Cyber security comprehensively refers to the set of safeguarding measures intended to maintain integrity of information as it passes through heterogeneous networks and becomes vulnerable to malicious attacks from viruses and scripts. It strategically deals with checking user identity, associated risks and incident management. It is structurally composed of processes, technologies and practices devised to optimally mitigate the risks to computers, programs, and networks.
Extremely sensitive data like defense information needs to be critically protected from unauthorized access to prevent harmful tampering, corruption and misrepresentation.
An individual user can implement checks to thwart unwanted manipulation of his data by continually updating the antivirus program, putting strong passwords and strictly guarding personal information over networks that are not trusted.
Cyber-security is intimidated by rapidly and regularly evolving nature of risks. The conventional wisdom of devoting the bulk of resources on the most critical system aspects to safeguard against formidable threats, while leaving minor components unprotected cannot be justified in the present scenario. The threat is accelerating at a pace that is beyond control and is significantly deviating from set norms. An adaptive and proactive system is being fostered to regularly monitor and assess real time the emerging threats.
Cyber-security is meant for proactive detection of loopholes in the security policies of the computer systems which can be exploited by people engaged in information warfare to seek entry in critical system to alter, destruct or hold government to ransom by threatening to damage sensitive information infrastructure. Critical information should not be leaked to unauthorized people. A truly secure network will maintain the integrity of data stored in it and also allow government to access and regularly supervise the entire array of information in it.
Cyber-security or cyber assurance defines the mechanism to extend operational support for management and protection of networks, data and information. It also has provision for contingency support to facilitate safeguarding of cyber-dependent operations. The stress is on predicting potential cyber-attacks by simulating real time operating environment to understand the approach of intrusive elements and deter them. It calls for deployment of resources to backup critical information and survive any cyber-attack. The augmented operational capabilities will give a proactive response to any attempt of unauthorized access to information.
The principles of cyber-security revolve around certain key points.
- Data confidentiality, which implies that sensitive information should be accessible, useable, and editable to users who have been granted privilege for the same.
- Data integrity, which safeguards against creation, alteration, and destruction of data in the absence of adequate authorization.
- Authenticity, which ensures that users and data placeholders are authentic and free from any fabrication or forgery.
Availability essentially means that information sought, computing resources dedicated towards information processing, and the security measures deployed for information protection are readily available and functioning when the information is required.
Non-repudiation which means that either party participating in a transaction cannot disown an information piece received or denies having sent the data chunk.
Cyber-security tactics recognize the fact that attacking a system is easier than defending it. The compromise of a system is contingent on the understanding gained by the hacker of a part of the system’s technical architecture. The defenders however need to comprehensively analyze the entire infrastructural set-up and learn the specific needs of the managing organizations to better protect the system from internal and external attackers.
The Challenges Confronted by Cyber-Security Experts are:
Multiple security models: A majority of large organizations need to manage numerous domains or data centers. Mostly, the management of such elements is entrusted to different enterprises and consequently there is no central cyber security governance mechanism. The situation can be simplified by implementing standardized processes as the management of heterogeneous architectures (application and infrastructure) makes things complicated.
Continuity of operations: This has become complex owing to growing data center consolidation leaving little scope for redundant operations. The increasing architectural standardization has paved way for larger cross domain vulnerability. Besides, the shrinking numbers of regional ‘continuity of operations’ hubs has rendered it more fragile from network communications scenario.
Coordinated help desk: The demand for coordinated help desk operations deployed across organizations is on the rise after the scope of cyber security is getting clear. Coalition partners and related organizations have developed greater dependency on one another in respect to earlier times. However, the challenge of building a coordinated help desk has not been adequately addressed so far with the operations limited to particular domains and restricted to propagation of generalized threat/ incident reporting scenario only.
Social engineering: It refers to activity category that concerns itself with combating non-traditional and non-security attacks and compromises. It can be deployed from internal or external perspective with the objective of exploiting inherent system weaknesses pertaining to security policies which paves the way for consequent technical exploitation.
Unstructured data security: Organizations have gradually moved from paper records to electronic versions. A majority of the data circulating within the organization is to an extent unstructured. Structure data sources can be covered with data security policies meant for formal record management. However unstructured data like emails, wikis etc. are less secure as unstructured data management policies have not fully evolved as yet.
To address the above issues, the cyber security practice structure is being developed which is based on the fact that all IT security basically represents a single integrated lifecycle.
Comprehensive security is possible by making all security data accessible and automating security procedures. This will enable addressing threats in real time and spans all relevant contexts. Cyber security model should adopt a holistic approach which is process focused and would be composed of a wide range of operational support capabilities and security management. The functioning is divided into proactive and defensive mechanisms.
The focus is to evolve a logical process framework that embraces the entire operationa security capabilities relevant to the enterprise domain. The core is constituted of the ability to trace operational health and security lifecycle to better understand the impact on an organization. A number of tools are employed in combination to fostering cyber- security:
- Anti-virus management
- Intrusion detection
- Firewall management
- Identity management
- Routing and encryption
- Directory management
- Asset management
- Configuration management
After the creation of data center, the operational aspect of the same is to be managed by competent people like Systems Administrators, Security Engineers, Security Administrators, Security Subject Matter Experts, Help Desk Personnel, Managers, and Network Engineers and Administrators.
To conclude, effective cyber security can be provided after gaining thorough insights into existing security architectures and practices. System engineers should be able to integrate processes and technologies while extending specific functional expertise to bolster operational security management across the domain or enterprise.