The Growing Threat of Cyber Attacks

A cyber attack comprises of the offensive activity faced bystates, nation, individuals and organizations in which there is an illegal attack on the computer systems for gaining access to confidential information (Raiyn 2014). It is usually being done by malicious acts that have its origin in an anonymous source that alters, steals and destroys particular targets by hacking or illegitimate entry. The cyber crime is a growing industry in which the criminals have become more organized as well as grown in number (Pipyros et al. 2014). The number of cyber attacks across major industries in the global market place has increased by around 40% in the year 2017 (Ben-Asher and Gonzalez  2015). This is considered as the biggest rise in the last 12 years and poses concern for the senior management of the organizations. There are various kinds of cyber attacks being employed by the hackers such as installation of spyware on PC to the hacking mechanisms being employed by a third party. There is a rise of the cyber-terrorism in which the cyber hackers not only attack the organizations, but they also attack the national resources at large.

This report would analyze the different aspects of the cyber resilience policy and how it can be integrated with the aspect of cyber security. The integration of the resilience protocols and the cyber security aspects would be discussed. This should be linked to the enhanced business performance of the organization. This report would be given to the board members so that they can review and evaluate the various recommendations made.

The organizations are increasingly becoming vulnerable to the increasing risk of cyber attacks. Research shows that an increasing number of cyber attacks are targeted towards the intellectual property (Yampolskiy et al. 2014). There has been a 56% rise of the intellectual property hacks and financial sector has faced an increasingly number of security challenges. Experts have observed a significant advancement in the quantity as well as quality of cyber threats (Ben-Asher and Gonzalez  2015). There have been deployment of advanced methods of cyber hacking. The attackers are using advanced technologies such as DDOS (Distributed Denia-of-Service) attacks, payment methods, sale of email addresses and employing digital intervention in stealing vital information (Raghavan and Raghavan 2015). They are also using recent payment methods such as bitcoins which is a digital currency so that they can keep on doing the illegal transactions.

The attackers usually either choose active attacks or passive attacks for intruding into the cyber framework of the organizations (Uma and Padmavathi 2013). The active attacks are considered to have dangerous impact as the hackers make changes to the computer systems, intercept the various data, make modification to computer systems, send messages from the network (Ben-Asher and Gonzalez  2015). They imply denial of service (DOS) attack, which usually gains access to the systems and subsequently lock the authorized users and prevents them from accessing the system (Kolini and Janczewski 2015). The passive attacks are common these days when a program searches for vulnerabilities in the system and gains entry when a similar kind is found.These kind of vulnerabilities can be active versions of old plug-in, open ports or any kind of vulnerable plugins ().The passive attacks comprises of the attacks of chance, in which a program performs passive scan on the web for any kind of open ports and subsequently gains access from it.Business entities are giving utmost importance to the cyber security and they consider the IT security as one of the most competitive factor. The

Analyzing Cyber Resilience Policy and its Integration with Cyber Security

The organizations are monitoring the data analytics and using it to handle the cyber criminals in a better manner. The analysis of the big data helps in the detection of an unfortunate incident (Erl Khattak and Buhler 2016). The traditional business security has started to lose its significance as there is new wireless technology that gives enhanced connectivity and greater risks for the business entities. The globaleconomy is dependant more on the information and data through cyberspace. There is a variety of sensitive information which are stored in the company soft copies such as passcodes, employee social security numbers and others (Ben-Asher and Gonzalez  2015). The problem of cyber security is not limited to the private sectors but the government bodies are also devising measures for fighting the cyber invasions from both the domestic as well as international markets. The loss of digital assets means great loss to the organizational productivity and hence they are undertaking all possible measures to address the issue.

The cyber security should be seamless and thorough in the organization which would satisfy the organizational requirements (Fahad et al. 2014). The computer networks are the primary target areas of the individuals and hence they are important to be protected. If the organizations implement high number of cyber security measures, then their confidential documents would be protected (Erl Khattak and Buhler 2016). There are low chances of security breaches if there is a robust IT security framework in the organization.

There are times when the cyber crimes go undetected, especially in the cases of industrial espionage, in which the unlawful access to the confidential data are not detected in the business systems. The technological innovation has posed several online dangers to the organizations (Erl Khattak and Buhler 2016). The migration of the organizational data to the “third-party” cloud providers has led to greater data centralization, in which there are several opportunities for the cyber criminals to gain critical information by performing a single attack (Ablon Libicki and Golay 2014). The modern day technological advancements has led to collection as well as analysis of big data, which has created for more security networks for IT managers. The opening of the big data would mean that there would be disclose about company confidential information including the customer details. There is an ongoing proliferation of the mobiles services, that has presented more number of security threats and hence the organizations are gearing up their cyber security measures.

Basic Cyber Security Protocols

The cyber security is one of the most important tasks of the organizations and they need to devise suitable policies for addressing the same. The internet security is considered as one of the most important part of the organizations and the main aim is to exchange information from a high level of intrusion by a third party (Erl Khattak and Buhler 2016). The following are the basic cyber security protocols that should be undertaken by the organization-

The organization can opt for network segmentation which includes the classification as well as categorization of IT assets, personnel, data and personal info into particular groups, which is followed by restrictive access to these individual groups (Stallings and Tahiliani 2014). This method includes the placement of the resources into individual areas of particular networks so that one sector or device is unable to exploit the entire system. The access to the network areas should be restricted with the help of isolation tactics and by the implementation of firewalls. The firewall would be connected to the networks that access the internet and filter both incoming as well as outgoing information (Schneider et al. 2017). The number of pathways should be reduced and there should be implementation of the system protocols on the different pathways. The creation of network boundaries as well as network segments would empower the organization to implement both protective as well as detective controls (Stallings and Tahiliani 2014). This would also ensure that the organizations would be able to restrict, monitor and govern the different communication flows within the organizations.

The role based access control usually grant and prevents access to network resources based on the different job functions of the employees (Rittinghouse and Ransome 2016). This would prevent the employees from accessing files or parts of the system they should not access. The organization should strive to create a standard operating process for removing the network access of former employees (Ablon Libicki and Golay 2014). The company should implement logging capability which would allow the monitoring of the system activity. This would enable the organization to conduct root cause analysis for finding the different issue sources in the system (Stallings and Tahiliani 2014). This would also allow the monitoring of the network traffic which would help the organization to determine if some user is engaging in unauthorized actions.

The organization should use only strong passwords that would help the systems and the information to keep secure and there should be different passwords for different accounts (Stallings and Tahiliani 2014). The passwords should be formulated in such a manner that it should contain eight characters and it should contain at least one character as well as one number. The default passwords of the new software should be changed and there should be regular monitoring of the administrator accounts (Ablon Libicki and Golay 2014). There should also be implementation of password security features such as “account lock out” features, which is activated when the user enters multiple incorrect passwords. It is also advisable to consider multi-factor authentication that would entail the users for verifying their respective identities.

Conclusion

The organization should try to implement cyber security training module for the employees especially for the employees that are responsible for operating industrial control systems (Korpela 2015). There should be basic cyber security training that helps the employee to have secure online transactions and to keep the company data secure. The training should emphasis on different methods of cyber hacking and the importance of different secure internet browsing practices (Rittinghouse and Ransome 2016). If the employees visit malicious websites, their systems may be exposed to the malware infection that is embedded on the website (Ablon Libicki and Golay 2014). The cyber attackers often use a tactic in which they are aware of the fact that the employees of the company would visit a particular website. This fosters the need for organizations to exercise caution and motivate the employee to do safe internet browsing (Ablon Libicki and Golay 2014).

The development of the preventive measures of the organization should be laid down properly and there should be response plan formulated for such purpose. This response plan should be followed when there is an outbreak of security breach in the organization (Rittinghouse and Ransome 2016). The organization should incorporate intrusion detection system (IDS), logs, anti-virus software and others to detect if there is any compromises in the system (Choucri Madnick and Ferwerda 2014). The effective cyber security response plan would increase the stuff of the customers and partners and also it would reduce the recovery costs of the systems. This plan should be the result of the collaboration in between the departments of the organization.

There are certain best practices that are observed in cyber security domains. They are listed as under-

• Detection of the insider threats– The organizations are increasingly monitoring the user activity and detect any unauthorized behavior (Legg et al. 2017).
• Implementation of information security approach- The organizations are increasingly using information security strategies which are used to employ a risk based approach (Rittinghouse and Ransome 2016).
• Back up data- More and more organizations are spending their resources on back up of the important data of the organizations so that they can be retrieved when there is serious data loss (Lu et al.2015).
• Update software- It is important to update the existing software and licenses on a regular basis so that there is enhanced network protection.
• Maintain compliance- It is important tokeep the business safe and the business entities are increasingly using various compliance such as ISO. HIPAA and PCI (Kleinberg Reinicke and Cummings 2015).

It is important that the company should give utmost importance to the cyber security measures-

• They should consider forming a “Computer Security Incident Response Team (CSIRT)” that would enhance the way a cyber threat is being addressed. This team should foster the implementation of the cyber security plans into action so that the organization can handle such threats in a smooth manner.
• Develop competent team in the organization, which would help in the overall enhancement of the cyber risk handling. The employees should be made aware about the recent cyber threats so that they can handle the issue effectively.
• Regular training programs that would advise the employees about how to engage in safe online activities. The training should be subjected to both the new employees as well as the old employees.
• Implement high security of data protection as the organization data is confidential and it should not be disclosed to any third party. There should be robust anti-virus software, firewalls and malware detection tools that should be implemented by the organization.
• More involvement of the cyber security experts and the organizational executives should be involved in the process of cyber security. IT professionals should be linked with the senior management of the company so that they can pass the essential information regarding the cyber threats.
• It is important to update as well as delete the browser certificates that have already expired. The enforcement of a strong management system as well as rigorous enforcement certificate would be done as soon as the trial has been completed.

Conclusion

The cyber resilience policy is considered as one of the most important aspects of the organizations. In this modern age, data loss is often considered as a major loss for the company. This is the reason that the company should formulate effective cyber security protocols that would protect the confidential data of the organization. The formulation of cyber resilience team is important and there should be an action plan when there is a cyber attack in the organization. The organization should give adequate attention to this issue as well as allocate a lump some fund for securing the IT infrastructure of the system. This report would broaden the understanding of the cyber security and the different resilience protocols that are implemented in the organizations.

References

Ablon, L., Libicki, M.C. and Golay, A.A., 2014. Markets for cybercrime tools and stolen data: Hackers’ bazaar. Rand Corporation.

Ben-Asher, N. and Gonzalez, C., 2015. Effects of cyber security knowledge on attack detection. Computers in Human Behavior, 48, pp.51-61.

Choucri, N., Madnick, S. and Ferwerda, J., 2014. Institutions for cyber security: International responses and global imperatives. Information Technology for Development, 20(2), pp.96-121.

Erl, T., Khattak, W. and Buhler, P., 2016. Big data fundamentals: concepts, drivers & techniques. Prentice Hall

Fahad, A., Alshatri, N., Tari, Z., Alamri, A., Khalil, I., Zomaya, A.Y., Foufou, S. and Bouras, A., 2014. A survey of clustering algorithms for big data: Taxonomy and empirical analysis. IEEE transactions on emerging topics in computing, 2(3), pp.267-279.

Kleinberg, H., Reinicke, B. and Cummings, J., 2015. Cyber Security Best Practices: What to do?. Journal of Information Systems Applied Research, 8(2), p.52.

Kolini, F. and Janczewski, L.J., 2015. Cyber Defense Capability Model: A Foundation Taxonomy. In CONF-IRM (p. 32).

Korpela, K., 2015. Improving cyber security awareness and training programs with data analytics. Information Security Journal: A Global Perspective, 24(1-3), pp.72-77.

Legg, P.A., Buckley, O., Goldsmith, M. and Creese, S., 2017. Automated insider threat detection system using user and role-based profile assessment. IEEE Systems Journal, 11(2), pp.503-512.

Lu, P., Zhang, L., Liu, X., Yao, J. and Zhu, Z., 2015. Highly efficient data migration and backup for big data applications in elastic optical inter-data-center networks. IEEE Network, 29(5), pp.36-42.

Pipyros, K., Mitrou, L., Gritzalis, D. and Apostolopoulos, T., 2014, July. A cyber attack evaluation methodology. In Proc. of the 13th European Conference on Cyber Warfare and Security (pp. 264-270).

Raghavan, S. and Raghavan, S.V., 2015, October. Estimating Posterior Probabilities to Identify Breach Points during Cyber-attacks. In Cyber Security, Cyber Warfare, and Digital Forensic (CyberSec), 2015 Fourth International Conference on (pp. 113-116). IEEE.

Raiyn, J., 2014. A survey of cyber attack detection strategies. International Journal of Security and Its Applications, 8(1), pp.247-256.

Rittinghouse, J.W. and Ransome, J.F., 2016. Cloud computing: implementation, management, and security. CRC press.

Schneider, D.S., Ribet, M.B., Lipstone, L.R. and Jensen, D., Dropbox, Inc., 2017. Distributed administration of access to information and interface for same. U.S. Patent RE46,439.

Stallings, W. and Tahiliani, M.P., 2014. Cryptography and network security: principles and practice (Vol. 6). London: Pearson.

Uma, M. and Padmavathi, G., 2013. A Survey on Various Cyber Attacks and their Classification. IJ Network Security, 15(5), pp.390-396.

Yampolskiy, M., Andel, T.R., McDonald, J.T., Glisson, W.B. and Yasinsac, A., 2014, December. Intellectual property protection in additive layer manufacturing: Requirements for secure outsourcing. In Proceedings of the 4th Program Protection and Reverse Engineering Workshop (p. 7). ACM.