ACC Cyber Security Principles
Cyber attribution is the process of tracking, identifying, and laying blame on the perpetrator of a cyberattack or other hacking exploit. However, true wisdom is knowing when and where cyber security threats may arise in order to identify, attribute, and prevent those attacks. Therefore, Attribution Cyber Consulting, Inc., provides the acumen, knowledge, and technical expertise in order to educate, monitor, and prevent cyberattacks.
Cyber incidents, for example, the WannaCry attack, demonstrate the continuing threat posed by malicious state and non-state actors to organizations world-wide.Thus, it becomes necessary for organizations to define their security principles in order to address any and all malicious cyber attacks. The notion of cyber attribution can be defined as the process of proactively tracing, identifying, and responding to the perpetrators of a cyber attack or hacking exploit. ACC provides its suggested template below for cyber security principles.
Policies and Strategies
In order to ensure all necessary areas of responsibility and risk management are addressed, Attribution Cyber Consulting incorporates the principles that include the detailed development of pertinent policies and strategies related to data, information, and cyber security.
Once those policies and strategies are defined, then guidelines in terms of how both defensive and offensive methods should be applied are established.
An integral element of the guidelines are when and how to deter security threats.
Resources and Training Criteria
Along with the policies, strategies, guidelines, and deterrence elements come the human resource requirements and necessary training to support the security principles.
Technology and Data Standards
The standards for existing and future technology and data must also be defined to create a successful data, information, and cyber security environment.
The organization must identify the possible legal frameworks in order to properly cover all aspects of security and support the guidelines, strategies, and policies.
Finally, the organization must review the possible international implications and obligations related to data, information, and cyber security globally, supporting the guidelines, strategies, and policies.