For the successful completion of this task, I selected the scenarios to establish the brand-new office of UNDOC in Bangladesh. Understanding the responsibilities as per CSO of area, I will highlight the Cyber security framework and algorithms that I will suggest to UN Secretary-General.
Nowadays cyber security is a platform that assures opportunity, purity and confidentiality for data. It protects and retrieves data from several failures. We, the Human is the weakest entity in any kind of cyber security program. How human is responsible due to these factors like writing code securely, training operation staff end users to spot phishing emails and social engineering attacks that’s why we said that cyber security begins with awareness.
As CSO I will focus on these Cyber security Segments:
- Civil Framework: It comprises of civil infrastructure on which society depends, like water purifying plants, traffic management, electricity/power stations and medical centres.
- Network security: It prevents data from unauthorized access & malicious insiders and ensures trade-offs to network security.
- Cloud security: Allocation of UNODC to cloud imposes new security challenges.
- Application security: It refers to web application security,(main technical point of attack).
Trends and challenges for cyber security lifecycle are following
Safeguarding of brand-new UNODC segment emphasises on following key trends:
- Data co-relation: Before adding more devices to network we must perform the correlation technique across existing devices & to understand all kind of traffic we need to perform data co-relation across all critical devices so that organization can take appropriate actions against current status.
- Endpoint security:- When more devices become portable then importance of the endpoint becomes more critical. As CSO I will go beyond traditional endpoint and focus on protecting, controlling and monitoring data at end points.
- Forensics:- Sometimes the attacks are so dangerous that once it happens we can’t recover from it. So, I will put focus on the proactively identifying the problems and rectify them before its major attack on the organization. That’s why it is known as Pro-active approach rather than reactive approach.
Approach and flow of the UNODC cyber security network strategy process
Our security model to implement in the UNODC offices will follow the “Defence in Depth” and will follow this rule to while designing and implementing the UNODC security model.
We will use the layered model approach to implement the UNODC security model. It will contain the tools which perform the data collection, analysis, reporting and generation of alarms.
Four key layers of security models are follows:
- Defence perimeter
- Server Protection and Operating System
- The protection of host
- Information Protection
Steps to create secure UNODC network
Understand all IT infrastructure network, network traffic and communication system and forming standard documentation of the entire infrastructure and implementing all policies and plan after getting the nod from the UN-general secretary.
By protecting the network by restricting access of the selective websites. We will configure the setting to block the authentic data and some authentic mails, it means that access should limited. Moreover, use of Antivirus is must. It detects and removes the malware, adware and spyware and it also filter out the potentially dangerous emails and downloads.
Create security awareness framework among the users through the training and courses in the UNODC offices and audit the entire network security after certain time interval. We will try to encrypt the all data and safeguard passwords.
To sum up, as we know that machine learning provides the powerful use case for the cyber security applications and network applications. Machine learning algorithms are divided into two categories, namely supervised and unsupervised. Supervised algorithms require labelled training dataset. When we once trained the data set, we are able to correctly classify or predict the data given new input. For our implementation of the project I will use the spin-backup which is robust as UNODC have lot of data inside the cloud environments. So, spin backup will help us to identify the following problems and it will protect the valuable business-critical data. So, Spin-backup uses machine learning for detecting the cyber security events in UNODC as follows:
- It will protect from the insider threat detection
- Protect us from the sensitive data leak
- It will protect from the malicious third-party app
- Also protect from the brute force login attempts
- Ransom ware detection
Hence, this will be my approach and algorithm implementation for the UNODC office in the Bangladesh.