Computer Sciences and Information Technology
Topic:
Cybersecurity Background Summary
My organization assigned to me has changed. It is now Boeing. I have included the information on it below:
Company facts: Boeing, a global aerospace company, manufactures commercial jetliners and defense, space, and security systems for the United States and clients worldwide. The company employs about 160,000 workers and had an annualrevenue in 2015 of just over $96.11 billion.
Leadership: Dennis A. Muilenburg is the chairman, president and CEO.
Mission/vision: “People working together as a global enterprise for aerospace industry leadership.”
The breach: Boeing has had repeated incidences of cyber attacks, but in a recent case, a Chinese citizen and aviation technology company owner, Su Bin, was arrested June 28, 2014, in British Columbia for allegedly conspiring withtwo others to steal military-related information from US defense contractors, including Boeing. Federal prosecutors alleged at the time that the two others were affiliated with several organizations in China and do surveillance work and intelligenceoutside of China to avoid “diplomatic and legal complications,” according to the criminal complaint, which said Su was helping the two others since 2009. A 2016 report from a Canadian newspaper said that according to court documents, the allegedco-conspirators were Chinese soldiers, but it was unclear whether the Chinese government was behind the activity.
6 Jul 2019 19:24
6 Jul 2019 16:04
In Step 1, you familiarized yourself with your assigned organization (**my organization **). Now it is time to write a cybersecurity overview. Write a three-page background summary that includes a general overview of cybersecurity and a section on enterprise cybersecurity.
Please include the following items in your general overview of cybersecurity:
Compare and contrast cybersecurity and computer security.
Discuss Data flows across networks. (Review Bits and Bytes, Non-Textual Data, Evolution of Communication systems, Computer Networks, Network Devices & Cables and Network Protocols if you do not already have a working understanding of these topics.)
Discuss basic cybersecurity concepts and vulnerabilities, including flaws that can exist in software. (Review Systems Software, Application Software, Software Interaction and Programming if you do not already have a working understanding of these topics.)
Discuss common cybersecurity attacks. (Review A Closer Look at the Web and Web Markup Language if you do not already have a working understanding of these topics.)
Discuss penetration testing.
Discuss how to employ Network forensic analysis tools (NFAT) to identify software communications vulnerabilities.
Please include the following items in your enterprise cybersecurity section:
List and discuss the major concepts of enterprise cybersecurity.
Discuss the principles that underlie the development of an enterprise cybersecurity policy framework and implementation plan.
List the major types of cybersecurity threats that a modern enterprise might face.
General Overview of Cyber-Security
Comparison between Computer Security and Cyber Security
Though computer security is related to cyber security, the two refer to different terms. Generally, computer security refers to the overall security of various computer hardware and software components, as the data backed up in the computer. The security elements of a computer in this case refer to activities such as regular update of the software. Though there might be a set of machines involved, none of them would be connected to each other but their security would be managed individually (Parrondo, 2014). Compared to computer security, cyber security is a bit more complicated and covers a wide and complex field. Cyber security deals with ll types of threats that are caused through the cyber both online and offline (Parrondo, 2014). As such, cyber security deals with securing all machines whose communication is over a network by using tools such as firewalls, antivirus softwares, IDS, IPS, among others.
Data flows across networks
Transfer of data from one medium to another is usually a gradual process that undergoes through a series of steps, where each step has its own significance. This data is often transferred through a physical medium or wires that carry the data as electrical voltages. Using various encryption tools, the details firs encrypted before transmission so that intruders would not be able to decode the message being transmitted even if they intercept this data (Parrondo, 2014). Using the same codes o set of rules that were used in the encryption process, the data is then decrypted one’s it gets to its intended destination or target (Parrondo, 2014). The fact that here is a common set of rules or protocol that is applied by all computers or network devices globally makes this data transmission process easy and smooth to execute.
Basic Cybersecurity Concepts and Vulnerabilities
The process of developing a given software is not always perfect especially given the fact that the implementation of such projects is often done on very tight schedules or deadlines, a factor that can contributes to the development of flaws within these products. These flaws later become vulnerabilities as cyber criminals often take advantage of them to launch attacks into a given organizations database through various cybersecurity attack techniques. Once the attackers identify the location of these flaws, they are able to develop programs that can capitalize on them so as to obtain access into their targets database. To overcome these challenge, software developers are regularly reviewing their products to identify any potential flaws or vulnerabilities that cybercriminals could capitalize on (Dudorov, Stupples & Newby, 2013). This explains why most product developers are regularly giving security updates on their products so as to seal any existing flaws and ensure that their products are not vulnerable to cyber security breaches.
Common Cyber-security Attacks
Cyber criminals apply different cyber security attacks techniques to conduct their crimes with the most common one being the use of malwares, phishing, Man-in-the-middle attacks, Denial-of-service attack, and SQL injection, among others (Dudorov, Stupples & Newby, 2013). Malware attacks refer to using malicious software to launch an attack on a given vulnerability that the attacks had identified on the system. Phishing attacks are often executed through emails where the attacker sends many malicious emails to unsuspecting receipts or targets with the aim of install a malware into their devices which would then allow them to steal sensitive information (Dudorov, Stupples & Newby, 2013).
A Man-in-the-middle attack occurs when an attacker penetrates digital transmission channel so that they are able to steal the information flowing through it especially if this information is not encrypted (Dudorov, Stupples & Newby, 2013). Other common types of attack technique is the denial-of-service attack where the attackers flood a given system or network with a lot of traffic with the intention of exhausting most of its bandwidth or resources so that it is unable to complete legitimate requests (Dudorov, Stupples & Newby, 2013). This allows the attacks to launch attacks because the system becomes vulnerable once it is unable to fulfill some of its requests. In severs that apply SQL language, sometime attackers may insert some malicious codes into the server, which then forces this server expose or revel information that would be easily retrieved on a normally (Dudorov, Stupples & Newby, 2013). Because of the diverse nature of these cyber attacks, it is always advisable that system administrators to regularly conduct system updates ad inspections so as to prevent potential cyber attacks and identify vulnerabilities early enough before any serious attacks can be launched.
Penetration testing
Penetration testing, also known as ethical hacking involves testing a given computer system or network with the aim of identifying any existing security vulnerabilities that might be exploited by an attacker (Bassam, & Deborah, 2010). The findings of this stud are the recoded and reported as the findings. The aim of conducting this test is to identify any potential weaknesses in an organization’s computer system or network so that appropriate action can be taken to seal these flaws thus preventing a real attack from happening (Bassam, & Deborah, 2010).
Employing NFAT to Identify Software Communications Vulnerabilities
All originations are required to put in place measures that ensure that there is a clear network security policy so as to protect its systems but in situations where an organization polices are violated through vulnerable attacks, and then a forensic audit plays a very important role. The evidence obtain from this computer forensic audit plays a very crucial in ensuring that the investigation team can identify the flaws or vulnerabilities that the attackers capitalized on (Dudorov, Stupples & Newby, 2013). Today there are many tools that have been established to carry out these computer forensics audits with Distributed Network Attack (DNA) being a common tool (Dudorov, Stupples & Newby, 2013). Such tools are crucial in helping an organization understand the nature of their weakness and put in place measures that guard against future computer system or network breach.
Enterprise Cyber-security
The Major Concepts of Enterprise Cybersecurity
Modern enterprises like Boeing are faced with numerous cyber security threats that could have a huge negative impact on them if such attacks succeed. Among the most common cyber security threats facing modern enterprises are Malware attacks where malicious software s used to launch an attack on a given vulnerability that the attacks had identified on the system (Dudorov, Stupples & Newby, 2013). In addition, Phishing attacks are often executed through emails where the attacker sends many malicious emails to unsuspecting receipts or targets with the aim of install a malware into their devices which would then allow them to steal sensitive information (Dudorov, Stupples & Newby, 2013). Inside threats have also become too common where unhappy employees give confidential informational an organization to an attacker with the intention of causing harm to the organization. Such it is always advisable to revoke the credentials of employees who have left an enterprise and also make regular password changes to prevent insider attacks from happening (Dudorov, Stupples & Newby, 2013).
References
Bassam, S. F., & Deborah, L. F. (2010). Cyber security framework for enterprise system development: Enhancing domain security through ESM. 2010 – Milcom 2010 Military Communications Conference. doi:10.1109/milcom.2010.5679589
Dudorov, D., Stupples, D., & Newby, M. (2013). Probability Analysis of Cyber Attack Paths against Business and Commercial Enterprise Systems. 2013 European Intelligence and Security Informatics Conference. doi:10.1109/eisic.2013.13
Parrondo, L. (2014). Industrial Cyber Security Solutions for the Connected Enterprise. IET Seminar on Cyber Security for Industrial Control Systems. doi:10.1049/ic.2014.0012