CSEC 610 Individual Assignment
CSEC 610, University of Maryland University College
July 12, 2014
Cybersecurity Vulnerabilities Facing IT Managers
Cybersecurity Vulnerabilities Facing IT Managers
Table of Contents
Introduction ………………………………………………………………………………………………………………… 3
Types of Vulnerabilities ………………………………………………………………………………………………. 5
Important Vulnerability, Impact & Solutions ……………………………………………………………….. 8
References …………………………………………………………………………………………………………………… 12
Cyber-security demands are ever increasing in the field of Information Technology with the globalization of the internet. Disruptions due to cyber-attacks are affecting the economy, costing companies billions of dollars each year in lost revenue. To counter this problem corporations are spending more and more on infrastructure and investing to secure the cyber security vulnerabilities which range anywhere from software to hardware to networks and people that use them. Due to the complexity of information systems that interact with each other and their counter parts, the requirement to meet specific cyber security compliances have become a challenging issues for security professionals worldwide. To help with these issues, security professionals have created different standards and frameworks over the years for addressing this growing concern of vulnerabilities within enterprise systems and the critical information they hold (“Critical Security Controls,” n.d.).
Before we get into the details let first examine what exactly is a security vulnerability. By definition a security vulnerability can be flaws in hardware, software, networks or the employees that use them which in turn can allow hackers to compromise the confidentiality, integrity and availability of the information system (“Common Cybersecurity,” 2011). To thoroughly discuss this topic in more detail I will first discuss Confidentiality as it is one of the three main goals of IT Security. Confidentiality is as simple as it sounds, limiting
July 12, 2014
Cybersecurity Vulnerabilities Facing IT Managers
Cybersecurity Vulnerabilities Facing IT Managers
Table of Contents
Introduction ………………………………………………………………………………………………………………… 3
Types of Vulnerabilities ………………………………………………………………………………………………. 5
Important Vulnerability, Impact & Solutions ……………………………………………………………….. 8
References …………………………………………………………………………………………………………………… 12
Cyber-security demands are ever increasing in the field of Information Technology with the globalization of the internet. Disruptions due to cyber-attacks are affecting the economy, costing companies billions of dollars each year in lost revenue. To counter this problem corporations are spending more and more on infrastructure and investing to secure the cyber security vulnerabilities which range anywhere from software to hardware to networks and people that use them. Due to the complexity of information systems that interact with each other and their counter parts, the requirement to meet specific cyber security compliances have become a challenging issues for security professionals worldwide. To help with these issues, security professionals have created different standards and frameworks over the years for addressing this growing concern of vulnerabilities within enterprise systems and the critical information they hold (“Critical Security Controls,” n.d.).
Before we get into the details let first examine what exactly is a security vulnerability. By definition a security vulnerability can be flaws in hardware, software, networks or the employees that use them which in turn can allow hackers to compromise the confidentiality, integrity and availability of the information system (“Common Cybersecurity,” 2011). To thoroughly discuss this topic in more detail I will first discuss Confidentiality as it is one of the three main goals of IT Security. Confidentiality is as simple as it sounds, limiting
References: Fonseca, J., Seixas, N., Viera, M., & Madeira, H. (2014). Analysis of Field Data on Web Security Vulnerabilities. IEEE Transaction on Dependable & Secure Computing, 11(2), 89-100 doi:10.1109/TDSC.2013.37 Russon, M Critical Security Controls. (n.d.). SANS Institute -. Retrieved July 12, 2014, from http://www.sans.org/critical-security-controls Ahlers, M Hobson, D. (2008, August 8). The real cost of a security breach. SC Magazine. Retrieved July 13, 2014, from http://www.scmagazine.com/the-real-cost-of-a-security-breach/article/113717/ Direct, M Rouse, M. (2007, May 1). DMZ (demilitarized zone). What is ?. Retrieved July 13, 2014, from http://searchsecurity.techtarget.com/definition/DMZ Shaffer, M