Content area
Full text
Abstract: This paper introduces a cyber security framework concept, so called the Six-Ware Cyber Security Framework (SWCSF). The SWCSF aim is to increase a Local Area Network (LAN) security readiness or awareness in a cyber security environment. This SWCSF proposal is proposed in order to enhance an organization's cyber security environment based on cyber protect simulation experiences. Cyber protect is a simulation tool developed by the US Security Information Systems Agency (DISA). Cyber protect simulation is an integral part of cyber security for information leaders course at National Security University (NDU), Washington, DC. USA. Strategic thoughts can be implemented during cyber protect simulation exercises. Brilliant ideas in simulating an cyber security network environment become good lesson learned. The implementation for proper security strategy could secure an organization LAN from various threats, attacks and vulnerabilities in concrete and abstract levels. Countermeasure strategy, which is implemented in this simulation exercise is presented as well. At the end of this paper, an initial cyber security framework proposal, so called the Six-Ware Cyber Security Framework has been introduced.
Keywords: cyber security environment, cyber protect simulation, cyber threats, attacks and vulnerabilities, countermeasures strategy, LAN, SWCSF framework
1.Introduction
In terms of cyber security environment it cannot be denied that as the cost of information processing and internet accessibility falls, civilian, military and government organizations security environments are becoming increasingly vulnerable from cyber threats or attacks, e.g., network intrusions, DoS, phishing, spoofing, viruses, flooding, etc. At this point, a LAN security manager might allocate budget, spreading it for network security tools, e.g., anti-virus software, firewalls, intelligent routers or expensive modeling and simulation (M&S) tools. M&S is an effective technique to support better understanding for LAN security managers in concrete and abstract levels [Saunders 2017]. M&S can be used to identify weaknesses proactively and it can also provide education and training using "what if" scenarios reactively. Ultimately when new threats appear the ability of an organization to respond is significantly enhanced. One good lesson learned in the context of cyber security environment issue today is the phenomenon of Panama papers where over 11.5 million files have been leaked including 2.6 terabytes of data. In the case of Panama papers leak, E-mail is the most of affected records (4,804,618 files), followed by database...