Awards & Recognition Won by Prashant Mali in 2014

Cyber Security: Build a Culture of Prevention in Your Organisation

Cyber Security:  Build a Culture of Prevention in Your Organisation

Prashant Mali, 

Cyber Security Policy & Law Expert - India

“You cannot buy the revolution. You cannot make the revolution. You can only be the revolution. It is in your spirit, or it is nowhere.” 
― Ursula K. Le Guin, The Dispossessed

Today all organization’s need “Cyber Security Revolution”  i.e they need to bring in culture of cyber security within their organization. A strong cyber security culture is both a mindset and mode of operation. One that’s integrated into day-to-day thinking and decision-making can make for a near-impenetrable operation. Conversely, a security culture that’s absent will facilitate uncertainty and, ultimately, lead to security incidents that you likely can’t afford to take on. This is also brings us to have Cyber Insurance as part of the organisations culture.

What is a organizations cyber security culture?

An organisation's cyber security culture is the styles, approaches and values that it wishes to adopt towards cyber security.

The lack of robust security protocols and standards for data exchange between enterprise systems, devices and personal/home devices can put organizations at increased risk and exposure. However, by employing a comprehensive threat intelligence strategy, organizations can more effectively, proactively and sustainably defend against threat adversaries. The development of policies, procedures and training can further prevent attacks and raise user awareness to be mindful of clicking links, executing files or sharing account information. “When building cyber security capabilities, a Chief Security Officer must be able to identify data in an organizational environment, know the systems, devices and networks on which they are located, and build a security profile around them that addresses potential vulnerabilities,”

A strong cyber defense strategy should address how to prepare and monitor attacks, respond and ultimately recover from breaches. At a minimum, security architecture should be able to stall adversarial efforts, thwart attacks at each phase and facilitate a rapid response. Today, there are several cyber security frameworks that organizations may use as guidelines - such as ISO, COBIT and NIST - to develop security architecture. By overlaying these with counter-responses to the tactics, techniques and procedures that a threat adversary may employ, CISO’s can develop a robust defensive infrastructure. 

Many of these defensive strategies can be broadly characterised into the following three classifications:

1. Mitigate threats before they enter a network by having the basic controls in place -such as ensuring that operating systems and anti-malware, web filtering and antivirus software on servers and endpoints are updated and patched to reduce the risk of vulnerabilities and infections. At a primary level, preventive measures can be employed by implementing layers of firewall technology to stop known attacks. At a secondary level, the potential damage of a breach can be mitigated through automated alerts and notifications that quickly activate appropriate response measures according to security protocols. By training employees and building a culture of cyber security from top management to workers on ground, many breaches can be prevented upstream through user awareness of potentially malicious links, emails, websites, advertisements and files. As Kevin Mitnick notes in his book, The Art of Deception: Controlling the Human Element of Security, these technological methods of protecting information may be effective in their respective ways; however, many losses are not caused by a lack of technology or faulty technology but rather by users of technology and faulty human behavior. It stands to reason then that people not only can be part of the problem, but also they can and should be part of the solution.

2. Discover threats that have entered or tried to enter systems. No organization can prevent every cyberattack, but it is important to build a response system that can alert your security staff, rapidly identify a breach and its scope, and notify other enforcement points so that a breach can be contained without extensive collateral damage. Depending on the adversary, an organization may be better served by disrupting and throttling an attack rather than responding with a knee-jerk reaction that tips off an adversary to engage in additional attacks.

3. Respond to any threats that have breached the network. In addition to deploying sandbox appliances which can test and detect novel threats, it may be recommended for some organizations to deploy internal network firewalls and mitigate an attack once a network has already been breached. Depending on the extent to which data is stored on internal or external servers, organizations may need to develop coordinated responses to a breach with other entities.

The risk of cyber attacks is no longer limited to the IT desk, it is a key business issue that must be addressed by the Board. No organization can be completely immune from cyber attacks and adversaries. However, they can take appropriate measures to erect defenses and integrate cyber security into the business environment and culture. Management buy-in, establishing policies and updating them regularly, identifying and communicating the security awareness goals and message clearly and often, and performing assessments are crucial to a successful cyber security awareness program. By implementing some of these changes, organizations can achieve higher levels of cyber security awareness maturity and benefit from a stronger cyber security culture. 

Definitions for Cyber World

Definitions for Cyber World

Cyberspace 

Cyberspace is the total landscape of technology-mediated

communication. This includes not only the internet and the World Wide

Web but also mobile and fixed phone networks, satellite and cable

television, radio, the Global Positioning System (GPS), air traffic control

systems, military rocket guidance systems, sensor networks, etc. As more

devices become interlinked through the processes of digital convergence,

cyberspace is rapidly covering more of our physical world and channels of

communication and expression. Importantly, cyberspace also includes the

people that use these devices and networks.

The Internet 

A subset of cyberspace, the internet is a system of

interconnected computer networks. The internet is comprised of both

hardware and software that facilitate data transfer across a network of

networks, ranging from local to global in scale, and encompassing private,

public, corporate, government and academic networks. Functioning

primarily as a global data exchange system, it carries a wide range of

resources such as email, instant messaging, file transfer, virtual worlds,

peer-to-peer file sharing, and the 

World Wide Web(WWW)

The Web The World Wide Web (or, simply, web) is a more recent

development than the internet, with its origins in the European academic

community of the late 1980s. The web is one of the many services reliant

on the internet. It consists of an assemblage of files (audio, video, text,

and multimedia), each assigned an address, which are connected to one

another through the formation of hyperlinks (more commonly, links). The

contents of the web are (usually) accessed via the internet using software

known as browsers.

User-generated Content 

User-generated content (also usercreated

content) is an umbrella term referring to a wide range of

online materials that are created by internet users themselves. Usergenerated

content has blurred the distinction between the ‘producers’

and ‘consumers’ of information. It is thought to be behind the massive

expansion of the internet in recent years, which now encompasses a wide

variety of blogs, discussion and review sites, social networking sites, and

video and photo sharing sites. Radicalisation Most of the definitions currently in circulation

describe radicalisation as the process (or processes) whereby individuals

or groups come to approve of and (ultimately) participate in the use of

violence for political aims. Some authors refer to ‘violent radicalisation’ in

order to emphasise the violent outcome and distinguish the process from

non-violent forms of ‘radical’ thinking. 

Extremism 

Extremism can be used to refer to political ideologies

that oppose a society’s core values and principles. In the context of liberal

democracies this could be applied to any ideology that advocates racial

or religious supremacy and/or opposes the core principles of democracy

and universal human rights. The term can also be used to describe the

methods through which political actors attempt to realise their aims, that is,

by using means that ‘show disregard for the life, liberty, and human rights

of others’.