SlideShare a Scribd company logo

ISSC422_Project_Paper_John_Intindolo

Download as DOC, PDF
John Intindolo
John Intindolo

This document discusses security threats and vulnerabilities. It begins by noting that threats and vulnerabilities are constantly changing with evolving technology. It defines threats as actions that could damage an asset, and vulnerabilities as weaknesses that allow threats to occur. The document then discusses how to identify important organizational assets and assess risks to them. Several types of threats are outlined, including human threats like errors, criminal behavior, and insider threats from employees. Common forms of malicious software like viruses, worms, Trojan horses, rootkits and spyware are also described. Strategies for reducing insider threats like monitoring, multi-person access, and job rotation are presented.

1 of 11
Running head: SECURITY THREATS & VULNERABILITIES 1 Security Threats & Vulnerabilities John Intindolo American Public University
SECURITY THREATS & VULNERABILITIES 2 Security Threats & Vulnerabilities In a world where technology is constantly evolving it comes as no surprise that threats and vulnerabilities are also changing continuously. Information Security is keeping the confidentiality, integrity, and availability of an entire organization, and is virtually impossible to accomplish without being aware of the security threats and vulnerabilities that exist. A security threat is any action that has the potential to damage an asset. Threats could be a result of a natural or man- made event. There is no single security threat out there, but rather many different threats that can bring down an entire organization’s network if they are unprepared on how to handle them. Having a plan in place before an event occurs will ensure that the security professionals will be equipped to handle any and all situations in a timely manner. A vulnerability differs from a threat in that a vulnerability is defined as “a weakness in a product that could allow an attacker to compromise the integrity, availability, or confidentiality of that product” (“Definition of,” 2013). In other words vulnerability works to allow the threat to occur. A threat needs a vulnerability to infiltrate a network. If a vulnerability is secured than the threat cannot do its damage; therefore, it is important to keeping the network as secure as possible. Before discussing that however the first thing to think about is what is it that the organization wants to protect? After all how can an asset be protected if it is unknown what is important to the organization? The basic description of the things attempting to be protected are anything that has value otherwise known as assets. Assets within an organization range from sensitive data like trade secrets, to financial data like credit card information, to hardware and software components, or even to reputation assets such as a brand imaging. Once the assets of the organization are understood it is important to determine the risk of an attack at each level. This can be done by performing a risk assessment. A risk assessment should be performed by prioritizing the risk of an
SECURITY THREATS & VULNERABILITIES 3 attack from the most likely all the way down to the least likely vulnerability. The next phase would be to explain the different security threats. The first threat to the security of a network is the human element. People are human meaning that everyone makes mistakes, and no person is perfect. Human beings also have the ability to make a choice for themselves, right or wrong. The security threats that a person poses to computer security can be through user error, being uneducated in using the system properly, or even purposely attempting to damage or steal data. Criminal behavior is dealt with in a much different manner in normal everyday life as oppose to in cyberspace. The laws and consequences in real world are respected by people (for the most part), but in cyberspace criminal behavior runs rampant and often goes unpunished (or even undiscovered). There are two different types of people that are a threat to a network’s security, an insider and an outsider. Which of the two is the bigger threat? Well according to Gartner, “More than 70% of unauthorized access to data is committed by an organization’s own employees” (Beaver, 2006). That is an astonishing number to think about. An insider threat is one that describes the people within the organization that are disgruntled and have become a principal source of computer crimes due to their knowledge of the victim’s system (Erbschloe, 2005, p. 2). This intimate knowledge that an insider has can lead to things such as stealing or corrupting company data. A key thing to understand is that while viruses and Trojan-based attacks are often thought as an issue from an outsider, an insider poses a bigger threat because they have a higher chance of performing a successful attack. How severe is an insider threat? Well according to Ernst & Young survey, 25 percent of organizations surveyed have experienced an increase in attacks by malicious insiders (2009, p. 5). That is a pretty significant number. Now the question that remains is what makes a person disgruntled to the point that they would perform an attack against their employer? There are several reasons that an
SECURITY THREATS & VULNERABILITIES 4 otherwise trustworthy employee may become an insider threat. Some reasons would be the stress and fear of being laid-off, or an unexpected financial problem that they may come under. How can an insider threat be guarded against? There are three strategies that work best for reducing the risks associated with an insider threat. Those would be monitoring, two-person or multi-person control, and job rotation. Trust is something that cannot be taken for granted no matter how great of a team an organization has. These strategies are put into place to keep “the bad seeds honest and the good ones from slipping up” (“Best practice guide,” 2012). Monitoring can be done in the form of scanning an employee’s computer for unauthorized activity (such as visiting a webpage that is not work related during business hours) or double checking periodic results, like counting the cash held by a cashier for example (Smith, 2011, p. 573). One of the main reasons that an employee would attempt to steal a company’s data is because they feel that they can do it without getting caught. Monitoring greatly increases the chances of them being caught, and may deter someone from attempting to follow through on an attack or stealing. The second strategy to help reduce the risk of an insider threat is through two-person or multi-person control. Two-person or multi-person control requires the use of more than one person to be involved in a critical transaction. For example, a nuclear missile launch may require the use of two or more people so that one person does not have the ability to perform an attack. Without all parties’ access codes the launch will not occur. Most internal attacks are done individually, therefore implementing two-person or multi-person control can greatly reduce the risk. The third strategy that can help in the reduction of an insider threat is through job rotation. This is done by having a rotation of several people doing the same job duties. Not only does this help to combat against insider attacks, but it also exposes the employees to different experiences
SECURITY THREATS & VULNERABILITIES 5 and gives them a more varied skill set. If more than one person performs the same task it lessens the risk that one of them will be performing some sort of malicious behavior. Outsider threats are threats to an organization’s network using the Internet or outside networks to gain authorized access to the organization’s network. An outsider, as the name suggests, comes from a source outside of the network that attempts to damage the confidentiality, integrity, and availability of a network. Insider and outsider threats come in many forms, but both come in the form of malicious software and several different attacks. Malicious software is also known as Malware and is used to follow the instruction of an attacker to cause damage to or disrupt a system (Kim & Solomon, 2012, p. 117). Malware can be broken down into two categories, infecting programs and hiding programs. Within these two categories are several types of Malware and they are: viruses, worms, Trojan horses, rootkits, and spyware. The first example of an infecting malware program is a virus. Viruses are the most common type of malicious attacks to the everyday computer user. Even if a person has a limited background in information technology, chances are they are aware of what a virus does to a computer. A virus is a program written by a hacker to alter the way a computer operates without the permission or even knowledge of the user, and it will replicate and execute itself in the hopes of damaging the user’s computer (Ahmad, 2012, p. 751). Viruses and worms are both a type of Malware that are categorized as an infecting program. Infecting programs actively try to copy themselves onto other computers to carry out the attacker’s instructions onto new targets (Kim & Solomon, 2012, p. 117). Worms like viruses reproduce and spread to other computers, but they differ from viruses in that they are independent programs as opposed to ones that hide inside another program. The second category of Malware that exists are known as hiding programs. The difference with hiding programs is that they carry
SECURITY THREATS & VULNERABILITIES 6 out the attacker’s instructions while hiding in the computer and avoiding detection. This is where Trojan horses, rootkits, and spyware fall under. Trojan horses are destructive programs that disguise themselves as a harmless computer program with the purpose of getting access to the victim’s computer from a different location (“Information security office,” 2012). They try to trick the victim into thinking that it is a safe program in an effort to damage the system. This is often done through an e-mail attachment or from a file that was downloaded off of the Internet. A rootkit is like a Trojan horse in that it will hide itself, but it will not try to corrupt or damage the system. So if a rootkit does not attempt to damage the system, then what does it do? A rootkit rather than damage the system will be used instead to give the attacker ability to access information, monitor the victim’s actions, modify programs, or carry out other functions on the victim’s computer without being detected (McDowell, 2013). Due to the fact that a rootkit can allow an attacker to modify programs it makes recovering from this type of an attack a difficult task. If it is unable to be removed the best way to recover may be to simply reinstall the operating system, because a prior version of a file may not be trustworthy. The third type of hiding program Malware would be spyware. Spyware is very common to the average computer user nowadays and is almost as well known to people as viruses. Spyware is used to collect information about someone or an organization without their approval or knowledge. This information is then used for such things as selling to advertising agencies or in some cases it can be used for identity theft. Like Malware there are also different types of attacks including the following: key logging, spoofing, phishing, social engineering, and denial-of-service attacks. Knowing each one, how they affect an organization’s infrastructure, and what to do in order to prevent an attack will go a long way to keeping the network secure. Key logging refers to an attack that logs every key
SECURITY THREATS & VULNERABILITIES 7 stroke that the victim makes and can allow the attacker to get passwords, bank account information, etc. This can lead to some stealing of valuable data or even money. Spoofing is when the attacker falsifies data in order to give them an illegitimate advantage. Phishing threats meanwhile take spoofing one step further in that not only do they falsify data, but they do so in order to steal sensitive financial or personal information (Ahmad, 2012, p. 751). Social engineering attacks are similar to phishing and spoofing threats, but by deceiving the victim into revealing secure information and in turn using that secure information to attack the organization’s network. These attackers are modern-day con-artists that prey on people’s emotions to get their information. The next attack that is a threat would be a denial-of-service attack. DOS attacks are used to interrupt or suspend the victim’s services to the Internet. Now that the threats and vulnerabilities have been outlined the question remains, how can these threats be stopped before doing damage. A default deny policy should be implemented, meaning that everyone on the network will be denied access as a default. Only those whose job requires access to items will have it. This will help alleviate many problems that are caused from user error or unauthorized personnel accessing sensitive data. Internet usage should be relegated to work related sites only. Cyber threats such as Malware, phishing, and impersonation are most common in social networking sites, which is why they should be banned from the workplace (Al- Mushayt, 2013, p. 57). Anti-virus software, anti-malware software, firewalls, and intrusion detection systems should be installed on each and every computer connected to the network to prevent a malicious attack. Additionally, all software should be updated and a strong use of passwords should be used in order make it difficult for attackers to guess. Furthermore, multi-factored authentication and encrypting files and passwords whenever possible will make the system much harder to attack. One other important implementation in addition to these tools would be having security teams run
SECURITY THREATS & VULNERABILITIES 8 security tests against the network from the outside in to allow vulnerabilities to be discovered and corrected before an attack is able to take place (“Vulnerability management,” 2013). All of these tools will help, but they alone will not solve the problem. There must be a security process that takes place in addition to the use of the tools listed above. In order to keep the network secure, reduce the risk of an attack, or decrease the effect an attack will have, it is best to put into practice the following six phases of the security process: identify the assets, analyze the risk of an attack, establish a security policy, implement the defenses, monitor the defenses that have been implemented, and recover from attacks. Identifying the organizations assets will as stated earlier show exactly what the organization will want to protect. Once that is complete, an analysis of each asset’s risk of an attack will identify where the company is vulnerable and in need of more secure measures. From that point a security policy can be written and put into place to create a set of rules and guidelines for everyone on the network to adhere by while connected to the network. The written security policy gives people a list of rules to follow, but it is important that they are followed from the top of the organization all the way to the bottom. Additionally, the importance needs to be emphasized by those who created the policy by thoroughly going over the policy with anyone who will have network access. This can be done in the form of a company meeting. Whenever a change is necessary the policy should be updated, and the users should be properly informed of all changes. Next would be implementing the defenses. The defenses are implemented to protect against an attack or intrusion. They will need to be constantly monitored by the IS professionals to see where a weakness may be exploited. It is their job to find the weakness and correct it before a malicious attack occurs. This form of continuous improvement is extremely important to the security of a network, because without constant evaluation and correction the network will
SECURITY THREATS & VULNERABILITIES 9 become susceptible to an attack. Keeping up with the latest Windows Updates and downloading the latest patches are some examples of this. Recovery from an attack may be the last phase of the security process, but it just might be the most important as well. There is no 100 percent secure method. There will be a time when the organization will experience an attack, and it is how well prepared the security team is to handle that and how fast they handle it that will be key. The best methods for recovery are to have an incident response team, incident response plan, business continuity plan, and backups. The incident response team will be put into place to handle any and all incidents as set forth in the incident response plan. Having a plan in place will keep everyone from panicking and get the problem resolved much quicker. A business continuity plan will give a set of procedures to follow to either keep the company running in the event of an attack, or to minimize the time that the company is down. Backups should be taken once every 24 hours and if possible stored at a secure off-site facility. If stored on-site they should be locked away where only authorized personnel have access to them. There are many threats and vulnerabilities that exist out there, but through careful management and planning as detailed above, an organization’s network can remain secure against many threats. No method is going to keep the system completely secure, so it is important to be ready to handle any and all attacks. In this day and age so many companies rely on being connected to the Internet for their everyday business needs. Therefore, if their network is down for a lengthy amount of time it is going to cost them a significant amount of money. In some cases a company rendered without power may even cause the end of the company altogether.
SECURITY THREATS & VULNERABILITIES 10 References Ahmad, A. (2012). Type of security threats and it’s prevention. International Journal of Computer Technology and Applications, 3(2), 750-752. Al-Mushayt, O. S. (2013). Threats and anti-threats strategies for social networking websites.International Journal of Computer Networks & COmmunications, 5(4), 53-61. Retrieved from http://airccse.org/journal/cnc/5413cnc05.pdf Beaver, K. (2006). Five common insider threats and how to mitigate them. Retrieved from http://searchsecurity.techtarget.com/tip/Five-common-insider-threats-and-how-to- mitigate-them Best practice guide to minimizing your insider risk. (2012). Retrieved from https://www.lumension.com/Media_Files/Documents/Marketing--- Sales/Whitepapers/Best-Practice-Guide-Minimizing-Your-Insider-Risk.aspx Definition of a security vulnerability. (2013). Retrieved from http://technet.microsoft.com/en- us/library/cc751383.aspx Erbschloe, M. (2005). Trojans, worms, and spyware: A computer security professional's guide to malicious code. Burlington, MA: Elsevier Butterworth-Heinemann. Ernst & Young. (2009). Outpacing change: Ernst & young’s 12th annual global information security survey. Retrieved from http://www.b3b.ch/wp- content/uploads/12th_annual_GISS.pdf Information security office faqs. (2012). Retrieved from http://secureonline.iowa.gov/faqs/index.html Kim, David, Solomon, Michael. (2012). Fundamentals of Information System Security. Information Systems & Security Series. Sudbury, MA. Jones & Bartlett Learning. References
SECURITY THREATS & VULNERABILITIES 11 McDowell, M. (2013). Understanding hidden threats: Rootkits and botnets. Retrieved from http://www.us-cert.gov/ncas/tips/ST06-001 Smith, R.E., PhD. (2011). Elementary Information Security. Burlington, MA: Jones & Bartlett Learning. Vulnerability management. (2013). Retrieved from http://www.veracode.com/security/vulnerability-management

Recommended

Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badbanerjeea
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
AliyuMuhammadButu
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
IOSR Journals
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
Ahmad Sharifi
 
Malicious Insiders
Malicious InsidersMalicious Insiders
Malicious Insiders
gjohansen
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman
 
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest MindsWhitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Happiest Minds Technologies
 
Social engineering
Social engineeringSocial engineering
Social engineeringBola Oduyale
 

Recommended

Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badbanerjeea
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
AliyuMuhammadButu
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
IOSR Journals
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
Ahmad Sharifi
 
Malicious Insiders
Malicious InsidersMalicious Insiders
Malicious Insiders
gjohansen
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman
 
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest MindsWhitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Happiest Minds Technologies
 
Social engineering
Social engineeringSocial engineering
Social engineeringBola Oduyale
 
The Evolving Landscape on Information Security
The Evolving Landscape on Information SecurityThe Evolving Landscape on Information Security
The Evolving Landscape on Information Security
Simoun Ung
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
Christopher Daza
 
Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10Deepa Devadas
 
Eileen Presentation
Eileen PresentationEileen Presentation
Eileen Presentationjc06442n
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecuritySvetlana Belyaeva
 
Social engineering: A Human Hacking Framework
Social engineering: A Human Hacking FrameworkSocial engineering: A Human Hacking Framework
Social engineering: A Human Hacking Framework
Jahangirnagar University
 
Insider threats
Insider threatsInsider threats
Insider threats
izoologic
 
Darktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemDarktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemAustin Eppstein
 
How can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data lossesHow can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data losses
Abhishek BV
 
LIS3353 SP12 Week 9
LIS3353 SP12 Week 9LIS3353 SP12 Week 9
LIS3353 SP12 Week 9Amanda Case
 
Mobile Application Security
Mobile Application Security Mobile Application Security
Mobile Application Security
Booz Allen Hamilton
 
Rapport X force 2014
Rapport X force 2014Rapport X force 2014
Rapport X force 2014
Patrick Bouillaud
 
OverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateOverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateKashif Ali
 
System Security Threats and Risks)
System Security Threats and Risks)System Security Threats and Risks)
System Security Threats and Risks)
BPalmer13
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
Mark Silver
 
Security threats and attacks in cyber security
Security threats and attacks in cyber securitySecurity threats and attacks in cyber security
Security threats and attacks in cyber security
Shri ramswaroop college of engineering and management
 
Ipremier case
Ipremier caseIpremier case
Ipremier case
Fabian Okidi
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile security
Kavita Rastogi
 
Honey Pot Intrusion Detection System
Honey Pot Intrusion Detection SystemHoney Pot Intrusion Detection System
Honey Pot Intrusion Detection System
International Journal of Engineering Inventions www.ijeijournal.com
 
Incident Response
Incident ResponseIncident Response
Incident ResponseDivya Kothari
 
Access control basics-3
Access control basics-3Access control basics-3
Access control basics-3
grantlerc
 
Protocol
ProtocolProtocol
ProtocolJenni Beltran
 

More Related Content

What's hot

The Evolving Landscape on Information Security
The Evolving Landscape on Information SecurityThe Evolving Landscape on Information Security
The Evolving Landscape on Information Security
Simoun Ung
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
Christopher Daza
 
Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10Deepa Devadas
 
Eileen Presentation
Eileen PresentationEileen Presentation
Eileen Presentationjc06442n
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecuritySvetlana Belyaeva
 
Social engineering: A Human Hacking Framework
Social engineering: A Human Hacking FrameworkSocial engineering: A Human Hacking Framework
Social engineering: A Human Hacking Framework
Jahangirnagar University
 
Insider threats
Insider threatsInsider threats
Insider threats
izoologic
 
Darktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemDarktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemAustin Eppstein
 
How can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data lossesHow can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data losses
Abhishek BV
 
LIS3353 SP12 Week 9
LIS3353 SP12 Week 9LIS3353 SP12 Week 9
LIS3353 SP12 Week 9Amanda Case
 
Mobile Application Security
Mobile Application Security Mobile Application Security
Mobile Application Security
Booz Allen Hamilton
 
Rapport X force 2014
Rapport X force 2014Rapport X force 2014
Rapport X force 2014
Patrick Bouillaud
 
OverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateOverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateKashif Ali
 
System Security Threats and Risks)
System Security Threats and Risks)System Security Threats and Risks)
System Security Threats and Risks)
BPalmer13
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
Mark Silver
 
Security threats and attacks in cyber security
Security threats and attacks in cyber securitySecurity threats and attacks in cyber security
Security threats and attacks in cyber security
Shri ramswaroop college of engineering and management
 
Ipremier case
Ipremier caseIpremier case
Ipremier case
Fabian Okidi
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile security
Kavita Rastogi
 
Honey Pot Intrusion Detection System
Honey Pot Intrusion Detection SystemHoney Pot Intrusion Detection System
Honey Pot Intrusion Detection System
International Journal of Engineering Inventions www.ijeijournal.com
 

What's hot (20)

The Evolving Landscape on Information Security
The Evolving Landscape on Information SecurityThe Evolving Landscape on Information Security
The Evolving Landscape on Information Security
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10
 
Eileen Presentation
Eileen PresentationEileen Presentation
Eileen Presentation
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity
 
Social engineering: A Human Hacking Framework
Social engineering: A Human Hacking FrameworkSocial engineering: A Human Hacking Framework
Social engineering: A Human Hacking Framework
 
Insider threats
Insider threatsInsider threats
Insider threats
 
Darktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemDarktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystem
 
How can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data lossesHow can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data losses
 
LIS3353 SP12 Week 9
LIS3353 SP12 Week 9LIS3353 SP12 Week 9
LIS3353 SP12 Week 9
 
Mobile Application Security
Mobile Application Security Mobile Application Security
Mobile Application Security
 
Rapport X force 2014
Rapport X force 2014Rapport X force 2014
Rapport X force 2014
 
OverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateOverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrate
 
System Security Threats and Risks)
System Security Threats and Risks)System Security Threats and Risks)
System Security Threats and Risks)
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
Security threats and attacks in cyber security
Security threats and attacks in cyber securitySecurity threats and attacks in cyber security
Security threats and attacks in cyber security
 
Ipremier case
Ipremier caseIpremier case
Ipremier case
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile security
 
Honey Pot Intrusion Detection System
Honey Pot Intrusion Detection SystemHoney Pot Intrusion Detection System
Honey Pot Intrusion Detection System
 
Incident Response
Incident ResponseIncident Response
Incident Response
 

Viewers also liked

Access control basics-3
Access control basics-3Access control basics-3
Access control basics-3
grantlerc
 
D1.S3.4(2)KotrynaGrinkeviciute-updated
D1.S3.4(2)KotrynaGrinkeviciute-updatedD1.S3.4(2)KotrynaGrinkeviciute-updated
D1.S3.4(2)KotrynaGrinkeviciute-updatedKotryna Grinkeviciute
 
trabajo santiago mariño mate 4
trabajo santiago mariño mate 4trabajo santiago mariño mate 4
trabajo santiago mariño mate 4
Luiz Casanova
 
What Happens When You Donate Your Career to Science
What Happens When You Donate Your Career to ScienceWhat Happens When You Donate Your Career to Science
What Happens When You Donate Your Career to Science
Thea Boodhoo
 
trabajo engel escobar , transformada de fourrier
trabajo engel escobar , transformada de fourriertrabajo engel escobar , transformada de fourrier
trabajo engel escobar , transformada de fourrier
Luiz Casanova
 
Pm0016 project risk management
Pm0016 project risk managementPm0016 project risk management
Pm0016 project risk management
consult4solutions
 
Mu0018 change management
Mu0018 change managementMu0018 change management
Mu0018 change management
consult4solutions
 
CPP EM_V comments_NW SEM Collaborative_012116
CPP EM_V comments_NW SEM Collaborative_012116CPP EM_V comments_NW SEM Collaborative_012116
CPP EM_V comments_NW SEM Collaborative_012116Marisa Lee
 
Ryan Blackmer's Professional Persona Project
Ryan Blackmer's Professional Persona ProjectRyan Blackmer's Professional Persona Project
Ryan Blackmer's Professional Persona Project
Ryan Blackmer
 
Beyond Numbers_Al Nahar TV_Boycott campaign_Digital media impact
Beyond Numbers_Al Nahar TV_Boycott campaign_Digital media impactBeyond Numbers_Al Nahar TV_Boycott campaign_Digital media impact
Beyond Numbers_Al Nahar TV_Boycott campaign_Digital media impact
Beyond Numbers
 
Effect of mixed industrial effluent on the growth of abelmoschus esculentus
Effect of mixed industrial effluent on the growth of abelmoschus esculentusEffect of mixed industrial effluent on the growth of abelmoschus esculentus
Effect of mixed industrial effluent on the growth of abelmoschus esculentus
roaddistancein
 
Fiber optics 2-7
Fiber optics 2-7Fiber optics 2-7
Fiber optics 2-7
grantlerc
 
Education Data
Education DataEducation Data
Education Data
Edward Robirds
 
Wedding Photographer Dallas
Wedding Photographer DallasWedding Photographer Dallas
Wedding Photographer Dallas
Dallas Wedding Photographer .
 
презентация к уроку
презентация к урокупрезентация к уроку
презентация к уроку
bairova
 
Observaciones finales sobre el segundo informe periódico de honduras
Observaciones finales sobre el segundo informe periódico de hondurasObservaciones finales sobre el segundo informe periódico de honduras
Observaciones finales sobre el segundo informe periódico de honduras
MULTIMEDIA-RP
 
Panduan login ms outlook
Panduan login ms outlookPanduan login ms outlook
Panduan login ms outlook
Marliana
 

Viewers also liked (18)

Access control basics-3
Access control basics-3Access control basics-3
Access control basics-3
 
Protocol
ProtocolProtocol
Protocol
 
D1.S3.4(2)KotrynaGrinkeviciute-updated
D1.S3.4(2)KotrynaGrinkeviciute-updatedD1.S3.4(2)KotrynaGrinkeviciute-updated
D1.S3.4(2)KotrynaGrinkeviciute-updated
 
trabajo santiago mariño mate 4
trabajo santiago mariño mate 4trabajo santiago mariño mate 4
trabajo santiago mariño mate 4
 
What Happens When You Donate Your Career to Science
What Happens When You Donate Your Career to ScienceWhat Happens When You Donate Your Career to Science
What Happens When You Donate Your Career to Science
 
trabajo engel escobar , transformada de fourrier
trabajo engel escobar , transformada de fourriertrabajo engel escobar , transformada de fourrier
trabajo engel escobar , transformada de fourrier
 
Pm0016 project risk management
Pm0016 project risk managementPm0016 project risk management
Pm0016 project risk management
 
Mu0018 change management
Mu0018 change managementMu0018 change management
Mu0018 change management
 
CPP EM_V comments_NW SEM Collaborative_012116
CPP EM_V comments_NW SEM Collaborative_012116CPP EM_V comments_NW SEM Collaborative_012116
CPP EM_V comments_NW SEM Collaborative_012116
 
Ryan Blackmer's Professional Persona Project
Ryan Blackmer's Professional Persona ProjectRyan Blackmer's Professional Persona Project
Ryan Blackmer's Professional Persona Project
 
Beyond Numbers_Al Nahar TV_Boycott campaign_Digital media impact
Beyond Numbers_Al Nahar TV_Boycott campaign_Digital media impactBeyond Numbers_Al Nahar TV_Boycott campaign_Digital media impact
Beyond Numbers_Al Nahar TV_Boycott campaign_Digital media impact
 
Effect of mixed industrial effluent on the growth of abelmoschus esculentus
Effect of mixed industrial effluent on the growth of abelmoschus esculentusEffect of mixed industrial effluent on the growth of abelmoschus esculentus
Effect of mixed industrial effluent on the growth of abelmoschus esculentus
 
Fiber optics 2-7
Fiber optics 2-7Fiber optics 2-7
Fiber optics 2-7
 
Education Data
Education DataEducation Data
Education Data
 
Wedding Photographer Dallas
Wedding Photographer DallasWedding Photographer Dallas
Wedding Photographer Dallas
 
презентация к уроку
презентация к урокупрезентация к уроку
презентация к уроку
 
Observaciones finales sobre el segundo informe periódico de honduras
Observaciones finales sobre el segundo informe periódico de hondurasObservaciones finales sobre el segundo informe periódico de honduras
Observaciones finales sobre el segundo informe periódico de honduras
 
Panduan login ms outlook
Panduan login ms outlookPanduan login ms outlook
Panduan login ms outlook
 

Similar to ISSC422_Project_Paper_John_Intindolo

Implications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdfImplications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdf
srtwgwfwwgw
 
Introduction to cyber security i
Introduction to cyber security iIntroduction to cyber security i
Introduction to cyber security i
Emmanuel Gbenga Dada (BSc, MSc, PhD)
 
7 Types of Cyber Security Threats | The Lifesciences Magazine
7 Types of Cyber Security Threats | The Lifesciences Magazine7 Types of Cyber Security Threats | The Lifesciences Magazine
7 Types of Cyber Security Threats | The Lifesciences Magazine
The Lifesciences Magazine
 
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdfInsider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Enterprise Insider
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
AlienVault
 
Assess risks to IT security.pptx
Assess risks to IT security.pptxAssess risks to IT security.pptx
Assess risks to IT security.pptx
lochanrajdahal
 
Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdf
AnupmaMunshi
 
Information Security Awareness
Information Security AwarenessInformation Security Awareness
Information Security Awareness
Digit Oktavianto
 
Cyber Security Company.docx
Cyber Security Company.docxCyber Security Company.docx
Cyber Security Company.docx
ArindamGhosal6
 
Running Head CURRENT CHALLENGES FACING CYBER SECURITY .docx
Running Head CURRENT CHALLENGES FACING CYBER SECURITY .docxRunning Head CURRENT CHALLENGES FACING CYBER SECURITY .docx
Running Head CURRENT CHALLENGES FACING CYBER SECURITY .docx
healdkathaleen
 
Introduction Over the past years, there have been increasing ca.docx
Introduction Over the past years, there have been increasing ca.docxIntroduction Over the past years, there have been increasing ca.docx
Introduction Over the past years, there have been increasing ca.docx
normanibarber20063
 
Malware Detection and Prevention
Malware Detection and PreventionMalware Detection and Prevention
Malware Detection and Prevention
kamranrazzaq8
 
Website security
Website securityWebsite security
Website security
RIPPER95
 
Social Engineering Attacks in IT World
Social Engineering Attacks in IT WorldSocial Engineering Attacks in IT World
Social Engineering Attacks in IT World
Akshay Mittal
 
TC160_PowerPoint_presentation_gbraga
TC160_PowerPoint_presentation_gbragaTC160_PowerPoint_presentation_gbraga
TC160_PowerPoint_presentation_gbragaGeorge Braga
 
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxThe uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
arnoldmeredith47041
 
E04 05 2841
E04 05 2841E04 05 2841
E04 05 2841
International Journal of Engineering Inventions www.ijeijournal.com
 
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Debabrata Singh
 
Cyber Security in detail PPT BY HIMANXU.pptx
Cyber Security in detail PPT BY HIMANXU.pptxCyber Security in detail PPT BY HIMANXU.pptx
Cyber Security in detail PPT BY HIMANXU.pptx
himanshuratnama
 

Similar to ISSC422_Project_Paper_John_Intindolo (20)

Implications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdfImplications of Misuse and Cyber Security.pdf
Implications of Misuse and Cyber Security.pdf
 
Introduction to cyber security i
Introduction to cyber security iIntroduction to cyber security i
Introduction to cyber security i
 
7 Types of Cyber Security Threats | The Lifesciences Magazine
7 Types of Cyber Security Threats | The Lifesciences Magazine7 Types of Cyber Security Threats | The Lifesciences Magazine
7 Types of Cyber Security Threats | The Lifesciences Magazine
 
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdfInsider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
 
Assess risks to IT security.pptx
Assess risks to IT security.pptxAssess risks to IT security.pptx
Assess risks to IT security.pptx
 
Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdf
 
Information Security Awareness
Information Security AwarenessInformation Security Awareness
Information Security Awareness
 
Cyber Security Company.docx
Cyber Security Company.docxCyber Security Company.docx
Cyber Security Company.docx
 
Running Head CURRENT CHALLENGES FACING CYBER SECURITY .docx
Running Head CURRENT CHALLENGES FACING CYBER SECURITY .docxRunning Head CURRENT CHALLENGES FACING CYBER SECURITY .docx
Running Head CURRENT CHALLENGES FACING CYBER SECURITY .docx
 
Introduction Over the past years, there have been increasing ca.docx
Introduction Over the past years, there have been increasing ca.docxIntroduction Over the past years, there have been increasing ca.docx
Introduction Over the past years, there have been increasing ca.docx
 
Malware Detection and Prevention
Malware Detection and PreventionMalware Detection and Prevention
Malware Detection and Prevention
 
Website security
Website securityWebsite security
Website security
 
Social Engineering Attacks in IT World
Social Engineering Attacks in IT WorldSocial Engineering Attacks in IT World
Social Engineering Attacks in IT World
 
THESIS-2(2)
THESIS-2(2)THESIS-2(2)
THESIS-2(2)
 
TC160_PowerPoint_presentation_gbraga
TC160_PowerPoint_presentation_gbragaTC160_PowerPoint_presentation_gbraga
TC160_PowerPoint_presentation_gbraga
 
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxThe uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
 
E04 05 2841
E04 05 2841E04 05 2841
E04 05 2841
 
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
 
Cyber Security in detail PPT BY HIMANXU.pptx
Cyber Security in detail PPT BY HIMANXU.pptxCyber Security in detail PPT BY HIMANXU.pptx
Cyber Security in detail PPT BY HIMANXU.pptx
 

More from John Intindolo

Power_Point_Presentation_ISSC458_Intindolo
Power_Point_Presentation_ISSC458_IntindoloPower_Point_Presentation_ISSC458_Intindolo
Power_Point_Presentation_ISSC458_IntindoloJohn Intindolo
 
ISSC368_Final_Project Proposal_Wk8_Intindolo
ISSC368_Final_Project Proposal_Wk8_IntindoloISSC368_Final_Project Proposal_Wk8_Intindolo
ISSC368_Final_Project Proposal_Wk8_IntindoloJohn Intindolo
 
ISSC456_Final_J_Intindolo
ISSC456_Final_J_IntindoloISSC456_Final_J_Intindolo
ISSC456_Final_J_IntindoloJohn Intindolo
 
ISSC456_Project_Presentation_Intindolo
ISSC456_Project_Presentation_IntindoloISSC456_Project_Presentation_Intindolo
ISSC456_Project_Presentation_IntindoloJohn Intindolo
 
Research_Paper_Final_ISSC431_Intindolo
Research_Paper_Final_ISSC431_IntindoloResearch_Paper_Final_ISSC431_Intindolo
Research_Paper_Final_ISSC431_IntindoloJohn Intindolo
 
ISSC362_Research_Paper_Intindolo
ISSC362_Research_Paper_IntindoloISSC362_Research_Paper_Intindolo
ISSC362_Research_Paper_IntindoloJohn Intindolo
 
Research_Paper_ISSC461_Intindolo
Research_Paper_ISSC461_IntindoloResearch_Paper_ISSC461_Intindolo
Research_Paper_ISSC461_IntindoloJohn Intindolo
 
Attack_Project_Presentation_ISSC461_Intindolo
Attack_Project_Presentation_ISSC461_IntindoloAttack_Project_Presentation_ISSC461_Intindolo
Attack_Project_Presentation_ISSC461_IntindoloJohn Intindolo
 
ISSC471_Final_Project_Paper_John_Intindolo
ISSC471_Final_Project_Paper_John_IntindoloISSC471_Final_Project_Paper_John_Intindolo
ISSC471_Final_Project_Paper_John_IntindoloJohn Intindolo
 
Project_Paper_Presentation_ISSC471_Intindolo
Project_Paper_Presentation_ISSC471_IntindoloProject_Paper_Presentation_ISSC471_Intindolo
Project_Paper_Presentation_ISSC471_IntindoloJohn Intindolo
 
ISSC481_Term_Paper_John_Intindolo
ISSC481_Term_Paper_John_IntindoloISSC481_Term_Paper_John_Intindolo
ISSC481_Term_Paper_John_IntindoloJohn Intindolo
 
Project_Paper_ISSC455_Intindolo
Project_Paper_ISSC455_IntindoloProject_Paper_ISSC455_Intindolo
Project_Paper_ISSC455_IntindoloJohn Intindolo
 
ISSC455_Week6_Project_PowerPoint_Presentation_Intindolo
ISSC455_Week6_Project_PowerPoint_Presentation_IntindoloISSC455_Week6_Project_PowerPoint_Presentation_Intindolo
ISSC455_Week6_Project_PowerPoint_Presentation_IntindoloJohn Intindolo
 
Wk 7 Case Study Summary Paper_ISSC331_Intindolo
Wk 7 Case Study Summary Paper_ISSC331_IntindoloWk 7 Case Study Summary Paper_ISSC331_Intindolo
Wk 7 Case Study Summary Paper_ISSC331_IntindoloJohn Intindolo
 
ISSC490_Project_John_Intindolo
ISSC490_Project_John_IntindoloISSC490_Project_John_Intindolo
ISSC490_Project_John_IntindoloJohn Intindolo
 
ISSC361_Project_John_Intindolo
ISSC361_Project_John_IntindoloISSC361_Project_John_Intindolo
ISSC361_Project_John_IntindoloJohn Intindolo
 
Project_Presentation_ISSC361_Intindolo
Project_Presentation_ISSC361_IntindoloProject_Presentation_ISSC361_Intindolo
Project_Presentation_ISSC361_IntindoloJohn Intindolo
 

More from John Intindolo (17)

Power_Point_Presentation_ISSC458_Intindolo
Power_Point_Presentation_ISSC458_IntindoloPower_Point_Presentation_ISSC458_Intindolo
Power_Point_Presentation_ISSC458_Intindolo
 
ISSC368_Final_Project Proposal_Wk8_Intindolo
ISSC368_Final_Project Proposal_Wk8_IntindoloISSC368_Final_Project Proposal_Wk8_Intindolo
ISSC368_Final_Project Proposal_Wk8_Intindolo
 
ISSC456_Final_J_Intindolo
ISSC456_Final_J_IntindoloISSC456_Final_J_Intindolo
ISSC456_Final_J_Intindolo
 
ISSC456_Project_Presentation_Intindolo
ISSC456_Project_Presentation_IntindoloISSC456_Project_Presentation_Intindolo
ISSC456_Project_Presentation_Intindolo
 
Research_Paper_Final_ISSC431_Intindolo
Research_Paper_Final_ISSC431_IntindoloResearch_Paper_Final_ISSC431_Intindolo
Research_Paper_Final_ISSC431_Intindolo
 
ISSC362_Research_Paper_Intindolo
ISSC362_Research_Paper_IntindoloISSC362_Research_Paper_Intindolo
ISSC362_Research_Paper_Intindolo
 
Research_Paper_ISSC461_Intindolo
Research_Paper_ISSC461_IntindoloResearch_Paper_ISSC461_Intindolo
Research_Paper_ISSC461_Intindolo
 
Attack_Project_Presentation_ISSC461_Intindolo
Attack_Project_Presentation_ISSC461_IntindoloAttack_Project_Presentation_ISSC461_Intindolo
Attack_Project_Presentation_ISSC461_Intindolo
 
ISSC471_Final_Project_Paper_John_Intindolo
ISSC471_Final_Project_Paper_John_IntindoloISSC471_Final_Project_Paper_John_Intindolo
ISSC471_Final_Project_Paper_John_Intindolo
 
Project_Paper_Presentation_ISSC471_Intindolo
Project_Paper_Presentation_ISSC471_IntindoloProject_Paper_Presentation_ISSC471_Intindolo
Project_Paper_Presentation_ISSC471_Intindolo
 
ISSC481_Term_Paper_John_Intindolo
ISSC481_Term_Paper_John_IntindoloISSC481_Term_Paper_John_Intindolo
ISSC481_Term_Paper_John_Intindolo
 
Project_Paper_ISSC455_Intindolo
Project_Paper_ISSC455_IntindoloProject_Paper_ISSC455_Intindolo
Project_Paper_ISSC455_Intindolo
 
ISSC455_Week6_Project_PowerPoint_Presentation_Intindolo
ISSC455_Week6_Project_PowerPoint_Presentation_IntindoloISSC455_Week6_Project_PowerPoint_Presentation_Intindolo
ISSC455_Week6_Project_PowerPoint_Presentation_Intindolo
 
Wk 7 Case Study Summary Paper_ISSC331_Intindolo
Wk 7 Case Study Summary Paper_ISSC331_IntindoloWk 7 Case Study Summary Paper_ISSC331_Intindolo
Wk 7 Case Study Summary Paper_ISSC331_Intindolo
 
ISSC490_Project_John_Intindolo
ISSC490_Project_John_IntindoloISSC490_Project_John_Intindolo
ISSC490_Project_John_Intindolo
 
ISSC361_Project_John_Intindolo
ISSC361_Project_John_IntindoloISSC361_Project_John_Intindolo
ISSC361_Project_John_Intindolo
 
Project_Presentation_ISSC361_Intindolo
Project_Presentation_ISSC361_IntindoloProject_Presentation_ISSC361_Intindolo
Project_Presentation_ISSC361_Intindolo
 

ISSC422_Project_Paper_John_Intindolo

  • 1. Running head: SECURITY THREATS & VULNERABILITIES 1 Security Threats & Vulnerabilities John Intindolo American Public University
  • 2. SECURITY THREATS & VULNERABILITIES 2 Security Threats & Vulnerabilities In a world where technology is constantly evolving it comes as no surprise that threats and vulnerabilities are also changing continuously. Information Security is keeping the confidentiality, integrity, and availability of an entire organization, and is virtually impossible to accomplish without being aware of the security threats and vulnerabilities that exist. A security threat is any action that has the potential to damage an asset. Threats could be a result of a natural or man- made event. There is no single security threat out there, but rather many different threats that can bring down an entire organization’s network if they are unprepared on how to handle them. Having a plan in place before an event occurs will ensure that the security professionals will be equipped to handle any and all situations in a timely manner. A vulnerability differs from a threat in that a vulnerability is defined as “a weakness in a product that could allow an attacker to compromise the integrity, availability, or confidentiality of that product” (“Definition of,” 2013). In other words vulnerability works to allow the threat to occur. A threat needs a vulnerability to infiltrate a network. If a vulnerability is secured than the threat cannot do its damage; therefore, it is important to keeping the network as secure as possible. Before discussing that however the first thing to think about is what is it that the organization wants to protect? After all how can an asset be protected if it is unknown what is important to the organization? The basic description of the things attempting to be protected are anything that has value otherwise known as assets. Assets within an organization range from sensitive data like trade secrets, to financial data like credit card information, to hardware and software components, or even to reputation assets such as a brand imaging. Once the assets of the organization are understood it is important to determine the risk of an attack at each level. This can be done by performing a risk assessment. A risk assessment should be performed by prioritizing the risk of an
  • 3. SECURITY THREATS & VULNERABILITIES 3 attack from the most likely all the way down to the least likely vulnerability. The next phase would be to explain the different security threats. The first threat to the security of a network is the human element. People are human meaning that everyone makes mistakes, and no person is perfect. Human beings also have the ability to make a choice for themselves, right or wrong. The security threats that a person poses to computer security can be through user error, being uneducated in using the system properly, or even purposely attempting to damage or steal data. Criminal behavior is dealt with in a much different manner in normal everyday life as oppose to in cyberspace. The laws and consequences in real world are respected by people (for the most part), but in cyberspace criminal behavior runs rampant and often goes unpunished (or even undiscovered). There are two different types of people that are a threat to a network’s security, an insider and an outsider. Which of the two is the bigger threat? Well according to Gartner, “More than 70% of unauthorized access to data is committed by an organization’s own employees” (Beaver, 2006). That is an astonishing number to think about. An insider threat is one that describes the people within the organization that are disgruntled and have become a principal source of computer crimes due to their knowledge of the victim’s system (Erbschloe, 2005, p. 2). This intimate knowledge that an insider has can lead to things such as stealing or corrupting company data. A key thing to understand is that while viruses and Trojan-based attacks are often thought as an issue from an outsider, an insider poses a bigger threat because they have a higher chance of performing a successful attack. How severe is an insider threat? Well according to Ernst & Young survey, 25 percent of organizations surveyed have experienced an increase in attacks by malicious insiders (2009, p. 5). That is a pretty significant number. Now the question that remains is what makes a person disgruntled to the point that they would perform an attack against their employer? There are several reasons that an
  • 4. SECURITY THREATS & VULNERABILITIES 4 otherwise trustworthy employee may become an insider threat. Some reasons would be the stress and fear of being laid-off, or an unexpected financial problem that they may come under. How can an insider threat be guarded against? There are three strategies that work best for reducing the risks associated with an insider threat. Those would be monitoring, two-person or multi-person control, and job rotation. Trust is something that cannot be taken for granted no matter how great of a team an organization has. These strategies are put into place to keep “the bad seeds honest and the good ones from slipping up” (“Best practice guide,” 2012). Monitoring can be done in the form of scanning an employee’s computer for unauthorized activity (such as visiting a webpage that is not work related during business hours) or double checking periodic results, like counting the cash held by a cashier for example (Smith, 2011, p. 573). One of the main reasons that an employee would attempt to steal a company’s data is because they feel that they can do it without getting caught. Monitoring greatly increases the chances of them being caught, and may deter someone from attempting to follow through on an attack or stealing. The second strategy to help reduce the risk of an insider threat is through two-person or multi-person control. Two-person or multi-person control requires the use of more than one person to be involved in a critical transaction. For example, a nuclear missile launch may require the use of two or more people so that one person does not have the ability to perform an attack. Without all parties’ access codes the launch will not occur. Most internal attacks are done individually, therefore implementing two-person or multi-person control can greatly reduce the risk. The third strategy that can help in the reduction of an insider threat is through job rotation. This is done by having a rotation of several people doing the same job duties. Not only does this help to combat against insider attacks, but it also exposes the employees to different experiences
  • 5. SECURITY THREATS & VULNERABILITIES 5 and gives them a more varied skill set. If more than one person performs the same task it lessens the risk that one of them will be performing some sort of malicious behavior. Outsider threats are threats to an organization’s network using the Internet or outside networks to gain authorized access to the organization’s network. An outsider, as the name suggests, comes from a source outside of the network that attempts to damage the confidentiality, integrity, and availability of a network. Insider and outsider threats come in many forms, but both come in the form of malicious software and several different attacks. Malicious software is also known as Malware and is used to follow the instruction of an attacker to cause damage to or disrupt a system (Kim & Solomon, 2012, p. 117). Malware can be broken down into two categories, infecting programs and hiding programs. Within these two categories are several types of Malware and they are: viruses, worms, Trojan horses, rootkits, and spyware. The first example of an infecting malware program is a virus. Viruses are the most common type of malicious attacks to the everyday computer user. Even if a person has a limited background in information technology, chances are they are aware of what a virus does to a computer. A virus is a program written by a hacker to alter the way a computer operates without the permission or even knowledge of the user, and it will replicate and execute itself in the hopes of damaging the user’s computer (Ahmad, 2012, p. 751). Viruses and worms are both a type of Malware that are categorized as an infecting program. Infecting programs actively try to copy themselves onto other computers to carry out the attacker’s instructions onto new targets (Kim & Solomon, 2012, p. 117). Worms like viruses reproduce and spread to other computers, but they differ from viruses in that they are independent programs as opposed to ones that hide inside another program. The second category of Malware that exists are known as hiding programs. The difference with hiding programs is that they carry
  • 6. SECURITY THREATS & VULNERABILITIES 6 out the attacker’s instructions while hiding in the computer and avoiding detection. This is where Trojan horses, rootkits, and spyware fall under. Trojan horses are destructive programs that disguise themselves as a harmless computer program with the purpose of getting access to the victim’s computer from a different location (“Information security office,” 2012). They try to trick the victim into thinking that it is a safe program in an effort to damage the system. This is often done through an e-mail attachment or from a file that was downloaded off of the Internet. A rootkit is like a Trojan horse in that it will hide itself, but it will not try to corrupt or damage the system. So if a rootkit does not attempt to damage the system, then what does it do? A rootkit rather than damage the system will be used instead to give the attacker ability to access information, monitor the victim’s actions, modify programs, or carry out other functions on the victim’s computer without being detected (McDowell, 2013). Due to the fact that a rootkit can allow an attacker to modify programs it makes recovering from this type of an attack a difficult task. If it is unable to be removed the best way to recover may be to simply reinstall the operating system, because a prior version of a file may not be trustworthy. The third type of hiding program Malware would be spyware. Spyware is very common to the average computer user nowadays and is almost as well known to people as viruses. Spyware is used to collect information about someone or an organization without their approval or knowledge. This information is then used for such things as selling to advertising agencies or in some cases it can be used for identity theft. Like Malware there are also different types of attacks including the following: key logging, spoofing, phishing, social engineering, and denial-of-service attacks. Knowing each one, how they affect an organization’s infrastructure, and what to do in order to prevent an attack will go a long way to keeping the network secure. Key logging refers to an attack that logs every key
  • 7. SECURITY THREATS & VULNERABILITIES 7 stroke that the victim makes and can allow the attacker to get passwords, bank account information, etc. This can lead to some stealing of valuable data or even money. Spoofing is when the attacker falsifies data in order to give them an illegitimate advantage. Phishing threats meanwhile take spoofing one step further in that not only do they falsify data, but they do so in order to steal sensitive financial or personal information (Ahmad, 2012, p. 751). Social engineering attacks are similar to phishing and spoofing threats, but by deceiving the victim into revealing secure information and in turn using that secure information to attack the organization’s network. These attackers are modern-day con-artists that prey on people’s emotions to get their information. The next attack that is a threat would be a denial-of-service attack. DOS attacks are used to interrupt or suspend the victim’s services to the Internet. Now that the threats and vulnerabilities have been outlined the question remains, how can these threats be stopped before doing damage. A default deny policy should be implemented, meaning that everyone on the network will be denied access as a default. Only those whose job requires access to items will have it. This will help alleviate many problems that are caused from user error or unauthorized personnel accessing sensitive data. Internet usage should be relegated to work related sites only. Cyber threats such as Malware, phishing, and impersonation are most common in social networking sites, which is why they should be banned from the workplace (Al- Mushayt, 2013, p. 57). Anti-virus software, anti-malware software, firewalls, and intrusion detection systems should be installed on each and every computer connected to the network to prevent a malicious attack. Additionally, all software should be updated and a strong use of passwords should be used in order make it difficult for attackers to guess. Furthermore, multi-factored authentication and encrypting files and passwords whenever possible will make the system much harder to attack. One other important implementation in addition to these tools would be having security teams run
  • 8. SECURITY THREATS & VULNERABILITIES 8 security tests against the network from the outside in to allow vulnerabilities to be discovered and corrected before an attack is able to take place (“Vulnerability management,” 2013). All of these tools will help, but they alone will not solve the problem. There must be a security process that takes place in addition to the use of the tools listed above. In order to keep the network secure, reduce the risk of an attack, or decrease the effect an attack will have, it is best to put into practice the following six phases of the security process: identify the assets, analyze the risk of an attack, establish a security policy, implement the defenses, monitor the defenses that have been implemented, and recover from attacks. Identifying the organizations assets will as stated earlier show exactly what the organization will want to protect. Once that is complete, an analysis of each asset’s risk of an attack will identify where the company is vulnerable and in need of more secure measures. From that point a security policy can be written and put into place to create a set of rules and guidelines for everyone on the network to adhere by while connected to the network. The written security policy gives people a list of rules to follow, but it is important that they are followed from the top of the organization all the way to the bottom. Additionally, the importance needs to be emphasized by those who created the policy by thoroughly going over the policy with anyone who will have network access. This can be done in the form of a company meeting. Whenever a change is necessary the policy should be updated, and the users should be properly informed of all changes. Next would be implementing the defenses. The defenses are implemented to protect against an attack or intrusion. They will need to be constantly monitored by the IS professionals to see where a weakness may be exploited. It is their job to find the weakness and correct it before a malicious attack occurs. This form of continuous improvement is extremely important to the security of a network, because without constant evaluation and correction the network will
  • 9. SECURITY THREATS & VULNERABILITIES 9 become susceptible to an attack. Keeping up with the latest Windows Updates and downloading the latest patches are some examples of this. Recovery from an attack may be the last phase of the security process, but it just might be the most important as well. There is no 100 percent secure method. There will be a time when the organization will experience an attack, and it is how well prepared the security team is to handle that and how fast they handle it that will be key. The best methods for recovery are to have an incident response team, incident response plan, business continuity plan, and backups. The incident response team will be put into place to handle any and all incidents as set forth in the incident response plan. Having a plan in place will keep everyone from panicking and get the problem resolved much quicker. A business continuity plan will give a set of procedures to follow to either keep the company running in the event of an attack, or to minimize the time that the company is down. Backups should be taken once every 24 hours and if possible stored at a secure off-site facility. If stored on-site they should be locked away where only authorized personnel have access to them. There are many threats and vulnerabilities that exist out there, but through careful management and planning as detailed above, an organization’s network can remain secure against many threats. No method is going to keep the system completely secure, so it is important to be ready to handle any and all attacks. In this day and age so many companies rely on being connected to the Internet for their everyday business needs. Therefore, if their network is down for a lengthy amount of time it is going to cost them a significant amount of money. In some cases a company rendered without power may even cause the end of the company altogether.
  • 10. SECURITY THREATS & VULNERABILITIES 10 References Ahmad, A. (2012). Type of security threats and it’s prevention. International Journal of Computer Technology and Applications, 3(2), 750-752. Al-Mushayt, O. S. (2013). Threats and anti-threats strategies for social networking websites.International Journal of Computer Networks & COmmunications, 5(4), 53-61. Retrieved from http://airccse.org/journal/cnc/5413cnc05.pdf Beaver, K. (2006). Five common insider threats and how to mitigate them. Retrieved from http://searchsecurity.techtarget.com/tip/Five-common-insider-threats-and-how-to- mitigate-them Best practice guide to minimizing your insider risk. (2012). Retrieved from https://www.lumension.com/Media_Files/Documents/Marketing--- Sales/Whitepapers/Best-Practice-Guide-Minimizing-Your-Insider-Risk.aspx Definition of a security vulnerability. (2013). Retrieved from http://technet.microsoft.com/en- us/library/cc751383.aspx Erbschloe, M. (2005). Trojans, worms, and spyware: A computer security professional's guide to malicious code. Burlington, MA: Elsevier Butterworth-Heinemann. Ernst & Young. (2009). Outpacing change: Ernst & young’s 12th annual global information security survey. Retrieved from http://www.b3b.ch/wp- content/uploads/12th_annual_GISS.pdf Information security office faqs. (2012). Retrieved from http://secureonline.iowa.gov/faqs/index.html Kim, David, Solomon, Michael. (2012). Fundamentals of Information System Security. Information Systems & Security Series. Sudbury, MA. Jones & Bartlett Learning. References
  • 11. SECURITY THREATS & VULNERABILITIES 11 McDowell, M. (2013). Understanding hidden threats: Rootkits and botnets. Retrieved from http://www.us-cert.gov/ncas/tips/ST06-001 Smith, R.E., PhD. (2011). Elementary Information Security. Burlington, MA: Jones & Bartlett Learning. Vulnerability management. (2013). Retrieved from http://www.veracode.com/security/vulnerability-management