The Critical Need for Information Security

As the world becomes more and more acquainted with technology, crime will continue to flourish. As a result, it is necessary for the governance of cybersecurity to become a top priority especially for large businesses and government entities. In order for cybersecurity to be ensured though, there are a number of steps that should be taken so that one may be well-prepared for any cyber-security threat.

First, it is necessary to identify several benefits that can be derived from using cyber-attack simulators and research. The most important benefit that this brings is preparation. There are a large number of different cyber-security simulators, and each one allows for the simulation of a number of factors, both known and unknown, that can arise during a cyber-security breach. Leblanc, Partington, Chapman, and Bernier (2011), for example, mention that the Real-Time Immersive Network Simulation Environment (RINSE) allows for the input of commands that fall into one of five broad categories: attack, defense, diagnostic networking tools, device control (such as the shutting down of routers) and simulator data. This allows the simulation participants to prepare themselves for a wide range of potential cyber-threats so that they are always on the cutting edge of the methods employed by cyber-criminals. Another benefit using these simulations offers is competition with fellow defenders of cyber-security. That is to say, many of these cyber-security simulations offer specific "attacker" and "defender" roles, with the attacker responsible for accomplishing a specific goal in a specific time limit, and the defender simply trying to prevent the attacker from accomplishing his or her goal (Leblanc et al, 2011). This setup allows for friendly competition among employees since both the attacker and defender must continually improve to keep up with the other, as they often do in the real world. Furthermore, having skilled defender, for example, means greater value; there is less time spent and expense to the company for a skilled defender rather than an unskilled one, and these simulations are the best way to turn an unskilled defender into a skilled one (Leblanc et al, 2011) Lastly, these simulations offer the benefit of learning the landscape of numerous different cyber-security programs. Since each of these different cyber-security simulations offers different aspects of security to simulate, the users of the simulation are able to become acquainted with a wide array of programs and concepts. For instance, one cyber-security simulator: NetENGINE, offers users the opportunity to learn about more generic cyber-security threats, such as Denial of Service (DDoS) attacks, as well as viruses (Leblanc et al, 2011). This allows the simulation users to become more acquainted with various cyber-security systems (as opposed to the threats themselves), which will make dealing with a wide range of threats easier.

Between the public and private sectors, the public sector has much more insight into cyber-security threats, simply because of the factor of organization, which public entities tend to have. One example of this is the US Cyber Command and Air Force Cyber Operations Division. This group is consistently improving, and, just recently, began an officer training course in cyber warfare with a budget of $11.7 million (Leblanc et al, 2011). The second example of this is the use of information security within federal entities themselves, such as the White House. Maughan (2010) found that the federal government of the United States employs some of the most competent information security experts, and helps to make their hold on cyber-security that much greater since they control such a large aspect of it via sheer numbers and money. Lastly, the public sector has greater insight because it also encompasses the education sector of the government, and, thus, contains both the teachers and students of information security, making them more able to predict and react to information security breaches (Maughan 2010).

In order to sustain a security enterprise cybersecurity strategy, it is necessary to develop best practices in order to keep the enterprise secure at all costs. Ekstedt and Sommestad (2009) mention that the first of these is the practice of regarding cyber attacks as "trees," with the attacker as the "root." This allows problems to be handled in a linear fashion, and for resources to be placed on the highest priority targets. Second is the utilization of abstract models. These models "can thus be seen as metamodels enhanced with extended influence programs" which essentially segregate every action in information security as "steps," which all lead to a certain final outcome, which helps to make decision-making more informed (Ekstedt, 2009, p.4). The third best practice is the use of modeling languages such as UMLsec, secure UML, and Coras (Ekstedt, 2009). These modeling languages allow for the modeling of specific threat scenarios or for more general scenarios with more variables to test out specific theories and practices (Ekstedt, 2009). This mainly allows for more "what if" questions within the security enterprise. Finally, the fourth-best practice is the integration between security theory and security practice. This allows for all of the training and models to be used in a real-life scenario. It is good to set up simulations or drills to perfectly simulate an actual information security breach. The roles required for the implementation of these best practices include a number of information security experts who are also qualified to teach others, numerous programmers, as well as computer science experts to create and test the various new models.

Planning is a key part of cybersecurity strategy because it allows for there to be no surprises when an actual cyber attack occurs. Planning allows for an organized chain of command and actions, so that each cyber attack can be treated as a math equation of sorts, with each part being sorted out in due process, eventually reaching the "root" of the problem discussed earlier: the hackers themselves. Planning also allows for a greater degree of flexibility in regards to who manages each problem, as specific people can be switched around as the situation demands it, leading to a more diverse variety of solutions for any given information security problem.

The partnerships between public and private sectors lend themselves to strengthening cybersecurity efforts and effectiveness on three key levels. The first of these is the corporate environment. The private companies that make up the corporate environment are largely the owners of the various information and communications networks around the world, yet also rely heavily on the public sector, namely, the government, for access to its networks, experience, and, oftentimes, funding, in order to maximize its information security (Maughan, 2010). With the government and large corporations working together, a powerful team is formed, probably the most capable of information security out of the entire private or public sectors. The second level of public-private partnerships is the regional level. This level encompasses less in regards to geography and total manpower yet is still vital. The partnerships at the regional level often encompass more local establishments, such as private homes and small businesses. However, the basic methods are the same as the corporate level: combine the expertise and manpower of smaller institutions with the public sector, namely, the government, and overcome and security threats via this combination. It should be noted that the regional level tends to focus more on the relationship between individuals since there is more personalization between public and private sector workers. Lastly, public and private cooperation is important at the national level as well. This level is probably the most important of the three, and, as such, allow for interaction between both the small businesses and other local establishments at the regional level, as well as the numerous large companies at the corporate level. This means that these private companies, all across the nation, may utilize the manpower and funding of the public sector in order to find common solutions to information security problems. For example, someone in a large corporation who experiences a cybersecurity breach may utilize the experience, advice, or skill of someone in the public sector, such as the government, to remedy the problem and prevent it from spreading, as containment is also of utmost priority when working in tandem.

References

Ekstedt, M., & Sommestad, T. (2009, March). Enterprise architecture models for cybersecurity analysis. In Power Systems Conference and Exposition, 2009. PSCE'09. IEEE/PES (pp. 1-6). IEEE.

Maughan, D. (2010). The need for a national cybersecurity research and development agenda. Communications of the ACM, 53(2), 29-31.

Leblanc, S. P., Partington, A., Chapman, I., & Bernier, M. (2011, April). An overview of cyber attack and computer network operations simulation. In Proceedings of the 2011 Military Modeling & Simulation Symposium (pp. 92-100). Society for Computer Simulation International. 92-100.