Network Security Analysis: Cyber Security
VerifiedAdded on 2021/05/30
|10
|1925
|30
AI Summary
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Head: NETWORK SECURITY
Network Security Analysis: Cyber Security
Name of the Student
Name of the University
Network Security Analysis: Cyber Security
Name of the Student
Name of the University
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1NETWORK SECURITY
Executive Summary
Cyber attack is a major threat to any organization that deals with information technology.
Gigantic Corporation is such an organization that may face cyber security attacks in the near
future due to the system vulnerabilities. In this report, the possible cyber security issues that may
occur in the system have been discussed and their impacts on the current system have been
analyzed. Accordingly, some recommendations have been provided regarding the possible
countermeasures that the company can undertake in order to address the security issues.
Executive Summary
Cyber attack is a major threat to any organization that deals with information technology.
Gigantic Corporation is such an organization that may face cyber security attacks in the near
future due to the system vulnerabilities. In this report, the possible cyber security issues that may
occur in the system have been discussed and their impacts on the current system have been
analyzed. Accordingly, some recommendations have been provided regarding the possible
countermeasures that the company can undertake in order to address the security issues.
2NETWORK SECURITY
Table of Contents
Introduction......................................................................................................................................3
Emerging Threat Agents..................................................................................................................3
Potential Damages...........................................................................................................................4
Challenges and Issues faced by Corporation...................................................................................5
Mitigation and Countermeasure Strategies......................................................................................5
Conclusion.......................................................................................................................................7
References........................................................................................................................................8
Table of Contents
Introduction......................................................................................................................................3
Emerging Threat Agents..................................................................................................................3
Potential Damages...........................................................................................................................4
Challenges and Issues faced by Corporation...................................................................................5
Mitigation and Countermeasure Strategies......................................................................................5
Conclusion.......................................................................................................................................7
References........................................................................................................................................8
3NETWORK SECURITY
Introduction
Cyber security is a major risk faced by Gigantic Corporation due to a number of issues
related to the internet network used by the company. Cyber security issues occur from various
threat agents like malwares, malicious files, attempted breach of security attacks and others. The
prime reason behind increased chances of this risk includes lack of sufficient network security,
bring your own device policy, phishing and others [5]. Hence, the top priority of the company
should always be to prevent cyber attacks at any cost or risk losing confidential files and
documents to these attacks. For this purpose, significant amount of funding is required on the
implementation of cyber security in the system.
In this report, the threat agents related to cyber security have been discussed and possible
solutions for Gigantic Corporation have been provided.
Emerging Threat Agents
There is a number of emerging threat agents of cyber security that must be considered
and addressed by the company. These threat agents are discussed as follows.
Malwares – In all organizations, within the private network server to which all the
workstations are connected, sufficient security systems are deployed including system firewalls
in each of the workstations. However, such firewalls may not be present in the users’ personal
devices [3]. Hence, chances of malwares entering the server of the company rise significantly if
BYOD policy is used as these unprotected systems act as an open gateway for the malwares.
Introduction
Cyber security is a major risk faced by Gigantic Corporation due to a number of issues
related to the internet network used by the company. Cyber security issues occur from various
threat agents like malwares, malicious files, attempted breach of security attacks and others. The
prime reason behind increased chances of this risk includes lack of sufficient network security,
bring your own device policy, phishing and others [5]. Hence, the top priority of the company
should always be to prevent cyber attacks at any cost or risk losing confidential files and
documents to these attacks. For this purpose, significant amount of funding is required on the
implementation of cyber security in the system.
In this report, the threat agents related to cyber security have been discussed and possible
solutions for Gigantic Corporation have been provided.
Emerging Threat Agents
There is a number of emerging threat agents of cyber security that must be considered
and addressed by the company. These threat agents are discussed as follows.
Malwares – In all organizations, within the private network server to which all the
workstations are connected, sufficient security systems are deployed including system firewalls
in each of the workstations. However, such firewalls may not be present in the users’ personal
devices [3]. Hence, chances of malwares entering the server of the company rise significantly if
BYOD policy is used as these unprotected systems act as an open gateway for the malwares.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4NETWORK SECURITY
Deliberate Injections – Some unethical employees deliberately inject malicious files into
the system while working with personal workstations. They do so by carrying flash drives like
pen drive that they insert into the workstation while plugged in to the company network. These
cases also occur when sufficient monitoring is done on the activities of the employees during
office hours.
Hackers – Hackers are by far the most significant threat agents to any cyber security
system. By running complex codes and programs, they are able to break through a particular
server and steal secure information from the same. Even if there some firewalls in the system,
advanced hackers can easily break through them and steal data either for ransom or for selling to
rival organizations for monetary benefits [7]. One of the strongest techniques used by the hacks
is injection of ransomwares into the system. Ransomware is an extremely strong encryption
malware that can capture files and folders with strong and unbreakable encryptions and demand
ransom for unlocking the files. Generally, the ransom amount is extremely high and failing to
pay results in permanent deletion of the files.
Potential Damages
From these threat agents, there are many potential damages to the company. These
damages are discussed as follows.
Stealing of Confidential Information: One of the major potential damages faced by the
company is stealing of confidential information is breach of security paired with stealing of
confidential information [6]. Often the stored data and information stores in data are stolen by
hackers who have entered the system using some strong techniques to breach the entire system.
Once stolen, there files and information cannot be retrieved and are generally forever.
Deliberate Injections – Some unethical employees deliberately inject malicious files into
the system while working with personal workstations. They do so by carrying flash drives like
pen drive that they insert into the workstation while plugged in to the company network. These
cases also occur when sufficient monitoring is done on the activities of the employees during
office hours.
Hackers – Hackers are by far the most significant threat agents to any cyber security
system. By running complex codes and programs, they are able to break through a particular
server and steal secure information from the same. Even if there some firewalls in the system,
advanced hackers can easily break through them and steal data either for ransom or for selling to
rival organizations for monetary benefits [7]. One of the strongest techniques used by the hacks
is injection of ransomwares into the system. Ransomware is an extremely strong encryption
malware that can capture files and folders with strong and unbreakable encryptions and demand
ransom for unlocking the files. Generally, the ransom amount is extremely high and failing to
pay results in permanent deletion of the files.
Potential Damages
From these threat agents, there are many potential damages to the company. These
damages are discussed as follows.
Stealing of Confidential Information: One of the major potential damages faced by the
company is stealing of confidential information is breach of security paired with stealing of
confidential information [6]. Often the stored data and information stores in data are stolen by
hackers who have entered the system using some strong techniques to breach the entire system.
Once stolen, there files and information cannot be retrieved and are generally forever.
5NETWORK SECURITY
Destroy of Data: Sometimes, instead of just stealing of the files, the files get encrypted
by some unknown entities called ransomwares. These ransomwares lock the files and demand
high amount of ransom in return for the decryption of the files [1]. If the user fails to pay the
ransom within a specified time period, the malicious software destroys all the files and
information permanently.
Challenges and Issues faced by Corporation
Due to the major impacts of the threat agents on the daily working schedule and
requirement of Gigantic Corporation, some specific measures must be taken immediately. The
main challenges and issues faced by the corporation are as follows.
Limited Access to Internet Sites: In order to prevent entry of malicious files and
malwares into the system, the company has blocked access to many internet sites from the
workstations of the employees. As a result, internet accessibility has been reduced by a
significant margin.
Expenses: Due to the use of high end system security softwares that also need to be
repurchased after a certain period, the company experiences huge amount of expenses every 6
months [4]. Further expenses are incurred for system upgrade and maintenance that are required
to minimize chances of cyber security breach.
Mitigation and Countermeasure Strategies
There are several mitigation and countermeasure strategies that can be deployed by the
company in order to prevent the cyber security issues. Some of these are discussed below.
Destroy of Data: Sometimes, instead of just stealing of the files, the files get encrypted
by some unknown entities called ransomwares. These ransomwares lock the files and demand
high amount of ransom in return for the decryption of the files [1]. If the user fails to pay the
ransom within a specified time period, the malicious software destroys all the files and
information permanently.
Challenges and Issues faced by Corporation
Due to the major impacts of the threat agents on the daily working schedule and
requirement of Gigantic Corporation, some specific measures must be taken immediately. The
main challenges and issues faced by the corporation are as follows.
Limited Access to Internet Sites: In order to prevent entry of malicious files and
malwares into the system, the company has blocked access to many internet sites from the
workstations of the employees. As a result, internet accessibility has been reduced by a
significant margin.
Expenses: Due to the use of high end system security softwares that also need to be
repurchased after a certain period, the company experiences huge amount of expenses every 6
months [4]. Further expenses are incurred for system upgrade and maintenance that are required
to minimize chances of cyber security breach.
Mitigation and Countermeasure Strategies
There are several mitigation and countermeasure strategies that can be deployed by the
company in order to prevent the cyber security issues. Some of these are discussed below.
6NETWORK SECURITY
Do Not Apply BYOD Policy: As discussed previously, it has been found that BYOD is
one of the main reasons behind the cyber security issues in the company’s internal server. Due to
unethical use of personal resources or use of no firewalls in the personal devices of the
employees, malwares and malicious files can easily enter into the office server and infect it [10].
Hence, in order to prevent this, the BYOD policy should not be implemented by the company at
all.
System Firewalls: The first line of defense that the company can produce to prevent
cyber attacks is by implementing system firewalls on all the connected workstations on the
server. These firewalls are able to block most of the security attacks and also alert the system in
case of any strong data breach attempts. Furthermore, these firewalls can block any suspicious
activities regarding download of files and hence, can be utilized to prevent unwarranted file
transfer by the workstation users.
System Architecture: Another main mitigation system can be done by the company by
changing the entire internal system architecture. The architecture should be developed such that
there are several stages of verification processes for the files and data that are to be stored inside
the server [6]. During these stages, the origin and authenticity of the files are to be checked using
their digital signatures and certificates before they are allowed to enter the server.
Network Encryption: This is another possible countermeasure that can be deployed by
the company. This is done by applying encryption of the transport layer of the network i.e.
whenever a file is to be sent from a workstation to a different source, the file will be encrypted
into a secure data packet and then sent over to the destination. Similarly, the network will receive
Do Not Apply BYOD Policy: As discussed previously, it has been found that BYOD is
one of the main reasons behind the cyber security issues in the company’s internal server. Due to
unethical use of personal resources or use of no firewalls in the personal devices of the
employees, malwares and malicious files can easily enter into the office server and infect it [10].
Hence, in order to prevent this, the BYOD policy should not be implemented by the company at
all.
System Firewalls: The first line of defense that the company can produce to prevent
cyber attacks is by implementing system firewalls on all the connected workstations on the
server. These firewalls are able to block most of the security attacks and also alert the system in
case of any strong data breach attempts. Furthermore, these firewalls can block any suspicious
activities regarding download of files and hence, can be utilized to prevent unwarranted file
transfer by the workstation users.
System Architecture: Another main mitigation system can be done by the company by
changing the entire internal system architecture. The architecture should be developed such that
there are several stages of verification processes for the files and data that are to be stored inside
the server [6]. During these stages, the origin and authenticity of the files are to be checked using
their digital signatures and certificates before they are allowed to enter the server.
Network Encryption: This is another possible countermeasure that can be deployed by
the company. This is done by applying encryption of the transport layer of the network i.e.
whenever a file is to be sent from a workstation to a different source, the file will be encrypted
into a secure data packet and then sent over to the destination. Similarly, the network will receive
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7NETWORK SECURITY
data in encrypted form so as to prevent any type security breach attacks trying to view and steal
the contents of the data sent and received over the network transport layer.
Monitoring: In addition to the technical countermeasures, one major step that the
company has to take is monitoring the activities of the employees in their workstations [2]. The
monitoring should include the websites that they access throughout the day, files uploaded and
downloaded using the workstations, use of flash drives in the workstations and others.
Furthermore, certain unwanted websites can be blocked from accessing by using system
firewalls to prevent any chances of entry of malwares into the workstations.
Conclusion
It can be concluded that being based on IT system and internet based work requirements,
Gigantic Corporation faces some serious issues regarding the cyber security. While a central
server is being used and all the workstations are connected to the same central server, the entire
system is vulnerable to security attacks and data breach attempts. In order to prevent these
attacks, the company needs to take some countermeasures that have been discussed in this report.
In addition to these countermeasures, the company also needs to raise awareness among the
employees regarding the safe use of the internet in order to prevent any data breach or security
attacks.
data in encrypted form so as to prevent any type security breach attacks trying to view and steal
the contents of the data sent and received over the network transport layer.
Monitoring: In addition to the technical countermeasures, one major step that the
company has to take is monitoring the activities of the employees in their workstations [2]. The
monitoring should include the websites that they access throughout the day, files uploaded and
downloaded using the workstations, use of flash drives in the workstations and others.
Furthermore, certain unwanted websites can be blocked from accessing by using system
firewalls to prevent any chances of entry of malwares into the workstations.
Conclusion
It can be concluded that being based on IT system and internet based work requirements,
Gigantic Corporation faces some serious issues regarding the cyber security. While a central
server is being used and all the workstations are connected to the same central server, the entire
system is vulnerable to security attacks and data breach attempts. In order to prevent these
attacks, the company needs to take some countermeasures that have been discussed in this report.
In addition to these countermeasures, the company also needs to raise awareness among the
employees regarding the safe use of the internet in order to prevent any data breach or security
attacks.
8NETWORK SECURITY
References
[1] C.S. Glantz, G.P. Landine, P.A. Craig Jr and R.B. Bass. Lessons Learned in Over a Decade
of Technical Support for US Nuclear Cyber Security Programmes. In International Conference
on Nuclear Security: Enhancing Global Efforts. Proceedings of the Interational Conference,
2014.
[2] A.L. Buczak and E. Guven. A survey of data mining and machine learning methods for cyber
security intrusion detection. IEEE Communications Surveys & Tutorials, 18(2), 2016, pp.1153-
1176.
[3] Y. Liu, A. Sarabi, J. Zhang, P. Naghizadeh, M. Karir, M. Bailey and M. Liu. Cloudy with a
Chance of Breach: Forecasting Cyber Security Incidents. In USENIX Security Symposium,
2015, pp. 1009-1024.
[4] N.S.M.S. Yip. The Effect of Cyber Supply Chain Security Towards Lean and Agile Supply
Chain Performance in Healthcare Industry: The Mediating Effect of Organizational
Capabilities (Doctoral dissertation, Universiti Sains Malaysia), 2015.
[5] L.A. Gordon, M.P. Loeb, W. Lucyshyn and L. Zhou. Externalities and the magnitude of
cyber security underinvestment by private sector firms: a modification of the Gordon-Loeb
model. Journal of Information Security, 6(1), 2015, p.24.
[6] B. Gupta, D.P. Agrawal and S. Yamaguchi. Handbook of research on modern cryptographic
solutions for computer and cyber security, 2016. IGI Global.
References
[1] C.S. Glantz, G.P. Landine, P.A. Craig Jr and R.B. Bass. Lessons Learned in Over a Decade
of Technical Support for US Nuclear Cyber Security Programmes. In International Conference
on Nuclear Security: Enhancing Global Efforts. Proceedings of the Interational Conference,
2014.
[2] A.L. Buczak and E. Guven. A survey of data mining and machine learning methods for cyber
security intrusion detection. IEEE Communications Surveys & Tutorials, 18(2), 2016, pp.1153-
1176.
[3] Y. Liu, A. Sarabi, J. Zhang, P. Naghizadeh, M. Karir, M. Bailey and M. Liu. Cloudy with a
Chance of Breach: Forecasting Cyber Security Incidents. In USENIX Security Symposium,
2015, pp. 1009-1024.
[4] N.S.M.S. Yip. The Effect of Cyber Supply Chain Security Towards Lean and Agile Supply
Chain Performance in Healthcare Industry: The Mediating Effect of Organizational
Capabilities (Doctoral dissertation, Universiti Sains Malaysia), 2015.
[5] L.A. Gordon, M.P. Loeb, W. Lucyshyn and L. Zhou. Externalities and the magnitude of
cyber security underinvestment by private sector firms: a modification of the Gordon-Loeb
model. Journal of Information Security, 6(1), 2015, p.24.
[6] B. Gupta, D.P. Agrawal and S. Yamaguchi. Handbook of research on modern cryptographic
solutions for computer and cyber security, 2016. IGI Global.
9NETWORK SECURITY
[7] N. Ben-Asher and C. Gonzalez. Effects of cyber security knowledge on attack
detection. Computers in Human Behavior, 48, 2015, pp.51-61.
[8] J. Graham, R. Olson and R. Howard. Cyber security essentials, 2016. CRC Press.
[9] A.M. Bates, D. Tian, K.R. Butler and T. Moyer. Trustworthy Whole-System Provenance for
the Linux Kernel. In USENIX Security Symposium, 2015, pp. 319-334.
[10] A. Fielder, E. Panaousis, P. Malacaria, C. Hankin and F. Smeraldi. Decision support
approaches for cyber security investment. Decision Support Systems, 86, 2016, pp.13-23.
[7] N. Ben-Asher and C. Gonzalez. Effects of cyber security knowledge on attack
detection. Computers in Human Behavior, 48, 2015, pp.51-61.
[8] J. Graham, R. Olson and R. Howard. Cyber security essentials, 2016. CRC Press.
[9] A.M. Bates, D. Tian, K.R. Butler and T. Moyer. Trustworthy Whole-System Provenance for
the Linux Kernel. In USENIX Security Symposium, 2015, pp. 319-334.
[10] A. Fielder, E. Panaousis, P. Malacaria, C. Hankin and F. Smeraldi. Decision support
approaches for cyber security investment. Decision Support Systems, 86, 2016, pp.13-23.
1 out of 10
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.