[Model Answer QP2022 GS3] What are the different elements of cyber security? Keeping in view the challenges in cyber security, examine the extent to which India has successfully developed a comprehensive National Cyber Security Strategy.
Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.
Different elements of cyber security
Application Security: Application security is the principal key component of cyber security which adds security highlights inside applications during the improvement time frame to defend against cyberattacks. It shields sites and online applications from various sorts of cyber security dangers which exploit weaknesses in source code.
Information Security: Information Security is the component of cyber security that denotes the methods for defending unapproved access, use, revelation, interruption, modification, or deletion of information. The protection of the company’s data, code, and information that is collected by the company from their clients and users is protected by Information security.
Network Security: Network security is the security given to a network from unapproved access and dangers. It is the obligation of network heads to embrace preventive measures to safeguard their networks from potential security dangers.
Disaster Recovery Planning/Business Continuity Planning: The planning that describes the continuity of work in a fast and efficient way after a disaster.
Operational Security: The process that encourages the managers to see the activities according to the viewpoint of a hacker to protect sensitive data from various threats.
End User Education: End-user training is the most significant element of computer security. End users are turning into the biggest security threat in any association since it can happen whenever. One of the primary errors that lead to information breaks is human mistakes. An association should prepare its workers about cybersecurity.
Challenges in cyber security
Ransomware attacks: According to the Cyber Security firm Sophos, about 82% of Indian organisations were hit by ransomware in the last six months of 2020.
IoT Attacks: According to IoT Analytics, there will be about 11.6 billion IoT devices by 2021.Safeguarding IoT devices is one of the biggest challenges in Cyber Security, as gaining access to these devices can open the doors for other malicious attacks.
Cloud Attacks: Most of us today use cloud services for personal and professional needs. We are all aware of the infamous iCloud hack, which exposed private photos of celebrities. If such an attack is carried out on enterprise data, it could pose a massive threat to the organisation and maybe even lead to its collapse.
Blockchain and Cryptocurrency Attacks: There have been several attacks such as DDOS, Sybil, and Eclipse. organisations need to be aware of the security challenges that accompany these technologies and ensure that no gap is left open for intruders to invade and exploit.
Machine Learning and AI Attacks: Machine Learning and AI attacks are another big concern in India. A sophisticated attack might prove to be too difficult to handle due to the lack of Cyber Security expertise in our country.
National Cyber Security Strategy
In 2020, the National Cyber Security Strategy was conceptualised by the Data Security Council of India (DSCI) headed by Lt General Rajesh Pant. The report focused on 21 areas to ensure a safe, secure, trusted, resilient, and vibrant cyberspace for India.
The Main Components of the National Cyber Security Strategy:
Large Scale Digitization of Public Services: Focus on security in the early stages of design in all digitization initiatives.
Supply Chain Security: Monitoring and mapping of the supply chain of the Integrated Circuits (ICT) and electronics products.
Critical Information Infrastructure Protection: Integrating Supervisory Control and Data Acquisition (SCADA) security.
Digital Payments: Mapping and modeling of devices and platforms deployed, supply chain, transacting entities, payment flows, interfaces and data exchange.
Security of Small and Medium Businesses: Policy intervention in cybersecurity granting incentives for a higher level of cybersecurity preparedness.
To protect our devices and data against cyber threats, wecan adopt simple measures such as using the latest hardware and software for your digital needs. We will also need to adopt advanced measures such as installing a firewall to add an extra security layer.