Construction of the "3+3+5" work pattern of Xinxiang Medical College solidly promotes the implementation of network security responsibility system

In recent years, Xinxiang Medical College has conscientiously implemented the requirements of the party committee's network security responsibility system, strengthened organizational leadership, established and improved network security management systems, strengthened technical support, and held multiple measures to build a network security protection system to form a "3+3+5" (3+3+5 "(" The working pattern of network security responsibility system for 3 levels of leadership, 3 work steps, and 5 key tasks). In 2018, 2020, and 2021, three times were rated as "the provincial education system network security and information advanced collective".

Highlight the role of "3 levels of leadership":

The leadership of network security work is strong and powerful, comprehensively compact the responsibility of the main body of network security

The first is to formulate the "Implementation Measures for the Responsibility System for Network Security of Xinxiang Medical College", and clarify the school's party committee responsibility for the school's network security work. The second is in accordance with the principle of "who is in charge and who is responsible, who uses who is responsible, and who is in charge of the maintenance, who is responsible for the responsibility", party organizations at all levels of the school have the main responsibility of the unit's network security work. The main leaders of the leadership team of party organizations at all levels are the first responsible person in network security work, and members of the leadership team in charge of cyber security are direct responsible persons. The third is to establish a network security and informatization leading group (hereinafter referred to as the "Leading Group"). The main responsible comrades of functional departments and secondary colleges are members. The leadership group office is located in the network and information centers. The leader of the leading group is the first responsible person, and the deputy team leader is the direct responsible person.

Adhere to the "3 work steps" steadily:

The management of network security work is scientific and efficient, and the duties of network security are sounded.

The first is work deployment. The school's party committee holds a special conference research work every year to clarify the main goals, basic requirements and tasks of network security. The network information leadership group implements the "synchronous planning, simultaneous construction, and simultaneous use" of information construction and informatization construction, and incorporates network security protection into the "Xinxiang Medical College Information Development Plan". Party organizations at all levels sign the school's "Cyber ​​Security Promise" to the school to do a good job of network security in the unit.

The second is work implementation. The school's party committee has increased manpower, material and financial support, ensuring the implementation of network security work in place, and ensuring that the network security work of the whole school is stable and orderly. Special network security management agencies are set up and equipped with professional and technical forces. Strictly implement the budget of network security funds, and the annual network security work fund budget accounts for 30 % of the information construction funds of the unit.

The third is work assessment. Incorporating network security work into the assessment of the network security work responsibility system for the party committee and the assessment of party building's vocational assessment, security and stability, and comprehensive governance assessment, are important parts of the comprehensive assessment of leadership and leading cadres.

Complete the "5 key tasks" of quality and quantity:

Focus on the blind spots of network security hot spots, and coordinate the establishment of a network security defense line

The first is to standardize processes and systems. Introduce the "Measures for the Administration of Network and Information Security in Xinxiang Medical College", "Measures for the Management of Information Resources Resources of Xinxiang Medical College", and "New Township College of Information Technology Protection Management Measures" and other systems. The rules can be rely on. Implement the network security level protection system, and provide grades, evaluation, reinforcement and filing of key systems.

The second is to strengthen network security technology prevention. Construction of more than ten network security devices such as export firewalls, data center firewalls, WAFs, and Internet behavior management and regular maintenance. Establish information asset lists, implement information asset registration filing, dynamic renewal domain name, host port and other white list management measures. Relying on the online public opinion monitoring system, real -time monitoring of the school's public opinion information to create a clear space for public opinion.

The third is to establish a network security emergency response mechanism. Standardize the emergency response process of network security incidents, and improve the rapid response and scientific disposal capabilities of cybersecurity incidents. Actively carry out network security emergency drills to test emergency response preparation and emergency capabilities. Strengthen the capacity building of network security emergency teams, cooperate with network security service units, and improve the level and efficiency of emergency response.

The fourth is to carry out network security publicity and education activities. Build a special network security website, organize network security lectures, issue cyber security early warning notices, and carry out a series of special governance activities such as "weak passwords", "virtual currency 'mining' activities", and "email security dangers". Organize participation in the "Strong Net Cup" National Network Security Challenge, etc., and continuously strengthen the awareness and skills of teachers and students' network security protection.

Fifth, network security guarantee in important periods. Strictly implement the system of 7 × 24 hours of duty and leadership, maintain smooth contact, adhere to the "0 incident" report of cybersecurity, record "Xinxiang Medical College Network Security Work Terminal", and promote it in accordance with the emergency plan for the emergency plan for possible cyber security incidents. Response disposal.

The relevant person in charge of the school stated that the school will continue to take service teachers and students as the fundamental, solidly carry out network security work, be responsible, and implement them in place. Based on the "3+3+5" working pattern, explore "3+3+3 The construction of the network security responsibility system for +n ", united the forces of the school to promote the continuous innovation situation of network security work, and provide a strong and powerful network security guarantee for the development of the school's cause.

Xinxiang Daily All Media Reporter Han Xiaoyan

Edit Liu Ling

- END -