Study On Information Security Governance In Network Development Of The Universities

The Network in universities has been playing an increasingly important role in serving as an essential means of information exchange in the aspect of teaching, research, administration, etc. But it is true that it also poses safety problems while bringing the convenience to people. The network features not only openness and interactiveness but also weakness both in technique and human factors, which causes it vulnerable to the attack of hackers and viruses. Thus, more and more universities need to put strong emphasis on the online information security as a result of various security risks they are exposed to. Universities emphasis the overall ability to deal with different risks with the purpose to guarantee the confidentiality, integrity, and availability of online information, which enables the campus network either accessible to all the students and faculties, or applicable in teaching, research and administration. Meanwhile, they need to accelerate to reinforce information security system and set information security governance system, which can therefore ensure the online security. The article targets at 15 universities administered by CERNET in Chongqing, surveying and collecting data in the six aspects: online information risk evaluation, strategy setting, online information software equipping, information security staff, security awareness training and review. After the analysis of data, it is concluded with the comprehensive evaluation result of online information security governance performance of universities in Chongqing and found with the direct causes leading to the poor performance of online information governance in universities in Chongqing. They are as follows (1): the poor operation of information security analysis, strategy setting and review work. (2) The inadequate investment on information security equipment. (3) The inadequate awareness of information security (4) The inadequate professional security staff. There are also some implicit causes: (1) The leadership's awareness of security governance is weak and lack of adequate knowledge of significance of information security and the great challenges. (2): The present development of university network weighs size but neglects security. (3) The professionals in the university online network development and governance are in scarcity.Lastly, it is proposed with dynamic model of information security governance and corresponding suggestions in the light of the present situations of information governance of universities in Chongqing.