CN106022609A - Office computer information security comprehensive analysis and management method for large and medium enterprise staffs - Google Patents
Office computer information security comprehensive analysis and management method for large and medium enterprise staffs Download PDFInfo
- Publication number
- CN106022609A CN106022609A CN201610335461.3A CN201610335461A CN106022609A CN 106022609 A CN106022609 A CN 106022609A CN 201610335461 A CN201610335461 A CN 201610335461A CN 106022609 A CN106022609 A CN 106022609A
- Authority
- CN
- China
- Prior art keywords
- field
- data
- virus
- terminal computer
- patch
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0635—Risk analysis of enterprise or organisation activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0639—Performance analysis of employees; Performance analysis of enterprise or organisation operations
- G06Q10/06393—Score-carding, benchmarking or key performance indicator [KPI] analysis
Abstract
The invention relates to the technical field of computer information security, in particular to an office computer information security comprehensive analysis and management method for large and medium enterprise staffs. The method comprises the steps of firstly performing data collection from an anti-virus management platform, a patch repair management system, a staff internet behavior management system and a data leakage prevention system; obtaining an installation and operation situation of terminal computer security software and a statistics situation of staff internet behaviors and data leakage prevention through data association analysis; and finally performing calculation to obtain an installation rate, a virus database updating rate, a patch updating rate, a virus occurrence frequency and a sensitive information leakage frequency of the terminal computer security software, performing quantitative assessment and ranking on terminal computer information security management work of each mechanism by taking the data as reference indexes, and locating a risk point.
Description
Technical field
The present invention relates to computer information safety technique field, comprehensively analyze and management method particularly to a kind of large and medium-sized enterprise employee office computer information security.
Background technology
For guaranteeing enterprise terminal computer and information system security, prior art is mainly protected by the installation Terminal Security Management software such as anti-virus and leak reparation on terminal computer.Large and medium-sized enterprise quickly increases due to the raising of the level of informatization, terminal computer quantity, and geographical distribution dispersion causes the information security management of terminal computer to become a difficult problem for enterprise information security management.In recent years; fast development along with the increasingly serious of Situation on Information Security He Information Security Prevention technology; enterprise disposes the Information Security Management System that many sets threaten for difference in enterprise internal information system, and these systems the most well protect system and the information security of enterprise.But each security system function is the most single, systemic-function independently cause the data relation analysis between system inadequate.How to utilize and to integrate multiple system data, get through the data barrier between multisystem, show enterprise information security management status from overall angle, start with from terminal computer safety management, set up comprehensive, the enterprise information security management system of system, significant for enterprise.
Summary of the invention
The technical problem to be solved is to integrate and utilize the data of different Information Security Management System, it is achieved the comprehensive of enterprise's office computer information security is analyzed and management.
The technical scheme is that
A kind of large and medium-sized enterprise employee office computer information security is comprehensively analyzed and management method, comprises the following steps:
Step (I) data collection
Derive Anti-Virus base data table, anti-virus software from anti-virus management platform and update in unsuccessfully equipment list, time T in computer virus tables of data and time T the terminal computer tables of data by virus attack.Anti-Virus base data table includes computer name field, institutional affiliation field, ip address field and MAC Address of Network Card field.Anti-virus software updates unsuccessfully equipment list institutional affiliation field, computer name field and anti-virus software update anomalies ip address field.Computer virus tables of data includes Virus Name field, classification field and amount field.Computer name field, institutional affiliation field, ip address field and virus frequency field is included by the terminal computer tables of data of virus attack.
Derive from patch remediation management system and in patch remediation management system-based tables of data, security update failure equipment list, time T, do not repair patch repairing failure terminal computer table in patch data table and time T.Patch remediation management system-based tables of data includes computer name field, institutional affiliation field, ip address field and network interface card MAC field.Security update failure equipment list includes institutional affiliation field, computer name field, security update failure ip address field.Do not repair patch data table and include patch name field, severity level field and amount field.Patch repairing failure terminal computer table includes computer name field, institutional affiliation field, ip address field and does not repairs patch amount field.
Internet access number of clicks tables of data in employee's network log-in management system-based tables of data and time T is derived from employee's network log-in management system.Employee's network log-in management system-based tables of data includes employee name's field, institutional affiliation field and ip address field.Internet access number of clicks tables of data includes employee name's field, institutional affiliation field, ip address field and number of clicks field.
Data leakage-preventing system statistical data table in data leakage-preventing system-based tables of data and time T is derived from the leakage-preventing system of data.Data leakage-preventing system-based tables of data includes employee name's field, institutional affiliation field and ip address field.Data leakage-preventing system statistical data table includes employee name's field, institutional affiliation field, ip address field and intercepted time field.
Step (II) data relation analysis
Step (II-1) sets up terminal computer facility information storehouse
Anti-Virus base data table, patch remediation management system-based tables of data, employee's network log-in management system-based tables of data and data leakage-preventing system-based tables of data are collected and remove duplicate keys, generates terminal computer information bank table.Adding up described terminal computer information bank table according to branch or functional department, generating mechanism terminal computer and employee distribute statistical table.Terminal computer information bank table includes computer name field, institutional affiliation field, ip address field and employee name's field.Mechanism's terminal computer and employee distribute statistical table and include organization names field, terminal quantity field and headcount field.
Step (II-2) passes through data relation analysis terminal computer fail-safe software installation and operation situation
Anti-Virus base data table and terminal computer information bank table are retrieved with ip address field for index, generating the terminal computer equipment list table not installing anti-virus software, the terminal computer equipment list table not installing anti-virus software includes computer name field, institutional affiliation field, ip address field and employee name's field.
According to branch or functional department, the terminal computer equipment list table not installing anti-virus software is added up, generate and anti-virus software situation statistical table is not installed, anti-virus software situation statistical table is not installed and includes organization names field and anti-virus software terminal quantity field is not installed.
According to branch or functional department, anti-virus software is updated unsuccessfully equipment list to add up, generating each mechanism virus base and update unsuccessfully device statistics table, each mechanism virus base updates unsuccessfully device statistics table and includes that organization names field, virus base update unsuccessfully terminal computer amount field and headcount field.
Patch remediation management system-based tables of data and terminal computer information bank table are retrieved with ip address field for index, generating the terminal computer equipment list table not installing patch reparation software, the terminal computer equipment list table not installing patch reparation software includes computer name field, institutional affiliation field, ip address field and employee name's field.
According to branch or functional department, the described terminal computer equipment list table not installing patch reparation software is added up, generate and patch reparation software conditions statistical table is not installed, patch reparation software conditions statistical table is not installed and includes organization names field and anti-virus software terminal quantity field is not installed.
According to branch or functional department, described security update failure equipment list is added up, generating each mechanism patch and repair software upgrading failure device statistics table, each mechanism patch is repaired software upgrading failure device statistics table and is included organization names field, patch restoration updating failure terminal computer amount field and headcount field
Anti-virus software situation statistical table will be installed, each mechanism virus base updates unsuccessfully device statistics table, patch is not installed and repairs software conditions statistical table, each mechanism patch repairs software upgrading failure device statistics table, the interior terminal computer tables of data by virus attack of time T and mechanism's terminal computer and employee are distributed statistical table and are collected and remove duplicate keys, generate terminal computer fail-safe software ruuning situation statistical table, terminal computer fail-safe software ruuning situation statistical table includes organization names field, terminal computer amount field, anti-virus software amount field is not installed, patch is not installed and repairs amount of software field, anti-virus software installation rate field, patch repairs software installation rate field, virus base is updated to power field, patch repairs software upgrading success rate field and virus frequency field,
Step (II-3) employee internet behavior statistical analysis
By internet access number of clicks tables of data according to number of clicks descending sort, internet access number of clicks tables of data after descending sort and anti-virus software update failed equipment list, terminal computer tables of data, security update failure equipment list and patch repairing failure terminal computer table by virus attack carries out collecting and removing duplicate keys, generating employee's internet behavior analysis result statistical table, employee's internet behavior analysis result statistical table includes organization names field, employee name's field, ip address field, number of clicks field and the too high cause field of number of times.
Each branch or the internet use situation of functional department in described internet access number of clicks tables of data is added up according to number of clicks, generating each mechanism internet behavior statistical table, each mechanism internet behavior statistical table includes organization names field, headcount field, equipment Total no field and number of clicks field.
The leakage-preventing statistical analysis of step (II-4) data
Descending sort is carried out according to intercepted number of times system statistical data leakage-preventing to described data table, leakage-preventing for data after descending sort system statistical data table and anti-virus software are updated unsuccessfully equipment list, terminal computer tables of data by virus attack, security update failure equipment list and patch repairing failure terminal computer table carry out collecting and removing duplicate keys, generate employee's anti-leaking data analysis result statistical table, employee's anti-leaking data analysis result statistical table includes organization names field, employee name's field, ip address field, sensitive information is intercepted time field and the too high cause field of number of times.
According to each branch or the internet use situation of functional department in number of clicks statistical data leakage-preventing system statistical data table, generating each mechanism sensitive information and intercept statistical table, each mechanism sensitive information intercepts statistical table and includes that organization names field, headcount field, equipment Total no field and sensitive information intercept time field.
The utilization of step (III) analytical data
The installation rate of statistical table computing terminal computer security software, virus base turnover rate, patch turnover rate, virus frequency and sensitive information leakage number of times is intercepted according to terminal computer fail-safe software ruuning situation statistical table, each mechanism internet behavior statistical table and each mechanism sensitive information, the installation rate of terminal computer fail-safe software, virus base turnover rate, patch turnover rate, virus frequency and sensitive information leakage number of times are carried out quantizing examination and ranking as performance assessment criteria, the terminal computer information security management work to each mechanism.
According to not installing the terminal computer equipment list table of anti-virus software, the terminal computer equipment list table not installing patch reparation software and employee's internet behavior analysis result statistical table location risk point.
Beneficial effects of the present invention: the large and medium-sized enterprise employee office computer information security of the present invention is comprehensively analyzed and management method, integrate and utilize the data of four Information Security Management System such as anti-virus management platform, patch remediation management system, employee's network log-in management system and the leakage-preventing system of data, obtain the performance assessment criteria of quantization by the association analysis of data and be accurately positioned risk point, it is achieved that the efficient unified management of enterprise information security.After using technical scheme, installation rate and the normal operation rate of terminal computer fail-safe software are risen to 99.1% and 98.5% by 89.2% and 85.4%, and virus frequency is reduced to 11359 times/year by 104546 times/year.
Accompanying drawing explanation
Fig. 1 is installation rate and the normal operation rate trendgram of the terminal computer fail-safe software of embodiment.
Fig. 2 is the viral frequency cartogram of embodiment.
Detailed description of the invention
According to technical scheme, the information security of this enterprise staff office computer comprehensively being analyzed and managed, in embodiment, anti-virus management platform, patch remediation management system, employee's network log-in management system and the manufacturer of the leakage-preventing system of data and version details are shown in Table 1.
Table 1
This enterprise from 2013 local the pilot application present invention large and medium-sized enterprise employee office computer information security comprehensively analyze with management method since, achieve the information security management achievement of excellence, be in full swing in the range of Construction Bank of the whole province application to 2015, protecting information safety effect is notable, sees Fig. 1 ~ 2.
The above embodiment is only the preferred embodiments of the present invention, and and the feasible enforcement of non-invention exhaustive.For persons skilled in the art, any obvious change done to it on the premise of without departing substantially from the principle of the invention and spirit, within all should being contemplated as falling with the claims of the present invention.
Claims (1)
1. a large and medium-sized enterprise employee office computer information security is comprehensively analyzed and management method, it is characterised in that it comprises the following steps:
Step (I) data collection
Derive Anti-Virus base data table, anti-virus software from anti-virus management platform and update in unsuccessfully equipment list, time T in computer virus tables of data and time T the terminal computer tables of data by virus attack;Described Anti-Virus base data table includes computer name field, institutional affiliation field, ip address field and MAC Address of Network Card field;Described anti-virus software updates unsuccessfully equipment list institutional affiliation field, computer name field and anti-virus software update anomalies ip address field;Described computer virus tables of data includes Virus Name field, classification field and amount field;The described terminal computer tables of data by virus attack includes computer name field, institutional affiliation field, ip address field and virus frequency field;
Derive from patch remediation management system and in patch remediation management system-based tables of data, security update failure equipment list, time T, do not repair patch repairing failure terminal computer table in patch data table and time T;Described patch remediation management system-based tables of data includes computer name field, institutional affiliation field, ip address field and network interface card MAC field;Described security update failure equipment list includes institutional affiliation field, computer name field, security update failure ip address field;Described patch data table of not repairing includes patch name field, severity level field and amount field;Described patch repairing failure terminal computer table includes computer name field, institutional affiliation field, ip address field and does not repairs patch amount field;
Internet access number of clicks tables of data in employee's network log-in management system-based tables of data and time T is derived from employee's network log-in management system;Described employee's network log-in management system-based tables of data includes employee name's field, institutional affiliation field and ip address field;Described internet access number of clicks tables of data includes employee name's field, institutional affiliation field, ip address field and number of clicks field;
Data leakage-preventing system statistical data table in data leakage-preventing system-based tables of data and time T is derived from the leakage-preventing system of data;Described data leakage-preventing system-based tables of data includes employee name's field, institutional affiliation field and ip address field;Described data leakage-preventing system statistical data table includes employee name's field, institutional affiliation field, ip address field and intercepted time field;
Step (II) data relation analysis
Step (II-1) sets up terminal computer facility information storehouse
Described Anti-Virus base data table, patch remediation management system-based tables of data, employee's network log-in management system-based tables of data and data leakage-preventing system-based tables of data are collected and remove duplicate keys, generates terminal computer information bank table;Adding up described terminal computer information bank table according to branch or functional department, generating mechanism terminal computer and employee distribute statistical table;Described terminal computer information bank table includes computer name field, institutional affiliation field, ip address field and employee name's field;Described mechanism terminal computer and employee distribute statistical table and include organization names field, terminal quantity field and headcount field;
Step (II-2) passes through data relation analysis terminal computer fail-safe software installation and operation situation
Anti-Virus base data table and terminal computer information bank table are retrieved with ip address field for index, generating the terminal computer equipment list table not installing anti-virus software, the described terminal computer equipment list table not installing anti-virus software includes computer name field, institutional affiliation field, ip address field and employee name's field;
According to branch or functional department, the described terminal computer equipment list table not installing anti-virus software is added up, generating and do not install anti-virus software situation statistical table, described anti-virus software situation statistical table of not installing includes organization names field and does not installs anti-virus software terminal quantity field;
According to branch or functional department, described anti-virus software is updated unsuccessfully equipment list to add up, generating each mechanism virus base and update unsuccessfully device statistics table, described each mechanism virus base updates unsuccessfully device statistics table and includes that organization names field, virus base update unsuccessfully terminal computer amount field and headcount field;
Patch remediation management system-based tables of data and terminal computer information bank table are retrieved with ip address field for index, generating the terminal computer equipment list table not installing patch reparation software, the described terminal computer equipment list table not installing patch reparation software includes computer name field, institutional affiliation field, ip address field and employee name's field;
According to branch or functional department, the described terminal computer equipment list table not installing patch reparation software is added up, generating and do not install patch reparation software conditions statistical table, described patch reparation software conditions statistical table of not installing includes organization names field and does not installs anti-virus software terminal quantity field;
According to branch or functional department, described security update failure equipment list is added up, generating each mechanism patch and repair software upgrading failure device statistics table, described each mechanism patch is repaired software upgrading failure device statistics table and is included organization names field, patch restoration updating failure terminal computer amount field and headcount field;
By described, anti-virus software situation statistical table is not installed, each mechanism virus base updates unsuccessfully device statistics table, patch is not installed and repairs software conditions statistical table, each mechanism patch repairs software upgrading failure device statistics table, the interior terminal computer tables of data by virus attack of time T and mechanism's terminal computer and employee are distributed statistical table and are collected and remove duplicate keys, generate terminal computer fail-safe software ruuning situation statistical table, described terminal computer fail-safe software ruuning situation statistical table includes organization names field, terminal computer amount field, anti-virus software amount field is not installed, patch is not installed and repairs amount of software field, anti-virus software installation rate field, patch repairs software installation rate field, virus base is updated to power field, patch repairs software upgrading success rate field and virus frequency field;
Step (II-3) employee internet behavior statistical analysis
By described internet access number of clicks tables of data according to number of clicks descending sort, internet access number of clicks tables of data after descending sort and anti-virus software are updated unsuccessfully equipment list, terminal computer tables of data by virus attack, security update failure equipment list and patch repairing failure terminal computer table carry out collecting and removing duplicate keys, generate employee's internet behavior analysis result statistical table, described employee's internet behavior analysis result statistical table includes organization names field, employee name's field, ip address field, number of clicks field and the too high cause field of number of times;
Each branch or the internet use situation of functional department in described internet access number of clicks tables of data is added up according to number of clicks, generating each mechanism internet behavior statistical table, described each mechanism internet behavior statistical table includes organization names field, headcount field, equipment Total no field and number of clicks field;
The leakage-preventing statistical analysis of step (II-4) data
Descending sort is carried out according to intercepted number of times system statistical data leakage-preventing to described data table, leakage-preventing for data after descending sort system statistical data table and anti-virus software are updated unsuccessfully equipment list, terminal computer tables of data by virus attack, security update failure equipment list and patch repairing failure terminal computer table carry out collecting and removing duplicate keys, generate employee's anti-leaking data analysis result statistical table, described employee anti-leaking data analysis result statistical table includes organization names field, employee name's field, ip address field, sensitive information is intercepted time field and the too high cause field of number of times;
According to each branch or the internet use situation of functional department in number of clicks statistical data leakage-preventing system statistical data table, generating each mechanism sensitive information and intercept statistical table, described each mechanism sensitive information intercepts statistical table and includes that organization names field, headcount field, equipment Total no field and sensitive information intercept time field;
The utilization of step (III) analytical data
The installation rate of statistical table computing terminal computer security software, virus base turnover rate, patch turnover rate, virus frequency and sensitive information leakage number of times is intercepted according to described terminal computer fail-safe software ruuning situation statistical table, each mechanism internet behavior statistical table and each mechanism sensitive information, the installation rate of described terminal computer fail-safe software, virus base turnover rate, patch turnover rate, virus frequency and sensitive information leakage number of times are carried out quantizing examination and ranking as performance assessment criteria, the terminal computer information security management work to each mechanism;
According to described, the terminal computer equipment list table of anti-virus software, the terminal computer equipment list table not installing patch reparation software and employee's internet behavior analysis result statistical table location risk point are not installed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610335461.3A CN106022609A (en) | 2016-05-19 | 2016-05-19 | Office computer information security comprehensive analysis and management method for large and medium enterprise staffs |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610335461.3A CN106022609A (en) | 2016-05-19 | 2016-05-19 | Office computer information security comprehensive analysis and management method for large and medium enterprise staffs |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106022609A true CN106022609A (en) | 2016-10-12 |
Family
ID=57096370
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610335461.3A Pending CN106022609A (en) | 2016-05-19 | 2016-05-19 | Office computer information security comprehensive analysis and management method for large and medium enterprise staffs |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106022609A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109117449A (en) * | 2018-07-27 | 2019-01-01 | 武汉文网亿联科技有限公司 | Method based on non-linear least square calculation using models Internet bar installation rate |
| CN110650151A (en) * | 2019-10-10 | 2020-01-03 | 青海大学 | Computer network safety remote monitoring device |
| CN111581931A (en) * | 2020-04-26 | 2020-08-25 | 泰康保险集团股份有限公司 | Report generation method and device based on data leakage prevention system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102035855A (en) * | 2010-12-30 | 2011-04-27 | 江苏省电力公司 | Network security incident association analysis system |
| CN102495885A (en) * | 2011-12-08 | 2012-06-13 | 中国信息安全测评中心 | Method for integrating information safety data based on base-networking engine |
| CN103051707A (en) * | 2012-12-20 | 2013-04-17 | 浪潮集团有限公司 | Dynamic user behavior-based cloud forensics method and dynamic user behavior-based cloud forensics system |
| CN104426840A (en) * | 2013-08-21 | 2015-03-18 | 国家计算机网络与信息安全管理中心江苏分中心 | Active threat detection system |
-
2016
- 2016-05-19 CN CN201610335461.3A patent/CN106022609A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102035855A (en) * | 2010-12-30 | 2011-04-27 | 江苏省电力公司 | Network security incident association analysis system |
| CN102495885A (en) * | 2011-12-08 | 2012-06-13 | 中国信息安全测评中心 | Method for integrating information safety data based on base-networking engine |
| CN103051707A (en) * | 2012-12-20 | 2013-04-17 | 浪潮集团有限公司 | Dynamic user behavior-based cloud forensics method and dynamic user behavior-based cloud forensics system |
| CN104426840A (en) * | 2013-08-21 | 2015-03-18 | 国家计算机网络与信息安全管理中心江苏分中心 | Active threat detection system |
Non-Patent Citations (1)
| Title |
|---|
| 笋大伟: "一种新型信息安全管理平台的设计与实现", 《中国优秀硕士学位论文全文库 信息科技辑》 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109117449A (en) * | 2018-07-27 | 2019-01-01 | 武汉文网亿联科技有限公司 | Method based on non-linear least square calculation using models Internet bar installation rate |
| CN109117449B (en) * | 2018-07-27 | 2022-04-15 | 武汉文网亿联科技有限公司 | Method for measuring and calculating Internet bar installation rate based on nonlinear least square model |
| CN110650151A (en) * | 2019-10-10 | 2020-01-03 | 青海大学 | Computer network safety remote monitoring device |
| CN111581931A (en) * | 2020-04-26 | 2020-08-25 | 泰康保险集团股份有限公司 | Report generation method and device based on data leakage prevention system |
| CN111581931B (en) * | 2020-04-26 | 2023-08-11 | 泰康保险集团股份有限公司 | Report generation method and device based on data leakage prevention system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11960373B2 (en) | Function evaluation of a system or portion thereof | |
| Kwon et al. | Cyber threat dictionary using mitre att&ck matrix and nist cybersecurity framework mapping | |
| US20190342341A1 (en) | Information technology governance and controls methods and apparatuses | |
| US8549649B2 (en) | Systems and methods for sensitive data remediation | |
| CN104283889A (en) | Electric power system interior APT attack detection and pre-warning system based on network architecture | |
| CN109462599B (en) | Honeypot management system | |
| CN106599713A (en) | Database masking system and method based on big data | |
| US20200228560A1 (en) | Automated vulnerability assessment with policy-based mitigation | |
| CN106022609A (en) | Office computer information security comprehensive analysis and management method for large and medium enterprise staffs | |
| KR101292640B1 (en) | Method for Risk Management using Web based RMS linked with SSO | |
| KR20140035146A (en) | Apparatus and method for information security | |
| CN117769706A (en) | Network risk management system and method for automatically detecting and analyzing network security in network | |
| CN109327471A (en) | A kind of loophole discovery and verifying implementation method of meeting an urgent need | |
| CN108551449B (en) | Anti-virus management system and method | |
| CN116094817A (en) | Network security detection system and method | |
| JP4092666B1 (en) | Management system, management server, and management program | |
| Ezenwoye et al. | Classifying Common Security Vulnerabilities by Software Type. | |
| Kuypers et al. | Designing organizations for cyber security resilience | |
| JP2008250872A (en) | Management system, management server and management program | |
| ENE et al. | Cybersecurity–A Permanent Challenge for the Energy Sector | |
| Anisetti et al. | Moon cloud: a cloud platform for ICT security governance | |
| CN113836525B (en) | Cloud service business risk analysis method and device | |
| US20220124104A1 (en) | Systems, methods, and devices for implementing security operations in a security platform | |
| Rudowski et al. | Decision support system for information systems security audit (WABSI) as a component of IT infrastructure management | |
| Li et al. | Security vulnerability and patch management in electric utilities: A data-driven analysis |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20161012 |
|
| RJ01 | Rejection of invention patent application after publication |