Technical And Strategic Approach Towards Cybersecurity
As the internet evolves, the nature of cyber risk is fundamentally changing. Cyber-attacks are increasing in terms of both frequency and severity. The threat action and sophistication have also changed in recent years. All of these changes combined have heightened awareness of cyber risks for all business. Cybersecurity is considered as an integral part of the digital strategy. Many countries have embraced the digital transformation journey are launching strategies and initiatives to increase connectivity and efficiency. COVID-19 has put the spotlight on connectivity as well as a need for resilient digital infrastructure. It has also been an accelerant to digital transformation. Financial institutions, tech companies, hospitals, government agencies and every other sector are investing in cybersecurity to protect their business practices and the millions of customers who trust them with their data. To receive the benefits and manage the challenges of digitization, countries need to be focused on the important ICT enabled infrastructure with comprehensive cybersecurity strategies.
But from a technical perspective, what does security means- The popular conception of cybersecurity often focuses on securing information and its underlying infrastructure of information. Information flows through networks in huge quantities and is stored on devices and data centres. It is subject to voluntary standards but without a central authority and in a rapidly changing environment these can be subject to change. In cyberspace, information is digital and intangible but relies on physical infrastructure. Data and metadata in cyberspace can be vulnerable at different points and be undermined in different ways. It can be copied, modified or made inaccessible or its origin can be faked, a violation of authenticity.
These activities can be criminal, a deliberate shut down by the government or even an accident. These violations can undermine security in cyberspace. The Border Gateway Protocol (BGP) illustrates this well. This refers to the set of rules that enables communication between large networks. Despite its central role in the functioning of the internet, it remains vulnerable to be misused and attacked. In 2008, the Pakistan government ordered a local internet service provider to block YouTube in the country. It attempts to do so resulted in the global outed of the video-sharing website for two hours. The ISP did this by exploiting a weakness in the Border Gateway Protocol. All traffic trying to get the YouTube went to the ISP instead. As a result, YouTube became unavailable. Vulnerabilities in the BGT routes can also be manipulated to intercept internet traffic. Man, in the middle attacks works by redirecting many quantities of traffic to an unauthorized rooter. If the data is unencrypted those controlling the router can monitor and tamper it before sending on its way without the owner of the data knowing anything that happened. This undermines the principles of integrity and confidentiality. But just as you undermine these principles you can also preserve and strengthen them. The Internet Engineering Task Force (IETF) measures are under discussion to address weaknesses which are in BGP. If finalized they could make sure that data goes to and originates in the right places and identify whether data is travelling on the right routes. This makes it less likely than the traffic will be inadvertently intercepted or blocked and also helps to maintain confidentiality, integrity and availability.
Security can be built into products by services or designs. Apples and WhatsApp encryption can be a good example. Today the internet isn’t just a communication network. It is a network for industrial control systems, health care and in some countries even voting. As our lines on network systems and technology increase risks associated with insecure networks also increase. The internet of things is about a whole new universe of a connected object. It’s a huge challenge for security and human rights. A big part of the solution is technical. But it is not the whole picture. Let’s see the example of Pakistan, the censorship order didn’t go well and YouTube remained locked there though the offending content was removed. This shows technical solutions are not enough. Security in cyberspace will only be possible with a well-planned strategic and holistic approach. Which means robust technical measures and standards posted by rights-respecting policies and laws on business practices and education.
These strategies seek to respond to cyber risks by coordinating actions for prevention, preparation, response and incident recovery between government authorities and stakeholders. These activities aim to instigate strategic reflection into national cybersecurity activities and outcomes, including support to national policymakers. Enterprises around the world are rising towards securing the organization against cyber-attacks and also taking the utmost efforts to prevent data breaches. Cybersecurity experts have predicted a hike in the number of cyber-attack cases by 2020 since every industry is advancing technologically. Hackers have launched more sophisticated attacks over major organizations. Today cyber-attacks are used for a commercial purpose that runs traditional organized groups which are model, global, novel and multinational.
Cyber risk is a strategic risk, it should be considered at board level first and then to the organization. Firstly, one needs to build cultural awareness. Every employee, the boardroom to the mailroom, plays an important role in keeping an organization cyber secure. Secondly one needs to adopt a mindset of cyber resilience. The companies must create and implement an incident response plan in the event a cyber incident occurs. And finally, there is a need to practice, again and again. Just having an incident response plan in place is not enough; the plan must be practised and updated regularly, adjusting as needed for different scenarios and variations of cyber threats.
To fully leverage the benefits of the internet, the private and public sectors must work together to gain an in-depth understanding of the nature and evolution of the underlying risks. The public sector has a lot of information about threat intelligence whereas the private sector is on the front line. Organizations such as the World Economic Forum play an important role in bringing together stakeholders and coordinating activities. The Centre for Cybersecurity of the World Economic Forum brings together experts and thought leaders to further address systematic cyber risks and create tools to better understand it. Government, the private sector and civil society must work closely in a multi-stakeholder approach. So by working together they can come up with a more comprehensive response to cyber incidents.