Jiangsu Accounting Vocational College Network sky bet games online Incident Emergency Plan

1 General Provisions

1.1 Compilation purpose

According to the requirements of the "Emergency Plan for Cyber ​​Security Incidents in the Education System of Jiangsu Province"，Establish and improve our school’s network sky bet games online monitoring and emergency response working mechanism，Improving schools’ ability to respond to network sky bet games online emergencies，Effective prevention、Timely control and minimize the harm and impact of various emergencies on our school’s network sky bet games online，Ensure the security of campus networks and important information systems，Specially formulated plan。

1.2 Preparation basis

"Cybersecurity Law of the People's Republic of China"、"Emergency Response Law of the People's Republic of China"、"National Cybersecurity Incident Emergency Plan"、"Emergency Plan for Cyber ​​Security Incidents in Education System"、"Guidelines for Classification and Grading of sky bet games online Incidents"、"Jiangsu Province Cyber ​​Security Incident Emergency Plan"、"Jiangsu Provincial Education System Cybersecurity Incident Emergency Plan" and other related documents and regulations。

1.3 Scope of application

This plan is applicable to our school’s response to network sky bet games online incidents，Guide the emergency response and disposal of network sky bet games online emergencies across the school。

1.4 Working Principles

（1)Unified command、Close collaboration。The school’s network sky bet games online leadership group coordinates the school’s network sky bet games online emergency command work，Established with the Provincial Education and Network Information Department、Coordination and linkage mechanism of professional organizations，Strengthen prevention、Monitoring、Close connection between reporting and emergency response，Be prepared to respond quickly、Correct response、Dispose decisively。

（2) Hierarchical management、Clear responsibilities。In accordance with "Who is in charge, who is responsible、Whoever operates and maintains is responsible、The principle of “whoever uses it is responsible”，The main leaders of the school party and government are the first persons responsible for the school network sky bet games online work，The person in charge of each department is the first person responsible for the department’s network sky bet games online work，Everyone performs his own duties，Jointly perform management responsibilities for emergency response work。

（3) Active prevention、Enhanced drills。Based on security protection，Enhanced early warning，Take multiple measures，Work together to build a network sky bet games online system。Standardize emergency response measures and operating procedures，Conduct regular plan drills，Ensure emergency plans play an important role。

2 Event classification and classification

2.1 Event classification

Network sky bet games online incidents are classified as harmful program incidents、Network attack incident、Information destruction incident、Information content security incident、Equipment and facility failures and disastrous events, etc.。

（1) Harmful program events are classified as computer virus events、Worm event、Trojan horse incident、Botnet incident、Mixed program attack incident、Malicious code incidents and other harmful program incidents embedded in web pages。

（2) sky bet games online attacks are divided into denial of service attacks、Backdoor attack incident、Vulnerability attack incident、sky bet games online scanning and eavesdropping event、Phishing incident、Interference incidents and other cyber attack incidents。

（3) sky bet games online destruction events are divided into sky bet games online tampering events、sky bet games online counterfeit incident、sky bet games online leakage incident、sky bet games online theft incident、sky bet games online loss events and other sky bet games online destruction events。

（4) sky bet games online content security incidents refer to the dissemination of sky bet games online prohibited by laws and regulations through the Internet，Organizing illegal connections、Inciting rallies and processions or hyping up sensitive issues and endangering national security、Events of social stability and public interest。

（5) Equipment and facility failures are divided into software and hardware failures、Peripheral support facility failure、Man-made sabotage accidents and other equipment and facility failures。

（6) Disaster events refer to network sky bet games online incidents caused by natural disasters and other emergencies。

（7) Other incidents refer to network sky bet games online incidents that cannot be classified as above

2.2Event classification

Referring to the Jiangsu Provincial Education System Network Security Incident Grading Regulations, network sky bet games online incidents in our school are divided into four levels: extremely serious(ⅠLevel), major(ⅡLevel), larger(ⅢLevel), General Level IV)。

（1) Particularly important(ⅠLevel)

The school network or important sky bet games online system (website) suffered particularly serious losses，Global large-scale paralysis occurred，Loss of business processing capabilities；Important sensitive sky bet games online or key data of important sky bet games online systems (websites) is lost or stolen、Tampering、Fake，Posing a particularly serious threat to the security and normal order of the entire school system；Network viruses broke out on a large scale throughout the school and seriously affected the security of our school’s sky bet games online system；Others that pose particularly serious threats to school networks and sky bet games online systems，Emergency events causing particularly serious impact。

（2)Major(ⅡLevel)

The school network or important sky bet games online system (website) suffered serious losses，Causing long-term system interruption or partial paralysis，Business processing capabilities are greatly affected；Important sensitive sky bet games online or key data of important sky bet games online systems (websites) is lost or stolen、Tampering、Fake，Posing a serious threat to the security and normal order of the entire school system；Network viruses broke out in a large area and affected the security of our school’s sky bet games online system；Others pose serious threats to school networks and sky bet games online systems，Emergency events causing serious impact。

（3) larger(ⅢLevel)

A certain part of the network or important sky bet games online system (website) suffered a large loss，Causing system interruption，Business capabilities are affected；Data of important sky bet games online system (website) is lost or stolen、Tampering、Fake，Posing a serious threat to the security and normal order of the entire school system；The network virus spreads widely across multiple units (departments)；Others pose greater threats to school networks and sky bet games online systems，Emergency events that have a greater impact。

（4) General(ⅣLevel)

In addition to the above situations, it will have a certain impact on the security of our school’s Network and sky bet games online Department，But emergencies that do not endanger the overall security and normal order of the school network and sky bet games online system。

3 Organizational Structure and Responsibilities

3.1Network sky bet games online Leading Group (referred to as the Leading Group) and Responsibilities

Group Chief: School Party Committee Secretary, Principal

Deputy team leader: in charge of the Propaganda Department、Smart Campus Center、The school leader in charge of the sky bet games online department

成 Member: the main person in charge of each unit (department)

Position Responsibility:

（1) Implement the country、Guidelines, policies, laws and regulations on network sky bet games online of the province and higher-level units，Organize and formulate rules and regulations related to school network sky bet games online。

（2) Leader and coordinator of school network sky bet games online work，Establish and improve the joint disposal mechanism，Activate emergency plan，Organizational command responsible for handling network sky bet games online incidents。

（3)Approval、Deployment、Check the prevention and early warning of network sky bet games online incidents、Emergency Response、Survey and Assessment、Information release、Emergency support and other work，Study and solve problems in disposal work。

3.2Network sky bet games online Emergency Response Office and Responsibilities

The Network sky bet games online Office under the Network sky bet games online Leading Group (referred to as the Cyberspace Administration of China，Located in the Smart Campus Center) and the Network sky bet games online Emergency Response Office (referred to as the Emergency Office)，The emergency office is located in the Propaganda Department。

Master Ren: Minister of Propaganda Department

Deputy Director: Smart Campus Center、Main person in charge of the sky bet games online Department，Main person in charge of each unit (department)

成 Officer: sky bet games online officer of each unit (department).

Position Responsibility:

（1) Organized the drafting of the school’s “Network sky bet games online Incident Emergency Plan” and other relevant regulations。

（2) Responsible for emergency response work，Guide all units (departments) to establish early warning, prevention and control work for network sky bet games online emergencies；Receive and process network sky bet games online emergency information reports，Cooperate with relevant departments to actively carry out response and disposal work。

（3) Responsible for the prevention and early warning of network sky bet games online incidents、Emergency Response、Survey and Assessment、Information release、Emergency support、Hidden danger investigation and rectification work；Organize network sky bet games online training，Organize drills regularly；Collect information security incident reporting statistics、Preparation of statistical reports、Summary of work status、Writing work summary；Responsible for communicating with superior network sky bet games online emergency response agencies。

（4) Complete other tasks assigned by the Network sky bet games online Leading Group。

4Monitoring and reporting

4.1 Clear network sky bet games online monitoring responsibilities

（1) The Propaganda Department is responsible for monitoring Internet public opinion，And the school’s official website、sky bet games online monitoring of official new media platform。

（2) The Smart Campus Center is responsible for monitoring network and sky bet games online system communication and resource usage abnormalities，Network and sky bet games online system paralysis，Application service interruption or data tampering、Lost etc.。

（3) The Security Department is responsible for the security of peripheral facilities、sky bet games online practitioners review work，As well as the contact and coordination work with the relevant departments of the public security organs after the incident。

（4) Each unit (department) is responsible for the secondary website managed by its own unit (department)、Application sky bet games online System、sky bet games online review and monitoring of dynamic thematic websites and new media platforms。

4.2 Implement monitoring reporting responsibility system

Each unit (department) must designate a dedicated person to be responsible for information monitoring work，Responsibility system must be implemented，Follow "Early Detection、Early report、Principle of “early disposal”，Strengthen the collection of various network sky bet games online emergencies and related information that may cause emergencies、Analysis, judgment and continuous monitoring。

When network sky bet games online emergencies occur，Report to the Emergency Management Office in a timely manner as required，The report content mainly includes information sources、Scope of influence、Nature of the event、Event development trends and measures taken, etc.。A daily reporting system must be implemented during important and sensitive periods，Each unit (department) reports monitoring status in a timely manner in accordance with the reporting frequency required by superiors and the school。

4.3 Reporting Process

4.3.1 Once the personnel responsible for information monitoring in each unit (department) discover network sky bet games online incidents，Measures should be taken immediately to control the situation，And report to the person in charge of the unit (department) and the emergency office as soon as possible，And carry out emergency response according to this plan。

4.3.2 For general occurrence(ⅣLevel)level network sky bet games online incident，Handed by the Emergency Office，And report the handling situation to the leadership group。

4.3.3 For larger occurrences(ⅢLevel), major(ⅡLevel), extra large(ⅠLevel)’s network sky bet games online incident，The emergency office will report to the leadership group as soon as possible，After the leadership group received the report，A network sky bet games online meeting should be held quickly，Research and determine the situation of network sky bet games online emergencies，And initiate corresponding level response for disposal according to the "Jiangsu Provincial Education System Cybersecurity Incident Emergency Plan"。

5 Emergency response to network sky bet games online incidents

5.1 Campus sky bet games online

Relevant units (departments) have the authority to directly handle network sky bet games online incidents that occur on campus，Follow the following emergency procedures。

5.1.1 Disposal of bad sky bet games online on campus network

（1) Information security officers of units (departments) where network sky bet games online incidents occur must delete harmful information in a timely manner，And check all contents of the entire website，Make sure there is no other bad information。

（2) The sky bet games online officer should report the specific circumstances of the incident to the emergency office in writing。

（3) The smart campus center immediately organized technical personnel to immediately cut off the external network connection of the website server through the intranet firewall。Related directories for backing up bad sky bet games online、Log。Isolate directories with bad sky bet games online，Perform security check，Remove unsafe risks，Close unsafe columns。Restore backup data if server is compromised。Reconnect to the website server and firewall external network connection after returning to normal，And test the website operation。

5.1.2 Disposal of campus sky bet games online anomalies and malicious sky bet games online attacks

（1) The Smart Campus Center immediately organized technical personnel to determine the source and scope of the attack。Can emergency cut off the central network server and public network network connection if necessary，To protect important data and sky bet games online。If the attack comes from outside the school，Block and filter such attacks through network security protection equipment，And contact experts to analyze and study countermeasures，Decide whether to close external network access based on the severity of the situation；If the attack comes from within the school，Find and determine the source of the attack，Cut off the network connection of the device related to the attack source。The attack source computer was foundIPAfter address，Close this computer’s campus sky bet games online connection，Notify the user and the department for processing。

（2) If the attack source comes from an office computer in the school，Computer users need to remove viruses、Malicious program、Trojan horse program or reinstalling the operating system，Run24Submit an Internet application after there are no problems for more than an hour，Connect to the campus sky bet games online after the smart campus center test has no problems。

（3) If it is found to be a subjective and malicious sky bet games online attack by someone within the school，Emergency management will depend on the severity of the situation，Submit to the school security office for processing according to school regulations，Those suspected of violating the law will be transferred to the public security organs for handling according to law。

5.1.3 Emergency measures for sky bet games online system vulnerabilities

（1) After the smart campus center receives a system vulnerability notification or finds a high-risk system vulnerability during regular scans，Organize relevant technical personnel to conduct research and analysis，Develop a solution。

（2) Need to close protocols and ports on core sky bet games online equipment and servers、Operation to stop service，By Smart Campus Center24Complete processing within hours.

（3) The operation that needs to be updated by operating system patches will be completed as soon as possible by the smart campus center to assist the user department。

（4) Application software needs to be upgraded and updated，The Smart Campus Center notifies the user department to contact the software manufacturer to complete the processing in a timely manner，Closing server external sky bet games online access before processing is completed。

（5) Need to upgrade and patch the office computer，The Smart Campus Center promptly releases notifications on vulnerability status and processing steps on the campus sky bet games online，Each unit (department) organizes upgrade and maintenance work。

5.1.4 Computer virus emergency response

（1) After the sky bet games online officers of each unit (department) discover that the computer is infected with a virus，The virus-infected office computer should be disconnected from the Internet immediately，Prohibit connecting to the Internet until the virus is completely removed,And perform data backup on the hard disk of the device。Enable anti-virus software to disinfect the machine，At the same time, scan and remove viruses on other machines through virus detection software。

（2) If the infected device is a server，And anti-virus software cannot remove the virus，sky bet games online officers should immediately contact the relevant product manufacturers to study the solution and report it to the person in charge of the department and the person in charge of the Smart Campus Center。The person in charge of the Smart Campus Center organized relevant technical personnel to study and take measures such as restoration and backup，And immediately inform relevant units (departments) to carry out corresponding inventory work。

5.2 Negative sky bet games online on Internet public opinion

Because the school does not have direct authority to handle negative sky bet games online on Internet public opinion outside the campus network，Follow the following emergency response procedures。

5.2.1 The Propaganda Department is responsible for appointing dedicated personnel to monitor Internet public opinion，Daily scheduled search、Collect negative public opinion sky bet games online，Increase the number of daily searches during important and sensitive periods。After the emergency，Report to the leadership team immediately，And organize people24Collect sky bet games online hourly，Achieve immediate monitoring、Collect、Study and judge the development trend of public opinion，Report public opinion trends in a timely manner。Public opinion monitoring and sky bet games online collection personnel must monitor the network in a timely manner、Broadcast、TV、Newspapers and other media，Real-time collection and verification of sky bet games online sources、Diffusion situation (reprint and rebroadcast frequency、Click rate、Ratings) and other related indicators，Follow the development of public opinion、Evolution、Processing results, etc.，Provide reference opinions for the leadership team。

5.2.2 When dealing with negative public opinion sky bet games online，Resolutely safeguard the authority of the party and the state，Maintain social stability，Maintain school image。The Emergency Response Office is responsible for promptly conducting incident investigations，Quickly generate report，To clarify the facts、Provide strong evidence to eliminate the impact。In response to the investigation，Promptly study and propose emergency response countermeasures and suggestions to the leadership group。The leadership group will decide whether to report to the superior authority based on the nature and severity of the incident、Request support、Delete negative sky bet games online online。

5.2.3 Give full play to the spirit of unity and cooperation，Communication up and down、Left and right coordination，Unified pace、Everyone performs his own duties，Form a strong work force。Seek truth from facts、Release information step by step，Unified release caliber，Submit to the leading group for approval，Decide whether to organize a press conference based on the nature and evolution of the incident。The Propaganda Department is responsible for organizing relevant networks、Newspapers、Broadcast、Communication and reception work for television and other media。If a network sky bet games online incident occurs on campus，Need to release information and news reports，Refer to the above method。

6Post-processing and guarantee

6.1 Post-processing

6.1.1 After the completion of the handling of major network sky bet games online incidents，The investigation and evaluation work is carried out in accordance with the "Emergency Plan for Cyber ​​Security Incidents in the Education System of Jiangsu Province"。After the completion of the handling of major network security incidents，The leading group organizes investigation, processing and summary evaluation work，And report the investigation and evaluation results to the Provincial Education Network Security Emergency Office。General network security incidents are organized by the emergency response office to carry out investigation, processing, summary and evaluation work，And report to the leadership group，Report elements: Time of incident、Location、Reason、Information source，Event type、Property、Hazard and degree of loss，Event development trend、Take disposal measures, etc.。

6.1.2 The school commends and rewards groups and individuals who have made outstanding contributions to network sky bet games online emergency response work；For late reporting、False report、Concealing or underreporting important information about network sky bet games online incidents or other dereliction of duty in emergency response work、Dereliction of duty，The relevant responsible persons must be held accountable；Constituting a crime，Pursuing criminal responsibility according to law。

6.2 Job sky bet games online

6.2.1 System guarantee。Establish and improve the emergency response mechanism for network sky bet games online incidents，In accordance with "Who is in charge, who is responsible、Whoever operates and maintains is responsible、The principle of “whoever uses it is responsible”，Assign network sky bet games online emergency response responsibilities to specific departments、Specific positions and individuals。

6.2.2 Technical Support。Continuously strengthen the construction of the school network sky bet games online emergency technical support team and the guarantee of network security materials，Do a good job in monitoring network sky bet games online events、Defense、Emergency response and emergency technical support work。

6.2.3Organizational Guarantee。Organize network sky bet games online knowledge training regularly，Strengthen the study and emergency drills of emergency plans for network sky bet games online incidents，Improve the prevention awareness of network sky bet games online management and technical personnel、Safety skills and emergency response capabilities。

6.2.4 Funding guarantee。The school provides necessary funding guarantees for network sky bet games online emergency work，Used to support the construction of network sky bet games online emergency technical support team、Monitoring and warning、Publicity and Education、Training drill、Development of material support and other work。

7 Supplementary Provisions

7.1 This plan is explained by the Emergency Response Office of the Network sky bet games online Leading Group。

7.2 This plan will be implemented from the date of release.

Attachment: Jiangsu Accounting Vocational College network sky bet games online incident emergency response flow chart