Ahi Consulting
CyberSecurity & BlockChain

Services 2

Cybersecurity

Cybersecurity is the Technologies, Processes, Procedures and Policies designed to protect the Internet and Wireless Networks, Computer Devices, Information and IoT Devices from Digital Threats, Disasters, and Unauthorized Access. Security is the degree of resistance or protection to and from attacks as well as Digital and Physical Threats.

Elements of Cybersecurity includes and applies to: 

1.       Application Security Development
2.       IoT and Mobile Device Security
3.       Information Security
4.       Network Security
5.       Disaster Recovery and Business Sustainability
6.       DevOps and overall Operational Security
7.       End-user Education and Training
8.       Analytics and Monitoring

 

1. Application Security Development

Application Security includes measures taken throughout the Application Development Life-Cycle - Design, Development, Quality Assurance, Deployment, Upgrade and Maintenance.

Main Principles are:

1.    Risk Assessment - Knowing the Threats.
2.    Risk Mitigation and Management - Securing the Network, Host and Application.
3.    Designed-In Approach - Incorporating Security into your Software Development Process
4.    Quality Assurance - Security Testing Techniques are applied to discover Security Holes in Applications. These Security Holes leave Applications open to be exploited. In our Cybersecurity Framework, Security Testing and tools are implemented throughout the entire ADLM (Agile Development Life Cycle Management) so that Security Holes can be discovered and addressed systematically and promptly. Security Holes and Vulnerabilities identified with White Box testing and Black Box testing are typically based on the OWASP Methodology (Open Web Application Security Project)

We Apply and Follow these OWASP:

a.    OWASP Top Ten: identifies the most critical risks facing product development and organizations. The Top 10 Project is referenced by many standards, tools and organizations, including PCI DSS (Payment Card Industry Data Security Standard), Defense Information Systems Agency, HITECH and many more.
b.    OWASP Software Assurance Maturity Model : Security Requirement, Security Review Environment Hardening tailored to the product and organization requirements.
c.     OWASP Development Guide provides safeguards and guidance from SQL injection to DOS, user session handling and privacy issues.

Main Elements to Know and Monitor are:

1.    Asset - Data in a Database
2.    Threat - Anything that can exploit a vulnerability or destroy an Asset (i.e: Virus/Malware)
3.    Vulnerability - A weakness in the Security Process that can be exploited by threats to gain unauthorized access to an Asset (i.e: A weak password)
4.    Attack -  An Action taken to harm an Asset (i.e: Phishing or DOS)
5.    Mitigation - A Safeguard that addresses a Threat (i.e: proactively checking for a virus and eliminating it)

 

2. IoT and Mobile Device Security

The openness of these platforms offers great opportunities to all parts of the Mobile Eco-System. However, with this openness comes unrestricted access to other mobile resources directly or through APIs by applications of trusted and untrusted origin, which could result in a security breach to the user, the device, the network or all of the above, if not managed by proper Security Safeguards and Architecture.

There are several strategies to enhance IoT and Mobile Application Security:

Application Whitelisting (i.e: Trusted APIs)
- Ensuring Transport Layer Security (i.e: VPN)
- Strong Authentication and Authorization and requiring Privilege Access (i.e: Two Factor Authentication and Minimum Access to only when required)
- Encryption of Data when written to memory (i.e: Encrypt data at rest with AES 256)

- Sandboxing of Applications (Safeguarding Access)
Granting Application Access on a per-API level
- Proper Session Handling

 

3. Information Security

Information Security is the practice of preventing unauthorized access, views, modification, recording or deletion of information at rest (Data stored in Storage/Memory) and/or on transition (Data traveling through the Internet and inbound/outbound in/to Organization Networks) as well as the information assurance (The Confidentiality, Integrity and Availability (CIA) of the information) which ensures that data is not lost (i.e: Defect), accessed by the wrong person (i.e: Attacker) or is not available due to natural disasters, computer/server malfunctions or physical thefts. 

 

4. Network Security

Network Security consists of the Policies and Practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of Network Resources.

Network Security starts with Authenticating, commonly with a username and a password (Known as One Factor Authentication)

       With Two-Factor Authentication, something the User 'has' is also used (i.e: Mobile Phone)
       With Three-Factor Authentication, something the User 'is' is also used (i.e: Fingerprint)

Once authenticated, a Firewall (Software or Hardware Firewall) enforces access policies such as what services are allowed by whom (i.e: Network Users). Communication between Two Networks and/or an External Host accessing your Network may be encrypted (i.e: VPN) to maintain privacy.

The best solution for Network Security is to proactively know who is in and/or travelling in your Network. Auditing event logs and active monitoring combined with learning algorithms are important ways to analyze your network traffic and proactively detect your network. 

 
AHIC_5.jpg

5. Disaster Recovery and Business Sustainability

A Disaster Recovery (DR) is a Set of Policies and Procedures defined and implemented that an Organization puts in place to recover and protect a Business' Information Technology (IT) Infrastructure in the event of a disaster. The disaster could be Natural (i.e: Earthquake) or caused by a human intentionally (i.e: Hacker) or unintentionally (i.e: Deleting files/data)

Business Sustainability is associated with the recovery of its Information Technology Infrastructure such as data, assets, and network facilities.

Organizations with careful planning can minimize the impact of the disaster. The main goal is to minimize downtime and data loss.

Benefits of Disaster Recovery and Business Sustainability plans are:

1. Provide Information Technology Infrastructure Security
2. Minimize risk of delays in operation
3. Provide reliability for Information Integrity
4. Provide plans for Systems Recovery
5. Implement the Recovery/Back Up Plans that are pre-defined and pre-tested
6. Minimize Legal Liabilities by following the policies per regulations and standards
7. Provide Secure Work Environment

 

6. DevOps and Overall Operational Security

DevOps is the Collaboration between Development, Operations and Testing throughout all stages of the Product Development Lifecycle when creating and operating a Product or a Service. DevOps' success is driven by the use of Agile Methodology, Integration and Eco-Leveraging with Cloud Infrastructure, Data Centers and increased focus on Quality Assurance and Automation Testing

Organization that practice DevOps benefit from:

1.    Better Product Quality
2.    Improved Productivity
3.    Shorter Time-to-Market
4.    More Secure and Reliable Releases
5.    Developing Right Products

SecDevOps - DevOps combined with security Safeguards:

Development with designed-in Security and Audits in mind, from the prototype stage, will help improve the delivery of a secure and reliable product and/or service that is sustainable and operates efficiently.  

SecDevOps should define and apply metrics for Quality, Reliability and User Experience.

In the past, Development builds the product, Operation runs and maintains it and Security keeps the Product and Network safe. Today, with the growth of Global Digital Technology and Cybersecurity Threats, the winners are the Organizations that define, apply and support SecDevOps, a designed Security and Agile Development with collaboration between departments to make it well integrated and reliable. 

 

7. End-User Education and Training

Cybersecurity has changed from being an Information Technology and Product Security issue to becoming a major organizational challenge that requires a series of security policies, procedures and safeguards to be developed and implemented.

We aim to Improve your skills in key areas such as Security Awareness, Secure Coding, Web Security Development, Penetration Testing, Cybercrime, Data Privacy, Firewall, VPNs, Governance, Compliance, Security Architecture, Critical Infrastructure, Risk Analysis, Risk Mitigation and More.

 

8. Analytics and Monitoring

One of the most problematic elements of Cybersecurity is understanding the nature of Security Risks and Threats. The most effective solution is to plan for a Proactive and Adaptive Strategy.

Predictive Indicators can proactively identify risks before they result in massive data loss. Today’s Cyber Criminals tend to construct a layered software of files (i.e: PDF, MS Words, JPGS) that are designed to steal small bits of data over a long period of time without being detected.

Predictive Analytics can detect these Data Anomalies early on, looking for hidden data that is being reformatted or encrypted to avoid detection.

With Predictive Analytics, risks are evaluated and ranked. If a malicious behavior is suspected, the Analytics Engine alerts the right people about the suspicious behavior, ranking it from highest to lowest risk.

With limited resources, Organizations need to identify the most severe cases first by prioritizing alerts based on potential impact and then by handling all alerts efficiently. One approach is to have levels of Security Analysts with different skill levels.

Businesses must identify and address both known and unknown risks when developing a Cyber Defense Program.

We need an approach that is Proactive, Agile and Adaptive. The old reactive methods, which are based on handling known risks, prevention and mitigation, are not sufficient. Today, we need an Innovative Approach:

1.    It begins with the capability to have full visibility across the Organization’s Network and Data Path
2.    Next, it must have this visibility in real time and adapt it to the Organization Policies and Procedures  
3.    Next, it must monitor how systems and people behave in and around the Network and the Data
4.    Finally, it must identify changes in behavior which will allow us to identify Malicious Activity and Cyberattacks — then, we will take the necessary steps to protect the Network and Data.