Cybersecurity Threats and Risk Assessment

Verified

Added on 2019/09/20

AI Summary

The CERT Assessment Tool is a security system designed to assess the vulnerability of networks and information systems, but it has several drawbacks. One major issue is that it only assesses the vulnerability of the network system, whereas the current information system being used by companies depicts vulnerability assessment and penetration analysis. This means that the tool may not identify all potential issues within the system, server, and database. Additionally, the tool's reliance on a single database makes it more prone to cyber-attacks. The tool also has security concerns, such as forging of coordinates and unauthorized access to blueprints and system network information.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

CERT Assessment Tool
Today as we know that all the operations are being handled by information technology
department. The companies and organizations working on these platforms are well aware of the
arising security issues. They have postulated different components to deal proactively with these
attacks that include prevention, direction, and response. Prevention methodology implements in-
depth knowledge of security policies, a well-defined network system with the use of updated and
modern firewalls and multi-level authentication systems to limit hacking of confidential
information. CERT assessment tool only assesses the vulnerability of the network system,
whereas the information system currently being used by companies depicts vulnerability
assessment and penetration analysis. Using both these parameters will help to identify issues
within the system, server, and database while checking and defining vulnerability will only
highlight the system loopholes. Their fundamental role is to develop various programs and
software's that comply with users and does not compromise the safety and security of the
confidential information. The more indulgence and relying on these information systems and
channels have drastically increased cyber-attacks, where some individuals or a group of persons
try to hack these information systems to gain access to confidential public and government
information that can disrupt the economy and routine life. Apart from these factors, the leak also
compromises financial status and can endanger the life of human beings. These operations offer
a variety of roles in various segments that includes their potential in energy delivery, backup
generators, linking railway and airport systems, etc. All these services were extended to the
commercial and public sector and are provided by the CERT Assessment Tool that increases
Security Incident Responder's Ability to Assess Risk (Connell, 2013). As the tool links all the
major systems and domains and offers a wide variety of functions, a single bug in the server can
cause all these domains to stop at a single time. All the information will be located in a single
1

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

CERT Assessment Tool
database which will make the database more prone to cyber-attacks as the cyber bullies can
extract information from a single database. Moreover, the company claims to have built a user-
friendly software, which can give more access to individuals and loopholes. The access of
information will be made easier and to everyone. Conventional approach that does not allow
sharing off blueprints with each other even in case of cyber-attacks, which can compromise the
confidentiality of the company and can be accessed later by any company but in comparison to
CERT assessment tool that assesses probability of risk, that can be manipulated at any time and
can risk information without knowing the bug. The blueprints are handled by every company on
their own but by outsourcing the security system responsibility to the third party by giving access
to their data can lead to several major failures. As the approach to building this software was
motivated after the incident where several credit and debit cards were hacked. These
redundancies can be removed by using secure authentication processes (HU, 2005) that involve
use of double authentication process, SIM toolkit and J2ME platforms. For using the digital
platform, a security code is sent to the concerned person, who then enters and confirms that the
transaction is made by him. If all the transactions are based on these security protocols, there is
no need of relying on these third party system to assess the risk. The use of this tool will create
unnecessary ruckus not only to companies and different sectors but also among small users and
will create a vibe that their systems, accounts are prone to cyber-attacks at all times. This will
tend to create instability and may experience withdrawal symptoms for using information
systems. The next drawback associated with the use of CERT assessment tool is the forging of
coordinates. If the coordinates are forged, it won't allow determining the risk associated with the
attack. Giving access to the third party for maintaining information safety system will comply
with legal procedures that again demands to share of data before the law and that information can
2

CERT Assessment Tool
be compromised. The access to blueprints can only be done by higher authorities, and while
accessing that information, the entries are registered, but access to CERT assessment tool can be
done by any user. The company claims to have built a mobile software which can be based only
on Linux or Java platform, and these operating system and language can be modified and
cracked down by any cyber bully giving him easy access to the application code. The assessment
tool has promised several benefits over the currently followed information system, but still, this
tool is in initial stages of implementation and will require extensive background checks before
launching and is going to consume enough time. The CERT assessment tool analysis is based on
cloud storage that offers various disadvantages like usability, bandwidth, accessibility, data
security and software (Big data, 2014). CERT assessment tool use and publicizing is also based
on that conventional security systems can be targeted from any remote location but the similar
kind of problem and issue can also be accessed by CERT assessment tool. As the launch of
CERT, assessment tool is planned at user level so that they can access the information from their
mobiles, laptops or similar accessories, which will lead hackers to get more passwords from
users (FDIC, 1999). Another drawback of using CERT assessment tool is that the parties who are
willing to use this tool need to investigate the provider's security program thoroughly as they are
going to share confidential information regarding the company network system and how the third
party uses risk assessment tools and practices to overcome these situations. So it is very
important for companies and organizations to confine their security systems within the company
itself rather than outsourcing to third parties that reduce the vulnerability and access to
confidential information. However, it is very essential and crucial within an organization to give
limited access to blueprints and system network information so that cyber-attacks can be
prevented.
3

CERT Assessment Tool
4

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

CERT Assessment Tool
REFERENCES
1. Hu, W. C., Lee, C. W., & Kou, W. (Eds.). (2005). Advances in security and payment
methods for mobile commerce. IGI Global.
2. Connell, A., & Waits, T. (2013, November). The CERT assessment tool: Increasing a
security incident responder's ability to assess risk. In Technologies for Homeland
Security (HST), 2013 IEEE International Conference on (pp. 236-240). IEEE.
3. 5 advantages and disadvantages of Cloud Storage. (2014). Big Data Made Simple - One
source. Many perspectives.. Retrieved 28 July 2014, from http://bigdata-
madesimple.com/5-advantages-and-disadvantages-of-cloud-storage/.
4. FDIC: Risk Assessment Tools and Practices for Information System Security.
(1999). Fdic.gov. Retrieved 17 July 1999, from
https://www.fdic.gov/news/news/financial/1999/fil9968a.html.
5

1 out of 5

Cybersecurity Threats and Risk Assessment

Contribute Materials

Secure Best Marks with AI Grader

Secure Best Marks with AI Grader

Related Documents

IT Security: Equifax Data Breach, Quantum Key Distribution, and Firewall Types

Cyber Security: Vulnerabilities, Exploitation, and Security Controls

Application of Risk Mitigation and Planning Tools

Machine Learning for Fraud Detection Literature Review 2022

Cyber Security.

Layered Security Solutions Framework

+13062052269

info@desklib.com