Cyber Security and Resilience Protocols

Cyber Security and Resilience Protocols

1.0 Introduction

This report aims to provide those recommendations and the best means to implement cyber resilience policy. This is mainly a result of the high number of reported cyber attack issues. In recent times very many cases of cyber attack have been reported by different organizations from different sectors as per Chen et al (2012 P. 232). This actually mainly occurs from the financial institution such as banks. Lack of well-established cyber security can result in huge losses especially when the systems of the concerned organization may be hacked. It should be one of the prior goals of each organization to ensure that they implement sound cyber resilience policies to safeguard their information as well as the resources according to Mo et al (2012 P. 204). This will hence be achieved well through maintaining sound policies to govern the running of cyber security in the firm. This report outlines those means which should be implemented by the organization to see it achieve its goals in the cyber security sector.

2.0 Overview

Cyber security and resilience is a critical issue for all businesses, particularly those who store and access highly confidential information. According to Genge et al (2012 P.1156) cyber attacks occur when unauthorized users gain access through internet connected systems to a company’s data, hardware, and software. They occur almost always through malicious intent and aim to disable, change, steal data or gain benefit through accessing a company’s files and data. There are many different ways hackers conduct cyber-based attacks; some of the most common are phishing attacks, malware, password attacks, DOS attacks, and DDOS attacks.  According to Chen et al (2012 P. 234), it is imperative to a business is cyber resilient and conducts itself with best practice intentions to ensure corporate survival and risk management procedures are met and adhered to. The area of cyber resilience has increased in complexity in recent years and it is necessary for organizations to stay up to date with their protocols and adaptable as per Linkov et al (2013 P. 472-473). In applying best practice cyber security and resilience protocols it is imperative to acknowledge the key components that are required to achieve a safe virtual environment for the storage of all sensitive corporate and customer information and knowledge.

Cyber security and resilience is an ever-evolving and complex dynamic to manage in business. It requires progressive and innovative ways to stay ahead of emerging threats. Chen et al (2012 P. 220-222) argues that, cyber threats have the ability to do irreversible damage to not only a company’s online resources and information but also their reputation and perception held by the employees, customers and the general public. A company is responsible for providing secure, reliable and a safe range of services, activities, and facilities to its consumers. According to Chen et al (2012 P. 221) in establishing a Cyber Security Management System requires resources and well-established processes to adequately protect Confidentiality, Integrity, and Availability for information and technology assets.

3.0 Components

As per Genge et al (2012 P.1150) cyber Security Management Systems should follow the core cyber security principles. These principles include; continually reducing overall cyber security risk exposure; improving cyber security architecture and maturity; instilling increased cyber security culture; persistently identifying and reducing cyber-attack landscape; ensuring adequate segregation of classified information; regularly applying enhanced protection for critical infrastructure and sensitive information; providing enhanced monitoring, detection, alerts and timely containment cyber security capabilities; providing improved multi-layer malware protection; ensuring adequate cyber incident response management and cyber incident recovery capabilities; consistently complying with “Least Privilege Access”, “Need-To-Know” and “Need-To-Use” principles as per Genge et al (2012 P.1149).

3.11 Reducing cyber security exposure

The organization should do her best to ensure that its operations and activities are not exposed to the cyber risks. This is the first step to be implemented to fight the habit of cyber attacks. This is so mainly because when the firm is protected against the exposure to the risks it will definitely avoid those risks and end up solving the big challenge of cyber insecurity. The organization can solve the crisis by coming up with a sound risk management culture. Linkov et al (2013 P.472-473) in every organization, the employees should actually formulate their policies and means on how to manage the exercise of reducing cyber risk exposures. This should be termed as one of their duties and responsibilities. This will hence make them careful and determined in the performance of daily activities. Being their responsibility every employee will do his or her best to avoid the occurrence of these cyber risks (Mo et al 2012 P. 199). This can also be minimized by identifying the kind of cyber risks which are likely to face the organization and hence formulating various means to avoid the occurrence of such variables. This will require consultation with various experts in the related field or the other related institution. A step can also be taken ahead to implement those policies used by other organization to reduce the risks.

The other factor to consider in reducing exposure to the cyber risks is by restricting access to certain information and data to some staff. Each employee should be assigned specific access rights. This will actually mean that not every staff will be able to access any data. With few employees having the rights t access certain data the chances of the rights and logins reaching, strangers and hackers are minimal. This will actually reduce those chances of exposure to cyber attacks. The organization can also install a secure password management system. This should not be only left to be undertaken by the IT department but every user ensures well management of the organizations’ sites passwords. Another key factor which should be considered according to Linkov et al (2013 P.476) as far as the issue of password management is concerned is the use of Single Sign-On mechanism (SSO). This mechanism is characterized by the use of a certain password to only log in once on a site. A new password, therefore, has to be issued following the subsequent logins. Through the SSO mechanism, it will be difficult for any person with malicious interests to master the passwords hence avoiding the occurrence of cyber crimes. Passwords are not the only mean to ensure cyber security. There are other tools such site access card which can be issued by the organization to the employees. These cards are always automated. In the process of ensuring cyber security, the organization will decide to track these cards according to Mo et al (2012 P. 200). This should mainly be done especially when the member is on a leave. This is to avoid the card from landing on strangers who can make use of it. Sometimes it is difficult to differentiate those loyal staff from the ones with malicious interests and hence the organization can make it a rule for each employee to make a request before accessing any critical data. This will assist the top management to come up with a forum of identifying who is accessing what and at what time.

3.12 Improving cyber security architecture and maturity

These are the computer frameworks which are mainly used to emphasize the cyber security issues. The organization should largely emphasize these frameworks. Some of these frameworks include firewalls, Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS). These security protocols, according to Mo et al (2012 P. 199) are actually very reliable when installed in the organization. Due to the fact in the current world and as a result of advancement in technology most of the organization data is based on the software, these should be handled keenly. This should be taken with a huge concern because a single attack to the system normal running of the organization will be interrupted. Very reliable and confidential information, for instance, any information concerning the security of the country should be well encrypted to avoid the occurrence of cyber insecurity because this can be a big threat to the nation’s security. This should also apply in the organization because there is the availability of competitors who can use the accessed data to compete with the organization unfairly as per Sridhar et al (2012 P. 223). In addition to this, the organization should also employ keenness while procuring their IT services. This is to ensure the software is maintained and sourced from a trusted and reliable source.

3.13 Instilling increased cyber security culture

According to Sridhar et al (2012 P. 222) cyber security culture (CSC) is one of the important aspects to be considered in the improving of cyber security. This entails all the procedures and guidelines to be followed in the organization while undertaking those activities mostly pertaining to the securing of the organization’s data. There should actually be well-laid guidelines and laws governing the handling of the critical data according to Mo et al (2012 P. 202). If a staff undertakes any malicious act based on the critical data he or she should acquire the punishment according to the outlined laws. This will, therefore, make every staff handling the organization’s data being responsible for any unethical activities performed contrary to the requirements by the law. Subsequent adherence to these laws will definitely form a good culture to rely upon as per as the organization’s cyber security is concerned.

3.14 Identifying and reducing cyber-attack landscape

The cyber-attack landscape will involve carrying out research on the current trend concerning cyber attacks. According to Su et al (2012 P. 251) this will ensure the organization comes up with the various types of those emerging challenges and trends in the IT department. This is mainly aimed at ensuring that the concerned cyber security department is well informed about those threats as well as finding the best solutions to the cyber attacks. “It should also be accompanied by the hiring of well-skilled personnel”, Sridhar et al (2012 P. 220). The world’s technology is changing every moment and as a result of this trend, the IT specialists should access skills of the emerging cyber threats to be in a good position to solve them when they arise. Some of these trending cyber attacks include; social engineering attacks, password theft, fraud as a service, website hacking and the social media perils.

3.15 Ensuring adequate segregation of classified information

It is also crucial for the organization to make various segments of its information. This will make it difficult for the hackers and intruders to access the information. According to Su et al (2012 P. 249-250) a combined piece of information or data will be accessed easily compared to segregated information. This is so because it will take time and it may also require different rights of access or passwords to access the subsequent data. A segregated data will not be of any use mainly because it is not complete. According to Sridhar et al (2012 P. 215-216) Segregation of information and data should be carried out together with the issuance of single access rights to the data. This will help a lot in the securing of the data because it will harden the procedure to get the access credentials from different people. The information should further be stored on different devices. This is to ensure any intruders will not have access to the information at the same time.

3.16 Regularly applying enhanced protection for critical data

It is very crucial according to Zhu and Basar (2015 P. 45) for the organization mainly the IT department runs a regular check on the security position of the data. They should not wait for the cyber threats to arise for them to take actions because this may be too late to solve the issue hence causing harm and loss to the organization. According to Su et al (2012 P. 247-249) this will help in securing and fighting intruders from accessing the data from an early stage which may be of no impact to the organization. This should probably be carried out daily because it is their responsibility to enhance the security of the organization’s data and information.

3.17 Enhancing monitoring of cyber security capabilities and improving malware protection

The organization should be informed of the latest cyber security means due to the fast-growing technologies. As per Zhu and Basar (2015 P. 46) a standard quality body should be established to oversee the implementation of proper and required means of securing data. This is to ensure that the organization’s means of cyber security are not outdated because this can be a great threat to them. The malware protection is the use of that software which will prevent the interference of stored data according to Wang and Lu (2013 P.1360-1363). The malware can infect a computer and make the available data void and hence this challenge ought to be dealt with keenly. One of the means of malware protection is the use of anti-viruses such as the Kaspersky anti-virus software.

3.18 Ensuring adequate response management and recovery capabilities

According to Zhu and Basar (2015 P. 47) The IT department should be well equipped in dealing with the cyber threats if they happen to arise in the organization. They should have in hand any required skills and tools to conquer the challenges if they occur as per Wang and Lu (2013 P.1360-1363)

3.19 Use of “Least Privilege Access”, “Need-To-Know” and “Need-To-Use” principles

According to Zhu and Basar (2015 P. 56) this principle is commonly used in the military sector and it is essential to use it too in the organization. This means that an individual may be denied rights to access a certain piece of data even if they are officially approved. They can only access the data if they have a clear reason to do so as per Wang and Lu (2013 P.1367).

4.0 Recommendations

Cyber threats being a common challenge to the progress of an organization in the world I would recommend the organization to adhere to the above measures. The top management of the organization should actually invest in advancing its cyber security resilience because securing the sector means a lot in securing the data and the entire organizational resources. The employees should also practice being loyal as this will prevent secret credentials reaching malicious people.

5.0 Conclusion

In conclusion it has been established that cyber insecurity has risen currently in the world. This emerges mainly due to the advancement in technology. Cyber insecurity is a big challenge to every organization. Establishment of sound cyber security resilience is very helpful in solving the problem. The ensuring of issuing access rights, equipping the organization with well skilled IT personnel, the establishment of cyber threat recovery systems, securing of organization’s data as well as ensuring ethical culture in the organization will actually assist in ensuring the organization is protected pertaining cyber threats.

 6.0 Bibliography

Chen, P.Y., Cheng, S.M. and Chen, K.C., 2012. Smart attacks in smart grid communication         networks. IEEE Communications Magazine, 50(8). pp, 210-287

Genge, B., Siaterlis, C., Fovino, I.N. and Masera, M., 2012. A cyber-physical experimentation      environment for the security analysis of networked industrial control systems. Computers &            Electrical Engineering, 38(5), pp.1146-1161.

Harvard University page on cyber      security,https://cyber.harvard.edu/cybersecurity/Main_Page.

Linkov, I., Eisenberg, D.A., Plourde, K., Seager, T.P., Allen, J. and Kott, A., 2013. Resilience metrics     for cyber systems. Environment Systems and Decisions, 33(4), pp.471-476.

Mo, Y., Kim, T.H.J., Brancik, K., Dickinson, D., Lee, H., Perrig, A. and Sinopoli, B., 2012. Cyber–         physical security of a smart grid infrastructure. Proceedings of the IEEE, 100(1), pp.195-209.

Sridhar, S., Hahn, A. and Govindarasu, M., 2012. Cyber-Physical System Security for the Electric           Power Grid. Proceedings of the IEEE, 100(1), pp.210-224.

Su, H., Qiu, M. and Wang, H., 2012. Secure wireless communication system for smart grid with   rechargeable electric vehicles. IEEE Communications Magazine, 50(8). Pp245-293

Wang, W. and Lu, Z., 2013. Cyber security in the smart grid: Survey and challenges. Computer    Networks, 57(5), pp.1344-1371.

World Economic Forum, Partnering for Cyber Resilience, 2012,      http://www3.weforum.org/docs/WEF_IT_             PartneringCyberResilience_Guidelines_2012.pdf

Zhu, Q. and Basar, T., 2015. Game-theoretic methods for robustness, security, and resilience of    cyberphysical control systems: games-in-games principle for optimal cross-layer resilient   control systems. IEEE control systems, 35(1), pp.46-65.