assigmnet-question-1.txtThe vast majority of the population as.docx

assigmnet-question-1.txt
The vast majority of the population associates Blockchain with
cryptocurrency Bitcoin; however, there are many other uses of
blockchain; such as Litecoin, Ether, and other currencies. In
this discussion, please describe at least two cryptocurrencies
with applicable examples. Discuss some similarities and
differences. Lastly, discuss if you have any experience using
any cryptocurrencies.
Share an applicable personal experience
Provide an outside source (for example, an article from the UC
Library) that applies to the topic, along with additional
information about the topic or the source (please cite properly
in APA)
Make an argument concerning the topic.
At least one scholarly source should be used in the initial
discussion thread. Be sure to use information from your
readings and other sources from the UC Library. Use proper
citations and references in your post.
Regards,

250 words
assignment-question-2.txt
Given the growth in telecommuting and other mobile work
arrangements, how might offices physically change in the
coming years? Will offices as we think of them today exist in
the next ten years? Why or why not?
Provide extensive additional information on the topic
Explain, define, or analyze the topic in detail
Share an applicable personal experience
Provide an outside source (for example, an article from the UC
Library) that applies to the topic, along with additional
information about the topic or the source (please cite properly
in APA)
Make an argument concerning the topic.
At least one scholarly source should be used in the initial
discussion thread. Be sure to use information from your
readings and other sources from the UC Library. Use proper
citations and references in your post.

250 words
assignment-question-3.txt
If you have you been involved with a company doing a redesign
of business processes, discuss what went right during the
redesign and what went wrong from your perspective.
Additionally, provide a discussion on what could have been
done better to minimize the risk of failure. If you have not yet
been involved with a business process redesign, research a
company that has recently completed one and discuss what went
wrong, what went right, and how the company could have done
a better job minimizing the risk of failure.
Your paper should meet the following requirements:
• Be approximately 4 pages in length, not including the required
cover page and reference page.
• Follow APA6 guidelines. Your paper should include an
introduction, a body with fully developed content, and a
conclusion.
• Support your answers with the readings from the course and at
least two scholarly journal articles to support your positions,
claims, and observations, in addition to your textbook. The UC
Library is a great place to find resources.

• Be clearly and well-written, concise, and logical, using
excellent grammar and style techniques. You are being graded
in part on the quality of your writing.
ch04(1).pptx
Managing and Using Information Systems:
A Strategic Approach – Sixth Edition
Keri Pearlson, Carol Saunders,
and Dennis Galletta
© Copyright 2016
John Wiley & Sons, Inc.
Chapter 4
IT and the Design of Work
2
American Express Opening Case
What is the “Blue Work” program?
What was the strategic thrust behind the Blue Work program?

What are “hub,” “club,” “home,” and “roam” employees?
What is the role of technology in these arrangements?
What was the impact of Blue Work?
Have other firms found roaming employment useful?
© 2016 John Wiley & Sons, Inc.
3
It represents a flexible workplace: staggered hours, off-site
work areas (such as home), shared office space, touch-down
space (laptop-focused, temporary), and telecommuting.
American Express viewed workplace flexibility as a strategic
lever. Also, AmEx had a corporate focus on results rather than
hours clocked.
Hub: Work in the office; Club: Share time between the office
and other locations; Home: work at home at least 3 days a week;
Roam: Are on the road or at customer sites
Technology drives the flexibility, it doesn’t just enable
productivity
American Express saves $10 million annually. Productivity
improvements, office expense savings, employee satisfaction
are all up. Managers are happy too.
IBM, Aetna, AT&T use this approach for a third or more of
their employees. Sun Microsystems has saved $400 million in
real estate costs by allowing half of their employees to roam.
3
4
Work Design Framework

IT Has Changed Work
IT has:
Created new types of work
Bureau of Labor Statistics: IT employment in the USA is at an
all-time high
New jobs such as:
Data scientists/data miners
Social media managers
Communications managers
Enabled new ways to do traditional work
Supported new ways to manage people
5
5
How IT Changes Traditional Work
Changes the way work is done
Broadens skills; faster but more tasks
Sometimes IT disconnects us from the tasks
Sometimes people can perform more strategic tasks
Few staff are engaged in order entry any longer

Crowdsourcing is now possible at very low cost (M.Turk)
Changes how we communicate
More asynchronous and more irregular
Social networking has provided new opportunities for customer
interaction
Collaboration allows a firm to look “big” with new tools
6
Zuboff provides an example of disconnection from the task at a
paper mill where the masters could no longer smell and squeeze
the pulp to make sure of the chlorine content (to know the pulp
was ready).
Also, the skills of salespeople have turned from order takers and
stock counters to marketing consultants.
6
Changes decision-making
Real-time information; more information available
Data mining can identify new insights
Ideas can be gleaned from social networks
Middle management ranks have shrunk as Leavitt/Whisler
predicted
Changes collaboration
Work is now more team oriented; more collaborative
Sharing is easier than ever, using multiple methods
Crowdsourcing can now provide quick answers from tens,
hundreds, or even thousands of people
We now can disconnect PLACE and TIME (Figure 4.2)

7
Example of collaboration: Dell uses IdeaStorm and 23,000 ideas
have been submitted, 747,000 votes recorded, and over 100,000
comments have been made. Dell’s management have
implemented over 500 of the ideas.
7
Collaboration Technologies Matrix
8
New ways to connect
Many employees are always connected
Lines between work and play are now blurred
For many, home technologies are better than work technologies
New ways to manage people
Behavior controls – direct supervision
Outcome controls – examining outcomes not actions
Personnel controls – pick the right person for the task
The digital approach provides new opportunities at any of those
three levels (Fig. 4.3)

9
Example of personnel control: Apple’s hiring of Steve Jobs
while on the verge of bankruptcy. Apple didn’t know exactly
what Steve’s task would be. Evaluating him if he didn’t do the
stellar things he did would be difficult because the goal was
unclear.
9
Changes to Supervision/Evaluations/ Compensation/Hiring
10
Where Work is Done: Mobile and Virtual Work
Much work can be done anywhere, anytime
People desire the flexibility
Telecommuting = teleworking = working from home or even in
a coffee shop
Mobile workers work from anywhere (often while traveling)
Remote workers = telecommuters + mobile workers
Virtual teams include remote workers as well as those in their
offices, perhaps scattered geographically
Virtual teams have a life cycle (Figure 4.4)

11
Key Activities in the Life Cycle of Teams
12
Telecommuting: Global Status
A poll of 11,300 employees in 22 countries: 1 in 6 telecommute
When employees in 13 countries were asked if they need to be
in the office to be productive:
Overall 39% said “yes”
But specific countries differed in the “yes” votes:
Only 7% in India, but
56% in Japan
57% in Germany
13
14DriverEffectShift to knowledge-based work

Changing demographics and lifestyle preferences
New technologies with enhanced bandwidth
Web ubiquity
“Green” concernsDecouples work from any particular place
Workers desire geographic and time-shifting flexibility
Remotely-performed work is practical and cost-effective
Can stay connected 24/7
Reduced commuting costs; real estate energy consumption;
travel costsDrivers of Remote Work and Virtual Teams
14
15Advantages of Remote WorkPotential Problems Reduced
stress: better ability to meet schedules; less distraction at work
Higher morale and lower absenteeism
Geographic flexibility
Higher personal productivity

Housebound individuals can join the workforce
Informal DressIncreased stress: Harder to separate work from
home life
Harder to evaluate performance
Employee may become disconnected
from company culture
Telecommuters are more easily replaced by offshore workers
Not suitable for all jobs or employees
Security might be more difficult
Some advantages and disadvantages of remote work
15
Virtual Teams
Virtual Teams: geographically and/or organizationally dispersed
coworkers:
Assembled using telecommunications and IT
Aim is to accomplish an organizational task
Often must be evaluated using outcome controls
Why are they growing in popularity?
Information explosion: some specialists are far away

Enhanced bandwidths/fast connections to outsiders
Technology is available to assist collaboration
Less difficult to get relevant stakeholders together
16
16
ChallengesVirtual TeamsTraditional
TeamsCommunicationsMultiple time zones can lead to greater
efficiency but can lead to communication difficulties and
coordination costs (passing work).
Non-verbal communication is difficult to conveySame time
zone. Scheduling is less difficult.
Teams may use richer communication
media.TechnologyProficiency is required in several
technologies.Support for face-to-face interaction without
replacing it
Skills and task-technology fit is less criticalTeam
DiversityMembers represent different organizations and/or
cultures:
- Harder to establish a group identity.
- Necessary to have better com. skills
- More difficult to build trust, norms
- Impact of deadlines not always consistentMore homogeneous
members
Easier group identity
Easier to communicate
17
Challenges facing virtual teams.

Click to edit Master text styles
Second level
Third level
Fourth level
Fifth level
17
Managerial Issues In Telecommuting and Mobile Work
Planning, business and support tasks must be redesigned to
support mobile and remote workers
Training should be offered so all workers can understand the
new work environment
Employees selected for telecommuting jobs must be self-starters
18
18
Managing the Challenges
Communications challenges
Policies and practices must support the work arrangements
Must prepare differently for meetings
Slides and other electronic material must be shared beforehand
Soft-spoken people are difficult to hear; managers must repeat

key messages
Frequent communications are helpful (hard to
“overcommunicate”)
Technology challenges
Provide technology and support to remote workers
Use high quality web conferencing applications
Clarify time zones for scheduling
Information should be available for everyone (cloud storage can
help)
Policies and norms about use of the technology can be important
19
Managing the Challenges
Diversity challenges
Concept of time differs throughout the world
Anglo-American cultures view time as a continuum (deadlines
are important; many prefer not to multitask)
Indian cultures have a cyclical view of time (deadlines are less
potent; many prefer to multitask)
Team diversity might need nurturing:
Communications differences
Trust building
Group identity formation
20

Gaining Acceptance For It-induced Change
Many changes might be a major concern for employees
Changes might be resisted if they are viewed as negative
impacts
Several types of resistance:
Denying that the system is up and running
Sabotage by distorting or otherwise altering inputs
Believing and/or spreading the word that the new system will
not change the status quo
Refusing to use the new system (if voluntary)
21
21
Kotter’s Model
22

and Dennis Galletta
© Copyright 2016
ch05(1).pptx
and Dennis Galletta
© Copyright 2016
Chapter 5
IT and Business Transformation

2
Sloan Valve
What was wrong with their Product Development Process?
What did Sloan do? What is NPD?
Did it help?
Are all enterprise system implementations this successful?
3
Complex and slow; 16 units had to coordinate; took 18-24
months to bring new products to market; >50% of ideas didn’t
make it; nobody accountable
New Product Development: Adoption of ERP. Process: team
included members across the firm; proposed new process of (1)
ideation (2) business case development, (3) project portfolio
management, (4) product development, (5) product/process
validation, (6) launch
Results: Time to market reduced to 12 months, poor ideas
filtered out early; better access to info and customer feedback;
better accountability
Other firms: No, some failed, such as: Overstock.com, Levi
Strauss, Avis Europe
3

SILO PERSPECTIVE
VERSUS
BUSINESS PROCESS PERSPECTIVE
4
4
Silo (Functional) Perspective
Specialized functions (sales, accounting, production, etc.
Advantages:
Allows optimization of expertise.
Group like functions together for transfer of knowledge.
Disadvantages:
Sub-optimization (reinvent wheel; gaps in communication;
bureaucracy)
Tend to lose sight of overall organizational objectives.
Executive Offices
CEO
President
Operations
Marketing
Accounting
Finance
Administration

5
5
The Process Perspective
Examples of processes:
Fulfill customer orders
Manufacturing, planning, execution
Procurement (see below)
Processes have:
Beginning and an end
Inputs and outputs
A process to convert inputs into outputs
Metrics to measure effectiveness
They cross functions
6
6
Receive Requirement for Goods/Services

Create and Send Purchase Order
Receive Goods
Pay Vendor
Verify Invoice
Cross-Functional Nature of Business Processes
7

7
How to Manage a Process
Identify the customers of processes (who receives the output?)
Identify the customers’ requirements (how do we judge
success?)
Clarify the value each process adds to the organizational goals
Share this perspective so the organization itself becomes more
process focused
8
Comparison of Silo Perspective and
Business Process PerspectiveSilo PerspectiveBusiness Process
PerspectiveDefinitionSelf-contained functional units such as
marketing, operations, financeInterrelated, sequential set of
activities and tasks that turns inputs into
outputsFocusFunctionalCross-functionalGoal
AccomplishmentOptimizes on functional goals, which might be
suboptimal for the organizationOptimizes on organizational
goals, or the “big picture”BenefitsHighlighting and developing
core competencies; functional efficienciesAvoiding work
duplication and cross-functional communication gaps;
organizational effectivenessProblemsRedundancy of information
throughout the organization; cross-functional inefficiencies;
communication problemsDifficult to find knowledgeable
generalists; sophisticated software is needed

Click to edit Master text styles
Second level
Third level
Fourth level
Fifth level
9
What do you do when things change?
Dynamic and agile processes
Examples:
Agile: Autos are built with wires and space for options
Dynamic: Call centers route incoming or even outgoing calls to
available locations and agents
Software defined architectures (see chapter 6)
IT is required to pull this off well
10
Techniques to Transform a Static Process
Radical process redesign
Also known as business process reengineering
Incremental, continuous process improvement
Including total quality management (TQM) and Six Sigma

11
Incremental Change
Total Quality Management
Often results in favorable reactions from personnel
Improvements are owned and controlled
Less threatening change
Six-Sigma is one popular approach to TQM
Developed at Motorola
Institutionalized at GE for “near-perfect products”
Generally regarded as 3.4 defects per million opportunities for
defect (6 std dev from mean)
12
12
Time

Improve-ment
Radical Change
Business Process Reengineering (BPR)
Sets aggressive improvement goals.
Goal is to make a rapid, breakthrough impact on key metrics in
a short amount of time.
Greater resistance by personnel.
Use only when radical change is needed.
13
13
Time
Improve-ment

Comparing the Two
14
Improve-ment
Key Aspects of Radical Change Approaches
Need for quick, major change
Thinking from a cross-functional process perspective
Challenge to old assumptions
Networked (cross-functional organization)
Empowerment of individuals in the process
Measurement of success via metrics tied to business goals and
effectiveness of new processes
15
Workflow and Mapping Processes
Workflow diagrams show a picture of the sequence and detail of
each process step
Objective is to understand and communicate the dimensions of
the process
Over 200 products are available to do this

High-level overview chart plus detailed flow diagram of the
process
16
BPM
Information systems tools used to enable information flow
within and between processes.
Comprehensive, enterprise software packages.
Most frequently discussed:
ERP (Enterprise Resource Planning),
CRM (Customer Relationship Management),
SCM (Supply Chain Management)
Designed to manage the potentially hundreds of systems
throughout a large organization.
SAP, Oracle, Peoplesoft are the most widely used ERP software
packages in large organizations.
17
17
BPM Architecture

18
Standardization vs IntegrationBusiness Process
StandardizationLowHighBusiness Process
IntegrationHighSingle face to customers and suppliers but
standards not enforced internallyHigh needs for reliability,
predictability, and sharing; single view of
processLowDecentralized design; business units decide how to
meet customer needsTasks are done the same way across units,
but there is little need for business units to interact
Source: J. Ross “Forget Strategy: Focus IT on your Operating
Model,”
MIT Center for Information Systems Research Briefing
(December 2005)
19
Enterprise Systems (Enterprise Resource Planning or ERP)
Seamlessly integrate information flows throughout the
company.
Reflect industry “best” practices.
Need to be integrated with existing hardware, OSs, databases,
and telecommunications.
Some assembly (customization) is required
The systems evolve to fit the needs of the diverse marketplace.

20
20
ERP Advantages and
DisadvantagesAdvantagesDisadvantagesRepresent “best
practices”
Modules throughout the organization communicate with each
other
Enable centralized decision-making
Eliminate redundant data entry
Enable standardized procedures in different locationsEnormous
amount of work
Require redesign of business practices for maximum benefit
Require customization if special features are needed
Very high cost
Sold as a suite, not individual modules
Requires extensive training
High risk of failure
21

assignmnet-1.txt
After reading chapter 3, analyze how separation within a
network is a great technical control. The response must contain
at least one external citation and reference in APA format. You
are also required to post a response to a minimum of two other
student in the class.
Write 250 words
Cyber_Attacks_Chapter03_PowerPoint_Lecture_Slides.pdf
1
Copyright © 2012, Elsevier Inc.
All Rights Reserved
Chapter 3
Separation
Cyber Attacks
Protecting National Infrastructure, 1st ed.
2
• Using a firewall to separate network assets from
intruders is the most familiar approach in cyber
security

• Networks and systems associated with national
infrastructure assets tend to be too complex for
firewalls to be effective
All rights Reserved
C
h
a
p
te
r 3
–
S
e
p
a
ra
tio
n
Introduction
3
• Three new approaches to the use of firewalls are
necessary to achieve optimal separation
– Network-based separation

– Internal separation
– Tailored separation
All rights Reserved
C
h
a
p
te
r 3
–
S
e
p
a
ra
tio
n
Introduction
4
Fig. 3.1 – Firewalls in simple and
complex networks

All rights Reserved
C
h
a
p
te
r 3
–
S
e
p
a
ra
tio
n
5
• Separation is a technique that accomplishes one of
the following
– Adversary separation
– Component distribution
All rights Reserved
C

h
a
p
te
r 3
–
S
e
p
a
ra
tio
n
What Is Separation?
6
• A working taxonomy of separation techniques: Three
primary factors involved in the use of separation
– The source of the threat
– The target of the security control
– The approach used in the security control
(See figure 3.2)
All rights Reserved

C
h
a
p
te
r 3
–
S
e
p
a
ra
tio
n
What Is Separation?
7
All rights Reserved
C
h
a
p
te
r 3

–
S
e
p
a
ra
tio
n
Fig. 3.2 – Taxonomy of separation
techniques
8
• Separation is commonly achieved using an access
control mechanism with requisite authentication and
identity management
• An access policy identifies desired allowances for
users requesting to perform actions on system
entities
• Two approaches
– Distributed responsibility
– Centralized control
– (Both will be required)
All rights Reserved

C
h
a
p
te
r 3
–
S
e
p
a
ra
tio
n
Functional Separation?
9
All rights Reserved
C
h
a
p
te
r 3

–
S
e
p
a
ra
tio
n
Fig. 3.3 – Distributed versus centralized
mediation
10
• Firewalls are placed between a system or enterprise
and an un-trusted network (say, the Internet)
• Two possibilities arise
– Coverage: The firewall might not cover all paths
– Accuracy: The firewall may be forced to allow access that
inadvertently opens access to other protected assets
All rights Reserved
C
h
a
p
te

r 3
–
S
e
p
a
ra
tio
n
National Infrastructure Firewalls
11
All rights Reserved
C
h
a
p
te
r 3
–
S
e
p
a

ra
tio
n
Fig. 3.4 – Wide area firewall
aggregation and local area firewall
segregation
12
• Increased wireless connectivity is a major challenge
to national infrastructure security
• Network service providers offer advantages to
centralized security
– Vantage point: Network service providers can see a lot
– Operations: Network providers have operational capacity
to keep security software current
– Investment: Network service providers have the financial
wherewithal and motivation to invest in security
All rights Reserved
C
h
a
p
te

r 3
–
S
e
p
a
ra
tio
n
National Infrastructure Firewalls
13
All rights Reserved
C
h
a
p
te
r 3
–
S
e
p
a

ra
tio
n
Fig. 3.5 – Carrier-centric network-based
firewall
14
• Network-based firewall concept includes device for
throttling distributed denial of service (DDOS) attacks
• Called a DDOS filter
• Modern DDOS attacks take into account a more
advanced filtering system
All rights Reserved
C
h
a
p
te
r 3
–
S
e
p

a
ra
tio
n
DDOS Filtering
15
All rights Reserved
C
h
a
p
te
r 3
–
S
e
p
a
ra
tio
n
Fig. 3.6 – DDOS filtering of inbound
attacks on target assets

16
• SCADA – Supervisory control and data acquisition
• SCADA systems – A set of software, computer, and
networks that provide remote coordination of
control system for tangible infrastructures
• Structure includes the following
– Human-machine interface (HMI)
– Master terminal unit (MTU)
– Remote terminal unit (RTU)
– Field control systems
All rights Reserved
C
h
a
p
te
r 3
–
S
e
p

a
ra
tio
n
SCADA Separation Architecture
17
All rights Reserved
C
h
a
p
te
r 3
–
S
e
p
a
ra
tio
n
Fig. 3.7 – Recommended SCADA system
firewall architecture

18
• Why not simply unplug a system’s external
connections? (Called air gapping)
• As systems and networks grow more complex, it
becomes more likely that unknown or unauthorized
external connections will arise
• Basic principles for truly air-gapped networks:
– Clear policy
– Boundary scanning
– Violation consequences
– Reasonable alternatives
All rights Reserved
C
h
a
p
te
r 3
–
S
e

p
a
ra
tio
n
Physical Separation
19
All rights Reserved
C
h
a
p
te
r 3
–
S
e
p
a
ra
tio
n
Fig. 3.8 – Bridging an isolated network

via a dual-homing user
20
• Hard to defend against a determined insider
• Threats may also come from trusted partners
• Background checks are a start
• Techniques for countering insider attack
– Internal firewalls
– Deceptive honey pots
– Enforcement of data markings
– Data leakage protection (DLP) systems
• Segregation of duties offers another layer of
protection
All rights Reserved
C
h
a
p
te
r 3
–

n
Fig. 3.9 – Decomposing work functions
for segregation of duty
22
• Involves the distribution, replication, decomposition,
or segregation of national assets
– Distribution: creating functionality using multiple
cooperating components that work together as distributed
system
– Replication: copying assets across components so if one
asset is broken, the copy will be available
– Decomposition: breaking complex assets into individual
components so an isolated compromise won’t bring down
asset
– Segregation: separation of assets through special access
controls, data markings, and policy enforcement
All rights Reserved
C
h
a
p
te

tio
n
Fig. 3.10 – Reducing DDOS risk through
CDN-hosted content
24
• Typically, mandatory access controls and audit trail
hooks were embedded into the underlying operating
system kernel
• Popular in the 1980s and 1990s
All rights Reserved
C
h
a
p
te
r 3
–
S
e
p
a
ra

26
• Internet separation: Certain assets simply shouldn’t
be accessible from the Internet
• Network-based firewalls: These should be managed
by a centralized group
• DDOS protection: All assets should have protection in
place before an attack
• Internal separation: Critical national infrastructure
settings need an incentive to implement internal
separation policy
• Tailoring requirements: Vendors should be
incentivized to build tailored systems such as firewalls
for special SCADA environments
All rights Reserved
C
h
a
p
te
r 3
–
S
e
p
a

ra
tio
n
National Separation Program
Cyber_Attacks_Protecting_National_Infrastructure_Edward_G_
Amoroso_2010.pdf
C y b e r A t t a c k s
“Dr. Amoroso’s fi fth book Cyber Attacks: Protecting National
Infrastructure outlines the chal-
lenges of protecting our nation’s infrastructure from cyber
attack using security techniques
established to protect much smaller and less complex
environments. He proposes a brand
new type of national infrastructure protection methodology and
outlines a strategy presented
as a series of ten basic design and operations principles ranging
from deception to response.
The bulk of the text covers each of these principles in technical
detail. While several of these
principles would be daunting to implement and practice they
provide the fi rst clear and con-
cise framework for discussion of this critical challenge. This
text is thought-provoking and
should be a ‘must read’ for anyone concerned with
cybersecurity in the private or government

sector.”
— Clayton W. Naeve, Ph.D. ,
Senior Vice President and Chief Information Offi cer,
Endowed Chair in Bioinformatics,
St. Jude Children’s Research Hospital,
Memphis, TN
“Dr. Ed Amoroso reveals in plain English the threats and
weaknesses of our critical infra-
structure balanced against practices that reduce the exposures.
This is an excellent guide
to the understanding of the cyber-scape that the security
professional navigates. The book
takes complex concepts of security and simplifi es it into
coherent and simple to understand
concepts.”
— Arnold Felberbaum ,
Chief IT Security & Compliance Offi cer,
Reed Elsevier
“The national infrastructure, which is now vital to
communication, commerce and entertain-
ment in everyday life, is highly vulnerable to malicious attacks
and terrorist threats. Today, it
is possible for botnets to penetrate millions of computers around
the world in few minutes,
and to attack the valuable national infrastructure.
“As the New York Times reported, the growing number of
threats by botnets suggests that
this cyber security issue has become a serious problem, and we

are losing the war against
these attacks.
“While computer security technologies will be useful for
network systems, the reality
tells us that this conventional approach is not effective enough
for the complex, large-scale
national infrastructure.
“Not only does the author provide comprehensive
methodologies based on 25 years of expe-
rience in cyber security at AT&T, but he also suggests ‘security
through obscurity,’ which
attempts to use secrecy to provide security.”
— Byeong Gi Lee ,
President, IEEE Communications Society, and
Commissioner of the Korea Communications Commission
(KCC)
C y b e r A t t a c k s
Protecting National
Infrastructure
Edward G. Amoroso
AMSTERDAM • BOSTON • HEIDELBERG • LONDON
NEW YORK • OXFORD • PARIS • SAN DIEGO
SAN FRANCISCO • SINGAPORE • SYDNEY • TOKYO
Butterworth-Heinemann is an imprint of Elsevier

Acquiring Editor: Pam Chester
Development Editor: Gregory Chalson
Project Manager: Paul Gottehrer
Designer: Alisa Andreola
Butterworth-Heinemann is an imprint of Elsevier
30 Corporate Drive, Suite 400, Burlington, MA 01803, USA
© 2011 Elsevier Inc. All rights reserved
No part of this publication may be reproduced or transmitted in
any form or by any means, electronic
or mechanical, including photocopying, recording, or any
information storage and retrieval system,
without permission in writing from the publisher. Details on
how to seek permission, further
information about the Publisher’s permissions policies and our
arrangements with organizations such
as the Copyright Clearance Center and the Copyright Licensing
Agency, can be found at our
website: www.elsevier.com/permissions .
This book and the individual contributions contained in it are
protected under copyright by the
Publisher (other than as may be noted herein).
Notices
Knowledge and best practice in this fi eld are constantly
changing. As new research and experience
broaden our understanding, changes in research methods or
professional practices, may become necessary.
Practitioners and researchers must always rely on their own
experience and knowledge in evaluating
and using any information or methods described herein. In using

such information or methods they should be
mindful of their own safety and the safety of others, including
parties for whom they have a professional
responsibility.
To the fullest extent of the law, neither the Publisher nor the
authors, contributors, or editors, assume
any liability for any injury and/or damage to persons or
property as a matter of products liability,
negligence or otherwise, or from any use or operation of any
methods, products, instructions, or
ideas contained in the material herein.
Library of Congress Cataloging-in-Publication Data
Amoroso, Edward G.
Cyber attacks : protecting national infrastructure / Edward
Amoroso.
p. cm.
Includes index.
ISBN 978-0-12-384917-5
1. Cyberterrorism—United States—Prevention. 2. Computer
security—United States. 3. National
security—United States. I. Title.
HV6773.2.A47 2011
363.325�90046780973—dc22 2010040626
British Library Cataloguing-in-Publication Data
A catalogue record for this book is available from the British
Library.
Printed in the United States of America
10 11 12 13 14 10 9 8 7 6 5 4 3 2 1
For information on all BH publications visit our website at
www.elsevierdirect.com/security

CONTENTS v
CONTENTS
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . ix
Acknowledgment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . xi
Chapter 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . 1
National Cyber Threats, Vulnerabilities, and Attacks . . . . . . .
. . . . . . . . . 4
Botnet Threat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 6
National Cyber Security Methodology Components . . . . . . .
. . . . . . . . 9
Deception . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 11
Separation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 13
Diversity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 16
Consistency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 17
Depth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 19
Discretion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 20
Collection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 21
Correlation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 23
Awareness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . 25
Response . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 26
Implementing the Principles Nationally . . . . . . . . . . . . . . . .
. . . . . . . . 28
Chapter 2 Deception . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 31
Scanning Stage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 35
Deliberately Open Ports . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 37
Discovery Stage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 39
Deceptive Documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 41
Exploitation Stage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 42
Procurement Tricks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 45
Exposing Stage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 46
Interfaces Between Humans and Computers . . . . . . . . . . . . .
. . . . . . . 47
National Deception Program . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 49
vi CONTENTS
Chapter 3 Separation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 51
What Is Separation? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 53
Functional Separation . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . 55
National Infrastructure Firewalls . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 57
DDOS Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 60
SCADA Separation Architecture . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 62
Physical Separation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 63
Insider Separation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 65
Asset Separation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 68
Multilevel Security (MLS) . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 70
Chapter 4 Diversity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 73
Diversity and Worm Propagation . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 75
Desktop Computer System Diversity . . . . . . . . . . . . . . . . . . .
. . . . . . . . 77
Diversity Paradox of Cloud Computing . . . . . . . . . . . . . . . . .
. . . . . . . . 80
Network Technology Diversity . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 82
Physical Diversity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 85
National Diversity Program . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 87
Chapter 5 Commonality. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 89
Meaningful Best Practices for Infrastructure Protection . . . . .
. . . . . . . 92
Locally Relevant and Appropriate Security Policy . . . . . . . .

. . . . . . . . 95
Culture of Security Protection . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 97
Infrastructure Simplifi cation . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 99
Certifi cation and Education . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 102
Career Path and Reward Structure . . . . . . . . . . . . . . . . . . . . .
. . . . . . . 105
Responsible Past Security Practice . . . . . . . . . . . . . . . . . . .
. . . . . . . . 106
National Commonality Program . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 107
Chapter 6 Depth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 109
Effectiveness of Depth . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 111
Layered Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 115
Layered E-Mail Virus and Spam Protection . . . . . . . . . . . . . .
. . . . . . . . 119
CONTENTS vii
Layered Access Controls . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 120
Layered Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 122
Layered Intrusion Detection . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 124
National Program of Depth . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 126

Chapter 7 Discretion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 129
Trusted Computing Base . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 130
Security Through Obscurity . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 133
Information Sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 135
Information Reconnaissance . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 137
Obscurity Layers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 139
Organizational Compartments . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 141
National Discretion Program . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 143
Chapter 8 Collection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 145
Collecting Network Data . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 148
Collecting System Data . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 150
Security Information and Event Management . . . . . . . . . . . .
. . . . . . 154
Large-Scale Trending . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 156
Tracking a Worm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 159
National Collection Program . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 161
Chapter 9 Correlation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 163
Conventional Security Correlation Methods . . . . . . . . . . . . . .
. . . . . . 167

Quality and Reliability Issues in Data Correlation . . . . . . . . .
. . . . . . . 169
Correlating Data to Detect a Worm . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 170
Correlating Data to Detect a Botnet . . . . . . . . . . . . . . . . . . .
. . . . . . . . 172
Large-Scale Correlation Process . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 174
National Correlation Program . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 176
Chapter 10 Awareness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 179
Detecting Infrastructure Attacks . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 183
Managing Vulnerability Information . . . . . . . . . . . . . . . . . .
. . . . . . . . 184
viii CONTENTS
Cyber Security Intelligence Reports . . . . . . . . . . . . . . . . . . .
. . . . . . . . 186
Risk Management Process . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 188
Security Operations Centers . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 190
National Awareness Program . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 192
Chapter 11 Response. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 193
Pre- Versus Post-Attack Response . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 195
Indications and Warning . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . 197
Incident Response Teams . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 198
Forensic Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 201
Law Enforcement Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 203
Disaster Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 204
National Response Program . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 206
Appendix Sample National Infrastructure Protection
Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . 207
Sample Deception Requirements (Chapter 2) . . . . . . . . . . . . .
. . . . . . 208
Sample Separation Requirements (Chapter 3) . . . . . . . . . . .
. . . . . . . 209
Sample Diversity Requirements (Chapter 4) . . . . . . . . . . . . .
. . . . . . . . 211
Sample Commonality Requirements (Chapter 5) . . . . . . . . . .
. . . . . . 212
Sample Depth Requirements (Chapter 6) . . . . . . . . . . . . . . .
. . . . . . . 213
Sample Discretion Requirements (Chapter 7) . . . . . . . . . . . . .
. . . . . . 214
Sample Collection Requirements (Chapter 8) . . . . . . . . . . . . .
. . . . . . 214
Sample Correlation Requirements (Chapter 9) . . . . . . . . . . . .
. . . . . . 215
Sample Awareness Requirements (Chapter 10) . . . . . . . . . .
. . . . . . . 216
Sample Response Requirements (Chapter 11) . . . . . . . . . . .
. . . . . . . 216

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 219
PREFACE ix
PREFACE
Man did not enter into society to become worse than he was
before,
nor to have fewer rights than he had before, but to have those
rights better secured.
Thomas Paine in Common Sense
Before you invest any of your time with this book, please take
a
moment and look over the following points. They outline my
basic philosophy of national infrastructure security. I think that
your reaction to these points will give you a pretty good idea of
what your reaction will be to the book.
1. Citizens of free nations cannot hope to express or enjoy
their freedoms if basic security protections are not provided.
Security does not suppress freedom—it makes freedom
possible.
2. In virtually every modern nation, computers and
networks
power critical infrastructure elements. As a result, cyber
attackers can use computers and networks to damage or ruin
the infrastructures that citizens rely on.

3. Security protections, such as those in security books,
were
designed for small-scale environments such as enterprise
computing environments. These protections do not extrapo-
late to the protection of massively complex infrastructure.
4. Effective national cyber protections will be driven
largely by
cooperation and coordination between commercial, indus-
trial, and government organizations. Thus, organizational
management issues will be as important to national defense
as technical issues.
5. Security is a process of risk reduction, not risk removal.
Therefore, concrete steps can and should be taken to
reduce, but not remove, the risk of cyber attack to national
infrastructure.
6. The current risk of catastrophic cyber attack to national
infra-
structure must be viewed as extremely high, by any realistic
measure. Taking little or no action to reduce this risk would be
a foolish national decision.
The chapters of this book are organized around ten basic
principles that will reduce the risk of cyber attack to national
infrastructure in a substantive manner. They are driven by
x PREFACE
experiences gained managing the security of one of the largest,
most complex infrastructures in the world, by years of learning
from various commercial and government organizations, and by

years of interaction with students and academic researchers in
the security fi eld. They are also driven by personal experiences
dealing with a wide range of successful and unsuccessful cyber
attacks, including ones directed at infrastructure of considerable
value. The implementation of the ten principles in this book will
require national resolve and changes to the way computing and
networking elements are designed, built, and operated in the
context of national …

assigmnet-question-1.txtThe vast majority of the population as.docx

Recommended

Recommended

More Related Content

Similar to assigmnet-question-1.txtThe vast majority of the population as.docx

Similar to assigmnet-question-1.txtThe vast majority of the population as.docx (20)

More from jane3dyson92312

More from jane3dyson92312 (20)

Recently uploaded

Recently uploaded (20)

assigmnet-question-1.txtThe vast majority of the population as.docx