Cyber Security

Cybersecurity development has changed indeed, the internet plays a big role not only in communication and freedom of expression, but in critical infrastructure, and economy as well. As society becomes more reliant on the internet to communicate, exchange, innovate, and any other essential functions, policies have been created and updated to protect users, organizations, and society as a whole. Policies have changed from a very reactive to a more proactive and strategic way. This has impacted organizations worldwide, this is seen through private and public co-operation, international co-operation, and government collaboration.

 The development of NIST Cybersecurity Framework under The Executive Order 13636 and the development and implementation of the GDPR are some examples of the increasing measures and strategic policies to provide a standard on the protection of data and systems referring back to the cybersecurity triad (confidentiality, integrity, availability).

 Within each organization, there is or should be a policy creation and implementation process involving several key players in the organization. The process will need key points not only from C-level executives, but Security/IT Team, Legal Team, HR Team as well. Security policies should not be developed by IT team itself as it is a responsibility of everyone that has a stake in the policy, therefore, all should be involved in its development so that they could too, mold the policy according to their requirement. (Kumar,n.d.).

In the article by Dr. Prashant Pittalia, he describes several policies that are important to an organization, these policies protect the organization from potential attacks and data breaches, and the employee in various aspects one of being nonrepudiation. This is through the access control policy and logon policy providing the required access (role-based/mandatory/discretionary) with a user assigned credential. Use of shared accounts should not be allowed. (Pittalia, 2015). This protects both the company in a security breach and employees because with a shared account there is no way of know who made the change or leaked the credentials.

Pittalia, P. P. 1. prashantppittalia@yahoo. co. (2015). Advanced Security Policies to protect the Internet resources against the cyber attacks. International Journal of Advanced Research in Computer Science, 6(6), 47–49. Retrieved from https://lopes.idm.oclc.org/login?url=https://search.ebscohost.com/login.aspx?direct=true&db=aci&AN=109245272&site=ehost-live&scope=site