This article is intended to outline the presence and influence of cyber security and computer security in the draft of the new private security regulation. We will analyze the role that these two relevant concepts play in its writing.
A positive feature of this document, in terms of information-related issues, is that the flow of information is normalized, in addition to to the Security Forces and Bodies, to private security companies, thus allowing the articulation of early warning measures, prevention, and protection against risks and vulnerabilities, including providing personal data to anticipate security threats. You can join Cyber security Course in Dubai for the prevention of cyber attacks.
The new regulation contemplates mandatory security measures for private security companies such as physical and electronic security systems, restricted areas dedicated to the custody of sensitive information, the existence of facilities and computer systems consistent with the cataloging of the level of criticality of the information (low, medium and high level), reactive and preventive security plans against vulnerabilities, risks and threats and contingency systems designed to ensure the continuity of the service, should a threat materialize.
These measures, roughly speaking, were already necessary for this sector, whose evolution and current state require a strong awareness of information security. It is the first step for companies and stakeholders to develop protocols, policies, and infrastructures in the fields of computer security and cyber security.
The document gives the security director more prominence by assigning him the role of interlocutor and liaison with the Administration regarding the following areas: classified matters, critical infrastructures and information and communication security, among others
Before we go further, let’s face the terms of computer security and cyber security in order to define them precisely, since the draft, as anticipated, quotes them frequently. Let’s establish their differences.
In practice, in the field of ICT (The Information and Communication Technologies) the terms of computer security, cyber security, information security or simply security, are often treated interchangeably. The reality is that each of them contains obvious differences, but, in the end, they all aim to protect the digital assets of companies or individuals. Many institutes provides Cyber security Course in Chandigarh.
Computer security refers to a set of methods, processes or techniques for the protection of your data and many electronic equipment to the information in data format that they store.
The main difference is that computer security is limited to protecting information assets in digital format and the computer systems that process and store them, regardless of whether or not they are interconnected. Cyber security, on the other hand, is aimed at protecting information assets in digital format that circulate through interconnected systems. Unlike information security, cyber security applies offensive measures and not just defense.
In certain cases, both terms can be used synonymously since the objective of each one is to protect the information from the risks found in data networks.
Having pointed out the above, another novelty of the text is the obligation that computer security companies and private security companies that want to provide services in strategic sectors defined in the critical infrastructure regulations undergo a mandatory external audit.