Are Cyber Security and IT Security the same?
IT teams were the gatekeepers way back when, but now that’s becoming more convoluted. As more and more countries and corporations become digitized into the fold of cyberspace their vulnerabilities increase more and more. As this happens more information is mistakenly made available and this is were it becomes dangerously for some companies and Nations. We all know today Bit and Bytes Can Be As Destructive As Bullets and Bombs. It’s not just the physical ties to cyberspace, it’s information warfare where the real action is taking place. Financial and intellectual warfare can be just as deadly as physical warfare, it can destroy companies, take jobs away and the damage can have repercussion around the world.
Take Facebook and twitter these 2 little toy’s are ransacking corporate security. The way some of these new technology are mixed in the technology landscape, it has given most IT and security folks a headache. No Twitter at work. No Facebook at work. Why not? As the integration of Twitter, Facebook and other web apps come together on a desktop or server it can opens up the door to security, how can corporation be safe. The two biggest surprise cyber hacks were Wikileaks and Stuxnet, both insiders providing a mechanism for dissemination of information and physical destruction on a new level. One was information that can devastate the reputation of a country and the other a trojan virus that took physical control of equipment and destroyed them. What scares me is, it was the Natanz Nuclear facility plant, what if something went wrong and it trigger a nuclear explosion, that’s what makes cyberspace so dangerous today.
So how can and IT department handle IT physical security, cyber security and deal with cyber warfare all in one place. Is the tech-support person that fixes my PC also in charge of deciding what part of my business to protect. Will the tech-support person make business decision on what is needed for business continuity.
Let take a look at security in todays cyber world. The definition of Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction. Information assurance (IA) is the practice of managing risks related to the use, processing, storage, and transmission of information or data and the systems and processes used for those purposes.
How can a typical IT team handle all these requirements under one umbrella?
Let’s talk Security Models- Information Security – Information Assurance – Computer Security. Here are 3 different security frameworks that apply to everyone. They all have the basic components – confidentiality, integrity, availability, accountability and assurance let’s add another layer to this framework Hardware, BIOS, (NOS)Network Operating System, Desktop Operating System (Windows,Mac, Linux) security, Access Control, Commercial Application Security (DB, CRM, SFA), In-house Developed Application (.net, java, c++) Security.
All these component apply to the 3 security models but Information Assurance adds risk assessment to this mix. Add a connection to cyberspace and the transmission of information were you need encryption on both ends, and you can see the complexity and why you need so many levels to secure a network. One weak link in your security solution and your hacked.
This is not a complete list because in some industries like banking and social aware companies you may need to add an intelligence cyber teams. They look at the chatter and look for zero(day) exploits and such, political and hacktivist may come after you for your politics positions, so once again you need to listen to cyber chatter but of a different type. You may need to go after the attackers then you need cyber forensic teams to tell you who the bad guy are and a team to go after the bad guys. Let’s not forget a red team (penetration testers) that test your networks.
As we can see an IT team cannot do everything and a cyber team cannot do everything. You need them both. Someone told me the webmaster handles security, big mistake. Another friend told me we have spam filters on our email system, so were protected. These companies will get hacked soon, they do not have the big picture of all the components and framework of a good security posture. The last and most important is a security mindset for everyone in the company. If a security mindset is established, it’s the first step in being secure. In conclusion IT and Cyber security need many minds and many hands. If you don’t want to get hacked, simple un-connect form cyberspace and you may have a chance, but remember even in a secure network the insider threat they can get you in the end.
My 2© cents – gatoMalo_at_uscyberlabs_dot_com