Cyber Security
What is Cyber Security?
Cyber Security is fast becoming the de facto term for the protection of information in an online Information and Communications Technology (ICT) context.
As an extension to Information Security; Cyber Security adds the following extensions:
- Alerting, Warning & Response (AWR) functions;
- Enhanced protective controls and capabilities to detect events and reduce impacts;
- Enhanced reactive controls and capabilities, both to maintain Situational Awareness (SA) and instigate Active Response.
(Source SSDRI part of the Cyber Security Centre, De Montfort University)
The Challenges
The benefits of using the internet gives rise to a whole new set of challenges for business and government departments as operations are expanded into the online environment.
The increase in mobile and high bandwidth communications allows greater operational flexibility and mobility for your workforce; the enhanced capability of mobile phones & tablets, adds to the challenges of operating securely online.
Developing & Implementing a Cyber Security strategy, adds additional challenges:
- People – new skills and capabilities are required to understand and carry out Alerting, Warning and Response functionsdealing with Situational Awareness, forensic investigations and instigating Active Response.
- Process – New or modified processes and procedures in order to, mitigate risks, minimise threats and respond to warnings & alerts. New business models will change the exchange and flow of information at all levels.
- Technology – Constantly evolving security technology as vendors respond to the online business world. The challenge is to invest in only the technology that is required to meet the Cyber Security needs of the business.
Responding to this complex set of challenges requires an integrated strategy to be developed.
The Solution
Here at IAS we have developed an approach to providing an efficient Cyber Security strategy to meet the needs of the modern day business-computing environment.
We call this approach “Fresh AIR”
Fresh – a new and innovative approach integrating many disparate disciplines, processes and technologies;
AIR – representing the core components of any Cyber Security strategy:
- Awareness & Alerting – developing a Cyber Security Situational Awareness (CyberSSA) capability to monitor and report security related activity;
- Incident Investigation – developing a Digital Forensics capability allowing both informal & formal investigations to be carried out;
- Response & Reporting – developing a Response & Resporting capability that responds to incidents and provides reporting for both internal & external consumption.
This approach builds on what is already implemented for Information Security and enhances the skills and capability to meet the requirements of Cyber Security.
Working with strategic partners IAS has established a unique capability, comprising skills and technology that allow us to work with you to develop, implement and support your strategy.