In today’s inter-connected world, technologies underpin almost every facet of our society. Thus, cybersecurity becomes increasingly important, and the challenge lies in dealing with wide-ranging cyber threats in nearly real-time conditions. The capability to detect, analyze, and defend against such threats in near real-time terms is not possible without threat intelligence, data analysis, modeling techniques.
Cyberspace comprises IT networks, computer resources, and all the fixed and mobile devices connected to the global network. A nation’s cyberspace is part of the worldwide cyberspace; it cannot be isolated to define its boundaries since cyberspace is borderless. This aspect makes cyberspace unique and challenging to solve. Unlike the physical world that is limited by geographical boundaries in space, land, sea, river waters, and air, cyberspace is continuing to expand. Increased Internet penetration is leading to the growth of cyberspace since its size is proportional to the activities that are carried through it.
Challenges in cybersecurity are as follows:
1. Designing secure cyberspace: Experts often say that adequate security needs to be an integral part of ICT design. Developers have traditionally focused more on features than safety for economic reasons. Also, many future security needs cannot be predicted, posing a difficult challenge for designing secure cyberspace. As a result, our physical-world mental models won’t work in cyberspace. For example, in the physical world, we assign government the task of border security. But given the nature of cyberspace, everyone’s network is at the border. In the physical world, crime is local. You have to be at a location to steal an object, so police have jurisdictions based on physical boundaries. But in cyberspace you can be anywhere and carry out the action, so local police jurisdictions don’t work very well. Therefore, designing a secure cyberspace is a huge challenge.
2. Needed clarity in ownership and responsibility in cybersecurity: Critical infrastructure is mostly owned and operated by the private sector. But security is not the private sector’s responsibility. The government also has a vital role to play in the governance of cyberspace in the civil-sector. These are some of the critical cybersecurity issues that nations are grappling with. At an organizational level, too, cybersecurity is not merely a technology issue, but a management issue. It is grounded in enterprise risk management, which calls for an understanding of the human, process, legal, network, and ICT security aspect. Roles and responsibilities of each of the parties need to be clearly defined. At the same time, governments need to establish appropriate policy and legal structures.
3. An incentive to secure the cyberspace: The structure of economic incentives for cybersecurity has been called distorted or even perverse. Cybercrime is regarded as cheap, profitable, and comparatively safe for the criminals. In contrast, cybersecurity can be expensive, is by its nature imperfect, and the economic returns on investments are often unsure. Therefore, the challenge here is to reverse this figure to favour cybersecurity and stakeholders that intend to do so.
4. Building common consensus: Cybersecurity means different things to different stakeholders, often with little universal agreement on meaning, implementation, and risks. Substantial cultural impediments to consensus also exist, not only between sectors but within sectors and even within organizations. Traditional approaches to security may be insufficient in the hyperconnected environment of cyberspace, but consensus on alternatives has proven elusive.
5. Ever-changing nature of cybersecurity: Cyberspace operates according to different rules than the physical world. The nodal nature of a light-speed network means that concepts like distance, borders, and proximity all work differently, which has profound implications for security. First, with range significantly reduced, threats can come from anywhere and from any actor. Second, the borders in cyberspace don’t follow the same lines we have imposed on the physical world. Instead, they are marked by routers, firewalls, and other gateways. Proximity is a matter of who’s connected along what paths, not their physical location.
6. Legal and Policy Frameworks: Cyberspace is still very new from a legal and policy point of view. In the modern form, the Internet and cyberspace have existed for only about 25 years and have changed continuously over that period. Therefore, we have not developed the comprehensive frameworks we need. Perhaps we should borrow concepts from the disaster response world, and divide responsibility in a fluid manner that adapts over time in response to changing circumstances. In disaster response, preparedness and initial response reside at the local level. If a given incident overwhelms or threatens to overwhelm local responders, then steadily higher levels of government can step in. But, if it becomes clear that a nation-state is involved, or even if there is a mere suspicion that a nation-state is involved, then the national government would start bringing its capabilities to bear.
Nations are investing heavily in their ICT infrastructures intending to provide higher bandwidths, integrate national economies with the global marketplace, and to enable citizens to access more e-services. Given the security problems, there is an increased emphasis on, and investment in, the security of cyber infrastructure. Core Internet protocols are insecure, and an explosion of mobile devices continues to be based on the same unstable systems. This is adding up to increased usage of the Internet in more vulnerable cyberspace.
Cyberspace has been called the fastest evolving technology space in human history, both in scale and properties. New and emerging features and applications — especially social media, mobile computing, big data, cloud computing, artificial intelligence, and the Internet of Things — further complicate the evolving threat environment.