現行兩岸資安機構與危機處理機制之比較

資訊安全事件層出不窮，對於國家、社會、企業甚至個人的生活造成不少的衝擊與影響。面對多變的病毒感染與駭客攻擊手法，提升主動防禦能力是建立資訊安全環境的重要關鍵。就國家安全發展來看，除了建立國家資通訊基礎建設之安全防護之外，強化與健全危機處理之預警、通報、緊急應變處理等工作，可有效促進國家安全之發展。本研究主要是採文獻分析方法，經由文獻資料的蒐集、整理與分析，再透過與資訊安全學者專家討論，除了分析兩岸資訊安全機構的組織架構、運作機制等，並比較兩岸危機處理機制之差異。此外，藉由資訊安全危機處理案例，分析兩岸資訊安全危機處理實務與理論之差異。茲將主要研究結果彙整如下：一、兩岸為了提升資訊安全危機處理能力，在緊急應變處理與通報上面皆具備一套運作機制。台灣在事前的預防、事中的回應處理、事後的鑑識均有完善的作業程序，而大陸的危機處理流程則較偏重資訊安全事件的分析、監測與回應處理。二、在危機處理理論與實務差異方面，兩岸在危機計劃擬定、避免危機擴大、迅速解決危機等方面皆有一套緊急應變體系與通報作業，所以對於危機的發生處置皆算得宜。唯預防危機發生、嗅到危機的存在、化危機為轉機等三階段，是有待加強的地方，需加強主動即時監控與緊急復原能力。

關鍵字

兩岸資安；資安；危機處理機制；兩岸資安危機；資安機構

並列摘要

Due to the variable virus and hacker attacks, to build up the proactive defense is important for the information security environment. For the national security, the government not only should protect the national information technology infrastructure, but also promote the ability of awareness, information sharing, and emergency responses for the information security crisis management. This thesis is to compare the information security institutions and crisis management mechanisms between Taiwan and Republic of China, and to compare practical and theoretical methods of the information security crisis management between Taiwan and Republic of China. This study takes the method of documentary analysis, and interviews with information security experts to analyze the organization architectures, business processes of information security institutions and the crisis management mechanisms between Taiwan and Republic of China. Besides, according to the case study of information security crisis management, we can find the difference between the practical and theoretical methods for the information security crisis management in Taiwan and Republic of China. This study provides the conclusions as follows: 1.In order to promote the ability of information security crisis management, the two governments have specific information security institutions in charge of the emergency responses and information sharing of information security accidents. In Taiwan, the information security crisis management mechanism has better processes for prevention, responses and forensics of the information security crisis. In Republic of China, the crisis management processes focus on the analysis, monitor and response of the information security accidents. 2.As for the comparison of crisis management between theoretical and practical methods, we find that the information security crisis plan, to prevent from the crisis spreading, and to solve the crisis quickly is well done for the information security institutions in Taiwan and Republic of China. The other three stages of crisis management including to prevent the crisis from happening, to find the potential crisis, and to transfer the crisis into the opportunity are needed to be enhanced for the information security institutions in Taiwan and Republic of China. Keywords: information security, crisis management