Cyber security: Need for an overall national cyber strategy

SD PRADHAN | April 26, 2016

article image
The last two decades have witnessed rapid developments in cyber space. Today the internet has become an easy to use and inexpensive medium for the government, private sector and individuals with advances in microprocessor communication especially in the mobile, storage and software technologies. The World Wide Web and social media touch every aspect of human lives. While the World Wide Web began only in 1991, today more than 2 billion people (about 40% of world population) are on line with about 5 billion internet connected devices. More are set to join in the coming period.The internet is revolutionizing our society by providing a fast, inexpensive and easy way to connect people and is an important source to drive economic growth. Internet has become increasingly central to our economy and social relations. There is now a close relationship between the physical world and cyber world and they affect each other. The revolution in the information technology, processes and internet connected computers are altering our way of living- how we communicate, perform banking transactions, make purchases and make use of this in diplomacy and wars. While the cyber world provides a number facilities, it also brings with it a host of problems for security of communications, data and infrastructure.

Spotlight

Castleforce IT Consultancy Ltd

Castleforce help companies with IT Security compliance and risk management by offering products and services to help enforce policies. ISO27001, PCI DSS, Information Governance Toolkit are just some of the compliance areas we focus on.

OTHER ARTICLES

A 4 Step Guide to Stronger OT Cybersecurity

Article | April 14, 2020

Security and risk management leaders at organizations around the world are increasingly concerned about cybersecurity threats to their operational technology (OT) networks. A key driver behind this is that cyberthreats, like disruptionware, are increasing in quantity and sophistication all the time. Industrial control system (ICS) networks are categorized as high risk because they are inherently insecure, increasingly so because of expanding integration with the corporate IT network, as well as the rise of remote access for employees and third parties. An example of an IT network within a control system is a PC that’s running HMI or SCADA applications. Because this particular PC wasn’t set up with the initial intention of connecting to IT systems, it typically isn’t managed so can’t access the latest operating system, patches, or antivirus updates. This makes that PC extremely vulnerable to malware attacks. Besides the increased cyberthreat risk, the complexity resulting from IT–OT integration also increases the likelihood of networking and operational issues.

Read More

Webroot: Widespread Lack of Cybersecurity Best Practices

Article | April 7, 2020

A new list of most and least cyber secure U.S. states shows a disturbing lack of cybersecurity best practices. According to Webroot‘s fourth annual ranking, New York, California, Texas, Alabama and Arkansas are the least cyber secure states in the country, while Nebraska, New Hampshire, Wyoming, Oregon and New Jersey are the most cyber secure. Tyler Moffitt, Webroot security analyst, tells us none of the states had an average score greater than 67%. Also, there is very little difference between the most secure and least secure states, he said. No state scored a “C” grade or higher. That underlines a lack of cybersecurity education and hygiene nationally. However, the most cyber secure state (Nebraska at 67%) did score substantially better than the least (New York at 52%). This score was calculated through a variety of action- and knowledge-based variables, including residents’ use of antivirus software, use of personal devices for work, use of default security settings, use of encrypted data backups, password sharing and reuse, social media account privacy, and understanding of key cybersecurity concepts like malware and phishing,” Moffitt said.

Read More

Authentication and Passwords Concerns Top New Ponemon Institute Report

Article | February 20, 2020

IT security practitioners are aware of good habits when it comes to strong authentication and password management, yet often fail to implement them due to poor usability or inconvenience, says the 2020 State of Password and Authentication Security Behaviors Report by Yubico and Ponemon Institute. According to the report,IT security practitioners and individuals are both engaging in risky password and authentication practices, yet expectation and reality are often misaligned when it comes to the implementation of usable and desirable security solutions. The tools and processes that organizations put in place are not widely adopted by employees or customers, making it abundantly clear that new technologies are needed for enterprises and individuals to reach a safer future together.

Read More

A COVID-19 Cybersecurity Poll: Securing a Remote Workforce

Article | March 17, 2020

As the coronavirus pandemic continues to sweep the globe, and cities and states impose social-distancing measures, businesses are sending their users home to work. And this massive, unprecedented shift to distance working brings with it a whole new set of cybersecurity challenges. For instance, a lack of IT resources can bite many organizations as they move to enable remote strategies. And when workers and students are sent outside the normal perimeter, managing device sprawl, and patching and securing hundreds of thousands of endpoints, becomes a much a bigger challenge. Threatpost editors wanted to learn more about challenges and best practices from the IT and security professionals on the front lines of this. Please take a few minutes to take the Threatpost poll. The answers will be collected the results will be published in an article later this week.

Read More

Spotlight

Castleforce IT Consultancy Ltd

Castleforce help companies with IT Security compliance and risk management by offering products and services to help enforce policies. ISO27001, PCI DSS, Information Governance Toolkit are just some of the compliance areas we focus on.

Events