The cybersecurity operations plan which I would like to operate
under my leadership is as below:
Guidelines For
Security Policies:
For the security policies, there are certain things to be always
taken into consideration, we will discuss all of them as we dive in
deep. So here we go,
- Knowing The Risks:
- It is the most important part while creating security policies
to know what risks are there in the system.
- How the information is been manipulated at the client as well
as the server end. Hence, making the process more secure as data is
the part for which security is always compromised.
- Knowing The Wrongs Done By Others:
- Knowing that the organizations who have been gone through the
certain risks which reside in your system. Learning from the
mistakes made by others is always the most effective way of setting
guidelines.
- The guidelines to the security policy consist of the most
probable wrong things that each and every organization with similar
risks are been doing.
- Keeping Legal requirements in mind:
- Many times organizations completely forget about the legal
requirements that are been required by the officials.
- Hence, keeping the legal jurisdictions, data holdings and the
location in which you reside is also most important.
- Recently, this has been the case with Facebook's most
controversial data theft.
- Setting the level of security:
- The level of the security that is been planned must always be
kept in mind with the level of risks that are been residing in the
system.
- Excessive security in the system can also cause hindrance to
the smooth business operations and hence, overprotecting oneself
can also be a cause to the problem.
Hence, this is the cyber strategy operation plans that must be
pertinent to the above situation.
Port
Security:
Maintaining the ports according to the needs is one of the most
important things which one should consider while listing down the
systems to be secure. As it is going to be one of the most
important and major parts of port security.
There are certain steps which one should follow for port
security which I believe works for every organization:
- Limiting the number of devices on most of the switch ports is
to be done in each organization.
- Also using MAC ADDRESSES in the organization must be limited to
a certain level of work procedure.
Now, coming to the techniques in securing ports are as
follows:
- Making Use of Dynamic MAC Addresses:
- It becomes important to dynamically configure and also secure
the MAC addresses of the devices which are been connected to the
certain ports.
- The addresses must always be stored in the address table so as
to keep the data secure and also in working mode.
- In this technique, we also stay away from forwarding traffic
from unspecified devices or devices which are not known to the
network.
- Using Static MAC Addresses:
- It is one of the most useful methods as it secures the MAC
addresses by statically configuring each of them with the switch
port.
- The MAC Addresses are also stored in the address table.
- The static configuration of the network is been stored by
default while using port security.
- The table which stores addresses can be made permanent by
actually saving them to the startup configuration.
- Using Sticky MAC Addresses;
- In this, a technique the MAC addresses are used as hybrid
addresses which are being dynamically learned from most of the
devices which are being connected with the switch port.
- The addresses are also being put in the address table and are
also been entered into most of the running configuration that is
static secure MAC addresses.
- The MAC addresses are also lost if they are not saved in the
startup configurations.
Hence, these are technologies that can be used to reduce port
vulnerability.
How can
encryption be used to ensure the integrity and maintain data
privacy?
- Encryption is one of the best techniques which can be used by a
user so that the data gets encrypted and decrypting is not the
thing which is easy and also with certain attacks it could take a
lot of time to even decrypt single encryption.
- It will help in managing the integrity of the data by keeping
the data consistent with the help of the encryption that takes
place in the systems. It takes a lot of time and brain to break the
code which most of the attackers don't like doing unless and until
it is juicy enough to get them millions of bucks.
The basic
encryption algorithm and how it works.
- The most basic encryption algorithm that is been used is
AES(Advanced Encryption Standard). It is one of
the most standard algorithms which is been trusted a lot and
follows the standards that are been set by the American
Standards.
- The main advantage of the algorithm is that it uses very less
RAM and works very efficiently. It can be used for many variants
which include 128,192,256 bits.
- In AES, there are basically 10 rounds which are been used for
128-bit keys. The same key is used for encryption as well as
decryption of the data. According to the data, until now there are
no attacks which are been discovered to be effective in AES.
- Hence, it remains the safest algorithm for encryption and is
been used on certain devices and transmission technologies. It is
mostly used for wireless connections authentication.
- While going on with the encryption one must always be sure
about what is being used and what is to be encrypted. The user base
is going to handle the data.
- The more important the data, more security for the data. This
means that the algorithm like Triple DES etc. must be used if data
is too confidential and can harm a lot of people if leaked.
- There are also certain factors to which the system relies on.
Hence, the algorithm must be full proof of attacks and the security
must be to the ultimate level.
Security
Implementation:
- The system must implement a firewall with honeypots for
advanced security. In the firewall, there must be both the hardware
and software version installed as both the version have some
disadvantages over each other.
- Hence, it will nullify each of the disadvantages and can be
used for different calibers in the system. As the software firewall
can be used for adding rules and all the administrator stuff.
- And, the hardware firewall can be used to gain security for the
packets that are entering the network and exiting the network. The
honeypots will come in action before the firewall.
- What honeypots actually do in such conditions, the honeypots
acts as a real system faking the attacker as, if, his attack has
been a success. Honeypots can be considered as a mirage to our
actual system.
- Hence, the attacks information can be later on used for
upgrading the actual system and securing it from the discovered
vulnerabilities or loopholes.
Hence, this is what one must do for ensuring the illegal
activities in the system and when we are serving such bigger people
their data is also important and cannot be risked with the
attackers as it can contain some confidential government files
too.