Baral_Nirnaya_Whitepaper_CSSS5000
docx
keyboard_arrow_up
School
Webster University *
*We aren’t endorsed by this school
Course
5000
Subject
Information Systems
Date
Feb 20, 2024
Type
docx
Pages
18
Uploaded by DeanTurtlePerson4160
1
Nirnaya Baral
Master of Science in Cybersecurity, Webster University
Cybersecurity Program White Paper
CSSS 5000: Introduction to Cybersecurity
2
Abstract
The current escalation of computer hacktivists has had a severe influence on the fundamental functioning of enterprises all over the globe. Businesses confront the issue of improving their cyberspace safety to avoid and battle cyber warfare. However, investigations of the elements influencing organizations' cybersecurity within a comprehensive viewpoint are sparse. On the other hand, the creation of a clear cybersecurity strategy has been revealed to become a complex process. We now lack a workable legislative foundation that methodically lists the challenges and defines the criteria that limit this progress. This is mainly due to its task's enormous difficulty but also the rate at which advances in cyber technology emerge. Cyberattacks are diverse and ever-changing. However, developing a cohesive cybersecurity plan has increasingly become an important task thus far. There is an absence of a realistic policy architecture that methodically organizes concerns and determines constraining factors, and stated objectives and programs are strictly targeted and executed gradually. The freshly suggested holistic view of aspects that influence institutions' network security preparedness and substantiation of one‘s significance can also be used to plan prospective investigations and improve modern knowledge of how firms can effectively configure themself to reduce the incidence and implications of computer security.
Keywords: Computer Hacktivists, Cyberwarfare, Strategy, Architecture, Investigations
3
Introduction
The rising utilization of technological advances, and networks that are more connected and far less insulated from the external community, raises the danger of cybercrime. Thus, the frequency
of cybercrime events continues to rise. Cybersecurity threats are attributable to various causes, including insufficient safety and technological advancement and the rising intricacy and sophistication of assaults (Reegård, Blackett & Katta, 2019). New threats develop almost every day in today's technical environment. Access to Internet connectivity increases the chances of a hacking criminal targeting your firm. Cybercrime has become colossal money, with corporations worldwide focusing on cybersecurity threats. If firms do not have a proper cyber protection plan, they face significant financial and reputation concerns. A cybersecurity policy and risk assessment strategy must be designed for the institution's capacity. The proprietors and executives must see cybersecurity threats as a substantial economic
concern. This must be done on the same scale as the legal, functional, financial, and regulatory environments, with appropriate assessment standards and outcomes, controlled and evaluated (Ursillo, Jr. & Arnold, 2019). Posting fake e-mails and misrepresenting corporations digitally are
by far the most common sorts of computer crimes conducted. Inside the Cyber Threat detection Report, phishing e-mails have also become the most prevalent kind of cybercrime.
“The NIST Cybersecurity Framework is a valuable resource for cyber security experts (Bresnahan, 2018).” This is a cost-effective solution for firms to tackle cybercrime and generate a corporation discourse about cyberspace threat and accountability due to its versatility and scalability.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
4
Cyber Threats to an organization
Cybersecurity breaches can occur at any moment and in any company. With justification, cybersecurity seems to be a major priority for today's company directors and Information technology leaders (Reegård, Blackett & Katta, 2019). Malicious attackers know typical weaknesses afflict organizations and institutions, which keeps cybersecurity experts on their heels. Even as the capacity to connect to the digital world develops due to technological advancements, so will the number of vulnerability challenges businesses may confront (Ursillo, Jr. & Arnold, 2019). Eliminating such assaults is crucial in terms of money. In today's corporate world, there seem to be various distinct security risks to be mindful of – ones which only an experienced cybercrime specialist may be able to assist avert.
Social Engineering
: Social engineering is a phrase for various hacking techniques. These techniques are intended to dupe someone into disclosing critical or secret data. These assaults are
frequently disguised as phishing (Crumpler & Lewis, 2019). Phishing operations focus on email that appears to be from a genuine entity, like a company, banking, or government organization. When receivers open the document or click on links in an email, they subject entire networks to the virus. The tactic has become more sophisticated over time, making it critical for businesses to
teach employees to recognize these operations and stop succumbing to their deceit (Crumpler & Lewis, 2019).
Ransomware: Hackers also employ ransomware as a technique. The goal is to keep an organization's network captive until the afflicted person pays a certain financial sum, which is frequently substantial. Such threats may be performed by email, but they can also be launched by
accessing an infested website, relying on an internet ad containing the malicious script, or leveraging networking flaws.
5
Distributed denial-of-service (DDoS
): Teamwork is a defining feature of these assaults. A cybercriminal overwhelms the network with many concurrent operations, including a specific request to a website page. The purpose is to completely overload communications networks, processes, or endpoints. This may eventually reveal flaws that malicious hackers can target. The intricacy of this strategy, like that of various cybersecurity threats, has improved as technologies have advanced, making it critical for enterprises to be informed of the newest advances to guard against these kinds of cybercrime incidents.
Third-party software
: Private organizations are a tempting subject for cybercriminals. One explanation would be that such modest computer systems can occasionally serve as portals to more prominent destinations. Private organizations frequently lack adequate security procedures in the future to minimize theft. The hack began with cybercrime on a local firm that operated Target's refrigeration and air ventilation.
Mitigation strategies to prevent Cyberattack in an organization “Prevention Approaches are designed to address a wide variety of exploitation methodologies employed by Advanced Persistent Threat (APT) actors (National Security Agency, 2018).” These mitigations provide objectives for business entities to reduce operational damage. The countermeasures further expand on the “NIST Cybersecurity Framework functions to manage cybersecurity threats and support a defense and protection security infrastructure (National Security Agency, 2018).” The efficiency of the mitigation techniques across recognized APT techniques is graded. More measures and practitioner guidelines will be necessary to limit the incidence of new methods.
6
“The cybersecurity functions are labeled as follows: Identify
, Protect
, Detect
, Respond
, Recover
(Cybersecurity Framework | NIST, 2018).”
Simultaneously upgrade and install security software (Identify, Protect)
Execute every accessible software upgrade, automating the procedure as much as feasible, using a vendor-provided auto-updater. Automation technology is required since risk attackers research fixes and develops vulnerabilities frequently shortly after an update is issued ("National Security Agency,” 2018). Such "N-day" attacks could be just as devastating as zero-day vulnerabilities. Vend’ modifications should be legitimate; upgrades are often verified and distributed via secured connections to ensure the information's security ("National Security Agency,” 2018). Malicious attackers can function within a user’s patch process if patches are not applied quickly and thoroughly.
Embedding Risk Reputation Solutions (Protect, Detect)
Use risk reputational solutions from many sources for documents, Domain name server, uniform resource locater, Ipv address, and mailing addresses. Reputational solutions aid in identifying and mitigating harmful activities, allowing for faster transnational reactions
to vulnerabilities, less susceptibility to identified risks, and accessibility to a far more comprehensive risk assessment and alerting capabilities than a company can give by itself
("National Security Agency,” 2018). Information concerning, either focused or worldwide operations, arises at a rate that most companies cannot address, leading to inadequate protection of developing security risks. Solutions for multi-source credibility and data exchange can give more rapid and comprehensive defense capabilities over dynamic malicious attackers ("National Security Agency,” 2018).
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
7
Make the Switch to Multi-Factor Authentication (Identify, Protect)
Safeguard identities with enhanced rights, internet connectivity, and increased resource utilization first. To augment experience and understanding of elements such as credentials and Personal Identification Numbers, token-based authenticating solutions must be utilized ("National Security Agency,” 2018). Organizations must move beyond single-factor authenticators, such as passcode systems, vulnerable to identity thefts, falsification, and repetition across various platforms due to poor customer selections ("National Security Agency,” 2018).
Keep an eye out for network intrusions (Detect, Respond, Recover)
Proactively identify, restrict, and eliminate any harmful activity on the internet. Commercial firms must presume that a hack has occurred and deploy groups working to actively search out, isolate, and eradicate malicious individuals from their networks ("National Security Agency,” 2018). Passively detection techniques, including logs, Security information and event management products, EDR systems, and various information analysis abilities, are valuable tools for identifying fraudulent or unusual activities ("National Security Agency,” 2018). Active investigations should involve search activities and vulnerability scanning, having well-incident response protocols in place to handle potential safety problems detected. Taking greater concentration will move the business above basic surveillance approaches, allowing for accurate danger identification and restoration through a persistent surveillance and mitigation plan.
8
Use a System Restoration Strategy (Identify, Respond, Recover)
Develop, analyze, and test a system restoration strategy as part of a comprehensive catastrophe recovery approach to assure information recovery. The process must secure critical data, settings, and records to guarantee uninterrupted operation in case of an unforeseen occurrence ("National Security Agency,” 2018). Backup copies must be attached, kept offshore, disconnected wherever feasible, and allow working system and equipment restoration and reconstitution for added security. Consequently, led and reviewed the contingency plan ("National Security Agency,” 2018). The strategy should be updated as needed to meet the ever-networking architecture. A recovery strategy is essential for mitigating natural calamities and criminal attacks such as ransomware.
Cybersecurity policies for my organization
Information Security Policy
The company's initial policy statement is its information Security Policy. The policy statement provides the overarching policy that displays utmost dedication to supporting the firm's Data Safety Program and establishes the Project's fundamental beliefs, structure, and logic ("Cyber Security - SorceTek Technology Group,” n.d.).
The CIA triad is focused on information security policy:
o
Confidentiality
: Information and data are kept private and secure against unwanted access.
o
Integrity
: The data is comprehensive, precise, and detailed.
o
Availability
: Whenever necessary, IT technologies are accessible.
9
Specific goals of information security policy: o
Identify and prevent vulnerabilities in data privacy generated by third suppliers and abuse of connections, information, apps, electronic platforms, and portable gadgets (Selvidge, 2022).
o
Safeguard client information and react to inquiries and concerns regarding noncompliance with safety and information privacy regulations.
o
Maintain professional, economic, and quality requisites.
In the event of noncompliance, the data assets of a company, particularly any intellectual material, are vulnerable to intrusion or theft. Consequently, customer and investor confidence and prestige diminish, eventually leading to the institution's downfall (Selvidge, 2022).
Access Control policy
The Access Control Policy specifies detailed rules for limiting data access to only authorized personnel of an organization with a business requirement to utilize the data and assets (Sandhu & Samarati, 1994). User Access control solutions are put to safeguard
the objectives of all participants of an organization’s activities by offering a protected, private, and readily available context that safeguards the integrity, availability, and confidentiality of the organization's data.
The CIA trade focused on Access control policy:
o
Confidentiality
: The guarantee that solely authorized personnel to have accessibility to data and processes.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
10
o
Integrity
: Preventing illegal data modification.
o
Availability
: While information and assets must be secured, they must also be available, responsive, and accessible promptly.
Specific goals of Access control policy:
o
You can adjust user rights and restrict permissions - ideal for whenever employees depart or switch positions and want to ensure they constantly have accessibility and control (Sandhu & Samarati, 1994).
o
A dashboard or monitoring portal monitors and regulates accessibility centrally.
o
Agreement with information protection rules that govern the collection, accessibility, and usage of individual information (Sandhu & Samarati, 1994).
Events of noncompliance:
o
Computer service disruption.
o
Productivity decline
o
Legal ramifications
o
Unauthorized data release
Security Awareness and Training policy
As previously stated, regardless of how many regulations or restrictions are implemented,
it will be worthless if the individual is ignorant of them. Our Security Awareness and Training policy mandates that all company users be informed and instructed about how to
perform their data security duties (Mimcast, 2022).
Objectives of Security Awareness training and policy:
11
o
Identifying the cybersecurity threats to our computer networks and information's integrity, confidentiality, and availability.
o
Understanding the precautions provided to mitigate the dangers to our consumers,
information, and technology infrastructure (Mimcast, 2022).
o
Recognizing effective practices for protecting our customers and data assets from data protection threats (Mimcast, 2022).
Events of noncompliance: o
Threat of ransomware and phishing
o
inadvertent data disclosures
Cybersecurity team in my organization
Efficient cybersecurity depends on properly implementing technologies, procedures, and personnel in any business. If you correct the individuals, another two aspects will start taking care of themselves.
Security Incident Manager
The protection Event Manager is responsible for managing occurrences in real-time, offering a 360º overview of various cybersecurity vulnerabilities inside the IT architecture (Unni, 2019). Security Incident Managers often rely on their security departments housed in a Security Operating Unit to do continual surveillance and analysis.
Cybersecurity Safety and Compliance Specialist
12
Cybersecurity administration, safety, and accountability professionals guarantee that organizations meet all legislative and licensing criteria set out by the corporate, regional, and national gov't (Unni, 2019). Threat and conformance responsibilities have been part of the Chief Financial Officer's portfolio. At the same time, Cyber Defense positions are frequently invented in collaboration with the Chief Information Officer's organization, indicating that the Cyber Threat role often traverses two vastly distinct parts of the enterprise (Unni, 2019).
Penetration Tester
A penetration tester, sometimes referred to as an "authorized user" or "ethical hacker," is a computer security professional who discovers and exposes flaws in computing systems (Unni, 2019). The modeled procedure reveals a company's weakest points and locations that programmers may have overlooked. It is best to do a penetration test immediately before deploying a system, followed by additional tests, preferably less than annually (Unni, 2019). Penetration testing may be necessary more regularly in situations that are constantly changing.
Cyber Security Strategist
By interacting with actual corporate units and technological groups, a professional Cybersecurity strategist is accountable for establishing the strategic plan for Cyber Defense. The strategist anticipates possible future safety features and evaluates the
organization's critical threat zones while guaranteeing that every vital company and innovation choice incorporates a robust Cybersecurity strategy (Unni, 2019).
Chief Information security officer
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
13
The CISO recruits essential stakeholders inside the firm to provide the required financing
and workforce and forms critical collaborations with independent suppliers and cybersecurity specialists (Unni, 2019). Ultimately, the CISO must coordinate data security projects and workers within the enterprise to facilitate a seamless transformation into threat-free business operations.
Access control methods I would implement to build the organization’s network.
Discretionary Access control
The controller of information decides who has access to certain assets in DAC.
Identity-Based Access control
Applying this technique, network managers may better regulate performance and accessibility depending on user needs (Pankaj, 2022).
Mandatory Access Control A control approach where a centralized entity regulates access permissions depending on numerous layers of safety (Pankaj, 2022). On the Linux environment, Safety Advanced Linux is accomplished via MAC.
Role-Based Access Control
RBAC grants access depending on work title. Regarding giving accessibility to entities, RBAC removes discretionary to a broad degree. Human operations specialists, for instance, must not be granted authorization to establish networking connections (Pankaj, 2022).
Attribute-based Access Control
14
This paradigm allows or denies access by analyzing a structure of regulations, policies, and associations based on the properties of individuals, objects, and external factors (Pankaj, 2022).
History-Based Access Control
Access is allowed or denied based on the querying group's activity record, which comprises behavior, duration among queries, and requested information (Pankaj, 2022).
Methodologies to track performance and report metrics
A checklist must be used to monitor their activities regarding securing confidential material, avoiding security intrusions, and identifying cyber assaults. “Key performance indicators (KPIs) are an efficient approach to assessing the progress of any program (particularly cyberspace) and making decisions (Reciprocity, 2021).”
Unidentified Devices on Internal Network
Employees are bringing out their equipment and improperly setting up the Internet of Things (IoT) equipment, which can transmit viruses and other cybersecurity dangers, hence why intrusion detection systems are crucial to any institution's safety (Reciprocity, 2021).
First Party Security Ratings
Security ratings are frequently used to convey statistics to non-technical counterparts as a
convenient score. Safety evaluations can assist in identifying whether data protection indicators require improvement and reflect the cybersecurity threat assessment process (Reciprocity, 2021).
Patching Cadence
15
Malicious hackers frequently employ advanced threat technologies and take advantage of
the time gap between update and installation (Reciprocity, 2021).
Number of cybersecurity incidents reported
Are users and workers addressing security risks to your group? If that's so, it's a positive indicator; workers and investors are aware of the challenges addressed in their training.
Virus Infection monitoring
How frequently does the virus protection software scan to check widespread apps for malware samples, such as email customers, internet browsers, and online communication applications (Reciprocity, 2021)?
Conclusion
The most significant crucial, and frequently least comprehended part of safety has been explored in this paper: security policy. A cybersecurity policy specifies the consumer's or user's requirements, such as their needs for confidentiality, integrity, and appropriate information protection, and the circumstances during which customers could ensure that these perceptions are
satisfied. An Information security plan doesn't entirely, on its own, set the requirements of the customers for detailed data technologies. Alternatively, it is the link connecting the expectations of the customers and the specified criteria that may be used to create a data network. Furthermore, the framework complements this paper’s explanation of the required elements of a cybersecurity policy, as well as a discussion of the practical details for every aspect to facilitate
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
16
formulating a complete and comprehensive security strategy. If used with attention and effort, this framework should enable the creation of a documented security policy.
References
Al-Matari, O., Helal, I., Mazen, S., & Elhennawy, S. (2020). Integrated framework for cybersecurity auditing.
Information Security Journal: A Global Perspective
,
30
(4). doi: 10.1080/19393555.2020.1834649
Bresnahan, E. (2018). What Are the Benefits of the NIST Cybersecurity Framework. Retrieved 19 July 2022, from https://www.cybersaint.io/benefits-of-nist-cybersecurity-framework
Crumpler, W., & Lewis, J. A. (2019).
The cybersecurity workforce gap
(p. 10). Washington, DC,
USA: Center for Strategic and International Studies (CSIS).
Cyber Security - SorceTek Technology Group. Retrieved 19 July 2022, from https://sorcetek.com/cyber-security/
Cybersecurity Framework | NIST. (2018). Retrieved 19 July 2022, from https://www.nist.gov/cyberframework
Dakshi., -Won., & Verma. (2008).
Policy Technologies for Self-Managing Systems
. IBM Press\
17
Mimcast. (2022). What is Security Awareness Training and Why is it Important? | Mimecast. Retrieved 19 July 2022, from https://www.mimecast.com/content/what-is-security-awareness-
training/
Gupta Bhol, S., Mohanty, J., & Kumar Pattnaik, P. (2021). Taxonomy of cyber security metrics to measure the strength of cyber security.
Materials Today: Proceedings
. doi: 10.1016/j.matpr.2021.06.228
National Security Agency. (2018). Retrieved 19 July 2022, from https://www.nsa.gov/portals/75/documents/what-we-do/cybersecurity/professional-resources/csi-
nsas-top10-cybersecurity-mitigation-strategies.pdf
Pankaj. (2022). Access Control in Computer Network - GeeksforGeeks. Retrieved 20 July 2022, from https://www.geeksforgeeks.org/access-control-in-computer-network/
Reegård, K., Blackett, C., & Katta, V. (2019). The Concept of Cybersecurity Culture.
Researchgate
. doi: 10.3850/978-981-11-2724-3 0761
Sandhu, R., & Samarati, P. (1994). Access control: principle and practice.
IEEE Communications Magazine
,
32
(9), 40-48. doi: 10.1109/35.312842
Selvidge, R. (2022). Retrieved 19 July 2022, from https://purplesec.us/resources/cyber-security-
policy-templates/
Unni, A. (2019). Building the right cybersecurity team structure | StickmanCyber. Retrieved 19 July 2022, from https://www.stickmancyber.com/cybersecurity-blog/building-the-right-cyber-
security-team-structure
18
Ursillo, Jr., S., & Arnold, C. (2019). Cybersecurity Is Critical for all Organizations – Large and Small. Retrieved 19 July 2022, from https://www.ifac.org/knowledge-gateway/preparing-future-
ready-professionals/discussion/cybersecurity-critical-all-organizations-large-and-small
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help