SlideShare a Scribd company logo

WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)

Download as DOCX, PDF
C
ChristopherAntonius

This Paper is Submitted to Fulfill The English 2 Task Study Program Software Engineering 4th Semester Buddhi Dharma University. Tangerang. Lecturer: Dra. Harisa Mardiana, M.Pd.

Engineering
1 of 7
SOFTWARE ENGINEERING (CYBERSECURITY) By : CHRISTOPHER ANTONIUS 20181100007 STUDY PROGRAM SOFTWARE ENGINEERING FACULTY OF SCIENCE AND TECHNOLOGY UNIVERSITAS BUDDHI DHARMA
SOFTWARE ENGINEERING (CYBERSECURITY) Software engineering is the study of and practice of engineering to build, design, develop, maintain, and retire software. There are different areas of software engineering and it serves many functions throughout the application lifecycle. Effective software engineering requires software engineers to be educated about good software engineering best practices, disciplined and cognizant of how your company develops software, the operation it will fulfill, and how it will be maintained. According to StackOverflow Survey 2018, software engineers are lifelong learners; almost 90% of all developers say they have taught themselves a new language, framework, or tool outside of their formal education. Businesses are increasingly shifting their operations toward automation. This means that machines and computer software will handle more types of repetitive tasks, freeing up people to leverage their creativity. Most companies and organizations rely on websites, apps, or computer-based software to keep their businesses running and successful. Responding to constant competition and advancements, software engineers build programs, make improvements, and adjust code to maintain agility and usefulness. Software engineering is important because specific software is needed in almost every industry, in every business, and for every function. It becomes more important as
time goes on – if something breaks within your application portfolio, a quick, efficient, and effective fix needs to happen as soon as possible. Software engineering is an engineering discipline that is concerned with all aspects of software production from the early stages of system specification through to maintaining the system after it has gone into use (Ian Sommerville, 2016). Software engineering is essential for the functioning of government, society, and national and international businesses and institutions. We can’t run the modern world without software. National infrastructures and utilities are controlled by computer-based systems, and most electrical products include a computer and controlling software. Industrial manufacturing and distribution is completely computerized, as is the financial system. Entertainment, including the music industry, computer games, and film and television, is software-intensive. Many people think that software is simply another word for computer programs. However, when we are talking about software engineering, software is not just the programs themselves but also all associated documentation, libraries, support websites, and configuration data that are needed to make these programs useful. A professionally developed software system is often more than a single program. A system may consist of several separate programs and configuration files that are used to set up these programs. It may include system documentation, which describes the
structure of the system, user documentation, which explains how to use the system, and websites for users to download recent product information. Maintaining the security of our networked infrastructure and government, business, and personal computer systems is one of the most significant problems facing our society. The ubiquity of the Internet and our dependence on computer systems have created new criminal opportunities for theft and social disruption. It is very difficult to measure the losses due to cybercrime. However, in 2013, it was estimated that losses to the global economy due to cybercrime were between $100 billion and $500 billion (InfoSecurity 2013). Cybersecurity is concerned with all of an organization’s IT assets from networks through to application systems. The vast majority of these assets are externally procured, and companies do not understand their detailed operation. Systems such as web browsers are large and complex programs, and inevitably they contain bugs that can be a source of vulnerability. The different systems in an organization are related to each other in many different ways. They may be stored on the same disk, share data, rely on common operating systems components, and so on. The organizational “system of systems” is incredibly complex. It is impossible to ensure that it is free of security vulnerabilities. Consequently, you should generally assume that your systems are vulnerable to cyberattack and that, at some stage, a cyberattack is likely to occur.
A successful cyberattack can have very serious financial consequences for businesses, so it is essential that attacks are contained and losses minimized. Effective resilience engineering at the organizational and systems levels can repel attacks and bring systems back into operation quickly and so limit the losses incurred. These are not independent threat classes. An attacker may compromise the integrity of a user’s system by introducing malware, such as a botnet component. This may then be invoked remotely as part of a distributed denial-of-service attack on another system. Other types of malware may be used to capture personal details and so allow confidential assets to be accessed. To counter these threats, organizations should put controls in place that make it difficult for attackers to access or damage assets. It is also important to raise awareness of cybersecurity issues so that people know why these controls are important and so are less likely to reveal information to an attacker. Examples of controls that may be used are authentication, where users of a system have to show that they are authorized to access the system. The familiar login/password approach to authentication is a universally used but rather weak control. However, to deal with problems, a user or system operator may have to take the initiative and take actions that are normally carried out by someone with a higher level of privilege. For example, the system manager of a medical system may not normally be allowed to change the access rights of medical staff to records. For security reasons,
access permissions have to be formally authorized, and two people need to be involved in making the change. This reduces the chances of system managers colluding with attackers and allowing access to confidential medical information. Now, imagine that the system manager notices that a logged-in user is accessing a large number of records outside of normal working hours. The manager suspects that an account has been compromised and that the user accessing the records is not actually the authorized user. To limit the damage, the user’s access rights should be removed and a check then made with the authorized user to see if the accesses were actually illegal. However, the security procedures limiting the rights of system managers to change users’ permissions make this impossible. Therefore, the audit trail of emergency actions can be used to check that a system manager’s actions were justified. Of course, there is scope for misuse here, and the existence of an emergency mode is itself a potential vulnerability. Therefore, organizations have to trade off possible losses against the benefits of adding more features to a system to support resilience.
REFERENCES Aiello, B., and L. Sachs. 2011. Configuration Management Best Practices. Boston: Addison- Wesley. Bamford, R., and W. J. Deibler. 2003. “ISO 9001:2000 for Software and Systems Providers: An Engineering Approach.” Boca Raton, FL: CRC Press. Loeliger, J., and M. McCullough. 2012. Version Control with Git: Powerful Tools and Techniques for Collaborative Software Development. Sebastopol, CA: O’Reilly and Associates. https://sites.google.com/a/pvlearners.net/futuremirzasmail/part-two https://online.maryville.edu/blog/future-software-engineering/ https://insights.stackoverflow.com/survey/2018/ https://dinus.ac.id/repository/docs/ajar/Sommerville-Software-Engineering-10ed.pdf

Recommended

Eileen Presentation
Eileen PresentationEileen Presentation
Eileen Presentation
jc06442n
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
Christopher Daza
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.com
PrescottLunt386
 
What is WebSense?
What is WebSense?What is WebSense?
What is WebSense?
touchdown777a
 
Ass3201 cyber securityassignment
Ass3201 cyber securityassignmentAss3201 cyber securityassignment
Ass3201 cyber securityassignment
harinathinfotech
 
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET Journal
 
How can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data lossesHow can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data losses
Abhishek BV
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of Mobility
Booz Allen Hamilton
 

Recommended

Eileen Presentation
Eileen PresentationEileen Presentation
Eileen Presentation
jc06442n
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
Christopher Daza
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.com
PrescottLunt386
 
What is WebSense?
What is WebSense?What is WebSense?
What is WebSense?
touchdown777a
 
Ass3201 cyber securityassignment
Ass3201 cyber securityassignmentAss3201 cyber securityassignment
Ass3201 cyber securityassignment
harinathinfotech
 
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET Journal
 
How can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data lossesHow can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data losses
Abhishek BV
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of Mobility
Booz Allen Hamilton
 
The Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent ThemThe Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent Them
Enterprise Technology Management (ETM)
 
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONSENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
IJMIT JOURNAL
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
DMIMarketing
 
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
DMI
 
Cst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.comCst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.com
amaranthbeg53
 
Research challenges and issues in web security
Research challenges and issues in web securityResearch challenges and issues in web security
Research challenges and issues in web security
IAEME Publication
 
Mapping Application Security to Business Value - Redspin Information Security
Mapping Application Security to Business Value - Redspin Information SecurityMapping Application Security to Business Value - Redspin Information Security
Mapping Application Security to Business Value - Redspin Information Security
Redspin, Inc.
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
AlienVault
 
edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019)
Eoin Keary
 
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
IJNSA Journal
 
Ultimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSecUltimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSec
Jessica Lavery Pozerski
 
N018138696
N018138696N018138696
N018138696
IOSR Journals
 
ultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracodeultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracode
Sean Varga
 
Cyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comCyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.com
Baileyaby
 
Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011
Redspin, Inc.
 
Ethical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxEthical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docx
GogoOmolloFrancis
 
SYSTEM CONFIGURATION TOOLS
SYSTEM CONFIGURATION TOOLSSYSTEM CONFIGURATION TOOLS
SYSTEM CONFIGURATION TOOLS
ArArSavidad
 
Causes And Consequences Of Data Leakage
Causes And Consequences Of Data LeakageCauses And Consequences Of Data Leakage
Causes And Consequences Of Data Leakage
Patty Buckley
 
Cyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the follCyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the foll
AISHA232980
 
Information Security And The Healthcare
Information Security And The HealthcareInformation Security And The Healthcare
Information Security And The Healthcare
Tracy Berry
 
Cst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.comCst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.com
amaranthbeg93
 
Cst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.comCst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.com
amaranthbeg73
 

More Related Content

What's hot

Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
DMIMarketing
 
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
IJNSA Journal
 
Ultimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSecUltimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSec
Jessica Lavery Pozerski
 
ultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracodeultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracode
Sean Varga
 

What's hot (15)

The Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent ThemThe Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent Them
 
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONSENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
 
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
 
Cst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.comCst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.com
 
Research challenges and issues in web security
Research challenges and issues in web securityResearch challenges and issues in web security
Research challenges and issues in web security
 
Mapping Application Security to Business Value - Redspin Information Security
Mapping Application Security to Business Value - Redspin Information SecurityMapping Application Security to Business Value - Redspin Information Security
Mapping Application Security to Business Value - Redspin Information Security
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
 
edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019)
 
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
 
Ultimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSecUltimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSec
 
N018138696
N018138696N018138696
N018138696
 
ultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracodeultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracode
 
Cyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comCyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.com
 
Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011
 

Similar to WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)

Causes And Consequences Of Data Leakage
Causes And Consequences Of Data LeakageCauses And Consequences Of Data Leakage
Causes And Consequences Of Data Leakage
Patty Buckley
 
Information Security And The Healthcare
Information Security And The HealthcareInformation Security And The Healthcare
Information Security And The Healthcare
Tracy Berry
 
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
IJNSA Journal
 
Designing Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree ModelingDesigning Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree Modeling
ijtsrd
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
wkyra78
 
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docxRisk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
malbert5
 

Similar to WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY) (20)

Ethical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxEthical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docx
 
SYSTEM CONFIGURATION TOOLS
SYSTEM CONFIGURATION TOOLSSYSTEM CONFIGURATION TOOLS
SYSTEM CONFIGURATION TOOLS
 
Causes And Consequences Of Data Leakage
Causes And Consequences Of Data LeakageCauses And Consequences Of Data Leakage
Causes And Consequences Of Data Leakage
 
Cyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the follCyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the foll
 
Information Security And The Healthcare
Information Security And The HealthcareInformation Security And The Healthcare
Information Security And The Healthcare
 
Cst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.comCst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.com
 
Cst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.comCst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.com
 
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
 
Research Paper
Research PaperResearch Paper
Research Paper
 
Designing Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree ModelingDesigning Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree Modeling
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
 
CST 610 RANK Remember Education--cst610rank.com
CST 610 RANK Remember Education--cst610rank.comCST 610 RANK Remember Education--cst610rank.com
CST 610 RANK Remember Education--cst610rank.com
 
CST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.comCST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.com
 
CST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.comCST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.com
 
CST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.comCST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.com
 
CST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.comCST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.com
 
CST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.comCST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.com
 
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docxRisk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
 
Csec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.comCsec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.com
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting Reputations
 

Recently uploaded

Query optimization and processing for advanced database systems
Query optimization and processing for advanced database systemsQuery optimization and processing for advanced database systems
Query optimization and processing for advanced database systems
meharikiros2
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
Epec Engineered Technologies
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
Neometrix_Engineering_Pvt_Ltd
 
Hospital management system project report.pdf
Hospital management system project report.pdfHospital management system project report.pdf
Hospital management system project report.pdf
Kamal Acharya
 
Digital Communication Essentials: DPCM, DM, and ADM .pptx
Digital Communication Essentials: DPCM, DM, and ADM .pptxDigital Communication Essentials: DPCM, DM, and ADM .pptx
Digital Communication Essentials: DPCM, DM, and ADM .pptx
pritamlangde
 

Recently uploaded (20)

Introduction to Artificial Intelligence ( AI)
Introduction to Artificial Intelligence ( AI)Introduction to Artificial Intelligence ( AI)
Introduction to Artificial Intelligence ( AI)
 
Basic Electronics for diploma students as per technical education Kerala Syll...
Basic Electronics for diploma students as per technical education Kerala Syll...Basic Electronics for diploma students as per technical education Kerala Syll...
Basic Electronics for diploma students as per technical education Kerala Syll...
 
Max. shear stress theory-Maximum Shear Stress Theory ​ Maximum Distortional ...
Max. shear stress theory-Maximum Shear Stress Theory ​ Maximum Distortional ...Max. shear stress theory-Maximum Shear Stress Theory ​ Maximum Distortional ...
Max. shear stress theory-Maximum Shear Stress Theory ​ Maximum Distortional ...
 
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptxS1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
 
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
 
Query optimization and processing for advanced database systems
Query optimization and processing for advanced database systemsQuery optimization and processing for advanced database systems
Query optimization and processing for advanced database systems
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdf
 
Augmented Reality (AR) with Augin Software.pptx
Augmented Reality (AR) with Augin Software.pptxAugmented Reality (AR) with Augin Software.pptx
Augmented Reality (AR) with Augin Software.pptx
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
 
Introduction to Data Visualization,Matplotlib.pdf
Introduction to Data Visualization,Matplotlib.pdfIntroduction to Data Visualization,Matplotlib.pdf
Introduction to Data Visualization,Matplotlib.pdf
 
8086 Microprocessor Architecture: 16-bit microprocessor
8086 Microprocessor Architecture: 16-bit microprocessor8086 Microprocessor Architecture: 16-bit microprocessor
8086 Microprocessor Architecture: 16-bit microprocessor
 
UNIT 4 PTRP final Convergence in probability.pptx
UNIT 4 PTRP final Convergence in probability.pptxUNIT 4 PTRP final Convergence in probability.pptx
UNIT 4 PTRP final Convergence in probability.pptx
 
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKARHAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
 
Hospital management system project report.pdf
Hospital management system project report.pdfHospital management system project report.pdf
Hospital management system project report.pdf
 
Post office management system project ..pdf
Post office management system project ..pdfPost office management system project ..pdf
Post office management system project ..pdf
 
Memory Interfacing of 8086 with DMA 8257
Memory Interfacing of 8086 with DMA 8257Memory Interfacing of 8086 with DMA 8257
Memory Interfacing of 8086 with DMA 8257
 
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
 
Digital Communication Essentials: DPCM, DM, and ADM .pptx
Digital Communication Essentials: DPCM, DM, and ADM .pptxDigital Communication Essentials: DPCM, DM, and ADM .pptx
Digital Communication Essentials: DPCM, DM, and ADM .pptx
 
8th International Conference on Soft Computing, Mathematics and Control (SMC ...
8th International Conference on Soft Computing, Mathematics and Control (SMC ...8th International Conference on Soft Computing, Mathematics and Control (SMC ...
8th International Conference on Soft Computing, Mathematics and Control (SMC ...
 

WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)

  • 1. SOFTWARE ENGINEERING (CYBERSECURITY) By : CHRISTOPHER ANTONIUS 20181100007 STUDY PROGRAM SOFTWARE ENGINEERING FACULTY OF SCIENCE AND TECHNOLOGY UNIVERSITAS BUDDHI DHARMA
  • 2. SOFTWARE ENGINEERING (CYBERSECURITY) Software engineering is the study of and practice of engineering to build, design, develop, maintain, and retire software. There are different areas of software engineering and it serves many functions throughout the application lifecycle. Effective software engineering requires software engineers to be educated about good software engineering best practices, disciplined and cognizant of how your company develops software, the operation it will fulfill, and how it will be maintained. According to StackOverflow Survey 2018, software engineers are lifelong learners; almost 90% of all developers say they have taught themselves a new language, framework, or tool outside of their formal education. Businesses are increasingly shifting their operations toward automation. This means that machines and computer software will handle more types of repetitive tasks, freeing up people to leverage their creativity. Most companies and organizations rely on websites, apps, or computer-based software to keep their businesses running and successful. Responding to constant competition and advancements, software engineers build programs, make improvements, and adjust code to maintain agility and usefulness. Software engineering is important because specific software is needed in almost every industry, in every business, and for every function. It becomes more important as
  • 3. time goes on – if something breaks within your application portfolio, a quick, efficient, and effective fix needs to happen as soon as possible. Software engineering is an engineering discipline that is concerned with all aspects of software production from the early stages of system specification through to maintaining the system after it has gone into use (Ian Sommerville, 2016). Software engineering is essential for the functioning of government, society, and national and international businesses and institutions. We can’t run the modern world without software. National infrastructures and utilities are controlled by computer-based systems, and most electrical products include a computer and controlling software. Industrial manufacturing and distribution is completely computerized, as is the financial system. Entertainment, including the music industry, computer games, and film and television, is software-intensive. Many people think that software is simply another word for computer programs. However, when we are talking about software engineering, software is not just the programs themselves but also all associated documentation, libraries, support websites, and configuration data that are needed to make these programs useful. A professionally developed software system is often more than a single program. A system may consist of several separate programs and configuration files that are used to set up these programs. It may include system documentation, which describes the
  • 4. structure of the system, user documentation, which explains how to use the system, and websites for users to download recent product information. Maintaining the security of our networked infrastructure and government, business, and personal computer systems is one of the most significant problems facing our society. The ubiquity of the Internet and our dependence on computer systems have created new criminal opportunities for theft and social disruption. It is very difficult to measure the losses due to cybercrime. However, in 2013, it was estimated that losses to the global economy due to cybercrime were between $100 billion and $500 billion (InfoSecurity 2013). Cybersecurity is concerned with all of an organization’s IT assets from networks through to application systems. The vast majority of these assets are externally procured, and companies do not understand their detailed operation. Systems such as web browsers are large and complex programs, and inevitably they contain bugs that can be a source of vulnerability. The different systems in an organization are related to each other in many different ways. They may be stored on the same disk, share data, rely on common operating systems components, and so on. The organizational “system of systems” is incredibly complex. It is impossible to ensure that it is free of security vulnerabilities. Consequently, you should generally assume that your systems are vulnerable to cyberattack and that, at some stage, a cyberattack is likely to occur.
  • 5. A successful cyberattack can have very serious financial consequences for businesses, so it is essential that attacks are contained and losses minimized. Effective resilience engineering at the organizational and systems levels can repel attacks and bring systems back into operation quickly and so limit the losses incurred. These are not independent threat classes. An attacker may compromise the integrity of a user’s system by introducing malware, such as a botnet component. This may then be invoked remotely as part of a distributed denial-of-service attack on another system. Other types of malware may be used to capture personal details and so allow confidential assets to be accessed. To counter these threats, organizations should put controls in place that make it difficult for attackers to access or damage assets. It is also important to raise awareness of cybersecurity issues so that people know why these controls are important and so are less likely to reveal information to an attacker. Examples of controls that may be used are authentication, where users of a system have to show that they are authorized to access the system. The familiar login/password approach to authentication is a universally used but rather weak control. However, to deal with problems, a user or system operator may have to take the initiative and take actions that are normally carried out by someone with a higher level of privilege. For example, the system manager of a medical system may not normally be allowed to change the access rights of medical staff to records. For security reasons,
  • 6. access permissions have to be formally authorized, and two people need to be involved in making the change. This reduces the chances of system managers colluding with attackers and allowing access to confidential medical information. Now, imagine that the system manager notices that a logged-in user is accessing a large number of records outside of normal working hours. The manager suspects that an account has been compromised and that the user accessing the records is not actually the authorized user. To limit the damage, the user’s access rights should be removed and a check then made with the authorized user to see if the accesses were actually illegal. However, the security procedures limiting the rights of system managers to change users’ permissions make this impossible. Therefore, the audit trail of emergency actions can be used to check that a system manager’s actions were justified. Of course, there is scope for misuse here, and the existence of an emergency mode is itself a potential vulnerability. Therefore, organizations have to trade off possible losses against the benefits of adding more features to a system to support resilience.
  • 7. REFERENCES Aiello, B., and L. Sachs. 2011. Configuration Management Best Practices. Boston: Addison- Wesley. Bamford, R., and W. J. Deibler. 2003. “ISO 9001:2000 for Software and Systems Providers: An Engineering Approach.” Boca Raton, FL: CRC Press. Loeliger, J., and M. McCullough. 2012. Version Control with Git: Powerful Tools and Techniques for Collaborative Software Development. Sebastopol, CA: O’Reilly and Associates. https://sites.google.com/a/pvlearners.net/futuremirzasmail/part-two https://online.maryville.edu/blog/future-software-engineering/ https://insights.stackoverflow.com/survey/2018/ https://dinus.ac.id/repository/docs/ajar/Sommerville-Software-Engineering-10ed.pdf