Cyber defense
of the ITU and other organizations or the National Cyber Security Strategy Guidelines”52
Download 2.54 Mb. View original pdf
|
- Navigate this page:
- FIGURE 31. CYBER SECURITY STRATEGY CYCLE
| 51 of the ITU and other organizations or the National Cyber Security Strategy Guidelines” 52 of the NATO Cooperative Cyber Defence Centre of Excellence (NATO CCDCOE). 540. There are numerous national references (Brazil, China, Estonia, France, Israel, United Kingdom, United States, Spain, etc, with different approaches, which can serve as examples. Studies on the organization of cybersecurity in these countries can be found on the NATO CCDCOE website. 53 541. The development and implementation of a national cybersecurity strategy is a cyclical process comprising five phases initiation, analysis, strategy production, implementation and monitoring. 542. In the initiation phase, a management team is formed in order to devise and monitor the implementation of the strategy. The management team is made up of a director, national experts and all the public and private sector national actors, whose participation and collaboration are necessary at some stage of the process. FIGURE 31. CYBER SECURITY STRATEGY CYCLE In the analysis phase, the current situation is examined, the target end state is determined, a risk analysis is performed to assess cyber risk to reach the target end state, different national strategies with different approaches and experience are analyzed and evaluated to contrast ideas and lastly, the potential measures to be implemented are analyzed and evaluated. 544. In the strategy production phase, a draft strategy is prepared according to the outcome of the analysis phase and it is distributed to all the actors involved, public and private, to try to reach a national consensus that is as extensive as possible. Once an acceptable consensus is reached, the draft is consolidated and submitted as a final document for approval and publication. 545. In the implementation phase, the strategy is materialized according to an action plan that establishes the courses of action, specific objectives, responsible entities, schedule and mechanisms and providing the necessary human and financial resources. 546. Finally, in the monitoring phase, the management team monitors compliance with the measures defined in the strategy and assesses the effectiveness of the measures implemented (with periodic audits, identifying the maturity level reached and the takeaways that help improve the process. 547. One of the most important aspects of national cybersecurity is the protection of critical infrastructures against cyber threats. 548. The protection of critical infrastructures is the responsibility of critical infrastructure operators (the vast majority of which are private sector) that implement the cybersecurity that they consider appropriate, without interruptions, which is the usual in periods of peace or stability. 549. Cybersecurity pre-established by critical infrastructure operators is usually not enough to protect against sophisticated cyber attacks that affect national security, so procedures must be provided, within the framework of national cybersecurity, to prepare additional cybersecurity measures to compensate for the shortcomings in severe cases. These compensation mechanisms can occur with forecasting and reserving additional economic or human resources. 550. The cyber force must be prepared, in case of a national need, to provide specific support to the assigned critical infrastructure operators, through operational and technical capabilities in particular, security events management, audits, digital forensics and deployable cyber defense. Download 2.54 Mb. Share with your friends:
|