Share


Share

Share it !



share/bookmark

Cyber Security Strategy - The 4 Laws of Information Security


Technology infrastructure is today a critical asset with all of its digital business information being the new currency. What are the risks to sensitive business information and the associated vital assets? What are your security blind spots? Cyber security is about applying the appropriate defense to protect your critical business assets. Businesses today are highly dependent on technology to deliver services, interact with customers and manage a supply chain. What is your cyber security strategy to ensure that you maintain a reasonable level of vigilance against cyber threats? We introduce the four laws of information security - these laws provide insight valuable for organizations to develop their security strategy.

We start our journey by diving head first into the defenses of the human body. So much can be learned from one of the most studied subject of all times. We examine the human body's outer and inner defense capabilities primed to attack viruses and bacteria. We then analyze immune responses to fight diseases through complicated mechanisms involving special white blood cells and action of the lymphatic system that include vessels and nodes that extend around the entire body. The human body provides an excellent case study in fighting threats in the journey from prevention to detection.

We reflect on human body defenses to better understand core components of an organization's cyber security strategy. An organization's cyber security strategy establishes vital security priorities aligned with the business mission to enable integrated defense capabilities. Like the human body, the cyber defense capabilities need to be robust, roving and lead ultimately to a resilient enterprise that is primed to address active, passive threats that may be from the inside or outside.

With information being the new currency of all businesses, we examine the requirements of enabling a technology architecture that is self-healing, highly resilient to threats that can be seriously disruptive to business processes. This is especially important since threats today are more sophisticated, increasingly covert and highly targeted against a technology architecture whose edges are being stretched as a direct consequence of Web-based applications, mobile computing and virtualization. It is about establishing a cyber security strategy that is tailored to your organization and the risks that need to be treated appropriately.




Uday Ali Pabrai, CISSP (ISSAP, ISSMP), Security+, is the chief executive of ecfirst, an Inc. 500 business. A highly sought after information security and regulatory compliance expert, he has successfully delivered solutions on compliance and information security to hundreds of organizations worldwide. Mr. Pabrai has presented opening keynote and been a featured speaker at several conferences. Mr. Pabrai is a member of the U.S. FBI InfraGard.