Cybersecurity Analysis and Recommendations for ABC Technologies
VerifiedAdded on 2022/11/17
|17
|3959
|429
Report
AI Summary
This report provides an executive summary of cybersecurity concerns for ABC Technologies, focusing on the importance of cyber security in protecting confidential information and operations. It explores vulnerabilities such as DOS attacks, phishing, and snooping, while also examining emerging threats. The report highlights the need for security measures like cloud security, data loss prevention, and anti-malware to protect against cybercriminals. Recommendations are made to protect office and home information from cyber attacks, concluding with a summary of findings and references. The report analyzes ABC Technology's current practices, identifies security weaknesses, and suggests improvements to safeguard against potential breaches and data loss. The report uses the ARE process to analyze the task and research relevant information to present findings and make recommendations for future practice.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
Professional skills for Information and Communication
Name of the Student:
Name of the University:
Professional skills for Information and Communication
Name of the Student:
Name of the University:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
Executive summary
This report depicts the importance of using cyber security aspects in the ABC technology to
protect their confidential information and other operational and functional activities. In order to
protect the company from cyber criminals and cyber attacks like DOS, malware injection,
Spoofing, snooping etc the security measures those are needed to be adopted include cloud
security, data loss prevention, identify and access management, antivirus, anti malware etc. the
reasons for which cyber security is required in ABC technologies are elaborated in this report. In
addition to this, the security vulnerabilities, emerging threats that may interrupt their operations
are also elaborated in this paper.
Executive summary
This report depicts the importance of using cyber security aspects in the ABC technology to
protect their confidential information and other operational and functional activities. In order to
protect the company from cyber criminals and cyber attacks like DOS, malware injection,
Spoofing, snooping etc the security measures those are needed to be adopted include cloud
security, data loss prevention, identify and access management, antivirus, anti malware etc. the
reasons for which cyber security is required in ABC technologies are elaborated in this report. In
addition to this, the security vulnerabilities, emerging threats that may interrupt their operations
are also elaborated in this paper.
2PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
Table of Contents
Introduction..................................................................................................................................3
1. Explaining Cyber Security.......................................................................................................3
1.1 Description of Cyber Security...............................................................................................3
1.2 Importance of Cyber Security in ABC technologies.............................................................4
2. Identification and explanation of security vulnerabilities in ABCT’s system.............................5
Justification of the answer...........................................................................................................6
3. Emerging threats in ABC technologies.......................................................................................7
3.1 Different types of emerging threats.......................................................................................7
3.2 The consequences/damage of the attack................................................................................8
3.3 Responsible person of the attack and their attack technique.................................................9
4. Recommendations to protect office information home from cyber attack................................10
Conclusion.....................................................................................................................................11
References......................................................................................................................................12
Table of Contents
Introduction..................................................................................................................................3
1. Explaining Cyber Security.......................................................................................................3
1.1 Description of Cyber Security...............................................................................................3
1.2 Importance of Cyber Security in ABC technologies.............................................................4
2. Identification and explanation of security vulnerabilities in ABCT’s system.............................5
Justification of the answer...........................................................................................................6
3. Emerging threats in ABC technologies.......................................................................................7
3.1 Different types of emerging threats.......................................................................................7
3.2 The consequences/damage of the attack................................................................................8
3.3 Responsible person of the attack and their attack technique.................................................9
4. Recommendations to protect office information home from cyber attack................................10
Conclusion.....................................................................................................................................11
References......................................................................................................................................12
3PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
Introduction
The recent evolution of computing networking is also increasing the rate of cyber
security challenges and issues. These challenges are again impacting the expected commercial
revenue and competitive advantages of the business organization (Garcia-Perez, Thurlbeck &
How, 2017). The company nominated which requires cyber security for this particular report is
ABC technology. The business line of the company ranges from various high technology based
products that include both the hardware and software products. Countrywide the company has
multiple numbers of offices and also two offices overseas. It is determined that, uncommon risks
mostly evokes dread whereas perception of people for common risks are normally easily reduced
(Van et al., 2017).
http://nrl.northumbria.ac.uk/30928/1/Risk%20perceptions%20of%20cyber-security%20and
%20precautionary%20behaviour%20AAM.pdf
The emerging technologies or technical excellence that are widely using by different
business organizations are cloud computing, big data analysis, Artificial Intelligence (AI),
Internet Of Things (IoT) etc. the definition of cyber security importance of Cyber security in the
ABC technology are elaborated in this report, It has been determined that the company is facing
major security challenged these days. The company offers their services through VPN. During
business operation different emerging threats that may interrupt security of the company and the
possible negative impact of these emerging threats are all illustrated in this report. “Security
information and event management (SIEM) systems are increasingly used to cope with the
security challenges involved in critical infrastructure protection (Di Sarno et al., 2016).”
[https://www.sciencedirect.com/science/article/pii/S187454821630035X]
Introduction
The recent evolution of computing networking is also increasing the rate of cyber
security challenges and issues. These challenges are again impacting the expected commercial
revenue and competitive advantages of the business organization (Garcia-Perez, Thurlbeck &
How, 2017). The company nominated which requires cyber security for this particular report is
ABC technology. The business line of the company ranges from various high technology based
products that include both the hardware and software products. Countrywide the company has
multiple numbers of offices and also two offices overseas. It is determined that, uncommon risks
mostly evokes dread whereas perception of people for common risks are normally easily reduced
(Van et al., 2017).
http://nrl.northumbria.ac.uk/30928/1/Risk%20perceptions%20of%20cyber-security%20and
%20precautionary%20behaviour%20AAM.pdf
The emerging technologies or technical excellence that are widely using by different
business organizations are cloud computing, big data analysis, Artificial Intelligence (AI),
Internet Of Things (IoT) etc. the definition of cyber security importance of Cyber security in the
ABC technology are elaborated in this report, It has been determined that the company is facing
major security challenged these days. The company offers their services through VPN. During
business operation different emerging threats that may interrupt security of the company and the
possible negative impact of these emerging threats are all illustrated in this report. “Security
information and event management (SIEM) systems are increasingly used to cope with the
security challenges involved in critical infrastructure protection (Di Sarno et al., 2016).”
[https://www.sciencedirect.com/science/article/pii/S187454821630035X]
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
1. Explaining Cyber Security
1.1 Description of Cyber Security
Cyber security is referred to as a technique that is used by the both small and medium
sized business organizations to protect computers, programs, and data and also authorizes access
or attacks those are aimed to discover. Different areas that are covered by cyber security include
application security, information security, and network and disaster security. The application
security includes both counter measures and measures as well throughout the project
development life cycle period for protecting application from different cyber threats those might
arise through design, development, deployment, maintenance flaws. Some of the application
security techniques those are used for protecting data from cyber attacks include validation of
input parameter, authentication and authorization of roles of the users, parameter manipulation,
session management and auditing and logging. The process of information security can
successfully protect unauthenticated information access. The different technique used to protect
the system privacy encompasses cryptography, identification, authentication and authorization.
On the other hand, the disaster recovery process includes performance risk assessment, priority
concern and data recovery strategies. In order to continue the business operation quickly the
company needs to hold and design and precise a concrete plan. The network security involves
different activities for protecting useabilities, integrity, reliability and network safety as well
(Ganin et al., 2017). In order to protect the complete network various security measures those are
be implemented include anti-virus, anti spyware, intrusion prevention mechanism, VPN etc.
There are different technical solutions available for information securities among those most are
in progress and most organizations are facing major challenges (Soomro, Shah & Ahmed, 2016).
1. Explaining Cyber Security
1.1 Description of Cyber Security
Cyber security is referred to as a technique that is used by the both small and medium
sized business organizations to protect computers, programs, and data and also authorizes access
or attacks those are aimed to discover. Different areas that are covered by cyber security include
application security, information security, and network and disaster security. The application
security includes both counter measures and measures as well throughout the project
development life cycle period for protecting application from different cyber threats those might
arise through design, development, deployment, maintenance flaws. Some of the application
security techniques those are used for protecting data from cyber attacks include validation of
input parameter, authentication and authorization of roles of the users, parameter manipulation,
session management and auditing and logging. The process of information security can
successfully protect unauthenticated information access. The different technique used to protect
the system privacy encompasses cryptography, identification, authentication and authorization.
On the other hand, the disaster recovery process includes performance risk assessment, priority
concern and data recovery strategies. In order to continue the business operation quickly the
company needs to hold and design and precise a concrete plan. The network security involves
different activities for protecting useabilities, integrity, reliability and network safety as well
(Ganin et al., 2017). In order to protect the complete network various security measures those are
be implemented include anti-virus, anti spyware, intrusion prevention mechanism, VPN etc.
There are different technical solutions available for information securities among those most are
in progress and most organizations are facing major challenges (Soomro, Shah & Ahmed, 2016).
5PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
http://www.zarinpaper.com/wp-content/uploads/2016/02/Information-security-management-
needs___sder85t2d3gf0gg0g.pdf
1.2 Importance of Cyber Security in ABC technologies
The computer services of ABC Technologies are provided by Virtual Private Network
(VPN) in Canberra. The company allows their employees use their personal devices who are
working onsite and on the other side, the other are allowed to do work from home using their
Virtual Private Network (VPN). The onsite location again offers free local wireless connection
(LAN connection) to the working employees. ABC technology stores all their personnel and
financial confidential data in cloud server. However, due to lack of protection mechanism the
company these days has faced several major cyber threats. After adopting some cyber security
mechanisms ABC technology would be able to provide comprehensive protection to all
information stored in the cloud server. The employees can again successfully avoid risks and
cyber threats. The company would be able to secure all personnel information stored in the cloud
server. The security platform also allows the employees to actively work under a secured
working platform. It will also reduce the issues of overtime and cost consumptions and also
simultaneously protect websites from going down. The spyware can also cause business threats.
It can prevent adware and provide a successful consolidate solution to support the IT experts. In
SecaaS domain compliance analysis is referred to as one of the services which are classified by
the cloud security alliances (Furfaro, et al., 2016).
https://www.researchgate.net/profile/T_Gallo/publication/
309012781_Requirements_specification_of_a_Cloud_Service_for_Cyber_Security_Compliance
_Analysis/links/5b221f31aca272277fa97d2c/Requirements-specification-of-a-Cloud-Service-
for-Cyber-Security-Compliance-Analysis.pdf
http://www.zarinpaper.com/wp-content/uploads/2016/02/Information-security-management-
needs___sder85t2d3gf0gg0g.pdf
1.2 Importance of Cyber Security in ABC technologies
The computer services of ABC Technologies are provided by Virtual Private Network
(VPN) in Canberra. The company allows their employees use their personal devices who are
working onsite and on the other side, the other are allowed to do work from home using their
Virtual Private Network (VPN). The onsite location again offers free local wireless connection
(LAN connection) to the working employees. ABC technology stores all their personnel and
financial confidential data in cloud server. However, due to lack of protection mechanism the
company these days has faced several major cyber threats. After adopting some cyber security
mechanisms ABC technology would be able to provide comprehensive protection to all
information stored in the cloud server. The employees can again successfully avoid risks and
cyber threats. The company would be able to secure all personnel information stored in the cloud
server. The security platform also allows the employees to actively work under a secured
working platform. It will also reduce the issues of overtime and cost consumptions and also
simultaneously protect websites from going down. The spyware can also cause business threats.
It can prevent adware and provide a successful consolidate solution to support the IT experts. In
SecaaS domain compliance analysis is referred to as one of the services which are classified by
the cloud security alliances (Furfaro, et al., 2016).
https://www.researchgate.net/profile/T_Gallo/publication/
309012781_Requirements_specification_of_a_Cloud_Service_for_Cyber_Security_Compliance
_Analysis/links/5b221f31aca272277fa97d2c/Requirements-specification-of-a-Cloud-Service-
for-Cyber-Security-Compliance-Analysis.pdf
6PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
2. Identification and explanation of security vulnerabilities in ABCT’s system
In computing process and service, computer security vulnerability is referred to as a
weakness that can again exploit by threat actors like cyber attackers, malware attackers and
unauthorized performers also. “SIEM is a technology which supports threat detection and
security incident response through the real-time collection and historical analysis of security
events from a wide variety of event and contextual data sources (Furfaro et al., 2016).
[https://www.researchgate.net/profile/T_Gallo/publication/309012781_Requirements_specificati
on_of_a_Cloud_Service_for_Cyber_Security_Compliance_Analysis/links/
5b221f31aca272277fa97d2c/Requirements-specification-of-a-Cloud-Service-for-Cyber-Security-
Compliance-Analysis.pdf]”
In order to exploit vulnerabilities the attackers should have a single applicable technique
and tool that may connect to the system weakness. For ABC technology the 3 possible security
vulnerabilities are elaborated here. The Denial of Service attack that is also known as DOS attack
is one of the most frequently happening cyber attacks in the business organizations. This attack is
used to tie up resources of website to make sure that users who require access site cannot do.
With DOS attack the attackers can completely stop a network. Two methods are there through
which DOS attacks are accomplished by the cyber criminals such as-crashing services and
flooding services. The process of cyber security counter measures includes software encryption,
firewall, system compartmentalization, detection of virus (Paté‐Cornell et al., 2018).
[https://onlinelibrary.wiley.com/doi/pdf/10.1111/risa.12844]
In this process the attackers send numbers of traffic and due to that the network gets over
flow. In this process attackers are asked to connect request to a particular server however the
2. Identification and explanation of security vulnerabilities in ABCT’s system
In computing process and service, computer security vulnerability is referred to as a
weakness that can again exploit by threat actors like cyber attackers, malware attackers and
unauthorized performers also. “SIEM is a technology which supports threat detection and
security incident response through the real-time collection and historical analysis of security
events from a wide variety of event and contextual data sources (Furfaro et al., 2016).
[https://www.researchgate.net/profile/T_Gallo/publication/309012781_Requirements_specificati
on_of_a_Cloud_Service_for_Cyber_Security_Compliance_Analysis/links/
5b221f31aca272277fa97d2c/Requirements-specification-of-a-Cloud-Service-for-Cyber-Security-
Compliance-Analysis.pdf]”
In order to exploit vulnerabilities the attackers should have a single applicable technique
and tool that may connect to the system weakness. For ABC technology the 3 possible security
vulnerabilities are elaborated here. The Denial of Service attack that is also known as DOS attack
is one of the most frequently happening cyber attacks in the business organizations. This attack is
used to tie up resources of website to make sure that users who require access site cannot do.
With DOS attack the attackers can completely stop a network. Two methods are there through
which DOS attacks are accomplished by the cyber criminals such as-crashing services and
flooding services. The process of cyber security counter measures includes software encryption,
firewall, system compartmentalization, detection of virus (Paté‐Cornell et al., 2018).
[https://onlinelibrary.wiley.com/doi/pdf/10.1111/risa.12844]
In this process the attackers send numbers of traffic and due to that the network gets over
flow. In this process attackers are asked to connect request to a particular server however the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
process of handshake never gets completed. The process continues until rest of the ports gets
saturated. The phising cyber attacks are referred to as method that tries to collect personnel
information using websites or deceptive emails. In this method request are send through email
and websites, As soon as the users click on the emails information become easy to get accessed.
Snooping attack is a security context which is an unauthorized access to other’s confidential
information without any kind of permission. The process of eavesdropping is similar to the
snooping attack. It includes casual observance of email that appears on other devices. Advanced
attackers do use software programs for hacking personnel information. The requirement for
educated personnel in the cyber security workforce is much critical for the nation’s security
(Toregas, offman & Heller, 2016).
https://cspri.seas.gwu.edu/sites/g/files/zaxdzs1446/f/downloads/CSPRI%2BPaper
%2BUPLOAD_0.pdf
Justification of the answer
Three of the above mentioned cyber security threats are occurring in ABC technology
due to availability of lack of protection mechanism. The employees who are working onsite are
allowed to bring personal devices which are not at all secured for the ABC technology. It can
cause cyber risks like man in the middle. On the other hand, some of the employees ate also
allowed to work from home where also they provide local WAN network support. It is the
responsibility of the company to make sure that the network is completely secured from the
external attackers. In order to keep the network secured from external attackers users are needed
to evolve firewall and DMZ. The company had multiple numbers of nationwide offices and also
two overseas offices as well. “There are prevalent technical vulnerabilities in IT systems used
shipping. Global Navigation Satellite Signals (GNSS) of the global position system (GPS) are
process of handshake never gets completed. The process continues until rest of the ports gets
saturated. The phising cyber attacks are referred to as method that tries to collect personnel
information using websites or deceptive emails. In this method request are send through email
and websites, As soon as the users click on the emails information become easy to get accessed.
Snooping attack is a security context which is an unauthorized access to other’s confidential
information without any kind of permission. The process of eavesdropping is similar to the
snooping attack. It includes casual observance of email that appears on other devices. Advanced
attackers do use software programs for hacking personnel information. The requirement for
educated personnel in the cyber security workforce is much critical for the nation’s security
(Toregas, offman & Heller, 2016).
https://cspri.seas.gwu.edu/sites/g/files/zaxdzs1446/f/downloads/CSPRI%2BPaper
%2BUPLOAD_0.pdf
Justification of the answer
Three of the above mentioned cyber security threats are occurring in ABC technology
due to availability of lack of protection mechanism. The employees who are working onsite are
allowed to bring personal devices which are not at all secured for the ABC technology. It can
cause cyber risks like man in the middle. On the other hand, some of the employees ate also
allowed to work from home where also they provide local WAN network support. It is the
responsibility of the company to make sure that the network is completely secured from the
external attackers. In order to keep the network secured from external attackers users are needed
to evolve firewall and DMZ. The company had multiple numbers of nationwide offices and also
two overseas offices as well. “There are prevalent technical vulnerabilities in IT systems used
shipping. Global Navigation Satellite Signals (GNSS) of the global position system (GPS) are
8PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
known to have weak security measures and be susceptible to manipulation (Garcia-Perez,
Thurlbeck & How, 2017).
https://pdfs.semanticscholar.org/0bca/56d7f4c56899540d3ee9180ee6c8557a813b.pdf
It is the responsibility of the company owners and information security chief to design
and implement proper security measures in their operation system to disallow unauthenticated
uses to access data from the cloud server. If the cloud server is not kept secured then data might
get hacked either by using snooping or spoofing. Apart from that, the security mechanism that
has to be followed by the project company owners is cryptography. As most security
vulnerabilities in the smart grid are related with date protection therefore, it is essential to secure
information not in transit but also for rest like stored and processed data (Sadeghi, Wachsmann
& Waidner, 2015)
https://www.researchgate.net/profile/Jairo_Giraldo/publication/
317244549_Security_and_Privacy_in_Cyber-Physical_Systems_A_Survey_of_Surveys/links/
59ee771faca272029ddf7105/Security-and-Privacy-in-Cyber-Physical-Systems-A-Survey-of-
Surveys.pdf
3. Emerging threats in ABC technologies
3.1 Different types of emerging threats
The ABC Technology can be affected by different emerging threats as well. These threats
are also required to be analyzed. As the company operates nationwide and oversea as well
therefore it is not all secured for the company to allow their onsite working employees bringing
their own devices. The employees can use their personal devices to theft confidential information
known to have weak security measures and be susceptible to manipulation (Garcia-Perez,
Thurlbeck & How, 2017).
https://pdfs.semanticscholar.org/0bca/56d7f4c56899540d3ee9180ee6c8557a813b.pdf
It is the responsibility of the company owners and information security chief to design
and implement proper security measures in their operation system to disallow unauthenticated
uses to access data from the cloud server. If the cloud server is not kept secured then data might
get hacked either by using snooping or spoofing. Apart from that, the security mechanism that
has to be followed by the project company owners is cryptography. As most security
vulnerabilities in the smart grid are related with date protection therefore, it is essential to secure
information not in transit but also for rest like stored and processed data (Sadeghi, Wachsmann
& Waidner, 2015)
https://www.researchgate.net/profile/Jairo_Giraldo/publication/
317244549_Security_and_Privacy_in_Cyber-Physical_Systems_A_Survey_of_Surveys/links/
59ee771faca272029ddf7105/Security-and-Privacy-in-Cyber-Physical-Systems-A-Survey-of-
Surveys.pdf
3. Emerging threats in ABC technologies
3.1 Different types of emerging threats
The ABC Technology can be affected by different emerging threats as well. These threats
are also required to be analyzed. As the company operates nationwide and oversea as well
therefore it is not all secured for the company to allow their onsite working employees bringing
their own devices. The employees can use their personal devices to theft confidential information
9PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
from the cloud server (Knowles et al., 2015). The company should restrict the use of the devices
inside the working field. If proper protection is not acquired then the company would face major
threats. The network channel uses by ABC technology is not enough secured therefore the
competitor companies can easily access the network and hijack confidential data from the server
(Soomro, Shah & Ahmed, 2016). Therefore, it can be a serious emerging threat for the company.
“With the tight and close interactions among the increasing number of physical objects such as
smart phones, tablets, smart sensors, and others, D2D technology allows these in-proximity
devices to communicate directly with each other bypassing the BS (Atat et al., 2017).”
[https://ieeexplore.ieee.org/iel7/7805360/7898549/07898576.pdf]”.
As the company operates worldwide therefore data management can be a major issue.
The cloud server is required to be secured from external threats (Atat et al., 2015). It is
responsibility of the company owners to adopt proper security mechanisms to protect data from
the cyber attackers. The Company fails to adopt and apply different security policies and
therefore consumer data can be theft by the external attackers. In order to protect data from
unwanted attackers and unauthorized users the company is required to possess encryption
mechanism. It can cause information hijack. It is also identified as a major emerging threat for
the company. “To evaluate our proposed system, we implemented a prototypical system using
Apache Hadoop, an open-source software framework (Xu et al., 2015).
https://pdfs.semanticscholar.org/631b/b60544dacb433cf9071d327b97e02d3fcadf.pdf]”.
3.2 The consequences/damage of the attack
If respective security measures are not followed by ABC technology then all confidential
information stored in the cloud server would get hacked by the unwanted attackers and hackers.
from the cloud server (Knowles et al., 2015). The company should restrict the use of the devices
inside the working field. If proper protection is not acquired then the company would face major
threats. The network channel uses by ABC technology is not enough secured therefore the
competitor companies can easily access the network and hijack confidential data from the server
(Soomro, Shah & Ahmed, 2016). Therefore, it can be a serious emerging threat for the company.
“With the tight and close interactions among the increasing number of physical objects such as
smart phones, tablets, smart sensors, and others, D2D technology allows these in-proximity
devices to communicate directly with each other bypassing the BS (Atat et al., 2017).”
[https://ieeexplore.ieee.org/iel7/7805360/7898549/07898576.pdf]”.
As the company operates worldwide therefore data management can be a major issue.
The cloud server is required to be secured from external threats (Atat et al., 2015). It is
responsibility of the company owners to adopt proper security mechanisms to protect data from
the cyber attackers. The Company fails to adopt and apply different security policies and
therefore consumer data can be theft by the external attackers. In order to protect data from
unwanted attackers and unauthorized users the company is required to possess encryption
mechanism. It can cause information hijack. It is also identified as a major emerging threat for
the company. “To evaluate our proposed system, we implemented a prototypical system using
Apache Hadoop, an open-source software framework (Xu et al., 2015).
https://pdfs.semanticscholar.org/631b/b60544dacb433cf9071d327b97e02d3fcadf.pdf]”.
3.2 The consequences/damage of the attack
If respective security measures are not followed by ABC technology then all confidential
information stored in the cloud server would get hacked by the unwanted attackers and hackers.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
It will impact the competitive market of the company and also expected revenue structure of the
company as well. The impact that can cause for the cyber attacks are elaborated for the company
here. Unwanted attackers can damage all the confidential information stored in the cloud server.
Besides damaging data it is also possible that the competitor company is misusing the
confidential data from the cloud server of ABC technology. If proper security mechanisms are
not followed by the employees and other security heads of ABC technology then the company
may fail to reach the project objectives and expectation of the client company. In addition to this
an accurate system security plan is also required to be implanted by the company to improve the
security process (Toregas, Hoffman & Heller, 2016).
https://cspri.seas.gwu.edu/sites/g/files/zaxdzs1446/f/downloads/CSPRI%2BPaper
%2BUPLOAD_0.pdf
3.3 Responsible person of the attack and their attack technique
After analyzing the business, operational and functional scenario of ABC technology it
has been defined that, the person who is responsible to make the cyber attacks are employees and
security owners of similar competitor company (Ganin et al., 2017). The attackers can be
employees, security engineer, network engineer or else it can be some completely one external
user. In order to hijack different personal, financial and other confidential information from the
cloud server the different cyber attack techniques those are used by the identified responsible
person are DOS, spoofing, snooping, phising attack etc. Among these techniques the most
widely used information hacking technique is DOS. In this technique the attackers send link or
spam and if the users click on the site or email then immediately stored secret information will
become available to the attackers. Apart from the above mentioned techniques using spyware,
malware also information can be hacked by the attackers and unauthorized users. “As such,
It will impact the competitive market of the company and also expected revenue structure of the
company as well. The impact that can cause for the cyber attacks are elaborated for the company
here. Unwanted attackers can damage all the confidential information stored in the cloud server.
Besides damaging data it is also possible that the competitor company is misusing the
confidential data from the cloud server of ABC technology. If proper security mechanisms are
not followed by the employees and other security heads of ABC technology then the company
may fail to reach the project objectives and expectation of the client company. In addition to this
an accurate system security plan is also required to be implanted by the company to improve the
security process (Toregas, Hoffman & Heller, 2016).
https://cspri.seas.gwu.edu/sites/g/files/zaxdzs1446/f/downloads/CSPRI%2BPaper
%2BUPLOAD_0.pdf
3.3 Responsible person of the attack and their attack technique
After analyzing the business, operational and functional scenario of ABC technology it
has been defined that, the person who is responsible to make the cyber attacks are employees and
security owners of similar competitor company (Ganin et al., 2017). The attackers can be
employees, security engineer, network engineer or else it can be some completely one external
user. In order to hijack different personal, financial and other confidential information from the
cloud server the different cyber attack techniques those are used by the identified responsible
person are DOS, spoofing, snooping, phising attack etc. Among these techniques the most
widely used information hacking technique is DOS. In this technique the attackers send link or
spam and if the users click on the site or email then immediately stored secret information will
become available to the attackers. Apart from the above mentioned techniques using spyware,
malware also information can be hacked by the attackers and unauthorized users. “As such,
11PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
employing cloud-based laboratories can have clear advantages over using classical ones, which
impose major hindrances against fulfilling pedagogical objectives and do not scale well when the
number of students and distant university campuses grows up (Salah, Hammoud & Zeadally,
2015).”
https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7089256
4. Recommendations to protect office information home from cyber attack
In order to protect ABC technology from the identified vulnerabilities and threats the
chief information security officer is needed to maintain some recommendations and these
recommendations are as mentioned in the below section. Encryption technology helps to encrypt
data. In other word, it can convert plain text into cipher text. Unauthorized users are not allowed
to access encrypted information. Therefore, this approach will help to protect data from the
external attackers. While sharing any financial documents and even during online payment
processing period also proper security measures are needed to be possessed by ABC technology.
On job technical training is referred to as a process can be used actively to improve the technical
skills and knowledge of the project team members. Technical training will help the company
employees to obtain more knowledge regarding cloud computing, cyber security threats. Apart
from that, from the workshop the employees will be able to gain knowledge regarding some
other techniques also such as intrusion detection approach, data loss prevention, access
management etc. Application firewall will help the ABC technology to restrict the input, output
and access of information stored in the cloud server. This security mechanism operates through
monitoring and potential blocking of the outputs, inputs and service details as well. It will help to
block different unwanted activities as well.
employing cloud-based laboratories can have clear advantages over using classical ones, which
impose major hindrances against fulfilling pedagogical objectives and do not scale well when the
number of students and distant university campuses grows up (Salah, Hammoud & Zeadally,
2015).”
https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7089256
4. Recommendations to protect office information home from cyber attack
In order to protect ABC technology from the identified vulnerabilities and threats the
chief information security officer is needed to maintain some recommendations and these
recommendations are as mentioned in the below section. Encryption technology helps to encrypt
data. In other word, it can convert plain text into cipher text. Unauthorized users are not allowed
to access encrypted information. Therefore, this approach will help to protect data from the
external attackers. While sharing any financial documents and even during online payment
processing period also proper security measures are needed to be possessed by ABC technology.
On job technical training is referred to as a process can be used actively to improve the technical
skills and knowledge of the project team members. Technical training will help the company
employees to obtain more knowledge regarding cloud computing, cyber security threats. Apart
from that, from the workshop the employees will be able to gain knowledge regarding some
other techniques also such as intrusion detection approach, data loss prevention, access
management etc. Application firewall will help the ABC technology to restrict the input, output
and access of information stored in the cloud server. This security mechanism operates through
monitoring and potential blocking of the outputs, inputs and service details as well. It will help to
block different unwanted activities as well.
12PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
Conclusion
From the overall discussion it can be concluded that, the computer security threats are
persistently incentives. The masters of manipulation and disguise theses threats continuously that
evolve to find out new ways for annoy, steal and harm as well. In order to safeguard business
operations and functionalities against computer security threats different emerging trends and
security mechanisms are needed to be implemented by the company associates. If the company
successfully adopts accurate security measures then it will help them to obtain commercial
revenue and competitive advantages. Apart from that high security can attract new consumers
and retain existing. Besides this, cyber security also gives flexibility, reliability, security,
scalability as well. Different online security threats that are required to be analyzed and restricted
include spyware threats, hackers and predators attack, computer virus attack, DOS, spoofing and
phising attack. Most of the operational issues occur due to mobile connectivity, online payment
processing, extreme usage of cloud computing technology and Internet of Things (IoT), third
party outsourcing and remote access. These days most of the businesses are using the concept of
website to improve the overall processing efficiency. These smart devices are required to keep
secure with proper security measurements of not the complete the business proves may face
major challenge. Some of the common security actions that can effectively protect data from the
hackers and other external attackers are data loss prevention, network security, cloud security,
identity and access management, cryptography, intrusion detection system etc.
Conclusion
From the overall discussion it can be concluded that, the computer security threats are
persistently incentives. The masters of manipulation and disguise theses threats continuously that
evolve to find out new ways for annoy, steal and harm as well. In order to safeguard business
operations and functionalities against computer security threats different emerging trends and
security mechanisms are needed to be implemented by the company associates. If the company
successfully adopts accurate security measures then it will help them to obtain commercial
revenue and competitive advantages. Apart from that high security can attract new consumers
and retain existing. Besides this, cyber security also gives flexibility, reliability, security,
scalability as well. Different online security threats that are required to be analyzed and restricted
include spyware threats, hackers and predators attack, computer virus attack, DOS, spoofing and
phising attack. Most of the operational issues occur due to mobile connectivity, online payment
processing, extreme usage of cloud computing technology and Internet of Things (IoT), third
party outsourcing and remote access. These days most of the businesses are using the concept of
website to improve the overall processing efficiency. These smart devices are required to keep
secure with proper security measurements of not the complete the business proves may face
major challenge. Some of the common security actions that can effectively protect data from the
hackers and other external attackers are data loss prevention, network security, cloud security,
identity and access management, cryptography, intrusion detection system etc.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
References
Atat, R., Liu, L., Chen, H., Wu, J., Li, H., & Yi, Y. (2017). Enabling cyber-physical
communication in 5g cellular networks: challenges, spatial spectrum sensing, and cyber-
security. IET Cyber-Physical Systems: Theory & Applications, 2(1), 49-54.
https://ieeexplore.ieee.org/iel7/7805360/7898549/07898576.pdf
Di Sarno, C., Garofalo, A., Matteucci, I., & Vallini, M. (2016). A novel security information and
event management system for enhancing cyber security in a hydroelectric
dam. International Journal of Critical Infrastructure Protection, 13, 39-51.
https://www.sciencedirect.com/science/article/pii/S187454821630035X
Furfaro, A., Gallo, T., Garro, A., Saccà, D., & Tundis, A. (2016, May). Requirements
specification of a cloud service for cyber security compliance analysis. In 2016 2nd
International Conference on Cloud Computing Technologies and Applications
(CloudTech) (pp. 205-212). IEEE.
https://www.researchgate.net/profile/T_Gallo/publication/
309012781_Requirements_specification_of_a_Cloud_Service_for_Cyber_Security_Com
pliance_Analysis/links/5b221f31aca272277fa97d2c/Requirements-specification-of-a-
Cloud-Service-for-Cyber-Security-Compliance-Analysis.pdf
Ganin, A. A., Quach, P., Panwar, M., Collier, Z. A., Keisler, J. M., Marchese, D., & Linkov, I.
(2017). Multicriteria decision framework for cybersecurity risk assessment and
management. Risk Analysis.
References
Atat, R., Liu, L., Chen, H., Wu, J., Li, H., & Yi, Y. (2017). Enabling cyber-physical
communication in 5g cellular networks: challenges, spatial spectrum sensing, and cyber-
security. IET Cyber-Physical Systems: Theory & Applications, 2(1), 49-54.
https://ieeexplore.ieee.org/iel7/7805360/7898549/07898576.pdf
Di Sarno, C., Garofalo, A., Matteucci, I., & Vallini, M. (2016). A novel security information and
event management system for enhancing cyber security in a hydroelectric
dam. International Journal of Critical Infrastructure Protection, 13, 39-51.
https://www.sciencedirect.com/science/article/pii/S187454821630035X
Furfaro, A., Gallo, T., Garro, A., Saccà, D., & Tundis, A. (2016, May). Requirements
specification of a cloud service for cyber security compliance analysis. In 2016 2nd
International Conference on Cloud Computing Technologies and Applications
(CloudTech) (pp. 205-212). IEEE.
https://www.researchgate.net/profile/T_Gallo/publication/
309012781_Requirements_specification_of_a_Cloud_Service_for_Cyber_Security_Com
pliance_Analysis/links/5b221f31aca272277fa97d2c/Requirements-specification-of-a-
Cloud-Service-for-Cyber-Security-Compliance-Analysis.pdf
Ganin, A. A., Quach, P., Panwar, M., Collier, Z. A., Keisler, J. M., Marchese, D., & Linkov, I.
(2017). Multicriteria decision framework for cybersecurity risk assessment and
management. Risk Analysis.
14PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
https://onlinelibrary.wiley.com/doi/pdf/10.1111/risa.12891
Garcia-Perez, A., Thurlbeck, M., & How, E. (2017). Towards cyber security readiness in the
Maritime industry: A knowledge-based approach.
https://pdfs.semanticscholar.org/0bca/56d7f4c56899540d3ee9180ee6c8557a813b.pdf
Gupta, B., Agrawal, D. P., & Yamaguchi, S. (Eds.). (2016). Handbook of research on modern
cryptographic solutions for computer and cyber security. IGI global.
https://pdfs.semanticscholar.org/0bca/56d7f4c56899540d3ee9180ee6c8557a813b.pdf
Knowles, W., Prince, D., Hutchison, D., Disso, J. F. P., & Jones, K. (2015). A survey of cyber
security management in industrial control systems. International journal of critical
infrastructure protection, 9, 52-80.
https://daneshyari.com/article/preview/275730.pdf
Paté‐Cornell, M. E., Kuypers, M., Smith, M., & Keller, P. (2018). Cyber risk management for
critical infrastructure: A risk analysis model and three case studies. Risk Analysis, 38(2),
226-241.
https://onlinelibrary.wiley.com/doi/pdf/10.1111/risa.12844
Ramachandran, M. (2016). Software security requirements management as an emerging cloud
computing service. International Journal of Information Management, 36(4), 580-590.
http://eprints.leedsbeckett.ac.uk/3324/3/Software%20Security%20Requirements
%20Management%20IJIM%20March%202016%20v1%20revised.pdf
https://onlinelibrary.wiley.com/doi/pdf/10.1111/risa.12891
Garcia-Perez, A., Thurlbeck, M., & How, E. (2017). Towards cyber security readiness in the
Maritime industry: A knowledge-based approach.
https://pdfs.semanticscholar.org/0bca/56d7f4c56899540d3ee9180ee6c8557a813b.pdf
Gupta, B., Agrawal, D. P., & Yamaguchi, S. (Eds.). (2016). Handbook of research on modern
cryptographic solutions for computer and cyber security. IGI global.
https://pdfs.semanticscholar.org/0bca/56d7f4c56899540d3ee9180ee6c8557a813b.pdf
Knowles, W., Prince, D., Hutchison, D., Disso, J. F. P., & Jones, K. (2015). A survey of cyber
security management in industrial control systems. International journal of critical
infrastructure protection, 9, 52-80.
https://daneshyari.com/article/preview/275730.pdf
Paté‐Cornell, M. E., Kuypers, M., Smith, M., & Keller, P. (2018). Cyber risk management for
critical infrastructure: A risk analysis model and three case studies. Risk Analysis, 38(2),
226-241.
https://onlinelibrary.wiley.com/doi/pdf/10.1111/risa.12844
Ramachandran, M. (2016). Software security requirements management as an emerging cloud
computing service. International Journal of Information Management, 36(4), 580-590.
http://eprints.leedsbeckett.ac.uk/3324/3/Software%20Security%20Requirements
%20Management%20IJIM%20March%202016%20v1%20revised.pdf
15PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
Sadeghi, A. R., Wachsmann, C., & Waidner, M. (2015, June). Security and privacy challenges in
industrial internet of things. In 2015 52nd ACM/EDAC/IEEE Design Automation
Conference (DAC) (pp. 1-6). IEEE.
https://www.researchgate.net/profile/Jairo_Giraldo/publication/
317244549_Security_and_Privacy_in_Cyber-Physical_Systems_A_Survey_of_Surveys/
links/59ee771faca272029ddf7105/Security-and-Privacy-in-Cyber-Physical-Systems-A-
Survey-of-Surveys.pdf
Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model
in organizations. Computers & Security, 56, 70-82.
http://eprints.um.edu.my/15147/1/
Information_security_policy_compliance_model_in_organizations.pdf
Salah, K., Hammoud, M., & Zeadally, S. (2015). Teaching cybersecurity using the cloud. IEEE
Transactions on Learning Technologies, 8(4), 383-392.
https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7089256
Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs more
holistic approach: A literature review. International Journal of Information
Management, 36(2), 215-225.
http://www.zarinpaper.com/wp-content/uploads/2016/02/Information-security-management-
needs___sder85t2d3gf0gg0g.pdf
Sadeghi, A. R., Wachsmann, C., & Waidner, M. (2015, June). Security and privacy challenges in
industrial internet of things. In 2015 52nd ACM/EDAC/IEEE Design Automation
Conference (DAC) (pp. 1-6). IEEE.
https://www.researchgate.net/profile/Jairo_Giraldo/publication/
317244549_Security_and_Privacy_in_Cyber-Physical_Systems_A_Survey_of_Surveys/
links/59ee771faca272029ddf7105/Security-and-Privacy-in-Cyber-Physical-Systems-A-
Survey-of-Surveys.pdf
Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model
in organizations. Computers & Security, 56, 70-82.
http://eprints.um.edu.my/15147/1/
Information_security_policy_compliance_model_in_organizations.pdf
Salah, K., Hammoud, M., & Zeadally, S. (2015). Teaching cybersecurity using the cloud. IEEE
Transactions on Learning Technologies, 8(4), 383-392.
https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7089256
Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs more
holistic approach: A literature review. International Journal of Information
Management, 36(2), 215-225.
http://www.zarinpaper.com/wp-content/uploads/2016/02/Information-security-management-
needs___sder85t2d3gf0gg0g.pdf
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
16PROFESSIONAL SKILLS FOR INFORMATION AND COMMUNICATION
Toregas, C., Hoffman, L. J., & Heller, R. (2016, April). Exploring ways to give engineering
cyber security students a stronger policy and management perspective. In Spring 2016
Mid-Atlantic ASEE Conference.
https://cspri.seas.gwu.edu/sites/g/files/zaxdzs1446/f/downloads/CSPRI%2BPaper
%2BUPLOAD_0.pdf
Van Schaik, P., Jeske, D., Onibokun, J., Coventry, L., Jansen, J., & Kusev, P. (2017). Risk
perceptions of cyber-security and precautionary behaviour. Computers in Human
Behavior, 75, 547-559.
http://nrl.northumbria.ac.uk/30928/1/Risk%20perceptions%20of%20cyber-security%20and
%20precautionary%20behaviour%20AAM.pdf
Xu, G., Yu, W., Chen, Z., Zhang, H., Moulema, P., Fu, X., & Lu, C. (2015). A cloud computing
based system for cyber security management. International Journal of Parallel,
Emergent and Distributed Systems, 30(1), 29-45.
https://pdfs.semanticscholar.org/631b/b60544dacb433cf9071d327b97e02d3fcadf.pdf
Toregas, C., Hoffman, L. J., & Heller, R. (2016, April). Exploring ways to give engineering
cyber security students a stronger policy and management perspective. In Spring 2016
Mid-Atlantic ASEE Conference.
https://cspri.seas.gwu.edu/sites/g/files/zaxdzs1446/f/downloads/CSPRI%2BPaper
%2BUPLOAD_0.pdf
Van Schaik, P., Jeske, D., Onibokun, J., Coventry, L., Jansen, J., & Kusev, P. (2017). Risk
perceptions of cyber-security and precautionary behaviour. Computers in Human
Behavior, 75, 547-559.
http://nrl.northumbria.ac.uk/30928/1/Risk%20perceptions%20of%20cyber-security%20and
%20precautionary%20behaviour%20AAM.pdf
Xu, G., Yu, W., Chen, Z., Zhang, H., Moulema, P., Fu, X., & Lu, C. (2015). A cloud computing
based system for cyber security management. International Journal of Parallel,
Emergent and Distributed Systems, 30(1), 29-45.
https://pdfs.semanticscholar.org/631b/b60544dacb433cf9071d327b97e02d3fcadf.pdf
1 out of 17
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.