Data shows that cyber crime, including identity theft and fraud, are growing fears among all parts of the population and not just criminal gangs. The frequency of attacks are increasing, the volume of data being stolen is growing exponentially and the power and financial loss due to cyber attacks have multiplied, now more than ever, unified communications and other cyber security measures need to be implemented.
The attacks on online banking, the use of the Internet for money-laundering, selling illegal drugs and even the hacking of electric utilities are just some of the high-profile cyber security issues that the people of this country face everyday.
As a result, cyber crime prevention is a necessity. Unfortunately, even though the biggest national enterprises strive to establish a comprehensive cyber security strategy for the country, the governments are only concerned with budgeting and their reaction to the last three months’ budget priorities.
The politicians are the ones who have been given the responsibility for protecting the nation’s critical and valuable assets from cyber attack, but the lack of policies that will safeguard our critical IT infrastructure (ISI) and the new technologies that governments are still growing accustomed to implementing on a daily basis is going to create a total of more than $2.8 billion of expenditures on cyber security over the next three years.
In order to build a cyber security strategy, we need to first understand the nature of the attacks that we are likely to see.
Types of cyber attacks:
Impact-based Economic impact on the economy and harm to the victims. This type of attacks are not as concerning as the impact-based but cannot be ignored.
Economic impact on the economy and harm to the victims. This type of attacks are not as concerning as the impact-based but cannot be ignored. Consequences-based Economic and social impact on the economy and the people, with social impact often causing physical harm. This type of attack may be restricted by legislation but cannot be ignored.
Economic and social impact on the economy and the people, with social impact often causing physical harm. This type of attack may be restricted by legislation but cannot be ignored. Improper use Peculiar use of the Internet and cyber espionage targeting private organizations. These types of attacks are impossible to respond to once they are carried out.
There is a need for all of the above types of cyber attacks to be taken into account, not only to respond to the impact-based attacks but also to prevent the illegitimate usage of the Internet and other technology platforms.
Current Strategies
The government is currently implementing the Security (Information Sharing) Regulation 2014, which expands the parameters of the government’s existing cyber security strategy by identifying and regulating the manner in which the government departments and agencies obtain, store and use personal and private information that is protected by applicable laws and regulations.
This regulation is good because it clarifies that in order to be eligible to receive information under the regulation, the government must demonstrate that it is able to show that the sharing of the information would not cause the data owner any harm. There is no need to have any actual harm done to the person who holds the information to be a prohibited harm.
Moreover, there is good reason to believe that the legislation gives governments enough flexibility in deploying the resources needed to meet their cyber security requirements. In this sense, it is more of an incentive than a deterrent.