Cyber Wellness Not Up to the Mark

Cyber Wellness Not  Up to the Mark
Cyber Wellness Not  Up to the Mark

Cyber attacks on Iran are far more than in other countries. Every day, more than 10,000 cyber attacks occur but most of them are neutralized.

The problems are challenging, but national cyber experts are geared up to build a strong computer defense mechanism, said Mahmoud Vaezi, minister of communications and information technology.

“However, our ranking in cyber wellness (19th) indicates that we still have a long way to go,” he said, Alef News Agency reported.

Access to safe online networks and provision of cybersecurity exists in the policy framework of the ongoing five-year economic development plan (2011-2016).

“In the next plan (2016-2021) policies will be aimed to make us one of the best regional powers in IT security,” he said.

The AFTA (national Cyber Security Company) strategic document is one of the most important devised in cybersecurity, and all organizations are obliged to adhere to it.

Establishment of Information Security Management System (ISMS) particularly in government departments and Information Security Operations Centers (ISOCs), are among security requirements that should be implemented, as per the document.

All cyber products should also be standardized in specific laboratories.

 At present, the objectives of the document have not been fully realized. So far, the ISMS system has been launched in only 39% and the Information Security Operations Center (ISOC) in 20% of government organizations.

Regarding standardization of cyber products, 29 assessment laboratories for security products are expected to be established; currently there are only 8 such labs.

The governing principle behind ISMS is that an organization should design, implement and maintain a coherent set of policies, processes and systems to manage risks to its information assets. As with all management processes, an ISMS must remain effective and efficient in the long term, adapting to changes in the internal organization and external environment.

An ISOC is also a dedicated site where enterprise information systems (web sites, applications, databases, data centers and servers, networks, desktops and other endpoints) are monitored, assessed and defended.

 Raising Awareness

In 2014, America and Canada ranked first and second respectively in the Global Cybersecurity Index (GCI), while Iran ranked 19th. Oman ranked first in cyber wellness among Middle East countries and third in GCI.

Australia, South Korea, Japan, India, Singapore, Qatar, Indonesia and China had higher rankings than Iran.

Behnaz Ariya, head of AFTA’s commission for Computer Trade Organization, Tehran Province says, “We now live in a world that is more connected than ever before. The Internet touches almost all aspects of people’s daily life. Unfortunately, lack of awareness on cyber threats makes the country vulnerable to attacks.”

Public awareness should be created,” she said, adding, “Universities should cooperate with AFTA to raise awareness on cybersecurity and increase national resilience in the event of a cyber attack.”

Hassan Samimi, director general of technology development at the ministry of communications, said at present, the share of companies in the field of information security is only 19.5% of the ministry’s total allocations.

“Given that intelligence wars and threats in cyberspace are growing, we must be prepared more than ever to deal with them through bigger investments,” he said.