Home >>Information Security Cyber Law Tutorial >Cyber Security Strategies

Cyber Security Strategies

Cyber Security Strategies

Some stringent strategies have been placed in place to design and enforce a secure cyberspace. This chapter discusses the key methods used to ensure cybersecurity, which include the following -

  • A Secure Cyber Ecosystem Development
  • Establishing an Assurance Process
  • Encouraging Open Standards
  • Strengthening the Regulatory Framework
  • Creating IT Security Mechanisms
  • Securing facilities for e-governance
  • Protecting infrastructure for critical information

Strategy 1 − Creating a Secure Cyber Ecosystem

The cyber ecosystem includes a wide range of diverse entities that interact with each other for various purposes, such as devices (communication technologies and computers), people, governments , private entities, etc.

This approach explores the concept of a strong and stable cyber ecosystem where, in the future, cyber devices will work with each other to avoid cyber attacks, decrease their efficiency, or find solutions to recover from a cyber attack.

Such a cyber-ecosystem will have the ability to organise secure ways of action within and across groups of devices built into its cyber devices. Conventional monitoring techniques where automated products are used to identify and disclose security weaknesses will supervise this cyber-ecosystem.

There are three symbiotic structures of a good cyber-ecosystem: Automation, Interoperability, and Authentication.

  • Automation :It makes it easier to implement advanced security measures, gets easier and maximises decision-making processes.
  • Interoperability :Toughening collaborative actions, enhancing awareness and speeding up the learning process.
    Three types of interoperability exist :
    • Semantic (i.e., shared common understanding-based lexicon)
    • The Technical
    • Policy-Important in assimilating multiple contributors into an inclusive system of cyber defence.
  • Authentication : It strengthens the technologies of identification and verification that operate to provide
    • Security
    • Affordability
    • Simplicity of usage and administration
    • Scalability
    • The interoperability

Types of Attacks

Attack Category Description of Attack
Attrition

Methods that are used to damage systems and networks. This involves the following −

  • Distributed denial of attacks from providers
  • Impairing or denying a service or application access
  • Attacks on resource depletion
Malware Any malicious software used without the consent of the owner to interrupt normal computer activity and harm data assets. Any execution from a removable device will improve a malware 's threat.
Hacking
  • An attempt, usually conducted remotely, to intentionally exploit weaknesses to get unethical access. This could include –
  • data-leakage attacks
  • injection attacks and abuse of functionality
  • spoofing
  • time-state attacks
  • buffer and data structure attacks
  • resource manipulation
  • stolen credentials usage
  • backdoors
  • dictionary attacks on passwords
  • exploitation of authentication
Social Tactics

To acquire access to data, systems or controls, using social tactics such as deception and manipulation. It requires –

  • pre-texting (forged surveys)
  • inciting phishing
  • retrieving of information through conversation
Improper Usage (Insider Threat)

Misuse of data rights and controls in an entity by an individual who exploits the policies of the organisation. It requires −

  • Unauthorized software installation
  • Deletion of sensitive data
Physical Action/Loss or Theft of Equipment

Human-Driven attacks including as -

  • Identity tokens and credit cards stolen
  • Fiddling with card readers and point of sale terminals or replacing them
  • Interfering with sensors
  • Theft of a computer device that the industry provides, such as a laptop
Multiple Component Single attach methods that require many advanced attack methods and components.
Other

Attacks such as −

  • supply chain attacks
  • network investigation

Strategy 2 − Creating an Assurance Framework

The goal of this strategy is to build an outline through traditional products, procedures, people , and technology, in compliance with global security standards.

A national structure known as the Cybersecurity Assurance Framework has been developed to cater to national security requirements. By "Enabling and Endorsing" acts, it accommodates key infrastructure organisations and governments.

Government entities that are independent bodies free from commercial interests undertake enabling acts. These authorities are responsible for publishing 'National Security Policy Compliance Requirements' and IT security guidelines and documents to facilitate the implementation and compliance of IT security.

After meeting the required qualification standards, endorsing acts are involved in successful services and they include the following −

  • ISO 27001 / BS 7799 ISMS certification, audits of the IS system, etc., which are basically certifications of compliance.
  • Standard ISO 15408 and Crypto module verification requirements, which are the evaluation and certification of the IT Security product,' General Criteria.'
  • Services to assist consumers in IT security implementation, such as preparation for IT security personnel.

Trusted Company Certification

With the growth of the outsourcing market, Indian IT / ITES / BPOs need to comply with international safety and privacy standards. Some of the certifications include ISO 9000, CMM, Six Sigma, Total Quality Control, ISO 27001, etc.

Current models such as CMM levels of SEI are intended solely for processes of software creation and do not fix security concerns. Therefore, several attempts were made to build a model based on the idea of self-certification and on the CMU, USA Software Capability Maturity Model (SW-CMM) lines.

The structure created by such a relationship between industry and government consists of the following :

  • Standards The Standards
  • The Guidelines
  • Approaches

These criteria support critical infrastructure owners and operators to handle cybersecurity-related risks.

Strategy 3 − Encouraging Open Standards

Standards play an important role in deciding how we approach issues related to information security across geographic regions and societies. It supports open standards to −

  • Improve the effectiveness of key processes,
  • Enable incorporations of systems,
  • Providing users with a medium for evaluating new products or services,
  • Organize the plan for implementing new technologies or business models,
  • Interpret complex environments and
  • Endorse growth in terms of economics.

Standards such as ISO 27001[3] encourage the introduction of a standard structure for companies where customers are able to understand processes and reduce auditing costs.

Strategy 4 − Strengthening the Regulatory Framework

The aim of this strategy is to create a secure ecosystem for cyberspace and to reinforce the regulatory framework. Through the National Critical Information Infrastructure Protection Centre (NCIIPC), a 24X7 mechanism has been envisioned to counter cyber threats. The Electronic Emergency Response Team (CERT-In) has been appointed as a Crisis Management Nodal Agency.

Some of this strategy 's highlights are as follows -:

  • Promotion of Cybersecurity research and growth.
  • Developing human resources through programmes for education and training.
  • Encourage all entities, public or private, to appoint an individual who will be responsible for cybersecurity initiatives to serve as Chief Information Security Officer ( CISO).
  • As part of improving the cybersecurity of security networks and installations, the Indian Armed Forces are in the process of setting up a cyber order.
  • There is a pipeline of successful implementation of public-private partnerships that will go a long way in providing solutions to the ever-changing threat landscape.

Strategy 5 − Creating Mechanisms for IT Security

Link-oriented security measures, end-to - end security measures, association-oriented measures, and data encryption are some of the basic mechanisms in place for ensuring IT security. These approaches vary in their internal application characteristics and also in the security attributes they have. In brief, let us discuss them.

Link-Oriented Measures - It provides security, regardless of the source and destination of the data, while transferring data between two nodes.

End-to-End Measures - It is a means of transporting Protocol Data Units (PDUs) from source to destination in a protected manner in such a way that the disruption of any of their communication links does not compromise security.

Association-Oriented Measures - Association-oriented measures are a modified set of end-to - end measures that individually protect any association.

Data Encryption - Some general characteristics of conventional ciphers and the recently developed class of public-key ciphers are described. It encodes information in a way that can be encoded only by approved personnel.

Strategy 6 − Securing E-Governance Services

Electronic governance (e-governance) is the government's most respected instrument for providing public services in a responsible manner. Unfortunately, there is no dedicated legal structure in India for e-governance in the current scenario.

Similarly, in India, there is no regulation on mandatory e-delivery of public services. And without proper cybersecurity, nothing is more risky and troublesome than implementing e-governance projects. Securing e-governance services has therefore become a crucial task , especially when the nation makes daily transactions through cards.

Fortunately, the Reserve Bank of India has introduced security and risk reduction measures enforceable as of 1 October 2013 for card transactions in India. It has placed the responsibility on banks rather than customers to ensure secured card transactions.

E-government or electronic government refers to the use by government entities of Information and Communication Technologies (ICTs) for the following −

  • Efficient public service delivery
  • Internal efficiency refining
  • Simple exchange of knowledge between citizens , organisations, and government bodies
  • Administrative method re-structuring.

Strategy 7 − Protecting Critical Information Infrastructure

The backbone of a country's national and economic security is the essential information infrastructure. It covers power plants, highways , bridges, chemical plants, networks, as well as buildings where every day millions of people work. With stringent collaboration plans and disciplined implementations, these can be protected.

A structured approach is needed to safeguard critical infrastructure against developing cyber-threats. The government must regularly collaborate actively with the public and private sectors to avoid, respond to, and coordinate mitigation measures against attempted disruptions and adverse effects on the vital infrastructure of the nation.

The government is in demand to work with business owners and operators to improve their services and groups through the sharing of cyber and other threat information.

Users should share a shared platform to send comments and ideas that can work together to create a tougher basis for securing and protecting vital infrastructures.

In 2013, the US government passed a "Improving Critical Infrastructure Cybersecurity" executive order that promotes safety risk management involved in the delivery of critical infrastructure services. This framework offers organisations a common classification and mechanism to −

  • Defining their cyber security coverage,
  • Defines their cybersecurity goals,
  • Within the context of a constant process, characterise and allocate development opportunities and
  • Communicate regarding cybersecurity for all the investors.