Cyberspace security: How to develop a security strategy

Abstract: Despite all visible dividers, the Internet is getting us closer and closer, but with a great price. Our security is the price. The international community is fully aware of the urgent need to secure the cyberspace as you see the multiplication of security standards and national schemes interpreting them beyond borders: ISO 15408, ISO 17799, and ISO 27001. Even though some countries, including the Security Big Six (SB6), are equipped with their security books and may feel relatively safe; this remains a wrong sense of security as long as they share their networks with entities of less security. The standards impose security best practices and system specifications for the development of information security management systems. Partners beyond borders have to be secure as this is only possible if all entities connected to the partnership remain secure. Unfortunately, there is no way to verify the continuous security of partners without periodic security auditing and certification, and members who do not comply should be barred from the partnership. This concept also applies to the cyber space or the electronic society. In order to clean our society from cyber crimes and cyber terrorism we need to impose strict security policies and enforce them in a cooperative manner. The paper discusses a country's effort in the development of a national security strategy given its security economic intelligence position, its security readiness, and its adverse exposure.