Research On Risk Management Of Cyber Security Project

In recent years,with the continuous development of information technology,the situation of network attack and defense is becoming more and more fierce,and network security incidents also emerge in an endless stream.Driven by national policies and network security situation,network security industry has achieved rapid development in recent years.However,the network security project is a frontier field with high technical complexity and many uncertain factors,so it is particularly important to introduce risk management research into the network security project.This article is based on risk management theory,combined with the actual situation of the project to conduct risk management research for the G company's network security situational awareness project.First,it analyzes the project management theory and the characteristics of network security project risk management,and then studies and analyzes the five aspects of G company situational awareness project risk management planning,risk identification,risk assessment,risk response and risk monitoring.In the risk identification,the brainstorming method and the Delphi method were used to identify 34 risk factors of eight major types of risks at each stage of the project,and the risk points identified by expert judgment and analytic hierarchy process were combined to analyze the risks qualitatively and quantitatively.At the same time,the risks are sorted according to the risk assessment results,practical risk response strategies and methods are formulated according to the project resources,and the effective management of project risks is realized in combination with the risk monitoring process.In the situational awareness project of Company G,the impact of demand risk and technical risk are the main risk factors,which have a greater impact on the smooth implementation and delivery of the project.It is necessary to strengthen the response and monitoring of this type of risk.The research results can be the same for projects in the same industry.Provide reference for risk management activities.