¡i±M®a½Í·s«Ç¡j¸ê¦wºÞ²z°ê»Ú¼Ð·Ç·s±¦V ¡Ð ±qIT¨ìOT
![]() |
![]() |
HOW CAN YOU SECURE CUSTOMER DATA? ¡i2019 SGS ¸ê°Tªv²z¦~·| Á¿®v±MÄæ¡j ¸ê¦wºÞ²z°ê»Ú¼Ð·Ç·s±¦V ¡Ð ±qIT¨ìOT |
¥DÁ¿ªÌ : ¼B¤h¥°/ SGSÅçÃҤΥø·~Àu¤Æ¨Æ·~¸sISO 27001 ²£«~¸g²z |
OT¡]Operation Technology¡^Àç¹B¬ì§Þ¤w¸g¦¨¬°Ä~IT¡]Information Technology¡^¸ê°T¬ì§Þ¤§«áÀb«Èªº¥Dn§ðÀ»¥Ø¼Ð¤§¤@¡A°ê»Ú¼Ð·ÇIEC 62443¬°OT¨t²Î»P²£·~¦Û°Ê¤Æ±±¨î¨t²ÎIACS´£¨Ñ¤F§¹¾ãªº¸ê°T¦w¥þºÞ²z³W½d»P¹ê§@«ü¤Þ¡AÅý³o¨Ç¨t²Î»P³]³Æ©ó¶¶§Q¹B§@ªº¦P®É¥ç¯à°÷ÝÅU¸ê°T¦w¥þ¡C |
OT³]³Æ/²£·~¦Û°Ê¤Æ»P±±¨î¨t²Î(IACS)¦¨Àb«È§ðÀ»¥Ø¼Ð ¨t²Î±Á{«¤j¬D¾Ô |
ÀHµÛ¤u·~4.0ªºµo®iÁͶեH¤Îª«Ápºô¸Ë¸mªº²±¦æ¡AÅýOT¨t²Î»P²£·~¦Û°Ê¤Æ±±¨î¨t²Î(IACS)¬ÛÃö¦w¥þ¨Æ¥ó»P·ÀI¿E¼W¡A¹³¬O2015¦~©³ªº¯Q§JÄõ¤j°±¹q³QÃÒ¹ê¬O¾DÀb«È¤J«Iªº¥@¬Éº¨Ò¡Aì¦]¬O¨ü¨ìÀb«È´c·N³nÅé§ðÀ»¡Bºô¸ô³¨³½¡þªÀ¥æ¤uµ{¡A³y¦¨6¤p®É¹q¤O¤¤Â_¡B22¸U¥Á²³¨ü¨ì¼vÅT¡F¦P®É¡A2017¦~¥xÆWªº¤j¼æ¹q¼t¤]´¿¦]©ÓÅó°Óªº¾Þ§@¤Hû¾Þ§@®ð»Ö¥¢»~¡A¾ÉP¨ÑÀ³¤j¼æ¹q¼t1¨ì6¸¹¾÷²Õ¸õ¹q¡A³y¦¨668¸U¤á¨ü¨ì¼vÅT¡F¥t¥~¡A¥h¦~(2018)µo¥Íªº¥x¿n¹q8¤ë¯f¬r¨Æ¥ó«h¦]¾Þ§@¥¢»~¡]¥¼°õ¦æ¯f¬rÀË´ú´N§â¾÷»O±µ¤Wºô¸ô¡^¡A¾ÉP»{¦C25.96»õ¤¸ªº¹dÃB·l¥¢¡A¨Ã³y¦¨¥æ³f©µ¿ð¡A³o¨Ç³£¬OOT³]³Æ¤Î¨t²Î¥¼°µ¦n±±ºÞ¾ÉP«¤j·ÀI»P·l¥¢ªº®×¨Ò¡C °£¤F°ª¬ì§Þ»s³y²£·~¥~¡A©Ò¦³Àç¹B¬yµ{¯A¤Î¦Û°Ê¤Æ»P±±¨î¨t²Î(IACS)©ÎOT³]³Æªº¥ø·~¬Ò¦s¦bÃþ¦ü·ÀI¡F¥HÂåÀø²£·~¬°¨Ò¡AYÀb«È³z¹L³]³Æ©Î¨t²Îº|¬}¤J«I¡A°£¤FÅѨú°ª¾÷±Kªº¯f±w¸ê®Æ¥~¡A§ó¦³¥i¯à¼vÅT¦UÃþÂåÀø»ö¾¹ªº¥¿±`¹B§@¡A¥]¬A¥¿¤lÄá¼v¡BÂ_¼h±½ºË¡B®ÖºÏ¦@®¶¡B¿é²GÀ°®ú¡B¹p®g¾÷¡B¤ßªÍ¾÷¡B®ð¤Á¸Ë¸m¡B¸§J½¤…µ¥¡F¸Õ·QY¬O©ñ®g½uÂåÀø¾÷¾¹¡B¯Ø®q¯ÀÀ°®úµ¥¸Ë¸m³Q¤J«I¡A§ó¥i¯à¾ÉP¯f±w±µ¨ü¹L°ª¾¯¶qªº©ñ®g½u©Î¯Ø®q¯À¡A¦Ó³y¦¨¯f±wªº¥Í©R«Â¯Ù¡A¤£¥i¤£·V¡C ¦]¬°OT³]³Æ»PIACS¤u±±¨t²Î¤Wz¯S©Ê¡A¦A¥[¤W¨ä¸ûªøªº³]³Æ¥Í©R¶g´Á¥H¤Î°±¾÷®e§Ô«×§C¡B´ú¸Õ»PÅçÃÒ¥N»ù°ªµ¥¦]¯À¡A±`±Á{¤ä´©ªA°È²×¤î¡]End of Service¡^¡B¯Ê¥F¦³®Äªº¨t²Î¤É¯Å¡]Upgrade¡^»P׸ɡ]Patch¡^¾÷¨î…µ¥°ÝÃD¡F¦P®É¡AOT³]³Æ¤ÎIACS¤u±±¨t²Î©¹©¹¦]¬°¾Þ§@¤Hû¯Ê¥F¸ê¦w·NÃѩάO¦³®Äªº°V½m¡A¾ÉP¤Hû¾Þ§@¥¢»~¥B±`¦¨¬°Àb«ÈªÀ¥æ¤uµ{ªººn¥Ø¼Ð¡Fªñ¦~¡A¥ø·~»P²Õ´¬°±j¤Æ¦Û¨Ävª§Àu¶Õ¡A¶}©l±j½ÕIT»POTªº¾ã¦X¹B§@¡A³o¨Ï±oOT¨t²Î»PIACS¤u±±¨t²Îªº³]p³vº¥±q«Ê³¬¨«¦V¶}©ñ¡B¾ã¦X¡A¦Ó·~¬É¤S¯Ê¤Ö¦P®É¼ô±xIT¤ÎOT¤§±M®a¡AµLªk¦³®Ä³]p»P¸¨¹ê¦³®Äªº¸ê¦wºÞ²z¾÷¨î¡AÃnÀIµ{«×¤S¤j¬°´£°ª¡C³o¤]¬ðÅã¥X·~¬É«æ»Ý¤@Ó°w¹ï¦p¦ó«Ø¥ß»P¹ê§@OT¤Î¤u±±¨t²Î¸ê¦wºÞ²z¾÷¨îªº¦³®Ä«ü¤Þ¡C |
IEC 62443³W½dIACS¦w¥þºÞ²z¨t²Î SGS´£¨Ñ¥þ±ªA°È |
SGS¹B¥Î¦b¥xÆW²Ö¿n¶W¹L68¦~ªººÞ²z¨t²ÎÅçÃÒ¸gÅç¡A²v¥ý´N¤Uz¤T¶µ¼Ð·Ç´£¥X¹ïÀ³ªº³Wµe»PªA°È¡A´Á±æ¥þ¤O¨ó§U§Ú̪º«È¤á¦b±¹ïOT³]³Æ/¨t²Î¤Î¤u±±¨t²Îªº¸ê¦w·ÀI®É¡A¥i¥H´£¦°µ¦n·Ç³Æ¡C IEC 62443-2-1³W½d«Ø¥ßIACS¦w¥þºÞ²z¨t²Î¡A³W½dPDCA¡]Plan¡BDo¡BAction¡BCheck¡^ªºCSMS¡]Cyber Security Management System¡^¡A¥ý¶i¦æ·ÀI¤ÀªR¡A¦A¶i¦æ·ÀIÀ³¹ï¡AµM«á¶i¦æºÊ·þ¡B§ïµ½¡A¨ä¤¤²[»\3¤jÃþ§O¡B3Ó¤¸¥ó¸s²Õ¡B19Ó¤¸¥ó¡B127¶µn¨D¡A¥²¶·¥ý¶i¦æ¥þ´º¤ÀªR¡A¥H¤F¸ÑIACS©ó¦U²Õ´ªº¨¤¦â»P¯S©Ê¡A¥ýÃѧO¥XIACS³]³Æ¡B«Ø¥ßºô¸ô¬[ºc¹Ï¡BÃѧO¨Ã«Ø¥ß¨t²Î·ÀIÀu¥ý¶¶§Ç¡B°õ¦æ·ÀIµûŲ»P·ÀIÀ³¹ï¡A¶i¦Óµo®i¥X¤@®M«ùÄò§ïµ½ªººÞ²z¾÷¨î¡C IEC 62443-3-3«h¥Î©ó³W½d¨t²Î¼h±ªº¦w¥þn¨D»P¦w¥þµ¥¯Å¡A¥]§t7Ó°ò¦n¨D»â°ì¡B51Ó¨t²Î¦w¥þn¨D»P49Ó¶i¶¥¦w¥þn¨D¡C°ò¦n¨D»â°ì¥]¬AÃѧO»PŲ§O±±¨î¡B¨Ï¥Î±±¨î¡B¨t²Î§¹¾ã©Ê¡B¸ê®Æ¾÷±K©Ê¡B¨î¸ê®Æ¬y¡B¨Æ¥ó¤Î®É¦^À³¡B¸ê·½¥i¥Î©Ê¡C¦b¦w¥þµ¥¯Å¤è±¡A«h¨Ì¾Ú§ðÀ»¤âªk¡B¸ê·½¡B§Þ³N»P°Ê¾÷¦U¤À¦¨¥|¯Å¡C IEC 62443-2-4«h°w¹ïIACSªA°È¨ÑÀ³°Ó³W½d¦w¥þpµen¨D¡A¾A¥Î©ó¦UÃþ«¬IACS©ÎOTªºªA°È¨ÑÀ³°Ó¡]¥]¬A³nÅé»PµwÅ骺«Ø¸m¡B¦w¸Ë¡B¾ã¦X»Pºû¹B¡^¡A¥H¤Î«ùÄò§ïµ½¾÷¨î¡B«ùÄòµû¶q¨ÑÀ³°Ó¦w¥þµ¥¯Å¡C¨ä¤¤²[»\7ÓÃþ§O¡B22Ó¥DÃD»P123Ón¨D¡A¨Ã¨Ì¦¨¼ô«×¤À¦¨¥|¯Å¡C
|