Cyber Security Controls and Countermeasures

Cyber Security Controls and Countermeasures

Mohammed Mustafa Khan

Abstract - Today's digital economy encompasses a conglomeration of devices, data, applications, and complex networks that can be hosted on-premises, in data centers or in cloud environments to support business functions. As a cybersecurity professional, you will be tasked to manage risks like cyber threats and data breaches in the workplace. The risks may emanate from the data that resides in the systems, like servers, computers or external drives and the physical assets themselves, like routers and switches. The onus is on preventing security events and limiting the damage or consequences of any event that might happen. Managing these risks in an organization can be achieved by implementing cyber security controls and countermeasures. Cyber security controls can be categorized into three distinct major groups: administrative control, physical control, and technological control. The administrative controls focus on security policies, guidelines, rules, procedures and standards designed by management to control access and utilization of confidential information. Physical control refers to a set of IT security controls deployed at the physical premise to prevent unauthorized physical access to data centres. Technical controls involve the use of systems and technical solutions to prevent security events in networks and cloud platforms. Additionally, when implementing security controls, the function of cyber security controls can be broadly divided into seven groups: directive, deterrent, preventive, compensating, corrective, detective, and recovery controls. Furthermore, security frameworks such as NIST, CIS controls COBIT, and ISO/IEC series form the cornerstone of cyber security controls and countermeasures. The aforementioned aspects will be discussed further in the later sections. For now, it is to provide a general picture of the cyber security controls and countermeasures.

Keywords –  Security Controls, Countermeasures, Frameworks, Information Systems, Risk

Conclusion

The main objective of cybersecurity controls and countermeasures is to protect data and information systems. Various approaches may be used by organizations to ensure data protection and that the information systems that house data are kept secure. It is crucial to understand the different states in data that exist to ensure appropriate security controls and countermeasures are applied accordingly. The defence in-depth approach is a standardized way of protecting even the information systems that store the data. It is not tenable to focus only on data without also focusing on the IT assets. Comprehending the various functions of security controls will help to appreciate the benefits of security controls and countermeasures. Various cybersecurity frameworks exist. Organizations need to review these two frameworks and any other frameworks to tailor their security controls and countermeasures to align with the business objectives. This multi-layered approach will enable organizations to successfully develop and implement cyber security controls and countermeasures that appropriately suit the organizational needs.

Reference

[1] Anwar, Yuan, and Ivan, "Improving employees' intellectual capacity for cybersecurity through evidence-based malware training," May. 2020. https://www.emerald.com/insight/content/doi/10.1108/JIC-05-2019-0112/full/html

[2] L. Bosnjak, J. Sres, and B. Brumen, "Brute-force and dictionary attack on hashed real-world passwords," 2018 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), May 2018, doi: https://doi.org/10.23919/mipro.2018.8400211.

[3] Centers for Disease Control and Prevention, "Information Systems Security Controls Guidance: Application Systems | Compliance | Federal Select Agent Program," www.selectagents.gov, Sep. 09, 2020. https://www.selectagents.gov/compliance/guidance/information-systems/app-systems.htm

[4] A. Amiruddin, H. Nugroho, and A. HG, "Cyber-Risk Management Planning Using NIST CSF v1.1, NIST SP 800-53 Rev. 5, and CIS Controls v8 | IEEE Conference Publication | IEEE Xplore," ieeexplore.ieee.org, Oct. 2021. https://ieeexplore.ieee.org/abstract/document/9699337/

[5] G. González-Granadillo, S. González-Zarzosa, and R. Diaz, "Security Information and Event Management (SIEM): Analysis, Trends, and Usage in Critical Infrastructures," Sensors, vol. 21, no. 14, p. 4759, Jul. 2021, doi: https://doi.org/10.3390/s21144759.

[6] CISA, "Weak Security Controls and Practices Routinely Exploited for Initial Access | CISA," Cybersecurity and Infrastructure Security Agency CISA, May 17, 2022. https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-137a

[7] Center for Development of Security Excellence, "Introduction to Physical Security Student Guide Introduction to Physical Security Student Guide," Sep. 2017. Available: https://www.cdse.edu/Portals/124/Documents/student-guides/PY011-guide.pdf

[8] The National Cyber Security Society, "How To Select Access Controls DID YOU KNOW?," May 2019. Accessed: 1BC. [Online]. Available: https://nationalcybersecuritysociety.org/wp-content/uploads/2019/05/HOW2-Select-Controls-FINAL.pdf

[9] M. Ocenas, I. Homoliak, P. Hanacek, and K. Malinka, "Security and Encryption at Modern Databases," Proceedings of the 2020 4th International Conference on Cryptography, Security and Privacy, Jan. 2020, doi: https://doi.org/10.1145/3377644.3377662.

[10] J. T. Force, "Security and Privacy Controls for Information Systems and Organizations," csrc.nist.gov, Aug. 15, 2017. https://csrc.nist.gov/pubs/sp/800/53/r5/ipd