CYBERSECURITY MANAGEMENT DRAWS ON AN UP-TO-DATE CYBERSECURITY POLICY

Next Article

WHEN INTELLIGENCE COMES INTO PLAY, CYBER SECURITY IS IN DANGER OF BEING FORGOTTEN

text: PERTTI KUOKKANEN Senior Advisor

Today AI based applications support people in current world more and more, also in cyber environment.

Dealing with privacy, digital ethics and security challenges generated by AI, the Internet of Things (IoT), and other evolving technologies will become critical to maintain trust and avoid legal entanglements. Establish governance principles, policies, best practices and technology architectures to increase transparency and trust regarding data and the use of AI.

The vulnerabilities of modern societies are the main targets of cyber activities.

Strategic level analysis, reports and discussion on how cyber events affect and how to respond to them are needed. How to solve and communicate this? Anticipatory management responds to the changes, weakening predictability of cyber events and shortened planning of the current operational environment. Thinking is focused on the creation of potential solution alternatives and purposeful selection between them. It gives also food for communication.

KEEP THE CYBERSECURITY IN AN ORGANISATION’S FOCUS

Cybersecurity is a central part of organizational security. With the aid of cybersecurity policy, management specifies the objectives, responsibilities and operating guidelines of cybersecurity. The formulation of cybersecurity is directed by the purpose and strategy of an organisation’s activities, risk analysis, laws and regulations. Cybersecurity is a target by every state to create a trusted and protected cyber environment for the hole society.

Cyber security is about maintaining the confidentiality, integrity, and availability of information, hardware, networks, software, and users throughout their lifecycles.

Cyber security consists of collaboration between administrators and users and takes into account the impact of the cyber environment on the physical world.

A top-down approach should be followed when implementing cybersecurity.

According to such an approach, the roles and responsibilities regarding information security are prearranged and enforced by an IT authority level that carries more authority than the level below. Sufficient level of cybersecurity is a necessary prerequisite for the continuity and credibility of operations.

The significance of cybersecurity has been continually increasing in the management of organizations and in ensuring their operating ability as well as in maintaining disturbance-free and efficient operations.

Cybersecurity can be viewed at different levels of management. Strategic management is people and policy focused (management). Tactical management is security process and standards focused (development). Operational management is technology and procedure focused (maintenance & monitoring).

USE STRUCTURAL APPROACH TO MANAGEMENT

Today, it is necessary that broad technology decisions and policies with regard to enterprise wide management of information systems security are made at the top managerial level.

Cybersecurity management must be arranged so that the set objectives are in the right proportion to an organization’s overall security and so that they support the various security objectives in strategies.

Security is often part of the management functions of senior management, while cybersecurity is one of its subareas, but other organizational approaches are also possible. An organization should be structured in such a way that security is closely related to auditing, with the security function reporting directly to management. Implementation and monitoring (evaluation/auditing) should be operationally differentiated.

Cybersecurity management draws on an up-to-date cybersecurity policy.

In an organization, cybersecurity takes shape in the form of, for example, regular risk assessment and management measures, determining the information security level of new systems and attending to it throughout the entire life cycle of the system.

The enterprise architecture is the basis for the execution of the cyber management process and allows the traceability of dependencies and the propagation of security relevant information. In cybersecurity, more consistent and interoperable operating instructions are needed more than in other functions. Instructions can be divided into general, organization-specific, and special instructions covering some restricted area. Organization-specific instructions outline dedicated cybersecurity practices so that they are suitable for an organization’s own operating practices and processes. Cybersecurity operating procedures are included as part of the organization’s normal operating processes, which are properly documented and covered by clear instructions.

REPORT AND ANALYSE A FEEDBACK

Cybersecurity monitoring includes reporting on the security situation and level as well as on anomalies and incidents. Monitoring and reporting of the organization’s cybersecurity are part of performance management and it is discussed in performance target negotiations on an annual basis. Cybersecurity must be monitored continuously and actively.

Monitoring is planned so that human resources are directed to the most significant areas in terms of security, such as the most important processes, information systems, data warehouses, and compliance with information security instructions.

The reporting of cybersecurity incidents should follow a bottom-up approach. This implies that all authority levels should provide information regarding security incidents directly to their appointed manager, in other words to an authority level that is one level up. For example, if a user detects a virus on his/her computer, he/she must immediately inform the Information Security Management level, who will handle the incident accordingly. The Information Security Management level, in turn, will report all security incidents to the next authority level. This approach will ensure that all information security situations and incidents are reported to the top level, which has the authority to change the information security policies or procedures if necessary.

COMMIT TO FRAMEWORK OF CYBERSECURITY OPERATIONS MANAGEMENT

It is widely accepted that cybersecurity management guidelines play an important role in managing and certifying security in organizations. They are generic or universal in scope and thus they do not pay enough attention to the differences between organizations and their security requirements. The guidelines were validated by appeal to common practice and authority and this process is likely to be fallible.

Organizational performance relies on effective processes and usable data.

The activity is a supported IT infrastructure that must be reliable and utilized. An essential element of effectiveness is the organization’s cybersecurity and its successful management. Cybersecurity management is therefore part of all management activity. In addition to the management, attending to cybersecurity is part of the responsibilities of everyone employed by an organisation. Only the commitment of management to the development of cybersecurity will enable the achievement of targets set for an organization’s activities. The results follow features of governance models and security components models, combining these approaches to general operations manage ment of an organization.

COMMUNICATE PROACTIVELY

By anticipating the changes occurring in the cyber environment, an organization aspires to adjust to them in advance. In unstable conditions, the behaviour of various factors of both the environment and the organization is unpredictable. As an organization prepares to develop, it must recognize the organization’s internal changes, and the environment’s dynamic and non-continuous changes.

The ability to quickly combine available information and use it to form the correct situation picture and gain the necessary understanding to make a decision are basic requirements for success in one’s own operations.

The correct timing of decision-making in the management process makes it possible to reach significant operational advantages and benefit in terms of the environment.

The correct timing of decision-making is always gauged in relation to events in the surrounding environment and estimates of how they will develop.

The proactive communication of decision-making has an important role in a situation of change.

As an organisation changes, a proactive decision provides a basis for change and makes it easier to see the reasons behind the change. The decision-maker must ensure that everyone is informed about a decision and is ready to implement it. The implementing party needs feedback from the decision-maker to learn whether the implementation supports the decision. In communication, dialogue is used to ensure that objectives are met.

From the decision-maker’s point of view, the cyber environment’s communication can be either dissipative or integrative, or possibly both. The decision-maker is not necessarily in active interaction with the environment. In these cases, some of the information coming in from the environment is interpreted by the decision-maker and may thus be unconfirmed. The information is unclear or may lack contributory factors and their values, meaning that options and decisions are prepared in a state of uncertainty.

There is a clear role for a double function in anticipatory decision-making.

Integrative communication is emphasised in a decision’s implementation, whereas dissipative communication refers to an environment’s communication to an organisation and enables the creation of disorder, or it could be the product of failed implementation. In a dynamic cyber situation, particular attention must be paid to the contents of a communica tion’s integrative message. The environment’s uncertainty and the dissipative interpreta tions that support it must be taken into consideration in the message’s content.