Express Computer
Home  »  Columns  »  Building India’s cyber security framework

Building India’s cyber security framework

0 588

By Marc Kahlberg

Former United States President Barak Obama compared Cyber Security to Basketball; “There’s no clear line between offense and defense,” Obama said. In India, however any cricketer will eagerly tell you when asked that the best form of defense is an offensive strategy.

In building India’s Cyber Security, both Government and Industry must fuse together and provide an integrated policy framework of computer security guidance for how together they can assess and improve their combined abilities to DETECT, DELAY and DETER cyber-attacks.

The integrated “core’ should be the nucleus of the Indian cyber security framework and like in physical security should comprise several functions or rings of security that reflect the full lifecycle of a cybersecurity risk management program.

As in physical security risk management, these core functions must comprehensively be broken down into different and separate categories and subcategories, which must be mapped and linked to various government national security policies and procedures.

The Cyber Security approach should be distinguished as being a holistic risk management tool that excels in several areas and not only a technical standard or set of security controls. Layered above technical standards providing guidance to drive integrated policies and validate risk management strategies.

Constant assessments of the overall cybersecurity posture, program maturity, and residual risks to government, industry and the private sector should be delivered. The planning of budgets by mapping planned investments and project roadmaps should be determined in a short sales cycle of much needed technology. The communicating of cybersecurity needs to external stakeholders such as auditors, insurance underwriters, and regulators should be paramount along with the use of existing security standards like the ISO 27001 as an added tool without incurring additional expenses.

There is no doubt that any approach to seriously tackling the cyber threats we are faced with today should be comprised of a policy or guideline of standards that includes the maintaining of cyber security uniformity, the defining of cyber security regulatory guidance, the creation of an overall cyber security mass awareness campaign.(specifically targeting academia, energy, finance and telecommunications). The focus should be targeted on promoting National Cyber Security capabilities to improve India’s cyber security preparedness through the academia and advanced education.

In defining current and future cyber security challenges there must be improved cyber security defense of national infrastructures critical to the continuation of normal life, protecting the population from cyber attacks and cyber crime.

In managing risks associated with any cyber-attack three basic factors should be addressed; threats (who is attacking), vulnerabilities (the weaknesses they are attacking) and impacts (what the attack actually does).

The cyberspace environment has been called the fastest evolving technology space in human history, both in scale and properties by leading experts.

New and emerging properties and applications—especially social media, mobile computing, big data, cloud computing, and the Internet of Things (IoT)—further complicate the evolving threat environment, but they can also pose potential opportunities for improving cybersecurity, for example through the economies of scale provided by cloud computing and big data analytics and of course in certain restricted environments by self-defense methods and tactics.

Cyber intelligence in a world of information approach must be taken in order to accurately and timeously correlate Information vs Intelligence.

As professional cyber jobs are wide open with no real manpower solution readily available, the overall approach should be to promote activities in various cyber security fields in cooperation with industry, academia and the government sector while formulating a national cyber defense strategy that includes educational incentives. The Promotion of activities in various cyber security fields in cooperation with industry and the sharing of information will enhance the awareness levels.

In 2017 and beyond, the use of sophisticated prevention technology and tactics including threat intelligence, machine learning and managed hunting, will be the only combination of tools to truly support enterprises in predicting, detecting and preventing damaging intrusions.

The author is the CEO and managing director, Vital Intelligence Group Ltd

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image