Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GB/T 38645-2020 English PDF

Q: How long will the true-PDF of English version of GB/T 38645-2020 be delivered?

Upon your order, we will start to translate GB/T 38645-2020_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 7 working days. The lengthier the document the longer the lead time.

Q: Can I share the purchased PDF of GB/T 38645-2020_English with my colleagues?

Yes. The purchased PDF of GB/T 38645-2020_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Q: Does the price include tax/VAT?

Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries). Avoidance of Double Taxation Agreements (DTAs) between Singapore and 100+ Countries: https://www.iras.gov.sg/taxes/international-tax

Q: Do you accept my currency other than USD?

Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.

US$1079.00 · In stock
Delivery: <= 7 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 38645-2020: Information security techniques - Guide for cybersecurity incident emergency exercises
Status: Valid

Standard ID	USD	BUY PDF	Lead-Days	Standard Title (Description)	Status
GB/T 38645-2020	1079	Add to Cart	7 days	Information security techniques - Guide for cybersecurity incident emergency exercises	Valid

Similar standards

GB/T 38626 GB/T 38671 GB/T 38628 GB/T 38635.2 GB/T 38635.1

Basic data

Standard ID: GB/T 38645-2020 (GB/T38645-2020)
Description (Translated English): Information security techniques - Guide for cybersecurity incident emergency exercises
Sector / Industry: National Standard (Recommended)
Classification of Chinese Standard: L80
Classification of International Standard: 35.040
Word Count Estimation: 58,572
Date of Issue: 2020-04-28
Date of Implementation: 2020-11-01
Quoted Standard: GB/T 25069
Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration
Summary: This standard specifies the purpose, principles, forms, methods and planning of emergency drills for network security incidents, and specifies the organizational structure and implementation process of emergency drills. This standard applies to guiding relevant organizations to implement emergency drills for cybersecurity incidents.

GB/T 38645-2020: Information security techniques - Guide for cybersecurity incident emergency exercises

---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security techniques - Guide for cybersecurity incident emergency exercises ICS 35.040 L80 National Standards of People's Republic of China Information security technology network security incident emergency drill guide 2020-04-28 released 2020-11-01 implementation State Administration for Market Regulation Issued by the National Standardization Management Committee

Foreword Ⅰ Introduction Ⅱ 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Purpose of emergency drill 1 5 Emergency drill principles 2 6 Emergency drill form 2 7 Emergency drill planning 3 8 Emergency drill organization structure 3 8.1 Summary 3 8.2 Management Department 3 8.3 Command organization 3 8.4 Participating institutions 4 9 Implementation process of emergency drill 5 9.1 Preparation stage 5 9.2 Implementation phase 8 9.3 Evaluation and summary stage 9 9.4 Achievement application stage 10 Appendix A (Informative Appendix) Comparison Table of Common Exercise Forms 11 Appendix B (informative appendix) Reference template for each step of emergency drill 17 Appendix C (informative appendix) Practice scenario library 29 Appendix D (informative appendix) Reference case 31 Reference 55

Foreword

This standard was drafted in accordance with the rules given in GB/T 1.1-2009. Please note that certain contents of this document may involve patents. The issuing agency of this document is not responsible for identifying these patents. This standard was proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260). Drafting organizations of this standard. Fibertech (Beijing) Co., Ltd., National Industrial Information Security Development Research Center, State Grid Co., Ltd., National Information Technology Security Research Center, China Securities Regulatory Commission Information Center, China Electric Power Research Institute Co., Ltd., China Electronic Technology Standards Research Institute of Chemistry, Heilongjiang Provincial Department of Industry and Information Technology, Tsinghua University, Beijing Institute of Computing and Communication, Beijing Institute of Technology, Harbin Industry University, Harbin Engineering University, Guilin University of Electronic Technology, Third Research Institute of Ministry of Public Security, China Information Security Evaluation Center, National Computer Network Network Emergency Technology Coordination Center, China Internet Network Information Center, Institute of Information Engineering, Chinese Academy of Sciences, China Electronics Technology Network Information Information Security Co., Ltd., Heilongjiang Institute of Electronic Technology, Beijing Venustech Information Security Technology Co., Ltd., Harbin Institute of Technology Tianchuang Power Co., Ltd., State Grid Shandong Electric Power Company Electric Power Research Institute, Beijing Antiy Network Security Technology Co., Ltd., Beijing Netteng Technology Co., Ltd., Harbin Institute of Technology Software Engineering Co., Ltd., Heilongjiang Vocational College of Information Technology, Beijing Municipal Affairs Information Security Emergency Disposal Center, Beijing Wangyu Xingyun Information Technology Co., Ltd., Beijing Zhuoshi Network Security Technology Co., Ltd. The main drafters of this standard. Gong Lianghua, Yin Libo, Wang Lei, Gong Yafeng, Liu Ying, Wang Dongming, Zhang Ge, Liu Ying, Zhu Chaoyang, Wei Qinzhi, Zhou Liang, Li Lin, Zhang Yongjing, Zhang Hong, Li Jun, Yu Meng, Wang Da, Xue Yibo, Zhu Liehuang, Wang Bailing, Sun Jianguo, Ding Yong, Tong Weiwei, Sun Lili, Wang Qimeng, Lei Chenglin, Zhao Xudong, Qiu Zihua, Zou Chunming, Jia Ruolun, Zi Liqiang, Xie Feng, Du Hongliang, He Nengqiang, Li Ruoyu, Hao Zhiyu, Ao Jia, Liu Huijing, Zheng Xiansheng, Meng Yahui, Liu Wenyue, Wang Wenting, Li Bosong, Tong Zhiming, Li Zuomin, Guo Yuliang, Zuo Xiaoying, Fan Shixi, Zhang Tao, Wei Bin, Du Jun, Liu Jianshuai and Liu Ren.

Introduction

Establishing a cybersecurity incident emergency work mechanism and carrying out emergency drills are the most important part of reducing and preventing the loss and harm caused by cybersecurity incidents. Be assured. In order to standardize and guide the emergency drills of network security incidents, it is necessary to formulate guidelines for emergency drills of network security incidents. Information security technology network security incident emergency drill guide

1 Scope

This standard gives the purpose, principles, forms, methods and plans of the implementation of emergency drills for cybersecurity incidents, and describes the groups of emergency drills. Organizational structure and implementation process. This standard is applicable to guide relevant organizations to implement emergency drills for cybersecurity incidents.

2 Normative references

The following documents are indispensable for the application of this document. For dated reference documents, only the dated version applies to this article Pieces. For undated references, the latest version (including all amendments) applies to this document. GB/T 25069 Information Security Technical Terms

3 Terms and definitions

The following terms and definitions defined in GB/T 25069 apply to this document. 3.1 Cybersecurity incident Due to human reasons, software and hardware defects or failures, natural disasters, etc., the network and information systems or the data and business applications in them are created An event that is harmful to the country, society, and economy.

4 Purpose of emergency drill

The purpose of the emergency drill is as follows. a) Inspection plan. Through carrying out emergency drills, find and verify the problems in the emergency plan, improve the emergency plan, and improve the emergency plan. The scientific, practical and operability of the case; b) Perfect preparation. Through carrying out emergency drills, check the emergency team, materials, equipment, technology and other aspects required to respond to cyber security incidents If the preparedness is found to be insufficient, make adjustments and supplements in time, and make emergency preparations; c) Training team. Through carrying out emergency drills, the drill management department, command organization, participating organizations and personnel will be strengthened in the emergency response plan. Familiarity, exercise the skills required for emergency response, strengthen cooperation, and improve its emergency response capabilities; d) Running-in mechanism. Through emergency drills, the responsibilities and tasks of relevant units and personnel are further clarified, working relationships are straightened out, and various Separate, block, and support emergency linkage mechanisms between related parties to prevent network security risk transmission; e) Publicity and education. Through the implementation of emergency drills, popularize emergency knowledge, continuously enhance the professionalism of network security management, and improve all employees Network security risk prevention awareness.

5 Emergency drill principles

The principles of emergency drills are as follows. a) Combining reality. combining the requirements of emergency management work, clarifying the purpose of the exercise, and determining the method and scale of the exercise according to resource conditions; b) Appropriate to actual combat. Improve the command and coordination capabilities of the emergency command organization and the actual emergency response capabilities of the emergency team; c) Improving actual results. Pay attention to the evaluation and assessment of the exercise process and exercise effect, summarize the promotion experience, and rectify the problems found; d) Ensure safety. plan the drill content around the purpose of the drill, scientifically formulate the drill plan, deploy the drill activities, formulate and comply with relevant safety Full measures to ensure the safety of drill participants and drill facilities; e) Overall planning. overall planning of emergency drills, effective complementation of drills and exercises, and appropriate implementation of cross-industry and cross-regional comprehensive drills, Use existing resources to improve the effectiveness of emergency drills.

6 Emergency drill format

According to the organizational form, content, purpose, and role of emergency drills, emergency drills can be divided into multiple dimensions. a) According to the organization form of emergency drill, it is divided into the following forms. 1) Desktop deduction. According to the emergency plan, the participants use flowcharts, computer simulations, video conferences and other auxiliary methods to target The pre-assumed drill scenario simulates the emergency decision-making and on-site disposal process, verifies the effectiveness of the emergency plan, and promotes Relevant personnel clarify relevant responsibilities in the emergency plan, master emergency procedures and emergency operations, and improve command decision-making and coordination of all parties Cooperating ability. 2) Simulation exercise. participants use network and information system related software and hardware or shooting range technology to simulate and build a close-to-real environment The test environment, simulating emergencies or scene fragments, pays attention to the verification of the simulation exercise technology operation, and the exercise process Coordination and cooperation of resources from all parties, response to various problems and risks during the exercise. 3) Practical exercise. Participants use the real environment of the network and information system to simulate emergency scenarios to complete judgment, decision-making, and handling. The emergency response process of the related links, inspection and improvement of the on-site organization and command, emergency response and logistical support capabilities of relevant personnel force. Practical exercises can also be divided into designated subject exercises and pre-notified subject exercises. b) According to the content of emergency drill, it is divided into the following forms. 1) Special drills. refer to drills involving specific systems or emergency response functions in the emergency plan. For one or a few The specific links and functions of each participating department (post) are tested. 2) Comprehensive drill. Refers to drills involving multiple or all emergency response functions in the emergency plan. For multiple links and functions Perform inspection. c) According to the purpose and function of emergency drills, it is divided into the following forms. 1) Test drill. to test the feasibility of emergency plans, the adequacy of emergency preparedness, the coordination of emergency mechanisms, and related personnel Drills based on the emergency response capabilities of personnel. 2) Demonstration exercise. in order to demonstrate emergency response capabilities to observers or provide demonstration teaching, a performance exercise carried out in accordance with the exercise plan drill. 3) Research drill. In order to study and solve the key and difficult problems of emergency response, test new plans, new technologies, and new Equipment and organized drills. d) Other forms of exercises. The combination of exercises of different dimensions can form a special desktop exercise, a comprehensive desktop exercise, a special practical exercise, and a comprehensive practical exercise Common drills such as training, special demonstration drills, comprehensive demonstration drills, etc. See Appendix A for common drills.

7 Emergency drill planning

Relevant organizations, in accordance with actual conditions, in accordance with relevant laws and regulations, emergency response plans, and Make an overall plan for emergency drills, including the frequency, scale, format, time, location, and budget of emergency drills. Generally one year Develop a drill plan for each cycle.

8 Emergency drill organization structure

8.1 Summary The organizational structure of the exercise includes management departments, command organizations and participating organizations. According to event level, drill scale, drill purpose, and drill form The organization can merge and adjust the personnel and responsibilities of related organizations, and make corresponding organizational subdivisions according to actual conditions. 8.2 Management Department The management departments include higher-level units, relevant national cybersecurity supervision departments, etc., and their main responsibilities are as follows. a) Issue emergency drill requirements; c) If necessary, announce the start, end or termination of emergency drills. 8.3 Command organization 8.3.1 Commander The main responsibilities are as follows. a) Commitment and support for emergency drills, including issuing official documents and providing necessary resources (human, financial, material), etc.; b) Review and approve the emergency drill plan; c) Approval and decide on major issues of emergency drills; d) Deploy, inspect, guide and coordinate all preparations for emergency drills; e) Responsible for the coordination of cross-organization and cross-field emergency drills; f) Contact relevant units externally and coordinate the responsibilities of each unit in emergency drills; g) Command and dispatch emergency drills on site; h) Announce the start, end or termination of emergency drills; i) Summarize the effects of emergency drills and complete drill summary reports; j) Follow up the application of exercise results. 8.3.2 Planner The main responsibilities are as follows. a) Planning and formulating emergency drill plans; b) Responsible for the explanation during the emergency drill. 8.3.3 Supervisors The main responsibilities are as follows. a) Supervise whether the drill activities meet the requirements of emergency drill planning; b) On-site supervision and guidance of the specific work of emergency drills. 8.4 Participating institutions 8.4.1 Consultant It is composed of leaders and technical experts of relevant participating institutions led by the drill organization unit, and went to the drill site of each participating institution during the implementation stage Guide the drill work. 8.4.2 Implementers The main responsibilities are as follows. a) Execute the exercise script; b) Carry out emergency response and handling of cybersecurity incidents triggered by simulations in accordance with emergency plans; c) Conduct actual combat emergency response to network security incidents triggered by simulations of scenarios without scenarios; d) Use the exercise results. 8.4.3 Security personnel The main responsibilities are as follows. a) Follow up the planned exercise personnel to participate in exercise activities as required; b) Responsible for mobilizing various equipment required for the exercise process, and preparing technical support systems such as communication and scheduling; c) Implement the exercise site and materials, and carry out logistical support; d) Track and implement the funds required in the exercise plan; e) Responsible for safety assurance work at the drill site. 8.4.4 Technical support staff The main responsibilities are as follows. a) Provide emergency technology and drill technical consultation and support for emergency drill activities; b) Debug the various equipment required during the exercise, and do a good job in technical support for technical support systems such as communication and dispatch; c) Responsible for the specific technical realization of each link of the emergency drill, including monitoring and disposal; d) Simulate and trigger network security events. 8.4.5 Evaluator The main responsibilities are as follows. a) Record the exercise process and the essentials of emergency actions; b) Evaluate the exercise effect, exercise process and action essentials, and complete the exercise evaluation report; c) Find out the problems existing in the emergency drill, and promptly put forward opinions or suggestions to the relevant responsible personnel. 8.4.6 Other personnel The main responsibilities are as follows. a) Contact other participating organizations to assist in the completion of emergency drills; b) Coordinate cross-organization and cross-field participants to complete emergency drills; c) Invite leaders of relevant units and other personnel to observe the exercise process, etc.; d) Responsible for other work of emergency drills.

9 Implementation process of emergency drill

9.1 Preparation phase 9.1.1 Develop a drill plan 9.1.1.1 Overview The emergency command organization formulates a drill plan based on the emergency drill plan and emergency plan, clarifies the purpose of the drill, analyzes the drill requirements, and determines the drill. The scope of the exercise, the drafting of the schedule, and the preparation of the exercise budget. For the emergency drill plan template, see Appendix B, B.1. 9.1.1.2 Clarify the purpose of the exercise Clarify the reasons for carrying out emergency drills, the problems to be solved by the drills, and the desired effects. 9.1.1.3 Analysis and drill requirements According to the requirements of emergency drill planning and emergency plan, and on the basis of careful analysis of the pre-set event scenario risks and emergency plan, the conclusion In the case of network security incidents during the joint year, existing problems and weaknesses are found, and the drills to be adjusted and the skills to be trained are determined. Analyze the equipment to be inspected, complete emergency response procedures, command and dispatch procedures, and further clarify responsibilities. Urgent drill requirements. 9.1.1.4 Determine the scope of the exercise According to the requirements of the exercise and the comprehensive venue and resources (including but not limited to human resources, financial resources, material resources, technical resources, and information resources) Source, etc.) and time and other constraints and factors, determine the type, level, location, and organizational structure of the exercise (management department, guidance Organizations and participating organizations), number of people, methods of exercises, etc. Exercise requirements and scope of exercises often influence each other. 9.1.1.5 Drafting a schedule Draft the drill work plan and schedule, and specify the main tasks and completion time limits of each stage of the emergency drill, including the compilation of various drill documents The time limit for writing and reviewing, the time limit for preparing information systems and technical materials, the date of the exercise, etc. 9.1.1.6 Preparation of exercise budget Formulate various funds, supporting funds and safeguard measures for conducting drills. 9.1.2 Develop a drill plan 9.1.2.1 Preparation of work plan The steps to prepare an emergency drill work plan are as follows. a) Determine the goal The goal of the exercise is the main exercise task to be completed and the results achieved. It generally states "who will complete what task under what conditions, According to what standards, what effects are achieved." The drill objectives should be clear, specific, quantifiable, and achievable. For example, there ......

Image

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 38645-2020_English be delivered?

Answer: Upon your order, we will start to translate GB/T 38645-2020_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 7 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 38645-2020_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 38645-2020_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.