美国基于关键基础设施的信息安全法规概述

美国在关键基础设施的信息安全相关领域的法规主要围绕关键基础设施界定、机构设置、责任落实、政企合作、信息共享机制等方面展开,相关政策规定既有变化性又有延续性。总体上,有宏观层面国家顶层法规政策,细节上,有微观层面的具体针对性法规,同时,还有对进口关键基础设施的信息安全保护。总结美国基于关键基础设施信息安全的法律法规特点,对我国关键基础设施的信息安全建设是很好的借鉴。

An Overview of Information Security Regulations for Critical Infrastructure in the United States

The information of critical infrastructure is developing rapidly, the attacks from internet and other networks have been sharply increased. Information security regulations for critical infrastructure in the United States mainly include critical infrastructure definition, the establishment of institutions, the implementation of the responsibility, the cooperation of government enterprises, the mechanism of information sharing, the relevant policies and regulations. are both changing and continuing. On the whole, there are macro level national policies, in detail, there are micro level control laws, as well as imports of critical infrastructure information security protection. This paper summarizes the characteristics of information security regulations for critical infrastructure in the United States, which is a good reference for our country.