2013, the Russian presidential website announced a new version of Russia’s foreign policy ideas. As early as in 2000 and in 2008, Russia has twice introduced foreign policy ideas.
组织也应该从中吸取微博泄密的教训,制定好保密内容的范围,教育好员工哪些内容可以、哪些不可以在论坛、博客和社交网络上张贴。
Party voices
The introduction of the theory and the new situation of the Twitter revolution and the potential threat of cyber attacks are not unrelated. Oleg Jamidorf pointed out in the text: the Arabia spring shows that Facebook, twitter and other instant messaging tools can spread a large number of threats to social and political stability. It is important that there is no effective way to block similar processes. Therefore, the theory is very concerned about the bias of foreign media coverage of Russia, terrorist organizations and the impact of the radical organization of Russia, as well as Russia’s traditional moral and values of young people, such as the impact of ideological security. These are reflected in the new version of the theory, but also with the Russian leaders pay attention to prevent new forms of awareness of the promotion of the promotion of the revolution.
– Nicola Litovkin (Nikolay Litovkin)
Russia’s national defense magazine editor pointed out that during the 2010 Stuxnet act, agent departments in the United States and Israel of strike against Iran’s nuclear facilities, outside Iran in centrifuges operating mode is started and a large number of limit damage to Iran’s nuclear capability back eight years. Since then, Russia has changed its view on network security. As Oleg Jamidorf said: the new version of this theory had a very good description of the Russian military technical security threats, such as emphasizing the Prevention Department of foreign agents targeted network operations, and the fight against foreign intelligence activities in russia.
– Igor Korotchenko (Igor Korotchenko)
In December 8th the report quoted one of the Russian Internet founder antonica said that the theory is a product of the country’s leadership psychology and ideology, reflects the Russian authorities do not trust any other country. The report was also published by George, a Moscow based magazine editor, Dr. Maria Lipman, in. She said that the new information security theory itself will guide the actions of the authorities, but also reflects the government’s attitude towards the media increasingly strong repression, as well as a wider range of restrictions on freedom of expression.
Voice of America (VOA)
The report pointed out that in December 9, 2016, compared with the United States, Russia, the information security theory reflects its more extensive information security concept, therefore, in order to deal with Russian cyber threats, the United States must seize this broader concept. At the same time, the article also pointed out that in the Reuters and TASS reported that Russia may also emphasized on society, culture, psychology and other spiritual attacked worry.
– Forbes (Forbes)
WeChat sweep attention to the public number

IP记录显示不少大公司的员工都有下载盗版,员工想不花钱而下载盗版,公司可能会为些埋单,加强员工关于软件知识产权保护的教育培训、加强员工上网行为管理如网络访问的监管和审计很必要。

猜您喜欢

任子行签订15亿元网络空间安全总部基地项目协议
安全基础理论课程助力培养全民网络安全意识
企业安全意识之歌
安全月员工安全意识教育宣传活动需要有新的故事
CHUMASHCASINO ARGUETHECONSTITUTION
计算机网络安全基础微课