Security Controls For Effective Cyber Defense - 1196 Words

The research document â€Å"United Airlines May 2015 Data Breach: Suggested Near, Mid and Long-Term Mitigating Actions Using the 20 Critical Security Controls†, was written from the view of an external security consultant â€Å"Philip G. Rynn†, and published by the SANS Institute, which is an educational organization that has the largest collection of research documents regarding information security. The paper correctly examined the United Airlines breach in May 2015 and offered near, mid and long-term actions that should be executed by the United Airlines’ senior security staff to alleviate the effects of system breaches and lessen the probability of further occurrences. The nature of the United Airlines (UA) breach was related to specific but†¦show more content†¦Also, he defined all the technical key terms that any reader could be confused with, especially with the Sakula malware. Furthermore, the author assumptions about how the attacks were related and had one common source were clearly explained and illustrated. The author s language in the paper was very easy to follow and clear to understand even if the reader has no technical background. The author was fair when weighing different sides of assumptions, without being bias or ignoring the other undesirable side. The overall logic and organization of the paper were comprehensible and easy to perceive. In my opinion, the paper made me agree with many significant aspects in connecting several data breaches that were recently happened, along with some strategy insights that could be deployed to strengthen and prevent similar incidents in the future. Starting with the introduction, the author was informative in convincing me on the important and the impact of information security not only in the public and privet sector of a country, but in general by enlightening me about cyber security, its different forms, and the reasons why attackers perform it. Then, the author goes further in clarifying the situation regarding the UA breach, even when there were some questions about the motive behind it since the compromised information is not onShow MoreRelatedCyber Defense Concerns On Global Security983 Words   |  4 PagesCyber Defense Concerns in Global Security The cyber domain crosses both physical and logical borders across the globe. No longer is every aspect of a domain clearly part of a single nation. Occurrences within cyberspace has far reaching effects. 15 million T-Mobile customer’s data stolen via Experian server compromise, massive cyberattacks on Estonia and Georgia networks (2007 and 2008 respectively), and over $1 trillion reportedly lost due to cybercrime. These are just a few concerns facingRead MoreTheu.s. Contemporary Security Environment1527 Words   |  7 Pagesof the U.S. contemporary security environment. For years, the American people have been victimized by cyber-attacks by having their personal information, emails, credit card, and banking information stolen by an invisible enemy named cyberterrorism. These types of attacks seem insignificant however; they are small examples of the vulnerabilities that our cyber world is experiencing. Our vulnerabilities are leaving our public officials in significan t danger from cyber-attacks, as they are vulnerableRead MoreCyber Warfare : The Threat Of The United State s National Security1313 Words   |  6 PagesCyber Warfare Warfare can be defined as engaging in war or conflict. There are many different categories of warfare. More commonly known types include guerilla warfare, land warfare, aerial warfare, and naval warfare. Although when war is mentioned many minds wander to these forms of warfare, there are others that are not always as obvious. A rapidly growing type of warfare is cyber warfare. Cyber warfare can be defined as attacks from other nations to tap in to or destroy any type of informationRead MoreAn Overview of the National Initiative for Cybersecurity Education995 Words   |  4 Pagesï » ¿CYBERSECURITY 4 Cybersecurity: An overview of the National Initiative for Cyber Security Education (NICE) framework for risk assessment The National Initiative for Cyber Security Education (NICE) consists of seven components that are defined as the cornerstones of modern cybersecurity: security provision; operation and maintenance; protection and defense; investigation; collection and operationalization; analyzing; and providing oversight and development. The Framework is at the core of thisRead MorePrevention / Containment Measures For Cyber Threats1406 Words   |  6 Pages1. Prevention/Containment Measures for Cyber Threats. Protecting classified documents or valuable information is very hard against any kind of cyber-terrorism, there are no universal safeguards. There is no existence of any agreement or policy to define cyber-terrorism. Threats can come from hackers, criminal group or terrorist group; governments use computers and internet to attack without knowing the victims. It is not easy to stop such attacks but not impossible to stop if following basic preventionRead MoreThe Importance Of Decision Support Strategy1706 Words   |  7 PagesA few researchers also did research into having decision support approaches for cyber security investment. When investing in cyber security assets, information security administrators have to obey operational decision-making strategies. The researchers refer to this as â€Å"the cyber security investment challenge†. In this paper, they analyze three potential decision support methodologies that security managers can use to be able to perform this challeng e. They considered methods based on game theoryRead MoreCyber Security Is A Growing Concern For Governments Around The World1296 Words   |  6 PagesGlobal Cooperation for Cyber Security Cyber Security is a growing concern for governments around the world. Cyber-attacks pose a direct threat to the security of the nations’ critical infrastructures and Information Technologies (IT) as a low-cost asymmetric warfare element. Most of these nations are aware of the vulnerability of the information technologies and the significance of protecting critical infrastructures. To counteract the threat of potentially disastrous cyber-attacks, nations’ policyRead MoreCyber Attacks, Intrusion Attacks And Network Attacks1285 Words   |  6 Pagesresponsibility of the Information Technology Security Executive. These executives will be required to implement the protocol and, software that will deter and prevent the different types of attacks that their organization faces. Some of the attacks include cyber- attacks, intrusion attacks, network attacks, and social engineering attacks. This paper will present research and comparison of methods of cyber-attacks, intrusion attacks and network attacks. Comparison of Cyber-Attacks, Intrusion Attacks, andRead MoreStrategic Objectives Of An Cyber Security Branch Is A Large Multi National Corporation That Provides Command, Control,1092 Words   |  5 PagesManTech International is a large multi-national corporation that provides Command, Control, Communications, Computers, Surveillance and Reconnaissance (C4ISR) services primarily to the United States Government. ManTech defines their mission as: â€Å"ManTech advances customer success by delivering unique best value solutions, consulting services, and technologies that meet our clients mission-critical needs—anytime and anywhere—and we create added value through quality, innovation, and partnership.†Read MoreA Report On The Cyber Security Triad1133 Words   |  5 Pagestargeted- and breached- by cyber attackers that are intent on economic theft and/or operational disruption. Just a few years ago, industrial control system (ICS) operators could never have imagi ned the malicious attacks cyber adversaries are executing DAILY. The New Reality is clear: technical sophistication of attacks can only be offset by a sound defense-in-depth approach. ICS systems thrive on availability more than confidentiality and integrity (the â€Å"Cyber Security Triad†) which enables the