Cyber Security Principles

The increase in the usage of the internet compels the governments of different nations to make good security for the internet. The companies in the United Kingdom first recognized the need for some guidelines in using the internet. The use of such guidelines is to help the common people securely use cyberspace and limit cybercrimes and attacks. Cyber security includes the protection of sensitive information, systems, and networks from cybercriminals.

We talk about the guidelines that are made to protect and inform the clients of different internet providers. These guidelines are made with the coordination of government and internet providers who have a wide variety of clients whose needs are different from each other.

Now let us check the guidelines one by one in detail

  1. Make a Risk Management system
  2. Economy
  3. Secure all Configurations
  4. Fail-safe defaults
  5. Manage User privilege
  6. Open Design
  7. Monitoring
  8. Complete mediation
  9. Prevention of Malware
  10. Privilege separation
  11. Least common mechanism
  12. Psychological Acceptance
  13. Removable Media Controls
  14. Wok factor
  15. Compromise reading

1 Risk Management System

Risk and attacks are inevitable in an organization which is the same in the case of the internet. An organization must have a set of rules and policies which will be followed in case of an attack called a risk management system.

This set of rules and policies are made with the help of high experts and the organizations-related peoples analyzing all the possibilities of the risk occurrence and prioritizing them to make the perfect rules.

Once the risk management system is ready, all the employees and the people related to that organization must know about that system and act according to the rules inside that system in case of a risk.

2 Economy

The security process must be simple and easy to implement. We must simplify the design and reduce the implementation process because in a simple design, it will be easy to correct the errors and there will be less chance for the errors to happen in simple models. Also, the testing for errors will be easy and cost-effective in a simple model. We also are careful to have simple interfaces of different modules in the security system which helps to reduce the wrong assumptions.

3 Secure All Connections

This principle states that we have to secure all the configurations of computers and the network while we configure the system and network. If we are securing it at the time of configuring the computer we can reduce the risk factors in the system. This process includes disabling autorun, managing security breaches, and removal of all unwanted functions to remove all the risk factors.

4 Fail-safe Defaults

This principle is simple and easy to understand as it says that a default configuration of a system or a network should have protection from all other accesses. It also states that the permissions granted by the new systems must be limited. The access to the security modules and sensitive areas must be limited for new systems or users. 

For example, suppose we have a system in which we access the admin privilege. One day another user came and asked to use your system for some days, you will not allow him to access the admin account. According to the principle, we must create a guest account for that user with fewer privileges than the admin for the security of that system.

5 Manage User Privilege

This principle states that the permissions that are granted to any user must be for a task and it should be allowed only for completing that task duration. This privilege control is to control the user privileges for a maximum short time and is allowed only if it is needed.
For example, suppose you are working as a network administrator and one of your coworkers needs access to the network. In such case, you must check his need and calculate the privileges he needs to complete the task and allow that privileges only the duration to complete his task

6 Open Design

This principle states that the security implementation need not need much secrecy and complexity in its design, it means more secrecy or complexity doesn’t mean that it is more secure. It can be applied to not only the credentials or network also to the computer systems

An example of this principle is the Content scrambling method that is used in CD.

7 Monitoring

Every organization must have installed intrusion detection and prevention facilities, but in some cases, it may fail to detect and prevent an intrusion. In such scenarios this principle works, it states that organizations have a monitoring policy, which gives an eye over the security activities happening in that firm.

Monitoring is done by monitoring each system and the network and the user activities also, it must have good backing up policies. 

8 Complete Mediation

On the internet, there will be caching of information which is done to make the process easy and fast like saving the login information of the previous login so that the next login will be easy and fast. But complete mediation principles state that no such caching of data is allowed in a network which means we have to check the privileges of the user every time when the user needs to access a network or object.

This makes the process a bit complex and time taking, which reduces the performance a little, but it is essential for security as the login rights and privileges can change at any time. So each user has to log in for every access to the objects in the network to check the privileges of the user.

For example, in online banking, each user has to log in every time and for doing every transaction, even the backspace will not work in that scenario.

9 Prevention of Malware

Malware is one of the major and common issues faced by almost all organizations around the world. It may come in many forms and ways. Malware doesn’t have a common form or way to infect so a unified approach will not work to prevent malware.

Mostly it comes through email and network. Use good spam detection in email. Use email thread protection to prevent email from phishing attacks. Install good firewalls and intrusion detection in networks. Use a good updated antivirus in each system in the organization.

10 Separation of Privilege

This is one of the important principles as it states that two-step verification is needed. In general, we can say that the system allows permission only when more than one condition is satisfied. It implies that one condition is not enough to grant a user the privilege to the network object. 

11 Least Common Mechanism

This principle is for sharing of resources as it implies limiting the sharing of resources. It states that the resources shared between the users must be minimum.

12 Psychological Acceptability

It is a psychological effect that the security mechanisms for a resource should not be much complicated. Suppose we have a computer where its security measures are so complicated then the users will not take necessary precautions before using the sensitive information.

13 Removable Media Controls

Removable media will act as a hub for a wide range of viruses, worms, Trojans, and malware. It can easily infect a system when a removable media is connected to a system and it can spread from that system to the entire organization network.

Every organization must have a strict policy in using removable media and it must have a good antivirus where we are going to connect the removable media.

14 Work Factor

This is a factor that is not directly related to cyber security but it is needed for making a good design in a cyber security model. According to this principle, the expense that is needed to make a security system must be comparable to the resources available for an attacker to make a plan to attack the network. 

In some scenarios, it will be highly complex to find the cost and it is used to calculate the cipher strength.

15 Compromise Recording

It is a simple principle which states that we should record all the intrusions and trials for the intrusions because it can help us to make better security measures as we get an idea about the ways of intrusion.

An example of this is the cyber-connected cameras that monitor all the details.