Cyberspace security: How to develop a security strategy

TL;DR

This paper discusses the importance of developing comprehensive national cybersecurity strategies that incorporate international standards, continuous auditing, and cooperative enforcement to enhance global cyberspace security.

Contribution

It presents a framework for creating a national security strategy based on security intelligence, readiness, and exposure, emphasizing international cooperation and standards.

Findings

International standards like ISO 15408, ISO 17799, ISO 27001 are crucial for security management.

Continuous security auditing and certification are necessary for maintaining trust among partners.

Strict security policies and cooperative enforcement are essential to combat cyber crimes and terrorism.

Abstract

Despite all visible dividers, the Internet is getting us closer and closer, but with a great price. Our security is the price. The international community is fully aware of the urgent need to secure the cyberspace as you see the multiplication of security standards and national schemes interpreting them beyond borders: ISO 15408, ISO 17799, and ISO 27001. Even though some countries, including the Security Big Six (SB6), are equipped with their security books and may feel relatively safe; this remains a wrong sense of security as long as they share their networks with entities of less security. The standards impose security best practices and system specifications for the development of information security management systems. Partners beyond borders have to be secure as this is only possible if all entities connected to the partnership remain secure. Unfortunately, there is no way to verify the continuous security of partners without periodic security auditing and certification, and members who do not comply should be barred from the partnership. This concept also applies to the cyber space or the electronic society. In order to clean our society from cyber crimes and cyber terrorism we need to impose strict security policies and enforce them in a cooperative manner. The paper discusses a country's effort in the development of a national security strategy given its security economic intelligence position, its security readiness, and its adverse exposure.