Professional Skills In Information Communication Technology: Cyber Security

Verified

Added on  2023/03/23

|12
|3882
|66
AI Summary
This report provides a detailed analysis of cyber security in ABC Technologies, including the importance of cyber security, identification of security vulnerabilities, and a list of emerging threats that could affect the organization. The report also offers recommendations for implementing effective cyber security measures.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: CYBER SECURITY
Professional Skills In Information Communication Technology: Cyber Security
Name of the Student
Name of the University
Author’s Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
1
CYBER SECURITY
Executive Summary
The most significant objective of the report is knowing about scenario of ABCT. The
management of this organization is extremely concerned regarding privacy and security of
systems, data and networks. Thus, few measures of cyber security are required to be deployed
in the business and company. The most common forms of cyber security measures include
data back ups and strong passwords. Data integrity is required to be maintained for ensuring
that networks, programs and data are secured from unauthorized access and hence cyber
security could be effective. The report has described about detailed analysis of cyber security
for ABC Technologies with relevant details.
Document Page
2
CYBER SECURITY
Table of Contents
1. Introduction............................................................................................................................3
2. Discussion..............................................................................................................................3
2.1 Proper Explanation of Cyber Security and Importance of Cyber Security in ABC
Technologies..........................................................................................................................3
2.2 Identifying and Explaining Three Security Vulnerabilities in Systems of ABC
Technologies with Relevant Justifications.............................................................................4
2.3 List of Five Different Kinds of Emerging Threats that could affect ABC Technologies
with basic Description about Damages that are caused by such Threats...............................6
3. Conclusion..............................................................................................................................8
4. Recommendations..................................................................................................................8
References................................................................................................................................10
Document Page
3
CYBER SECURITY
1. Introduction
A significant practice for protecting all kinds of systems, programs and networks from
digitalized attacks is termed as cyber security (Singer & Friedman, 2014). These distinctive
attacks are mainly targeted for accessing, changing and even destroying sensitive
information, resource extortion from either organization or users and even basic interruption
or disruption of business processes. To mitigate such issue within the business, it is highly
important to create an effective and efficient defence so that high privacy and security is
being obtained from any kind of cyber threat or attack (Von Solms & Van Niekerk, 2013). A
technological company, based in Australia, ABC Technologies comprises of some of the
major and the most significant kinds of high technology products and services, which include
software and hardware.
They are using VPN or virtual private networks in their organization to complete their
work and even comprises of a Bring Your Own Device policy, in spite of the fact that they
are extremely concerned regarding losing trust of customers and hardware or confidential
data. There could be some of the most significant chance and scope of attacks related to cyber
security towards growth and development of interlinked devices, which are required to be
eradicated on time (Ashok, Hahn & Govindarasu, 2014). This report would be providing a
detailed description on cyber security implementation and its respective importance within
the organization of ABCT with proper details such as identifying three security
vulnerabilities as well as five various kinds of emerging threat. Moreover, suitable
suggestions regarding mitigation strategies would even be described here.
2. Discussion
2.1 Proper Explanation of Cyber Security and Importance of Cyber Security in ABC
Technologies
Cyber security provides one of the most important as well as successful approach that
has numerous protection layers and could be used in various computerized systems,
networks, programs and data that the organizational member has the core intention for
keeping high security (Lee, Bagheri & Jin, 2016). The most important function in cyber
security involves better security of systems or organizational information from any kind of
cyber attack. A rapid adoption of these cloud application and workload can be stated as
responsible to extend few security requirements and data protection mandate such as NIST
framework. To secure any type of system or hardware, it is quite important to know about

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
4
CYBER SECURITY
each and every attack that can take place and level of vulnerability caused by the threats
(Shin, Son & Heo, 2015). Few distinctive levels could be drawn for understanding these
vulnerabilities. The most popular and significant kinds of cyber attack involve DoS attack or
denial or service attack, spoofing, backdoor attack, phishing, tampering of data,
eavesdropping, polymorphic attack, direct access attack and privilege escalation. The culture
of information security is highly affected by such attack and thus behaviour of employees
consists of significant impact over security and privacy of information in the company
(Knapp & Samani, 2013). A proper analysis is required for ensuring information security and
even to remove the issues within time.
There is a major impact of cyber security over the company of ABC Technologies and
as they are enabling the staff for working from their respective home after using network
connections and also comprises of a significant Bring Your Own Device or BYOD policy for
staff, working onsite; this could be referred to as quite vital to maintain the measures of cyber
security at any cost (Onyeji, Bazilian & Bronk, 2014). Cyber security measure deployment is
often referred to as quite challenging since there are various distinctive devices present in a
company, which could be easily and promptly hacked by intruders for extraction of
organizational confidential information and data. This particular organization of ABCT is a
significant victim of several cyber attacks, they are extremely concerned that confidential
data might be subsequently compromised for getting hold of the data. This can also result in
revenue losses and thus ABCT needs to improve their security system or security associated
processes and policies (Sabaliauskaite & Mathur, 2015). Documentation is extremely
important for implementing cyber security measures for resolving any type of cyber attack.
Training is to be provided to the employees so that customers’ data and scope to secure the
VPNs and wireless networks in ABCT.
2.2 Identifying and Explaining Three Security Vulnerabilities in Systems of ABC
Technologies with Relevant Justifications
3 vulnerabilities of security within the respective ABCT system, which can be made
possible are provided below:
a) SQL Injection Attack: This is the first important and noteworthy vulnerability of
security for respective systems of ABCT Technologies (Oltramari, Cranor, Walls &
McDaniel, 2014). This is a specific code injection technique, which is properly used to attack
any type of data driven application, in which all malicious SQL statements are inserted within
Document Page
5
CYBER SECURITY
an entry field to effectively execute the attack. The attack of SQL injection can exploit this
vulnerability in application software, thus inputs of users can be incorrectly filtered for
escape characters, which are being embedded within SQL statement and user input (Julisch,
2013). Furthermore, the confidential data can be made or destroyed unavailable by identity
spoofing that can be quite vulnerable for the organization of ABCT.
b) Denial of Service Attack: The second vulnerability of security for respective
systems of ABCT Technologies is DoS attack. In this particular cyber threat, the respective
perpetrator seeks within a network or machine to make that specific network resource
absolutely unavailable to every intended user by temporarily and indefinitely disrupting every
organizational host service, being linked to Internet connection (Staheli et al., 2014). The
attack of denial of service could be executed after flooding a subsequent targeted machine or
resource with any kind of superfluous request to overload the system and prevent the legal
requests to get fulfilled. A common and basic example of DoS attack would be DDoS or
distributed denial of service attack, where incoming traffic is responsible for flooding the
system of victim, originated from different sources (Mansfield, Eveleigh, Holzer & Sarkani,
2013). It is mainly popular for disrupting network services and since ABCT provides VPN to
the computer services as well as free LAN connection to guests and visitors, DoS attack can
be quite common for them and they much take up few important security measures for
security and safety.
c) Phishing: Another vulnerability of security in ABCT system is phishing. It is a
basic fraud attempt to obtain sensitive information such as usernames, passwords or credit
card details by disguising as a trustworthy entity in e communication. It is mainly carried out
after spoofing e mails and instant messaging (Brown, Gommers & Serrano, 2015). Phishing
even directs users to enter personal data at any forged or fake website, which could easily
match to the look of legal website. It is a part of the social engineering attack, which can be
used to deceive the users (Whitty, Doodson, Creese & Hodges, 2015). Any staff of ABCT
can be lured after involving communication purporting to include auction website and online
payment processor. It is important to involve cyber security measures within the organization
for mitigating this specific risk. Cyber security is the basic security that is provided to some
computerized systems either from theft or any kind of damage to the respective electronic
data, hardware or software with the significant purpose that disruption and misdirection of
organizational services are stopped and thus data is not affected under any circumstance
(Clemente, 2013).
Document Page
6
CYBER SECURITY
2.3 List of Five Different Kinds of Emerging Threats that could affect ABC
Technologies with basic Description about Damages that are caused by such Threats
There are five significant kinds of emerging threat, which could easily affect ABCT
and can even turn out to be vulnerable as well as problematic for the confidential data or
security systems (Almeshekah & Spafford, 2016). This type of landscape majorly continues
to evolve with few new threats based on periodical manner. A distinctive capability for
tracking and preparing to face every type of threat for ensuring that organization is improving
resilience and providing good support to business objectives. A high profile breach and attack
may eventually bring out some of the core issues and can also take up cyber security based on
priority (Atoum, Otoom & Abu Ali, 2014). The five kinds of emerging threat, which may
affect ABC Technologies are provided below:
a) Cross Site Scripting Attack or XSS: It is the first as well as the most significant
kind of emerging threat that might have major effect on the ABCT (Andress & Winterfeld,
2013). Cross site scripting or XSS attack majorly allow each and every hacker to use their
respective organizational websites and even execute few untrusted codes in victim’s browser
for making it extremely easy for the cyber criminal to cooperate with users for stealing the
information of website cookie, which is to be used for hijacking and authentication of website
without login credentials (Vincent, Wells, Tarazaga & Camelio, 2015). It is even referred to
as a significant attack, which could cause important vulnerability within ABCT. When this
information of cookie is being stolen, complete activity or action will be exposed.
b) Mobile Malware: This is the next significant type of emerging threat, which can
turn out to be quite vulnerable for the organization of ABCT (Whitty, Doodson, Creese &
Hodges, 2015). Each and every mobile device is being referred to as an important attack
target, which could extract the confidential information from systems, hence bringing high
privacy concerns while implementation of mobile devices and software. Organizational
customers even can contact with ABC Technologies by mobile device and even with
inclusion of privacy and security threats, may lose the integrity of confidential information
and data (Mansfield, Eveleigh, Holzer & Sarkani, 2013). Thus, hackers would be getting a
significant chance to execute such threats after hacking into the mobile phone by inserting
malware.
c) Issues related to Devices of Internet of Things: The third distinctive and important
kind of emerging threat in ABCT is issue related to few devices of IoT or internet of things.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
7
CYBER SECURITY
As this organization is adding various devices to distinctive devices for subsequent
infrastructures or Internet of Things could be referred to as a common and extremely
vulnerable technology. IoT consists of few devices that include cyber risks to high level
(Onyeji, Bazilian & Bronk, 2014). ABC Technologies might be losing the respective
confidential data after inclusion of these devices and thus there exists high chance of cyber
threats. These attacks could be easily executed by a third party vendor and company can face
major issue during device maintenance (Shin, Son & Heo, 2015). Each and every employee,
who is working from his or her home and is sharing their confidential data with the
organization through network has to involve any of the IoT devices and hence data integrity
is being lost. Technique to spread this type of vulnerability is quite simplified and hence
hacker can hack into a system for taking complete control of sensitive information (Von
Solms & Van Niekerk, 2013).
d) Cryptojacking Attacks: Another effective and noteworthy kind of emerging threats
is cryptojacking attack. It is quite similar to ransomware attack and is termed as one of the
biggest risks that would have significant impact over business in the last few years after
exploiting every vulnerability by including network segmentation and data backups (Ashok,
Hahn & Govindarasu, 2014). The hackers have been employing similar variants of the
ransomware attack, which were being used to encrypt data so that ransom is obtained. One of
the major feature of this specific attack is that the respective victim or user does not have any
idea regarding the attack and once data is being hacked, they get notification about ransom to
be paid off for getting eradication of the effect of ransomware attack. Currently, the hackers
or attackers are using few advanced and updated techniques of cryptojacking attack (Knapp
& Samani, 2013). These attacks could even extract the confidential information from systems
of users by injecting malicious code or malware into the system.
e) Geopolitical Threats: This kind of emerging threats would eventually affect
organizational systems and networks to a high level. Employees must consider the products
as well as services to check the respective data location by involving risks and regulations of
cyber security (Onyeji, Bazilian & Bronk, 2014). These regulations should be incremented
for checking if any kind of political issue is affecting the organizational background and data
or information. Although, such threats are being eradicated and not considered for being
significant and dealing with the various consequences. VPN is one of the most affected area
due to geopolitical risk, where the network gets locked and provide ability of data extraction
Document Page
8
CYBER SECURITY
(Sabaliauskaite & Mathur, 2015). The hackers at first get into network and then utilize
encryption technique to jam it.
3. Conclusion
Thus, conclusion could be drawn that the cyber security can be referred to as the most
vital as well as noteworthy requirement, which is required for the maintenance of better
efficiency and effectiveness within the company. The entire field of cyber security is
exponentially evolving and the main cause of such growth could be stated that there is high
reliability on Internet connection, wireless network such as Bluetooth or Wi-Fi and other
computer systems. Another important and noteworthy technology that has allowed cyber
attacks or threats to take place in a business is IoT or simply internet of things. The devices of
internet of things are highly vulnerable to such threats and hence should be eradicated on
time.
This cyber security eventually ensures all kinds of vulnerabilities and attacks are
being properly removed without any kind of issues or complexities and hence respective
organizational design, deployment, operational and even internal controls do not get affected
by cyber threats. The most common forms of cyber threat include malware, application
attacks, exploiting kits, ransom ware, phishing and several others. A higher growth of these
cyber threats has subsequently led to proper involvement of a BYOD policy within the
company and hence making sure that all the cyber threats are easily being avoided efficiently.
This report has clearly demonstrated regarding the complete case scenario of ABCT with
relevant details. Three distinctive vulnerabilities related to security and few important kinds
of merging threat are also described in the report for the specific company, ABCT.
4. Recommendations
3 important and significant suggestions to protect both office and home from any kind
of cyber threat based on better analysis are provided below:
a) Doing Assessments of Hardware: The first suggestion for securing office and
home from cyber threat is to completing assessment of hardware. This helps in ensuring that
the respective systems are not comprised of malicious entities like malware and virus. Thus,
inventory of confidential data and major systems, infrastructure and assets will be absolutely
secured.
Document Page
9
CYBER SECURITY
b) Securing the Wireless Network: The second suggestion for securing office and
home networks or systems is to secure the wireless networks. These networks should be
encrypted for keeping organizational data much more effective. Furthermore, stronger
encryption such as AES must be used to provide higher security from such attacks, thus
allowing better privacy from any attack.
c) Periodical Software Up Gradation: It is yet another important and noteworthy
recommendation for securing office and home networks or systems. Periodical software up
gradations is required for lessening the higher chances of cyber threats.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
10
CYBER SECURITY
References
Almeshekah, M. H., & Spafford, E. H. (2016). Cyber security deception. In Cyber
deception (pp. 23-50). Springer, Cham.
Andress, J., & Winterfeld, S. (2013). Cyber warfare: techniques, tactics and tools for
security practitioners. Elsevier.
Ashok, A., Hahn, A., & Govindarasu, M. (2014). Cyber-physical security of wide-area
monitoring, protection and control in a smart grid environment. Journal of advanced
research, 5(4), 481-489.
Atoum, I., Otoom, A., & Abu Ali, A. (2014). A holistic cyber security implementation
framework. Information Management & Computer Security, 22(3), 251-264.
Brown, S., Gommers, J., & Serrano, O. (2015, October). From cyber security information
sharing to threat management. In Proceedings of the 2nd ACM workshop on
information sharing and collaborative security (pp. 43-49). ACM.
Clemente, D. (2013). Cyber security and global interdependence: what is critical?. Chatham
House, Royal Institute of International Affairs.
Julisch, K. (2013). Understanding and overcoming cyber security anti-patterns. Computer
Networks, 57(10), 2206-2211.
Knapp, E. D., & Samani, R. (2013). Applied cyber security and the smart grid: implementing
security controls into the modern power infrastructure. Newnes.
Lee, J., Bagheri, B., & Jin, C. (2016). Introduction to cyber manufacturing. Manufacturing
Letters, 8, 11-15.
Mansfield, K., Eveleigh, T., Holzer, T. H., & Sarkani, S. (2013, November). Unmanned
aerial vehicle smart device ground control station cyber security threat model.
In 2013 IEEE International Conference on Technologies for Homeland Security
(HST) (pp. 722-728). IEEE.
Oltramari, A., Cranor, L. F., Walls, R. J., & McDaniel, P. D. (2014, November). Building an
Ontology of Cyber Security. In STIDS (pp. 54-61).
Onyeji, I., Bazilian, M., & Bronk, C. (2014). Cyber security and critical energy
infrastructure. The Electricity Journal, 27(2), 52-60.
Document Page
11
CYBER SECURITY
Sabaliauskaite, G., & Mathur, A. P. (2015). Aligning cyber-physical system safety and
security. In Complex Systems Design & Management Asia (pp. 41-53). Springer,
Cham.
Shin, J., Son, H., & Heo, G. (2015). Development of a cyber security risk model using
Bayesian networks. Reliability Engineering & System Safety, 134, 208-217.
Singer, P. W., & Friedman, A. (2014). Cybersecurity: What everyone needs to know. OUP
USA.
Staheli, D., Yu, T., Crouser, R. J., Damodaran, S., Nam, K., O'Gwynn, D., ... & Harrison, L.
(2014, November). Visualization evaluation for cyber security: Trends and future
directions. In Proceedings of the Eleventh Workshop on Visualization for Cyber
Security (pp. 49-56). ACM.
Staheli, D., Yu, T., Crouser, R. J., Damodaran, S., Nam, K., O'Gwynn, D., ... & Harrison, L.
(2014, November). Visualization evaluation for cyber security: Trends and future
directions. In Proceedings of the Eleventh Workshop on Visualization for Cyber
Security (pp. 49-56). ACM.
Vincent, H., Wells, L., Tarazaga, P., & Camelio, J. (2015). Trojan detection and side-channel
analyses for cyber-security in cyber-physical manufacturing systems. Procedia
Manufacturing, 1, 77-85.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber
security. computers & security, 38, 97-102.
Whitty, M., Doodson, J., Creese, S., & Hodges, D. (2015). Individual differences in cyber
security behaviors: an examination of who is sharing passwords. Cyberpsychology,
Behavior, and Social Networking, 18(1), 3-7.
1 out of 12
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]