With the advent of dangerous malicious codes like Flame and Stuxnet, it has become evident that cybersecurity poses existential threats to institutions if not properly managed. As the risks of traditional wars abate, the Internet has since evolved as the 21st century battleground where malware, not rockets, can be used to launch attacks on infrastructures like power, telecoms, capital markets and financial institutions. Also, through espionage and hacking, organized crimes by nations, corporate institutions and individuals can steal vital intellectual properties (IPs) that drive innovations in any economy. When a country or an organization loses its competitive advantages, its market-winning capabilities will be weakened. Besides the malwares and worms, there is also the human element which poses risks to intellectual properties and business trade secrets due to the ease of moving digital wares.

In this book, we discuss cybersecurity and digital forensics within the broad nexus of policy, management and technology. The book is structured to deepen capacities for cybersecurity and forensics experts as they design mechanisms to prepare, detect, defend, defeat, and harden their organizations’ critical digital and information assets.

Cybersecurity is not a game of choice – it is the new normal. Unlike in the past, modern hackers are coordinated, well-funded and operate like corporations. Around the world, central banks have noted that financial institutions are losing hundreds of millions of dollars to cyber-related frauds and threats. The 21st century will be a century of cyber warfare and will require strategic readiness for organizations. These institutions have to plan beyond dependence on state institutions for cybersecurity protections. Specifically, in most emerging markets like Africa, the level of that preparation to secure and protect assets like power systems, telecoms, financial infrastructures, and water systems is still evolving.

Furthermore, the world has nuclear non- proliferation treaty, but none exists for cyberwar despite the potential economic dangers the latter poses to world commerce. Accordingly, many nations have started to deploy strategic commands to protect, defend and necessarily retaliate when their systems are attacked through cyber-means. The United States Pentagon has the Cyber Command inside the National Security Agency, the British has a similar unit inside the GCHQ. China, Iran, Russia, Israel, and many other nations have developed cyber-armies to protect their economies. In this book, we explain how nations can invent new policies and management systems besides deepening technological capabilities to confront the challenges of emerging digital warfare.

Experiences shared in this book have been possible through our cybersecurity business (First Atlantic Cybersecurity Institute, Facyber) and our data analytics firm (Milonics Analytics). Facyber works with organizations and nations to deepen their cybersecurity and digital forensics capabilities by training their workforce. We also provide cybersecurity research and consultancy. The programs cut across cybersecurity policy, cybersecurity management, cybersecurity Technology and cybersecurity intelligence / digital Forensics structured along certificate, diploma and nanodegree programs. Milonics Analytics, an IBM PartnerWorld, is a preeminent big data analytic business. We have captured our experiences and presented them in this book.

As information and communication technology (ICT) continues to facilitate the process of socio-economic development of nations, offering new ways of exchanging information, and transacting businesses, efficiently and cheaply, we would experience redesigns in the dynamic natures of financial, entertainment and indeed all industrial sectors. ICT would usher better means of using the human and institutional capabilities of countries in the public and private sectors, rapidly moving nations towards knowledge-based economic structures and information societies. These societies would comprise networks of individuals, firms and nations that are linked electronically and in interdependent relationships. Yet, as these changes happen, our world will experience more challenges in information security. Indeed, as economic systems go digital, the risks posed by unsecured weakest links at host, intermediary and client levels will become prominent. This book examines these multifaceted issues from a broad angle that combines policy, technology and management.

As you read this book, you may notice some repetitions. It was intentionally done. We understand that not many people would invest the enormous time required to read all the chapters. Indeed, some professionals may just be interested in some specific topics. To create a balance, we have made most of the chapters largely autonomous, and that means some concepts are repeated.

Finally, I want to thank our team in the Fasmicro Group organization and our partners especially Halogen Security Group which assisted significantly on this project.

I am very confident that you would enjoy this book.

Ndubuisi Ekekwe, PhD

First Atlantic Cybersecurity Institute

February 2018