Technology is one of the greatest inventions we have in this life. With this invention, our life became much easier than it was. Nowadays, technology has given our society full opportunities to explore our world in many fields such as medicine, Engineering, information systems, communications and information technology. In addition, it helped countries and organizations to reduce time and effort by using online services, e-gov and e-business. Moreover, it allowed people to communicate with each other in all over the world and to share information, documents and pictures by using mobile phone and social media such as Facebook, Twitter, YouTube, and Instagram. These things made governments, organizations and information security experts in IT thinking seriously about finding right strategies to apply the cybersecurity in order to protect networks, PCs and information from hacking, steal passwords, vandalism or unauthorized access by hackers, crackers and Social engineering. These strategies include applying cybersecurity polices.in fact, issuing cybersecurity polices are only the first step however, applying cybersecurity polices is the core step to minimize of risks, so cybersecurity policies have some rules that need IT group to be aware of. These policies had been reviewed by case study and our professor Dr. Elliott Lynn in the first life classroom include:
1- “The biggest potential weakness in cyber security policy is when IT group do not have any support.
2- The staff who are responsible for cyber security policy are IT professionals, because we cannot expect that executive management to be aware of security issues.
3- IT group is responsible for making sure that cyber security policy is enforced including tools.
4- The best way of understanding effective cyber security policy is by knowing the environment of work.
5- IT group has to be aware of updating cyber security policy annually, which including comprehensive updating.
6- IT group applies cyber security policy that is difficult to be followed because of the process of that policy.
7- Having a clear vision of financial funding would create transparency and trust between IT staff and senior management.
8- lack in some area of cybersecurity policy that did not address would make policy so poor and useless
9- Informing human resources and legal affairs with planning and updates.
10- Finding human elements that have high skills and knowledge would lead security policies to be succeed and developed” (Dr. Elliott Lynn speech, 2014).
One of the important issues in cyber security is that organizations do not want to admit when they have been hacked, because if they admit that they got hacked, they would basically say that they are vulnerable. This issue has been minimized to the lowest level by social media that declares about anything in the world.
On the other hand, the most security threats that clients face these days are the threats that nobody ever hears about them.