Government regulations in cyber security: Framework, standards and recommendations

Abstract

Cyber security refers to the protection of Internet-connected systems, such as hardware, software as well as data (information) from cyber attacks (adversaries). A cyber security regulation is needed in order to protect information technology along with computer systems with the purpose of compelling various organizations as well as companies to protect their systems and information from cyber attacks. Several cyber attacks are possible, such as viruses, phishing, Trojan horses, worms, Denial-of-Service (DoS) attacks, illegal access (e.g., stealing intellectual property or confidential information) as well as control system attacks. In this article, we focus on importance of various standards in cyber defense, and architecture of cyber security framework. We discuss the security threats, attacks and measures in cyber security. We then discuss various standardization challenges in cyber security. We also discuss about the cyber security national strategy to secure cyberspace and also various government policies in protecting the cyber security. Finally, we provide some recommendations that are critical to cyber security and cyber defense.