Detection and Prevention of Network Breaches: A Detailed Analysis

Verified

Added on 2022/08/27

AI Summary

This report provides a comprehensive overview of network breach detection and prevention strategies. It begins by outlining essential systems and methods, such as firewalls, malware protection, and intrusion detection systems (IDS), emphasizing their role in securing network traffic and preventing data loss. The report differentiates between internal and external threats, highlighting the significance of employee training and access control to mitigate internal risks. It then explores the concept of continuous improvement in IT governance, emphasizing the need for organizations to adapt to evolving security threats through targeted planning and consistent monitoring. The report concludes with a case study of the Facebook-Cambridge Analytica data scandal, illustrating the consequences of failing to adhere to information governance and data privacy regulations, including significant financial penalties and reputational damage. The report references various sources to support its analysis and provide a well-rounded understanding of network security.

Question 1
The occurrence of a network breach could mean the beginning to the end of your
business. At that moment, everything is dependent on how well and quickly you respond in
fixing the breach. What’s worrying is the fact that many SMEs lack the necessary preparedness
to handle such network incidents that may lead to catastrophic damage to both the company and
its customers in the event of a data loss (Prasad, Srinath, & Basha, 2015). Below are the systems
or methods that are required to detect a breach or an intrusion.
(a) The use of system firewalls that are necessary as they filter and secure both the incoming
and the outgoing network traffic.
(b) Malware and antivirus softwares form an important part of the intrusion prevention
system (IPS). They prevent the upload of malicious files and viruses such as ransomware
or detect them on the system instantly, and this can make all the difference (Gross, 2019).
(c) Intrusion Detection Systems (IDS) are programmed to detect and prevent any signs of a
breach in the system. Examples of IDS is Snort.
Other methods or systems that can be used to detect an intrusion include system
monitoring and log auditing tools, vulnerability scanners, encryption tools, network mappers,
and DDoS mitigation systems, among others (Prasad et al., 2015).
Isolation is the perfect way to deal with a breach but cannot be applied to the whole
system. Thus, firms have to deal with both risk and value tradeoffs to provide guidelines that
should be followed to isolate company assets (Ritchot, 2013). Some of these elements include an
incidence response plan, disaster recovery plan, and a kill switch for the most sensitive data and
access control borders. The isolation of the most valuable company assets should be achieved
with the least possible efforts.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Question 2
The primary difference between an internal and external threat is the attacker’s identity.
Internal data breaches are caused or conducted by employees either intentionally or by accident.
Hence employees should be thoroughly trained on cyber-security issues. Internal threats stem
from within the company, and thus, the person causing it will have already bypassed all the
external defenses of the system (Walker et al., 2019). Trusted members of the company, such as
employees, already have far more access to the information system than any external threat. On
the other hand, invaders or external threats are hackers acting from outside of the company and
have to overcome or break both the external defenses and the internal defenses for them to
breach the information system (Walker et al., 2019).
In most scenarios, external threats can be prevented through the use of intrusion detection
systems, intrusion prevention systems, and a robust firewall on the network. The most difficult
task is securing the system against an internal threat and often will require an overhaul of the
security procedures (Jouini, Rabai, & Aissa, 2014). The following can be useful in protecting the
system against internal threats.
(a) Keeping track and monitoring employees’ access levels at all times and modifying them
regularly and as required.
(b) Modifying passwords frequently and straightaway an employee leaves the organization.
(c) Employee training could prove to be a valuable method to combat internal threats as it
has long been established that some internal threats may happen accidentally. Employees
should be trained not to share their passwords, to ensure that their passwords meet a
minimum requirement threshold of security and never to reuse their passwords (Jouini et
al., 2014).

Question 3
In general, continuous improvement is an ongoing organizational effort to improve their
products, processes, or services, especially by increasing the quality or reducing wastage of
resources. These efforts to continuously improve will eventually create a competitive edge for an
organization that does it the right way.
For the IT governance program, a continuous improvement would see the organization
and information security managers take a result-oriented and risk-based methodology in a bid to
manage the organization’s cyber-security aspects (Lorences et al., 2013). This can be done via
the implementation of a targeted dimension, comprehensive planning, continuous
improvement, and prediction to reduce cyber risk considerably. Due to the rapidly changing
nature of technology, organizations must always strive to improve their awareness of security
threats and invest accordingly and in a balanced way to counteract the security threats and
vulnerabilities (Lorences et al., 2013).
The consistent monitoring of an information governance program’s position is the
starting point in coming up with a mature information governance program. Businesses need to
go far and beyond consistent monitoring to become effective and, thus, the need for a continuous
improvement process. According to Gelnaw (2019), the idea of continuous improvement is the
ongoing improvement of products, services, or processes either via step-by-step increments or a
breakthrough. A step-by-step improvement happens over a long period, while a breakthrough
happens all at once. And while breakthroughs are effective, it is the small incremental
improvements that happen over a long period that lead to the effective long-term change in
creating mature information governance programs.
Question 4

Facebook – Cambridge Analytica data scandal
2018/2019 was a problematic period for tech giant companies and social networking
companies as data security and privacy concerns heightened with Facebook at the forefront.
Things got worse for the firm when its CEO, Mark Zuckerberg, appeared before the Congress to
explain allegations of illegal acquisition of personal data for an estimated 87 million unaware
Facebook users by Cambridge Analytica – a political intelligence firm (Jaeger, 2018).
The data incident for failure to adhere to information governance further escalated,
leading to an official investigation by the Federal Trade Commission (FTC) into whether the
firm’s action had violated the consent decree signed in 2011. The decree required that Facebook,
at the least, to give its users clear and bold notice and obtain their voluntary and informed
consent before they can use or share their personal information.
To add to the data privacy issues and failure, Facebook would go further to reveal –
through a news blog (Bar, 2018) that they had discovered a software bug that could potentially
have given access to third-party applications to photos of up to 6.8 million Facebook users. As a
result, the Irish Data Protection Commission launched a lawsuit for Facebook’s potential breach
of the EU’s General Data Protection Regulation (GDPR).
After a yearlong investigation into the failure to adhere to information governance, the
outcome of the case resulted in a significant financial loss. Facebook was required to pay a
staggering $5bn in fines for deceiving users about their capability to keep personal data and
information private (York, 2019).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

References
Bar, T. (2018, December 14). Notifying our Developer Ecosystem about a Photo API Bug.
Retrieved from Facebook for Developers website:
https://developers.facebook.com/blog/post/2018/12/14/notifying-our-developer-
ecosystem-about-a-photo-api-bug/ (Accessed 05.04.2020)
Gelnaw, A. (2019, March 22). The Importance of Continuous Improvement in Security
Performance Management. Retrieved April 5, 2020, from BitSight website:
https://www.bitsight.com/blog/importance-continuous-improvement-security-
performance-management (Accessed 05.04.2020)
Gross, G. (2019, February 14). Intrusion Detection Techniques, Methods & Best Practices:
Detecting Network Intrusion in 2019. Retrieved April 5, 2020, from
https://cybersecurity.att.com/blogs/security-essentials/intrusion-detection-techniques-
methods-best-practices (Accessed 05.04.2020)
Jaeger, J. (2018, December 17). Top ethics and compliance failures of 2018. Retrieved April 5,
2020, from Compliance Week website: https://www.complianceweek.com/opinion/top-
ethics-and-compliance-failures-of-2018/24720.article (Accessed 05.04.2020)
Jouini, M., Rabai, L. B. A., & Aissa, A. B. (2014). Classification of Security Threats in
Information Systems. Procedia Computer Science, 32, 489–496. Retrieved from
https://doi.org/10.1016/j.procs.2014.05.452 (Accessed 05.04.2020)
Lorences, P. P., Ávila, L. F. G., Lorences, P. P., & Ávila, L. F. G. (2013). The evaluation and
improvement of it governance. JISTEM - Journal of Information Systems and
Technology Management, 10(2), 219–234. Retrieved from
https://doi.org/10.4301/S1807-17752013000200002 (Accessed 05.04.2020)

Prasad, S., Srinath, M., & Basha, M. (2015). Intrusion Detection Systems, Tools and Techniques
– An Overview. Indian Journal of Science and Technology, 8. Retrieved from
https://doi.org/10.17485/ijst/2015/v8i35/80108 (Accessed 05.04.2020)
Ritchot, B. (2013). An Enterprise Security Program and Architecture to Support Business
Drivers. Technology Innovation Management Review, 3(8), 25–33. Retrieved from
https://doi.org/10.22215/timreview/713 (Accessed 05.04.2020)
Walker, S., Hammoudeh, M., Aldabbas, O., Aydin, M., & Dehghantanha, A. (2019). Threats on
the horizon: Understanding security threats in the era of cyber-physical systems. The
Journal of Supercomputing. Retrieved from
https://doi.org/10.1007/s11227-019-03028-9 (Accessed 05.04.2020)
York, R. D. D. R. in N. (2019, July 24). Facebook to pay $5bn fine as regulator settles
Cambridge Analytica complaint. The Guardian. Retrieved from
https://www.theguardian.com/technology/2019/jul/24/facebook-to-pay-5bn-fine-as-
regulator-files-cambridge-analytica-complaint (Accessed 05.04.2020)