Cyberspace is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information and communication technology (ICT) devices and networks.
Most of the governments have national cyber security strategies drafted in the recent past, but how far its executed it within the government sectors is still a question to authorities to think thru.
NATO Cooperative Cyber Defense Center of Excellence provides links to national cyber security policy and legal documents. Though it primarily focus on NATO Nations and Partners (incl. Euro-Atlantic Partnership Council (EAPC), NATO’s Mediterranean Dialogue, Istanbul Cooperation Initiative (ICI), and Partners across the globe), but other national strategies are included as available.
While mega-breaches of high-profile private companies provide headline fodder, the US federal government has its own share of vulnerabilities in cyberspace. In fiscal year 2016, government agencies reported 30,899 information-security incidents, 16 of which met the threshold of being a major incident.
The Indian government might make a separate budgetary allocation for cyber security to address the problem of data breaches. A news report said that Finance Minister might allocate an overall budget for digitization of Rs 20,000 crore– a significant part of the amount might go to secure networks from cyber attacks. [Also read – Future of Work]
- Does all departments have designated CISO (Chief Information Security Officer) responsible for security efforts & initiatives
- Does government organization earmark specific budget for meeting emerging response arising out of cyber incidents
- Does these entities perform any conformity assessment and certification of compliance (such as ISO27001:2013)
- How does the end-to-end supply chain security risks handled. Is there any best practices documented and shared?
- In what ways, the government staffs are engaged on information security awareness program