企业不是实施部署了信息安全就万无一失,因为在信息安全领域,没有绝对的安全,需要平衡在安全上的投资与回报。很多企业认为既然花了钱,就应该确保绝对安全,不出任何问题,这显然是不现实的。安全并不是说没有什么问题,而是说即使出现问题,也都在企业可接受的范围内,不会对企业造成明显的损失。所以企业要认清自己的安全范围,然后予以相应的投入,实现两者之间的平衡。 Enterprises do not implement the deployment of information security foolproof, because in the field of information security, there is no absolute security, you need to balance the security investment and return. Many companies think that since the money has been spent, it should be absolutely safe and without any problems, which is obviously unrealistic. Security does not mean that there is no problem, but that even if problems arise, they are within the acceptable scope of the enterprise and will not cause obvious losses to the enterprises. Therefore, enterprises should recognize their own safety scope, and then make the appropriate investment to achieve the balance between the two.