Implementing Cyber-Security: Best Practices at Work
Executive Summary 3
Proposed Solutions 6
Annotated Bibliography 8
Memorandum 11
References 14
Executive Summary
The internet brings forth a world of social connectivity, growth and endless innovation opportunities. These have been hastened by the advent of mobile applications and computing. The sudden surge in technology has changed the way we communicate to the way we travel. While some see the beneficial side of technology, others see an opportunity to do harm. These individuals, states or groups present a cyber-threat to anyone who uses the internet. Nothing they are involved in is new; espionage is not new and so is activism it is only that they are happening on an unprecedented scale and pace. Unlike physical threats, cyberspace is intangible, and this poses a challenge to law enforcement authorities. Corporates and individuals still do not understand the magnitude of cyber-crime unless they have been victims of the vice. Cyber-threat is a global phenomenon that affects individuals as well as originations. Organizations can face implications such as loss of intellectual property or leakage of commercial information. This report dissects the available insights on cyber-security, the effect on Australian organizations and the detection and mitigation strategies. As there is no one methodology that works on all cyber-attacks it is important for Australian organizations to keep up with the digital world, value the business data, control its access and put into place proper response measures should it be compromised. I buoyantly hope that the information presented can be of aid in the fight against cyber threats and in making critical decisions concerning cyber security.
Implementing Cyber-Security: Best Practices at Work
Problem Definition
Australian organizations have suffered a lot due to cyber- attacks. This paper looks at how the problem affects the workplace and possible solutions.
Computer hacking was once the casual mischievous hobby by enthusiasts. While some always participated as a fad, others were determined to be a nuisance to law enforcement authorities for the purpose of celebrity status. That is not the case anymore as hacking has brought with it some financial gain. Hackers have resolved to malicious attacks on networks and IT systems with criminal intent. Today it is not strange to hear that some nations are engaging in serious cyber-warfare while other countries use malware as weapons. Cyber criminals are highly organized individuals that exploit the entry loopholes into an organization's IT system. They have been guilty of launching “advanced persistent threats” at organizations with multiple sustainable attacks aimed at paralyzing organizations in the long term (Kawano, 2005). The two most common methods used are zero-day and the traditional rootkits. The zero-day technique involves a complex algorithm that enables the malware to change definition to avoid detection while rootkits suspend of the administrator rights of an organization computer. The most common zero-day technique used is phishing. This is using a fake replica of a website in order to collect important information from computer users.
Source: http://www.sizedoesntmatter.com/wp-content/uploads/cybersecurity003-1.jpg
As we have to realize physical criminals are not the only ones who are capable of coordinating members into gangs, social and political activists under alias ”hacktivists” have now taken a foothold in online activities with the sole purpose of terrorizing corporate organizations. While some pose as legitimate white hat hackers, most of them are crooks who engage in the act for personal gains. Good examples include iDefense and Anonymous, who are famous for spurring attacks on Brazil’s Government for corruption and environmental disregard likewise attacks were lodged onto the Saudi Arabian and UAE businesses for oil malpractices. Public and private institutions in Australia have not been spared by the “hacktivists” (Shin, Son, Khalil ur, & Heo, 2015). In short, the attacks have been frequent, fairly organized and deployed with precision. Nonetheless, the complexity of the attacks is getting more and more sophisticated leading to the belief that cyber-attacks are mainstream in today’s era.
Proposed Solutions
Source: http://hedgeconnection.com/blog/wp-content/uploads/2015/10/CyberSecurity.jpg
With all these Information threats at large, organizations as well as governments ought to employ solid cyber-security measures in order to defend themselves against possible breaches or cyber-attacks. In a bid to reinforce security, Australian organizations can employ the following strategies. (1) Accurate maintenance of control system devices and eliminating exposure to outside networks. Workstations in the intranet should not link with other workstations in the business directly or the internet. A cyber threat can capitalize on a pathway that exists in the business intranet through a crevice in the corporate side to exploit the whole businesses controls. Such pathways should therefore be purged, to reduce vulnerabilities to businesses. (2) Use of network segmentation and applying firewalls. Segmentation helps in grouping specific data, personnel and IT asset thereby reinforcing access restrictions. This way compromise of one component cannot translate to the failure of the entire business. The advent of the internet of things has necessitated network segregation. Firewalls, on the other hand, are software that filters inbound and outbound packets of data (Yue, 2003). Use of firewalls as a security protocol reduces the threat of compromise from an external threat. (3) Use of secure remote access methods. Remote access has increased efficiency in the workplace; however, this convenience brought can also be the source of cyber threats. For this reason, it is important to use secure channels when accessing organizations resources. One way of ensuring security is through a Virtual Private Network; these prevent hackers from tapping into information by providing a secure and encrypted channel for information sharing. (4) Enforce security policies of mobile phones. Mobile phones have become increasingly popular today, and online fraudsters have taken note and are using the devices as gates to corporate resources for espionage. Since it is in the nature of the mobile phone to communicate with external networks they increase the chances of a security breach and more so the BYOD policy (O’connell, 2012). It is, therefore, crucial that organizations enforce the use of passwords in smartphones and exercise reasonable limits to their access. (5) Using strong passwords to maintain system security. Passwords used at the workplace should be changed at the first instance of purchase of equipment and be changed regularly thereafter. Employees should also be encouraged to use a different password for different systems. Strong passwords will prevent brute-force attacks by hackers, and constant changing should prevent any insider cyber threats. (6) Implementing an employee security training program. When safeguarding critical information that is always a target for hackers, employees should be part of the defense system, if not, they can be conduits through which attacks are launched. In this regard, it is important to train employees so that the whole organization can be one unified body. While the exercise is expensive, there are general areas where general knowledge is critical. Such critical areas include phishing, downloading of infected material, visiting of unsecure websites or opening and receiving eccentric emails or phone calls.
Australian Employee Security Awareness Statistics 2014
Annotated Bibliography
White, G. B. (2011). The community cyber security maturity model. In 2011 IEEE International Conference on Technologies for Homeland Security, HST 2011 (pp. 173–178). http://doi.org/10.1109/THS.2011.6107866
In his article (White, 2011) demonstrates that many scholars have conducted research on the issue of cyber-attacks. He also maintains that the community, nation and states infrastructure nowadays are entirely dependent on computer systems, and this makes them increasingly susceptible to cyber-attacks. The fact is, most communities are well prepared for man –made and natural attacks but are very vulnerable when it comes to computer and network protection. The community cyber-security maturity model as devised by White will enable communities to evaluate their preparedness and aid in the development of a plan of action to augment security in order to better detect and prevent cyber-attacks. This source adds to the subject of cyber-attacks by providing a solution for online risk management in addition to the ordinary catastrophe management existent in many communities and countries.
Probst, C. W., Hunker, J., Gollmann, D., & Bishop, M. (2010). Insider threats in cyber security. Advances in Information Security, 49. http://doi.org/10.1007/978-1-4419-7133-3
(Probst, Hunker, Gollmann, & Bishop, 2010) make a great contribution to the technology world by introducing a cutting edge book that provides information on IT and non-IT sources of insider threats. The book is well researched in providing a multidisciplinary overview of the subject using various renowned scholars. The book is endowed with knowledge for insider threats from their motivation, monitoring to their mitigation. All the information is expressed through well-researched case studies bringing out other related topics in the process. The book is cut out for the professional audience in governmental institutions, banks, the military and anyone who is concerned with having secure cyberspace. For researchers and advanced learners, the book can also be used as a reference book. The books reliability is in the fact that it provides a different perspective on cyberspace security, one that is critical but not widely researched.
Pfleeger, S. L., & Caputo, D. D. (2012). Leveraging behavioral science to mitigate cyber security risk. Computers and Security, 31(4), 597–611. http://doi.org/10.1016/j.cose.2011.12.010
(Pfleeger & Caputo, 2012) sought to add to the plethora of cyber-security discourse from a new viewpoint. Unlike contemporary approaches that are focused on technological products and processes to curb cyber-attacks, the author necessitates the need to include human behavior during cyber –security technology. The study delves into the incorporation of human behavior into cyber-security technology to make it more effective. Two stances are undertaken one that illustrates how behavioral science leads to improvement of security technology and it how it increases the effectiveness of the same. The author also looks at the aspects of cognitive and load bias and their relevance in cyber-security. In addition, the article sheds light on the future development of behavioral science into cyber-security technology’s use. This article is important because it adds a much-needed perspective that lacked in the tackling of cyber-attacks. The online fraudsters surely have some behavioral patterns and considering these is indeed the way to go for if any solid resolve is to be found.
Riley, S. (2010). Science of Cyber-Security. Distribution, 7508(JUNE), 1–83. http://doi.org/10.13140/RG.2.1.1147.5685
According to this source Jason was hired by the Department of Defense to carry out an examination and analysis on the theory and practice of cyber security and whether a scientific approach can be embedded into its fundamentals (Riley, 2010). The Findings of the study disclose various fields of computer science that correspond to cyber security. The author puts forth strategic recommendations where cyber-security can be enhanced from a multidisciplinary perspective. Like (Pfleeger & Caputo, 2012) above who incorporates human behavior, this author constructs an entirely new attitude towards cyber security. Fusion of cyber security and computer science is set to make defenses stronger since the platform in use is computer based. Through amalgamation of two disciplines (Riley, 2010) contribution activates fortified defense mechanisms for cyber security not only in protecting information but also in tracking hackers.
Memorandum
The Work Place poses numerous avenues for hacking attacks it is important for all stakeholders to play a part in order to guard the business and its information.
In terms of system controls, the employees should use a complex password in securing the entire system files and folders. The passwords should incorporate letters, numbers, and symbols to prevent easy cracking. In order to increase their efficiency, the passwords should be changed every 30- 90 days, this is because as you work, you may find yourself sharing such information with colleagues. Employees should desist from opening strange emails because they can be spammed and send listeners throughout the business network. Employees should not Installation personal software as they may have security gaps; any installed software should first be permitted by the IT department. The IT department should encourage backup of files and office work to organization storage media and let the employees express themselves by reporting any suspicious activities on the computers.
For the management and the IT Department they should implement a layered defense strategy for the organization. This should properly coordinate the operation, organizational and technical controls. Establish clear non-contradictory policies for the organization. Technically the IT department can employ the use of firewalls and internet filtering as a defense mechanism. Getting and updating your anti-virus frequently is also recommended. The IT department should see that software patches are downloaded and applied correctly and change the default passwords for all software purchased by the company. Additionally, continuous monitoring and analysis of logs should identify any attempts and seek to fortify these areas.
In the physical sense, security by the employees and management can be enhanced by constant monitoring of individuals entering and leaving the workplace. This should be done by security personnel at the entrance in probing for reasons for visiting. Employees should report any forceful entrance such as breakage of windows and doors to the appropriate personnel. Any bags or packages at the vicinity of the workplace should not be touched and should be reported to the local police. Any information that is not needed but may be sensitive to outsiders should be shredded or destroyed.
In practicing the above system controls and physical practices, cyber-threats should be kept at bay and even if it occurs, it should be easily manageable.
References
Kawano, K. (2005). Cyber security threat management. In The IEE Seminar on Security of Distributed Control Systems, 2005. (pp. 85–91). http://doi.org/10.1109/IEE.2005.201377
O’connell, M. E. (2012). Cyber security without Cyber war. Journal of Conflict and Security Law, 17(2), 187–209. http://doi.org/10.1093/jcsl/krs017
Pfleeger, S. L., & Caputo, D. D. (2012). Leveraging behavioral science to mitigate cyber security risk. Computers and Security, 31(4), 597–611. http://doi.org/10.1016/j.cose.2011.12.010
Probst, C. W., Hunker, J., Gollmann, D., & Bishop, M. (2010). Insider threats in cyber security. Advances in Information Security, 49. http://doi.org/10.1007/978-1-4419-7133-3
Riley, S. (2010). Science of Cyber-Security. Distribution, 7508(JUNE), 1–83. http://doi.org/10.13140/RG.2.1.1147.5685
Shin, J., Son, H., Khalil ur, R., & Heo, G. (2015). Development of a cyber security risk model using Bayesian networks. Reliability Engineering & System Safety, 134, 208–217. http://doi.org/10.1016/j.ress.2014.10.006
White, G. B. (2011). The community cyber security maturity model. In 2011 IEEE International Conference on Technologies for Homeland Security, HST 2011 (pp. 173–178). http://doi.org/10.1109/THS.2011.6107866
Yue, O. (2003). Cyber security. Technology in Society, 25(4), 565–569. http://doi.org/10.1109/CIGRE.2005.1532753