中图分类号：TP309-2文献标识码：ADOI:10-19358/j-issn-2097-1788-2024-05-004
引用格式：赵晓令，白惠文，李安伦.金融领域数据安全能力体系构建方法研究［J］.网络安全与数据治理，2024，43（5）：27-34.

Research on the construction method of data security capability system for financial domain

Abstract： The Data Security Law of the People′s Republic of China requires that institutions should establish and improve a whole-process data security management system and carry out data-processing activities in accordance with the provisions of laws and regulations. The Measures for the Management of Data Security in the Business Field of the People′s Bank of China (Draft for Public Comments) puts forward the general requirements for data security protection in the financial field, data classification and grading, and data security protection measures. In order to help financial institutions implement relevant national and industry data security requirements, this paper proposes a data security capability system construction method based on Data Security Capability Maturity Model(DSMM). Building data security capabilities is carried out in four dimensions, such as organizational construction, institutional processes, technical tools and personnel capabilities, respectively. The proposed method can help financial institutions comprehensively improve their data security protection capabilities, so as to meet compliance requirements as well as their own development needs.

Key words : The Data Security Law; Data Security Capability Maturity Model; data security capability system; data security protection capabilities