Friday, April 21, 2017

Corporate Cyber Protection Methodology

Earlier this week the Israeli CERT (CERT-IL) have issued a final draft for a "Civilian Corporate Cyber Protection Methodology." in this publish they are asking for comments before making this paper official, and releasing it.  This 160-page long paper was written for providing a professional solution for the entire marketplace. The organization's protection plan derived from this document adapted to the extent of the body's dependence on cyber.

The central principle of which this defense doctrine paper was written is the organization as a whole recognizing that it is necessary to protect the continuity of the organization's functioning and to support its business objectives.
This concept is expressed in the document as follows:

A. Management Responsibility - The responsibility for protecting the information lies first and foremost with the management of the organization.

B. Protection Depending on the potential damage - the investment in the protection of each asset will be per its critical level to the functioning of the organization.

C. Defense based on Israeli knowledge and experience - the theory of defense enables the focus on the relevant risks to all
Organization and organization. As part of the activities of the National Authority for Cyber ​​Defense, periodic intelligence audits and assessments are conducted to the economy. These actions enable organizations to target specific areas of the various defense circles.

D. Proactive protection - The security controls were defined with the understanding that the organization must invest additional efforts The passive defense. This is expressed through the definition of protective controls for the stages of prevention, identification, and reaction and return to routine.

E. Multilayered Protection - Protection is a process that combines three main components: people, technology and processes (3 P's - People & Products & Processes) Defense theory defines a defensive response that is required on all these levels.

The original published document can work in for any organization. Regardless the locale of your office, I think that the third concept, mentioned above (translated from the original paper) should be read "Defense based on LOCAL knowledge and experience." The intel and assessments which are applicable for Israel might not be right for India, Mozambique or Brazil. In an organization that it is multinational and the organization's CSO need to handle with cyber aspects in each country, it is important to pay attention to the local recommendations for each branch as it was it was the only location in the network. 

There is nothing new there in this document that we don't know by now as it is based on NIST CSF (Cyber Security Framework). The ingenuity here is that this paper adjusting the standard and making it accessible to the Israeli market.  

Recently I have looked for web hosting services for one of my customers that needed some dedicated servers some ware on the WWW cloud.  I have found this site HostMonk to be VARY useful for comparison (and easy access to) of many new vendors and plans that I didn’t found them on regular search engines. Try it, it might save you some money. 

http://www.hostmonk.com




Monday, March 13, 2017

My web site is on AWS

My web server is a static one, meaning I have built each page separately, and therefore can change specific section. Once selected the theme and pattern that I have liked the next difficult task was to put a content into the various pages. I’m not a copywriter nor advertiser…
Next task was to look for an appropriate platform that is affordable. I have found out that AWS service might be useful for this task. Their “quickstart-website” function allows one to publish the content in no time. Hassle free.  Just zip the content, upload it and that’s it… The pages are uploaded onto “S3 bucket”, a partition that you are now the proud owner of it.  Once the files are in the S3, you get yourself a URL directing your content. Mine is http://aws-website-comitnet-1oby0.s3-website-us-east-1.amazonaws.com. The content is now safe on one of AWS servers in the US. (US-east-1 somewhere in North Virginia). To have this website responding fast enough to whoever asks to brows it, worldwide, regardless their location, I have decided to create a CDN (content delivery network), for that there is the CloudFront service. It synchronizes the data in all of AWS servers and creates new worldwide URL for the content. Mine is https://dq2b1rahx4koh.cloudfront.net . Route 53 is AWS DNS service that translates  and point each one from the URLs mentions above to the right server to show the content.

Note that some configuration is required with your DNS vendor, to point your domain name to the one provided by the cloudfront service.