A Detailed Strategy for Managing Corporation Cyber War Security Walid Al-Ahmad Department of Computer Science, Gulf University for Science & Technology Kuwait alahmed.w@gust.edu.kw ABSTRACT Modern corporations depend heavily on information and communication technologies and are becoming increasingly interconnected locally and internationally. This interconnectedness and dependency on information technology make corporations vulnerable to cyber attacks. Corporate managers therefore need to understand the growing cyber war threats and implement appropriate strategies to mitigate the risks. This research work is an attempt to develop a generic and detailed strategy to assist corporations in managing the cyber war security. The implementation of such a strategy will definitely lead to a more secure business environment and as a result will attract foreign investments to the Arab countries in the Middle East. Such a strategy can be considered as a first step toward protecting corporations from cyber war threats in an effective manner. KEYWORDS Information warfare, security strategy, security management, cyber war, cyber security, corporation espionage 1 INTRODUCTION Until recently information cyber war has been commonly regarded as a military concern. Nowadays, it is not only a military and national concern but also a societal issue. In fact, there is a paradigm shift from national cyber war to corporation cyber war. Thus, although the bulk of the cyber war literature addresses the military dimension, information warfare has expanded into non-military areas [1]. Corporation cyber war attacks are expected to increase rapidly and until now there isn’t any optimal and satisfactory solution to address this problem. Therefore, the issue of cyber war in the context of corporations warrants further study and investigation. This paper tries to shed light on this topic in an attempt to understand this phenomenon and its impact on corporations in particular and on nations in general. The main objective of this paper is to construct a cyber security strategy for corporations in the Middle Eastern Arab countries to address the cyber war risks. The reason why this strategy is designed for the Arab countries is that they all have many things in common; many of the challenges and hurdles apply to all of them. The author has worked in several countries in the region and is familiar with the security environments, regulations, academic and industrial sectors in these countries. Many information warfare definitions exist that emphasize the military dimension. A definition of information warfare that applies in both the military as well as the civilian contexts is this one: Information Warfare is defined as “actions taken to achieve information superiority by affecting adversary information, information-based processes, information systems, and computer- based networks while defending one's own information, information-based processes, information systems, and computer-based networks” [2]. Information warfare is can also be classified into three categories: Personal Information Warfare, where it describes attacks against an individual’s electronic privacy; Corporate Information Warfare, where it describes competition, or better said today's war between corporations around the world; Global Information Warfare, where it describes the war against industries, global economic forces or against entire countries or states. In [3], the complex cyber challenge is divided into five levels of security problems: home users and small businesses, large enterprises, critical 1 International Journal of Cyber-Security and Digital Forensics (IJCSDF) 2(4): 1-9 The Society of Digital Information and Wireless Communications, 2013 (ISSN: 2305-0012)