Wednesday, December 11, 2019
Creating A Cyber security Concept Inventory -Myassignmenthelp.Com
Question: Discuss About The Creating A Cyber Security Concept Inventory? Answer: Introduation Risk Assessment is a procedure by which the risks and threats associated with online activities can be well analyzed. Risk Assessment consists of procedures by which Gigantic Corporation can detect the issues beforehand. The procedures will help Gigantic Corporation to know the various levels of risks. Proper risk management process is divided into several stages- first of all, it includes the identification of risks, the detailed analysis of risks and the control measures to mitigate all those risks (Burley, Eisenberg Goodman, 2014). The identification of risks involves the analysis of all the risks that can attack the system and the database. The analysis of risks involves the harmful impact of all the risks to Gigantic Corporation system and the database. After appropriate accessing of risks, the control measures can help Gigantic Corporation to mitigate the risks. The control measures ensure that the data does not get lost from the database. The control measures can help Giganti c Corporation to ensure that the financial data and the confidential data of the clients remain safe (Glantz et al., 2016). The organization can safeguard their system from potential virus and malware attack. The online activities contain a large number of risks. The project analysis helps in identifying, analyzing and evaluation of risks. The primary objective of the project is to design a secure network for Gigantic Corporation that can help to ensure the security of the organization (Manuel, Cordeiro Silva, 2017). The project will make sure that the cybersecurity can protect the existing system of Gigantic Corporation from several threats and risks. Gigantic Corporation must have to take effective cybersecurity control measures so that Gigantic Corporation can carry out business activities over the cloud platform effectively. IT Risk Management report leads to the design of Risk Register, the risk register is helpful to provide details of the risks, their likelihood, their impact and their priority (Miller, 2016). The Risk Register can help Gigantic Corporation to find out the best solution. Risk Register Number Cyber threats Explanation of the risks and the threats Possibility Impact Priority 1. Threat Insider threats Threat insider attack leads to loss of confidential data (Keller, 2015) High Severe High 2. Phishing attack The users are directed to a malicious website which looks like a real website, but in reality, it is not. The attack is carried out sending emails to users or victims (McGettrick et al., 2014) High Severe High 3. Ransomware attack Encrypt all the files of the system, even it sabotage the entire system as well (Pusey, Gondree Peterson, 2016) High Severe High 4. BYOD threats Employees carry out business activities over their mobile phones. The mobile phones can act as a source of vulnerability Medium Severe High 5. Denial of Service attack Blocks the entire network, restrict the Admin of the computer system to gain access to their own system (Scott Trimarchi, 2017) Low Very low Low 6. Brute Force attack Hackers use specific software to guess the password of the users system, however, this guessing needs a lot of time (Shoemaker, Kohnke Sigler, 2016) Medium Medium Medium 7. Injection attack Hackers take control of the database of any individuals or any organisation (Van Vuuren, 2016) Medium High High 8. Malware attack Malware attack involves hijacking one system unethically and stealing, modifying and deleting confidential data of that system (Sherman et al., 2017) High Severe High 9. Lack of Recovery Planning Permanent data loss can occur due to lack of recovery planning (Datta, 2017) Low Medium Low 10. Lack of proper cybersecurity policy Chances of cyberattack increase if organisations do not follow security policies (Olesen, 2016) Low Low Low The risks that have illustrated above are some of the most common threat that Gigantic Corporation is facing. The risk matrix will be helpful to assess the risks that Gigantic Corporation faces while conducting business activities over the cloud. The priority of risks is explained and the risks that have high priority must be identified and Gigantic Corporation must take immediate actions to mitigate that risk. The medium and low priority risks must be identified and mitigated within the stipulated time. The report focuses on implementing a project for Gigantic Corporation that is capable to detect the malicious activities of the intruders and mitigate them (Redmiles, Malone Mazurek, 2015). The risk mitigation strategies have been illustrated in the report. The risk mitigation procedures will ensure that Gigantic Corporation can conduct their business activities securely and effectively. The report illustrates the use of intrusion detection system and antivirus program to safeguard the system and database of Gigantic Corporation. Gigantic Corporation faces two kinds of attacks, one is passive and the other one is active. The passive is pretty hard to identify as it denotes silent monitoring of the system. The passive attack involves silent monitoring of computer system and database. The risk matrix suggests that the risk is severe in case of passive attack. The attackers collect the confidential data from the database of the organization (Scott Trimarchi, 2017). The impact of the active attack is less compared to the passive attack; however, both active and passive attack can prove to be dangerous for Gigantic Corporation. The threat insider attack is the security threat that takes place within the organization. The employees of the organizations are responsible for this insider attack. The threat comes not only comes from the current employees end but also comes from the former employees end. The other stakeholder and other board members can be responsible for this attack (Malhotra, 2015). There are various types of an insider attack. The employees gain access to the financial information and steal that financial information. The employees make ally with a rival company and share information of the present company to that rival company. The organizations can be affected by Logic Bombs. This malicious software is left running on the computer system and this malicious activity is carried out generally by the former employees of the organizations. The insider threat can be both intentional and intentional. The employees those who conduct insider threats attack are not true employees. The insider threat c an only be minimized by limited usage of the confidential data of the organization. The employees should have access to only those portions of data for which they have been given the responsibility (Hinds Joinson, 2017). For instance, the customer care team of Gigantic Corporation should have access to the customers or the clients data and they should not have access to the database where the financial data is stored. Phishing is another kind of deadliest attack by which any organization can face severe loss. The hackers design malicious website to gain confidential information about the clients and the customers. A phishing attack is conducted mainly due to gain the login credentials. The clients fall into the trap of the attackers by providing all the credentials (Pan, Mishra Schwartz, 2017). The hackers direct customers to a malicious website which looks legitimate but actually it is a fraud website. The customers try to access those website providing all the login details and fall into the trap. Sometimes they send emails to the clients and customers posing as a trustworthy company and gain all the confidential data. Gigantic Corporation by installing a proper intrusion detection system can prevent the phishing attack. The organization should train their employees about how to safeguard the organizations data and system against the phishing attack. Gigantic Corporation must be aware that the major tool used in case of phishing attack is email. If the employees click on the link, the virus gets spread into the entire system. Thus the phishing attack can threaten ones privacy or any organizations privacy (Wood Dandin, 2017). Gigantic Corporation must be aware of this attack that is why they must configure the intrusion detection system on their premises. Ransomware attack is one of the attacks that is carried out to encrypt the files. The intruders keep a record of those encrypted files for a certain amount of time until the victim pays to the intruders. Ransomware generally enters into the system when any individually intentionally or unintentionally download the file into the system. Once the infected file gets executed, the virus gets spread out. It encrypts all the file of the system leaving a message that the files can only be recovered or decrypted if the victim is willing to pay money (Wu Irwin, 2016). There are certain scenarios where the victim pays the money but they fail to recover back their file. The victims have the opportunity to pay the money online only through Bitcoin. Cryptolocker, Cryptowall, Locky are some of the ransomware viri that can prove to threat for any organization and Gigantic Corporation is no exception. Again, the ransomware attack also leads to sabotage of the entire system, ransomware shut down and disrupt the operating system as well. Therefore, Gigantic Corporation can face severe loss due to this and they need to take initiatives to mitigate the threat (Sohal et al., 2017). Gigantic Corporation must keep backup of their files, in case of ransomware attack, they will not lose any data. If ransomware attack occurs then they should take the initiative to restore the operating system. Gigantic Corporation must update their system regularly. The ransomware is less effective in the updated system. They must disable the autorun for all the mounted devices. The employees should be trained so that they do not click any link and emails coming from unconfirmed sources. In this way, Gigantic Corporation can stay safe from the ransomware attack. The attack can be mitigated installing antivirus software. Denial of Service attack is responsible to shut down ones system and the network. The organization generally suffers two types of DoS attacks; one is the flooding service while the other one is the crashing services. The intruders send more and more data packets to a network address; a network address has a certain capability to handle data packets if the limit exceeds the buffer overflows lead to virus attack. The DoS attack can be minimized by limiting the rate of traffic a network can actually withhold within a given time frame (Shoemaker, Kohnke Sigler, 2016). The DoS attack is not responsible for data loss, so DoS attack can be mitigated. The brute force attack can be minimized via a strong password that is quite difficult to guess. There are several risks and threats associated with BYOD. The risks are local exposure, data leakage, data loss, public exposure, insecure usage and malicious apps. The organization data stored in the BYOD device can get hacked. The organizational data can get hacked due to the unsecured BYOD device. Again, confidential data of the organization can get hacked due to physical loss or theft from the BYOD device. The BYOD device can be used by any third party thus there is a chance for data loss or leakage or data as well. The BYOD risks can be mitigated by applying a password to the device. The password will save the data of the organization from getting lost. Also, Gigantic Corporation can protect the BYOD device by installing an antivirus program. The antivirus program will protect the Gigantic Corporations data stored in the BYOD device (Sherman et al., 2017). Firewall protection can assist in detecting the malicious activities conducted by intruders. The threat can be a threat of d eliberate threat as threat insider that is why the effect of the threat has been marked severe in the risk matrix. Injection attack is one of the attacks that have been marked severe in the risk matrix. Gigantic Corporation will have to consider the threat very seriously and must take necessary precautions. The injection attack is responsible to steal the sensitive information of the system. However, the injection threat can be mitigated by appropriate usage of the dynamic SQL. Gigantic Corporation can also mitigate the risk of injection attack with the appropriate usage of the firewall (Dark et al., 2015). It is necessary for Gigantic Corporation to install antivirus program in the system and they must update the antivirus regularly, this approach will ensure the safety of the organization. Also, Gigantic Corporation must scan the system with the antivirus program frequently as it will keep their system secure. Malware or malicious software can be disastrous for any individuals or organizations. The malware involves several malicious activities like stealing of confidential data, encryption and deletion of the sensitive data. The organizations get seriously affected by the malware, as the malware hijacks the financial data, clients' data and the other confidential data. The malware also attacks the core computing functions and even sabotage the computer system. Thus due to malware attack, the company's business operations get disrupted and the company faces huge loss for this reason. The malware installed in the system monitors individuals' computer activity without their permission. There are various types of malware, one is the virus, the virus is a type of malware that has the capability to execute itself and virus spreads by infecting other files. A worm is a type of malware that has the capability to replicate itself they do not require a host program. The worms typically do not requir e any human intervention. The trojan horse looks a legitimate program, after installation, it executes the malicious operations (Datta, 2017). Spyware is a type of malware that accumulates data from the users and monitors users activities without their permission. Ransomware attack is another type of malicious activity which involves encryption of files of the computer system. Cybercriminals promise to decrypt those files but in lieu of money. Remote Access Trojan (RAT) is one type of malware that takes control of an entire system by a remote connection and it seems that the computer system has been accessed physically. Gigantic Corporation has risks getting affected by all these malware programs (Dua Du, 2016). Gigantic Corporation can secure their system simply by installing an antivirus program. The usage of the firewall is an absolute necessity for Gigantic Corporation to mitigate the malware threats. Gigantic Corporation must have a disaster plan ready. The disaster recovery plan can help them to recover the confidential files. They must keep a backup of the important files if the cyber attack occurs Gigantic Corporation will not have to worry about losing any files. Protection mechanism Several risks and threats are related to the online activities and online websites and they must be properly mitigated. The mitigation of all those risks ensures that Gigantic Corporation can carry out the business activities normally without any safety concern. The hacking, identity theft and virus and malware attack are some forms of security threats which can disrupt the business operations of Gigantic Corporation. Hacking is one such malicious activities by which the intruders gain access to the website and attack the system and the database of the organization to steal the private data and the confidential data (Gordon et al., 2015). The confidential data involves the customers list of the company. The confidential data comprises of the employees lists, clients lists, and password of the employees. The confidential data consists of financial data of the organization as well. The hackers hack those confidential data for their own benefits. They sell those data to the rival. The o rganization can face heavy loss due to the intruders attack. Gigantic Corporation similarly can get affected due to the malware attack, they can lose the customer base, they can lose reputation, and they can lose clients. The entire business operations will get stopped due to the intruder attack. Gigantic Corporation can get affected due to the malware and the virus attack. Virus basically contains the code that can cause serious damage to the system and the database. The intruders basically use the keyloggers and specific software to steal the confidential data of the database of the organization. The attackers upload a virus to the cloud server with the help of input forms. The hackers also use the backdoor to attack system and database of the organization. Gigantic Corporation can get severely affected by the malware and the virus attack. The business operations can get disrupted due to all these malicious activities. The organization employees can surf the malicious website and can download the malicious file (Keller, 2015). The downloaded files can help to gain access to the confidential data stored in the system and the database. Gigantic Corporation is no exception. The insecure network and insecure database can prove to be a threat for Gigantic Corporation. The virus also gets transmitted to the other system connected to a single network. Due to the virus attack, Gigantic Corporation must adopt control measures to secure the data of the website. Identity theft is another risk associated with the website of the organization. In case of identity theft, the users data can get compromised. The intruders use the users data for criminal activities. Since, Gigantic Corporation conduct business activities over the cloud platform and website, they can be the victim of the identity theft (McGettrick et al., 2014). Hackers use this personal information for their own benefits and for this reason the clients, the employees of Gigantic Corporation can get threatened due to identity theft. The cybersecurity threats can be mitigated by adopting certain control measures. The standards adherence, firewall and secure socket layer can be useful in mitigating the threats residing within the system and the database. Firewall application installed on the server is helpful in checking the data communication and the data traffic that flows to and fro the server. The firewall blocks the malicious flow of data into the system. Thus Gigantic Corporation can conduct business activities over the cloud platform due to the configuration of the firewall into their system (Pan, Mishra Schwartz, 2017). The firewall assures that only the legitimate packets access the system. Secure socket layer has the capability to prevent the identity theft. The HTTPs usage assures a secure connection between server and client (Olesen, 2016). An information must be encrypted at first and then it should be transmitted between server and client in such a way that a third party fails to decrypt the information. The web server and the Website of Gigantic Corporation must follow the security policies to prevent the virus and malware attack. The policies and the guidelines will help Gigantic Corporation to conduct business activities over the cloud platform (Burley, Eisenberg Goodman, 2014). The employees and the clients of Gigantic Corporation must use a strong username and password in the server, it will help them from being compromised. References Burley, D. L., Eisenberg, J., Goodman, S. E. (2014). Would cybersecurity professionalization help address the cybersecurity crisis?.Communications of the ACM,57(2), 24-27. Dark, M., Bishop, M., Linger, R., Goldrich, L. (2015, May). Realism in teaching cybersecurity research: The agile research process. InIFIP World Conference on Information Security Education(pp. 3-14). Springer, Cham. Datta, S. P. A. (2017). Cybersecurity-Personal Security Agents for People, Process, Atoms Bits.Journal of Innovation Management,5(1), 4-13. Dua, S., Du, X. (2016).Data mining and machine learning in cybersecurity. CRC press. Glantz, C. S., McKinnon, A. D., Thorsen, D. E., Boyd, P. A., O'Neil, L. R., Henderson, J. W. (2016).Common Misconceptions Regarding Cybersecurity Requirements for Renewable Energy Generation Facilities Associated with Army Installations(No. PNNL--25451). Pacific Northwest National Lab.(PNNL), Richland, WA (United States). Gordon, L. A., Loeb, M. P., Lucyshyn, W., Zhou, L. (2015). Increasing cybersecurity investments in private sector firms.Journal of Cybersecurity,1(1), 3-17. Hinds, J., Joinson, A. (2017, July). Radicalization, the Internet and Cybersecurity: Opportunities and Challenges for HCI. InInternational Conference on Human Aspects of Information Security, Privacy, and Trust(pp. 481-493). Springer, Cham. Hogan, M. D., Newton, E. M. (2015). Supplemental Information for the Interagency Report on Strategic US Government Engagement in International Standardization to Achieve US Objectives for Cybersecurity.NIST Interagency/Internal Report (NISTIR)-8074 Volume 2. Keller, N. (2015). Cybersecurity Framework FAQs Relationship Between The Framework and Other Approaches and Initiatives. King, Z., Henshel, D., Flora, L., Cains, M. G., Hoffman, B., Sample, C. (2018). Characterizing and Measuring Maliciousness for Cybersecurity Risk Assessment.Frontiers in Psychology,9, 39. Malhotra, Y. (2015). Cybersecurity Cyber-Finance Risk Management: Strategies, Tactics, Operations, , Intelligence: Enterprise Risk Management to Model Risk Management: Understanding Vulnerabilities, Threats, Risk Mitigation (Presentation Slides). Manuel, J., Cordeiro, R., Silva, C. (2017, September). Between Data Mining and Predictive Analytics Techniques to Cybersecurity Protection on eLearning Environments. InProceedings of the Computational Methods in Systems and Software(pp. 185-194). Springer, Cham. McGettrick, A., Cassel, L. N., Dark, M., Hawthorne, E. K., Impagliazzo, J. (2014, March). Toward curricular guidelines for cybersecurity. InProceedings of the 45th ACM technical symposium on Computer science education(pp. 81-82). ACM. Miller, K. L. (2016). What We Talk About When We Talk About Reasonable Cybersecurity: A Proactive and Adaptive Approach.FLA. BJ,90, 23-23. Nagurney, A., Daniele, P., Shukla, S. (2017). A supply chain network game theory model of cybersecurity investments with nonlinear budget constraints.Annals of Operations Research,248(1-2), 405-427. Olesen, N. (2016). European Public-Private Partnerships on Cybersecurity-An Instrument to Support the Fight accounting Cybercrime and Cyberterrorism. InCombatting Cybercrime and Cyberterrorism(pp. 259-278). Springer International Publishing. Pan, Y., Mishra, S., Schwartz, D. I. (2017, June). Board# 133: Gamifying Cybersecurity Course Content for Entry Level Students. In2017 ASEE Annual Conference Exposition. Pusey, P., Gondree, M., Peterson, Z. (2016). The Outcomes of Cybersecurity Competitions and Implications for Underrepresented Populations.IEEE Security Privacy,14(6), 90-95. Redmiles, E., Malone, A., Mazurek, M. L. (2015). How I Learned To Be Secure: Advice Sources and Personality Factors in Cybersecurity. InSymposium on Usable Privacy and Security Poster. Scott, B. I., Trimarchi, A. (2017). The Digital Aviation Industry: A Balancing Act Between Cybersecurity and European Consumer Protection.Air and Space Law,42(4), 443-462. Sherman, A. T., Oliva, L., DeLatte, D., Golaszewski, E., Neary, M., Patsourakos, K., ... Thompson, J. (2017). Creating a Cybersecurity Concept Inventory: A Status Report on the CATS Project.arXiv preprint arXiv:1706.05092. Shoemaker, D., Kohnke, A., Sigler, K. (2016).A Guide to the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (2.0): A Guide to the National Initiative for Cybersecurity Education (NICE) Framework (2.0)(Vol. 3). CRC Press. Singer, P. W., Friedman, A. (2014).Cybersecurity: What Everyone Needs to Know. Oxford University Press. Smith, E., Corzine, S., Racey, D., Dunne, P., Hassett, C., Weiss, J. (2016). Going Beyond Cybersecurity Compliance: What Power and Utility Companies Really Need To Consider.IEEE Power and Energy Magazine,14(5), 48-56. Sohal, A. S., Sandhu, R., Sood, S. K., Chang, V. (2017). A cybersecurity framework to identify malicious edge device in fog computing and cloud-of-things environments.Computers Security. Van Vuuren, J. C. J. (2016).Methodology and Model to Establish Cybersecurity for National Security in Africa using South Africa as a Case Study(Doctoral dissertation). Wood, T. A., Dandin, M. (2017, May). Cybersecurity and the electric grid: Innovation and intellectual property. InCircuits and Systems (ISCAS), 2017 IEEE International Symposium on(pp. 1-1). IEEE. Wu, C. H. J., Irwin, J. D. (2016).Introduction to computer networks and cybersecurity. CRC Press.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.