How we approach Cyber-policy and infrastructure
Name: Isis Jordan
Date: April 17, 2019
Details
A cyber security policy is a guideline that helps in the preservations of the security of data, and the technological infrastructure. The more we put trust in technology to store, collect, and manage our information, the more we become vulnerable to any cyber threat that can consist of hackers and technology malfunctions that can consist of anything that is able to jeopardize a business or our government (Staff).
The United States has developed many systems that are considered complex. They are all said to link to the economic and national security of our nation. To depend on these systems is based on the dependence of the business’s success in both the private and public sectors, that also includes the infrastructure (Ross). This can make our nation vulnerable to any cyber-attacks. The Department of Defense has shown concern for private and public networks. They have also stated that they recommend building a strategic plan that increases the response to catch and prevent attacks on the systems we depend on (Ross).
In order to bring a strategic plan to life, there would have to be visible changes. Each cybersecurity strategy will be different between each business and industry, but the success of the strategy should have common goals (Ford). It is better to carry out cybersecurity earlier rather than later, and everyone should have an understanding on how and why it is important. “To foster a common mindset to deliver security for any system, regardless of its scope, size, complexity, or stage of the system life cycle” (Ross).
No system can be engineered as perfectly secure (Ross). Cyber threats can be lurking in the background, and that is why widening the perspective of the strategy and adapting to new methods will be beneficial to catching the threats. Prevention of inside threats are as important as outside threats and should be monitored the same. Cybersecurity involves an adaptive mindset that helps preserve threat awareness (Ford).
All systems should be protected, some more than others. The infrastructure identifies the vulnerabilities within the network. The strategic plan tells the staff how and who is responsible for protecting the data and systems including what programs being used to fight any cyber-attacks. For example: building a firewall, anti-malware, antivirus, how updates are being applied to patch any vulnerabilities a hacker can get into, and where and how data is being backed up. Maintenance by the IT team is also very important. IT should be resolving incidents in a timely manner. Having controlled access to systems and programs will help prevent insider threats and reduces system vulnerabilities (Staff).
Approaching a cyber-attack should be a top priority, all approved actions and procedures should be implemented to stop an attack (Ford). Cyber security has become the number one priority and should be everyone’s responsibility even with little to no knowledge. Having a cyber policy or strategy in place can offer coverage against cyber-attacks. While hackers are known to change their tactics, businesses and their IT teams are forced to evolve in order to protect the company against emerging risk (Rosengarten). Cyber criminals can be one step ahead at all times but having a strategy in place will help prevent future damage, and to help the recovery after an attack (Staff).
References
Ford, Neil. “Developing a Cybersecurity Strategy.” IT Governance USA Blog, 10 Feb. 2016, www.itgovernanceusa.com/blog/developing-a-cybersecurity-strategy.
Rosengarten, Joe. “Three Critical Components of a Cyber Policy.” Insurance Business, www.insurancebusinessmag.com/us/news/cyber/three-critical-components-of-a-cyber-policy-99482.aspx.
Ross, Ron. Systems Security Engineering.nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-160.pdf.
Staff. “Company Cyber Security Policy Template | Workable.” Recruiting Resources: How to Recruit and Hire Better, 30 June 2017, resources.workable.com/cyber-security-policy.