SlideShare a Scribd company logo

WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)

Download as DOCX, PDF
C
ChristopherAntonius

This Paper is Submitted to Fulfill The English 2 Task Study Program Software Engineering 4th Semester Buddhi Dharma University. Tangerang. Lecturer: Dra. Harisa Mardiana, M.Pd.

Engineering
1 of 7
SOFTWARE ENGINEERING (CYBERSECURITY) By : CHRISTOPHER ANTONIUS 20181100007 STUDY PROGRAM SOFTWARE ENGINEERING FACULTY OF SCIENCE AND TECHNOLOGY UNIVERSITAS BUDDHI DHARMA
SOFTWARE ENGINEERING (CYBERSECURITY) Software engineering is the study of and practice of engineering to build, design, develop, maintain, and retire software. There are different areas of software engineering and it serves many functions throughout the application lifecycle. Effective software engineering requires software engineers to be educated about good software engineering best practices, disciplined and cognizant of how your company develops software, the operation it will fulfill, and how it will be maintained. According to StackOverflow Survey 2018, software engineers are lifelong learners; almost 90% of all developers say they have taught themselves a new language, framework, or tool outside of their formal education. Businesses are increasingly shifting their operations toward automation. This means that machines and computer software will handle more types of repetitive tasks, freeing up people to leverage their creativity. Most companies and organizations rely on websites, apps, or computer-based software to keep their businesses running and successful. Responding to constant competition and advancements, software engineers build programs, make improvements, and adjust code to maintain agility and usefulness. Software engineering is important because specific software is needed in almost every industry, in every business, and for every function. It becomes more important as
time goes on – if something breaks within your application portfolio, a quick, efficient, and effective fix needs to happen as soon as possible. Software engineering is an engineering discipline that is concerned with all aspects of software production from the early stages of system specification through to maintaining the system after it has gone into use (Ian Sommerville, 2016). Software engineering is essential for the functioning of government, society, and national and international businesses and institutions. We can’t run the modern world without software. National infrastructures and utilities are controlled by computer-based systems, and most electrical products include a computer and controlling software. Industrial manufacturing and distribution is completely computerized, as is the financial system. Entertainment, including the music industry, computer games, and film and television, is software-intensive. Many people think that software is simply another word for computer programs. However, when we are talking about software engineering, software is not just the programs themselves but also all associated documentation, libraries, support websites, and configuration data that are needed to make these programs useful. A professionally developed software system is often more than a single program. A system may consist of several separate programs and configuration files that are used to set up these programs. It may include system documentation, which describes the
structure of the system, user documentation, which explains how to use the system, and websites for users to download recent product information. Maintaining the security of our networked infrastructure and government, business, and personal computer systems is one of the most significant problems facing our society. The ubiquity of the Internet and our dependence on computer systems have created new criminal opportunities for theft and social disruption. It is very difficult to measure the losses due to cybercrime. However, in 2013, it was estimated that losses to the global economy due to cybercrime were between $100 billion and $500 billion (InfoSecurity 2013). Cybersecurity is concerned with all of an organization’s IT assets from networks through to application systems. The vast majority of these assets are externally procured, and companies do not understand their detailed operation. Systems such as web browsers are large and complex programs, and inevitably they contain bugs that can be a source of vulnerability. The different systems in an organization are related to each other in many different ways. They may be stored on the same disk, share data, rely on common operating systems components, and so on. The organizational “system of systems” is incredibly complex. It is impossible to ensure that it is free of security vulnerabilities. Consequently, you should generally assume that your systems are vulnerable to cyberattack and that, at some stage, a cyberattack is likely to occur.
A successful cyberattack can have very serious financial consequences for businesses, so it is essential that attacks are contained and losses minimized. Effective resilience engineering at the organizational and systems levels can repel attacks and bring systems back into operation quickly and so limit the losses incurred. These are not independent threat classes. An attacker may compromise the integrity of a user’s system by introducing malware, such as a botnet component. This may then be invoked remotely as part of a distributed denial-of-service attack on another system. Other types of malware may be used to capture personal details and so allow confidential assets to be accessed. To counter these threats, organizations should put controls in place that make it difficult for attackers to access or damage assets. It is also important to raise awareness of cybersecurity issues so that people know why these controls are important and so are less likely to reveal information to an attacker. Examples of controls that may be used are authentication, where users of a system have to show that they are authorized to access the system. The familiar login/password approach to authentication is a universally used but rather weak control. However, to deal with problems, a user or system operator may have to take the initiative and take actions that are normally carried out by someone with a higher level of privilege. For example, the system manager of a medical system may not normally be allowed to change the access rights of medical staff to records. For security reasons,
access permissions have to be formally authorized, and two people need to be involved in making the change. This reduces the chances of system managers colluding with attackers and allowing access to confidential medical information. Now, imagine that the system manager notices that a logged-in user is accessing a large number of records outside of normal working hours. The manager suspects that an account has been compromised and that the user accessing the records is not actually the authorized user. To limit the damage, the user’s access rights should be removed and a check then made with the authorized user to see if the accesses were actually illegal. However, the security procedures limiting the rights of system managers to change users’ permissions make this impossible. Therefore, the audit trail of emergency actions can be used to check that a system manager’s actions were justified. Of course, there is scope for misuse here, and the existence of an emergency mode is itself a potential vulnerability. Therefore, organizations have to trade off possible losses against the benefits of adding more features to a system to support resilience.
REFERENCES Aiello, B., and L. Sachs. 2011. Configuration Management Best Practices. Boston: Addison- Wesley. Bamford, R., and W. J. Deibler. 2003. “ISO 9001:2000 for Software and Systems Providers: An Engineering Approach.” Boca Raton, FL: CRC Press. Loeliger, J., and M. McCullough. 2012. Version Control with Git: Powerful Tools and Techniques for Collaborative Software Development. Sebastopol, CA: O’Reilly and Associates. https://sites.google.com/a/pvlearners.net/futuremirzasmail/part-two https://online.maryville.edu/blog/future-software-engineering/ https://insights.stackoverflow.com/survey/2018/ https://dinus.ac.id/repository/docs/ajar/Sommerville-Software-Engineering-10ed.pdf

Recommended

Eileen Presentation
Eileen PresentationEileen Presentation
Eileen Presentationjc06442n
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
Christopher Daza
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.com
PrescottLunt386
 
What is WebSense?
What is WebSense?What is WebSense?
What is WebSense?
touchdown777a
 
Ass3201 cyber securityassignment
Ass3201 cyber securityassignmentAss3201 cyber securityassignment
Ass3201 cyber securityassignment
harinathinfotech
 
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET Journal
 
How can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data lossesHow can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data losses
Abhishek BV
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of Mobility
Booz Allen Hamilton
 

Recommended

Eileen Presentation
Eileen PresentationEileen Presentation
Eileen Presentationjc06442n
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
Christopher Daza
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.com
PrescottLunt386
 
What is WebSense?
What is WebSense?What is WebSense?
What is WebSense?
touchdown777a
 
Ass3201 cyber securityassignment
Ass3201 cyber securityassignmentAss3201 cyber securityassignment
Ass3201 cyber securityassignment
harinathinfotech
 
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET Journal
 
How can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data lossesHow can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data losses
Abhishek BV
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of Mobility
Booz Allen Hamilton
 
The Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent ThemThe Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent ThemEnterprise Technology Management (ETM)
 
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONSENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
IJMIT JOURNAL
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
DMIMarketing
 
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
DMI
 
Cst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.comCst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.com
amaranthbeg53
 
Research challenges and issues in web security
Research challenges and issues in web securityResearch challenges and issues in web security
Research challenges and issues in web security
IAEME Publication
 
Mapping Application Security to Business Value - Redspin Information Security
Mapping Application Security to Business Value - Redspin Information SecurityMapping Application Security to Business Value - Redspin Information Security
Mapping Application Security to Business Value - Redspin Information Security
Redspin, Inc.
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
AlienVault
 
edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019)
Eoin Keary
 
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
IJNSA Journal
 
Ultimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSecUltimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSecJessica Lavery Pozerski
 
N018138696
N018138696N018138696
N018138696
IOSR Journals
 
ultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracodeultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracodeSean Varga
 
Cyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comCyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.com
Baileyaby
 
Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011
Redspin, Inc.
 
Ethical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxEthical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docx
GogoOmolloFrancis
 
SYSTEM CONFIGURATION TOOLS
SYSTEM CONFIGURATION TOOLSSYSTEM CONFIGURATION TOOLS
SYSTEM CONFIGURATION TOOLS
ArArSavidad
 
Causes And Consequences Of Data Leakage
Causes And Consequences Of Data LeakageCauses And Consequences Of Data Leakage
Causes And Consequences Of Data Leakage
Patty Buckley
 
Cyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the follCyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the foll
AISHA232980
 
Information Security And The Healthcare
Information Security And The HealthcareInformation Security And The Healthcare
Information Security And The Healthcare
Tracy Berry
 
Cst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.comCst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.com
amaranthbeg93
 
Cst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.comCst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.com
amaranthbeg73
 

More Related Content

What's hot

ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONSENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
IJMIT JOURNAL
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
DMIMarketing
 
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
DMI
 
Cst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.comCst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.com
amaranthbeg53
 
Research challenges and issues in web security
Research challenges and issues in web securityResearch challenges and issues in web security
Research challenges and issues in web security
IAEME Publication
 
Mapping Application Security to Business Value - Redspin Information Security
Mapping Application Security to Business Value - Redspin Information SecurityMapping Application Security to Business Value - Redspin Information Security
Mapping Application Security to Business Value - Redspin Information Security
Redspin, Inc.
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
AlienVault
 
edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019)
Eoin Keary
 
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
IJNSA Journal
 
Ultimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSecUltimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSecJessica Lavery Pozerski
 
N018138696
N018138696N018138696
N018138696
IOSR Journals
 
ultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracodeultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracodeSean Varga
 
Cyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comCyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.com
Baileyaby
 
Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011
Redspin, Inc.
 

What's hot (15)

The Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent ThemThe Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent Them
 
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONSENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
ENGINEERING LIFE CYCLE ENABLES PENETRATION TESTING AND CYBER OPERATIONS
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
 
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
 
Cst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.comCst 610 Motivated Minds/newtonhelp.com
Cst 610 Motivated Minds/newtonhelp.com
 
Research challenges and issues in web security
Research challenges and issues in web securityResearch challenges and issues in web security
Research challenges and issues in web security
 
Mapping Application Security to Business Value - Redspin Information Security
Mapping Application Security to Business Value - Redspin Information SecurityMapping Application Security to Business Value - Redspin Information Security
Mapping Application Security to Business Value - Redspin Information Security
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
 
edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019)
 
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
 
Ultimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSecUltimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSec
 
N018138696
N018138696N018138696
N018138696
 
ultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracodeultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracode
 
Cyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.comCyb 610 Enhance teaching / snaptutorial.com
Cyb 610 Enhance teaching / snaptutorial.com
 
Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011
 

Similar to WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)

Ethical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxEthical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docx
GogoOmolloFrancis
 
SYSTEM CONFIGURATION TOOLS
SYSTEM CONFIGURATION TOOLSSYSTEM CONFIGURATION TOOLS
SYSTEM CONFIGURATION TOOLS
ArArSavidad
 
Causes And Consequences Of Data Leakage
Causes And Consequences Of Data LeakageCauses And Consequences Of Data Leakage
Causes And Consequences Of Data Leakage
Patty Buckley
 
Cyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the follCyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the foll
AISHA232980
 
Information Security And The Healthcare
Information Security And The HealthcareInformation Security And The Healthcare
Information Security And The Healthcare
Tracy Berry
 
Cst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.comCst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.com
amaranthbeg93
 
Cst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.comCst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.com
amaranthbeg73
 
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
IJNSA Journal
 
Designing Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree ModelingDesigning Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree Modeling
ijtsrd
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
wkyra78
 
CST 610 RANK Remember Education--cst610rank.com
CST 610 RANK Remember Education--cst610rank.comCST 610 RANK Remember Education--cst610rank.com
CST 610 RANK Remember Education--cst610rank.com
chrysanthemu49
 
CST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.comCST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.com
kopiko146
 
CST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.comCST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.com
agathachristie265
 
CST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.comCST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.com
VSNaipaul15
 
CST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.comCST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.com
agathachristie112
 
CST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.comCST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.com
KeatonJennings104
 
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docxRisk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
malbert5
 
Csec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.comCsec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.com
PrescottLunt384
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting Reputations
Cognizant
 

Similar to WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY) (20)

Ethical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxEthical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docx
 
SYSTEM CONFIGURATION TOOLS
SYSTEM CONFIGURATION TOOLSSYSTEM CONFIGURATION TOOLS
SYSTEM CONFIGURATION TOOLS
 
Causes And Consequences Of Data Leakage
Causes And Consequences Of Data LeakageCauses And Consequences Of Data Leakage
Causes And Consequences Of Data Leakage
 
Cyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the follCyb 690 cybersecurity program template directions the foll
Cyb 690 cybersecurity program template directions the foll
 
Information Security And The Healthcare
Information Security And The HealthcareInformation Security And The Healthcare
Information Security And The Healthcare
 
Cst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.comCst 610 Your world/newtonhelp.com
Cst 610 Your world/newtonhelp.com
 
Cst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.comCst 610 Education is Power/newtonhelp.com
Cst 610 Education is Power/newtonhelp.com
 
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
 
Research Paper
Research PaperResearch Paper
Research Paper
 
Designing Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree ModelingDesigning Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree Modeling
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
 
CST 610 RANK Remember Education--cst610rank.com
CST 610 RANK Remember Education--cst610rank.comCST 610 RANK Remember Education--cst610rank.com
CST 610 RANK Remember Education--cst610rank.com
 
CST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.comCST 610 RANK Achievement Education--cst610rank.com
CST 610 RANK Achievement Education--cst610rank.com
 
CST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.comCST 610 RANK Introduction Education--cst610rank.com
CST 610 RANK Introduction Education--cst610rank.com
 
CST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.comCST 610 RANK Educational Specialist--cst610rank.com
CST 610 RANK Educational Specialist--cst610rank.com
 
CST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.comCST 610 RANK Become Exceptional--cst610rank.com
CST 610 RANK Become Exceptional--cst610rank.com
 
CST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.comCST 610 RANK Inspiring Innovation--cst610rank.com
CST 610 RANK Inspiring Innovation--cst610rank.com
 
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docxRisk and Threat Assessment Report Anthony WolfBSA 5.docx
Risk and Threat Assessment Report Anthony WolfBSA 5.docx
 
Csec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.comCsec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.com
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting Reputations
 

Recently uploaded

ML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptxML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptx
Vijay Dialani, PhD
 
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
MdTanvirMahtab2
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
JoytuBarua2
 
MCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdfMCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdf
Osamah Alsalih
 
Gen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdfGen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdf
gdsczhcet
 
Railway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdfRailway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdf
TeeVichai
 
Water Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation and Control Monthly - May 2024.pdfWater Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation & Control
 
Investor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptxInvestor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptx
AmarGB2
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234
AafreenAbuthahir2
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
Massimo Talia
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Sreedhar Chowdam
 
Student information management system project report ii.pdf
Student information management system project report ii.pdfStudent information management system project report ii.pdf
Student information management system project report ii.pdf
Kamal Acharya
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
Robbie Edward Sayers
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdf
Kamal Acharya
 
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxCFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
R&R Consult
 
DESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docxDESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docx
FluxPrime1
 
Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
Neometrix_Engineering_Pvt_Ltd
 
CME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional ElectiveCME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional Elective
karthi keyan
 
Architectural Portfolio Sean Lockwood
Architectural Portfolio Sean LockwoodArchitectural Portfolio Sean Lockwood
Architectural Portfolio Sean Lockwood
seandesed
 
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdfGoverning Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
WENKENLI1
 

Recently uploaded (20)

ML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptxML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptx
 
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
 
MCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdfMCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdf
 
Gen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdfGen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdf
 
Railway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdfRailway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdf
 
Water Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation and Control Monthly - May 2024.pdfWater Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation and Control Monthly - May 2024.pdf
 
Investor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptxInvestor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptx
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
 
Student information management system project report ii.pdf
Student information management system project report ii.pdfStudent information management system project report ii.pdf
Student information management system project report ii.pdf
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdf
 
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxCFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
 
DESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docxDESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docx
 
Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
 
CME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional ElectiveCME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional Elective
 
Architectural Portfolio Sean Lockwood
Architectural Portfolio Sean LockwoodArchitectural Portfolio Sean Lockwood
Architectural Portfolio Sean Lockwood
 
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdfGoverning Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
 

WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)

  • 1. SOFTWARE ENGINEERING (CYBERSECURITY) By : CHRISTOPHER ANTONIUS 20181100007 STUDY PROGRAM SOFTWARE ENGINEERING FACULTY OF SCIENCE AND TECHNOLOGY UNIVERSITAS BUDDHI DHARMA
  • 2. SOFTWARE ENGINEERING (CYBERSECURITY) Software engineering is the study of and practice of engineering to build, design, develop, maintain, and retire software. There are different areas of software engineering and it serves many functions throughout the application lifecycle. Effective software engineering requires software engineers to be educated about good software engineering best practices, disciplined and cognizant of how your company develops software, the operation it will fulfill, and how it will be maintained. According to StackOverflow Survey 2018, software engineers are lifelong learners; almost 90% of all developers say they have taught themselves a new language, framework, or tool outside of their formal education. Businesses are increasingly shifting their operations toward automation. This means that machines and computer software will handle more types of repetitive tasks, freeing up people to leverage their creativity. Most companies and organizations rely on websites, apps, or computer-based software to keep their businesses running and successful. Responding to constant competition and advancements, software engineers build programs, make improvements, and adjust code to maintain agility and usefulness. Software engineering is important because specific software is needed in almost every industry, in every business, and for every function. It becomes more important as
  • 3. time goes on – if something breaks within your application portfolio, a quick, efficient, and effective fix needs to happen as soon as possible. Software engineering is an engineering discipline that is concerned with all aspects of software production from the early stages of system specification through to maintaining the system after it has gone into use (Ian Sommerville, 2016). Software engineering is essential for the functioning of government, society, and national and international businesses and institutions. We can’t run the modern world without software. National infrastructures and utilities are controlled by computer-based systems, and most electrical products include a computer and controlling software. Industrial manufacturing and distribution is completely computerized, as is the financial system. Entertainment, including the music industry, computer games, and film and television, is software-intensive. Many people think that software is simply another word for computer programs. However, when we are talking about software engineering, software is not just the programs themselves but also all associated documentation, libraries, support websites, and configuration data that are needed to make these programs useful. A professionally developed software system is often more than a single program. A system may consist of several separate programs and configuration files that are used to set up these programs. It may include system documentation, which describes the
  • 4. structure of the system, user documentation, which explains how to use the system, and websites for users to download recent product information. Maintaining the security of our networked infrastructure and government, business, and personal computer systems is one of the most significant problems facing our society. The ubiquity of the Internet and our dependence on computer systems have created new criminal opportunities for theft and social disruption. It is very difficult to measure the losses due to cybercrime. However, in 2013, it was estimated that losses to the global economy due to cybercrime were between $100 billion and $500 billion (InfoSecurity 2013). Cybersecurity is concerned with all of an organization’s IT assets from networks through to application systems. The vast majority of these assets are externally procured, and companies do not understand their detailed operation. Systems such as web browsers are large and complex programs, and inevitably they contain bugs that can be a source of vulnerability. The different systems in an organization are related to each other in many different ways. They may be stored on the same disk, share data, rely on common operating systems components, and so on. The organizational “system of systems” is incredibly complex. It is impossible to ensure that it is free of security vulnerabilities. Consequently, you should generally assume that your systems are vulnerable to cyberattack and that, at some stage, a cyberattack is likely to occur.
  • 5. A successful cyberattack can have very serious financial consequences for businesses, so it is essential that attacks are contained and losses minimized. Effective resilience engineering at the organizational and systems levels can repel attacks and bring systems back into operation quickly and so limit the losses incurred. These are not independent threat classes. An attacker may compromise the integrity of a user’s system by introducing malware, such as a botnet component. This may then be invoked remotely as part of a distributed denial-of-service attack on another system. Other types of malware may be used to capture personal details and so allow confidential assets to be accessed. To counter these threats, organizations should put controls in place that make it difficult for attackers to access or damage assets. It is also important to raise awareness of cybersecurity issues so that people know why these controls are important and so are less likely to reveal information to an attacker. Examples of controls that may be used are authentication, where users of a system have to show that they are authorized to access the system. The familiar login/password approach to authentication is a universally used but rather weak control. However, to deal with problems, a user or system operator may have to take the initiative and take actions that are normally carried out by someone with a higher level of privilege. For example, the system manager of a medical system may not normally be allowed to change the access rights of medical staff to records. For security reasons,
  • 6. access permissions have to be formally authorized, and two people need to be involved in making the change. This reduces the chances of system managers colluding with attackers and allowing access to confidential medical information. Now, imagine that the system manager notices that a logged-in user is accessing a large number of records outside of normal working hours. The manager suspects that an account has been compromised and that the user accessing the records is not actually the authorized user. To limit the damage, the user’s access rights should be removed and a check then made with the authorized user to see if the accesses were actually illegal. However, the security procedures limiting the rights of system managers to change users’ permissions make this impossible. Therefore, the audit trail of emergency actions can be used to check that a system manager’s actions were justified. Of course, there is scope for misuse here, and the existence of an emergency mode is itself a potential vulnerability. Therefore, organizations have to trade off possible losses against the benefits of adding more features to a system to support resilience.
  • 7. REFERENCES Aiello, B., and L. Sachs. 2011. Configuration Management Best Practices. Boston: Addison- Wesley. Bamford, R., and W. J. Deibler. 2003. “ISO 9001:2000 for Software and Systems Providers: An Engineering Approach.” Boca Raton, FL: CRC Press. Loeliger, J., and M. McCullough. 2012. Version Control with Git: Powerful Tools and Techniques for Collaborative Software Development. Sebastopol, CA: O’Reilly and Associates. https://sites.google.com/a/pvlearners.net/futuremirzasmail/part-two https://online.maryville.edu/blog/future-software-engineering/ https://insights.stackoverflow.com/survey/2018/ https://dinus.ac.id/repository/docs/ajar/Sommerville-Software-Engineering-10ed.pdf