UON Computer Science Emerging Threats and Counters Measures Paper

PART 1:

Chapter 10 discusses situational awareness. Much of the security efforts of the past have been centered around prevention and protection. The increasing sophistication of cyber attacks have shown that no controls are 100% effective, and some compromises do occur. There is a rising realization that in addition to considering prevention and protection, controls that address detection and response are necessary to improve security posture. Please describe how situational awareness is a driver for detection and response controls. 

A) As indicated above, describe how situational awareness is a driver for detection and response controls.  

PART 2:

Examine the effectiveness of vulnerability management programs of organizations when utilizing third party vendors for threat intel or vulnerability scanning and/or device patching.  Breach or incident reports are useful for this exercise.

Peers:

Post 1: sabaSituational Awareness is having good idea about what’s going on the current situation when services stopped working suddenly. So almost in every service all should have the idea of how things flow and business around it. If something goes wrong, we will have alerting and monitoring setup to give engineers an alert. We can consider the example of fire alarm system which gets activated when it detects the smoke. Similarly, we have certain threshold frequency to trigger an alert. It will do detection and response controls which triggers some measures to be followed in that situation. It is good to have these because we will be aware before itself i.e. knowing it after everything is done. In other words, situational awareness can be described as continuous monitoring. This is nothing but providing decision making skill to the system i.e. including AI, machine learning etc. We humans will have situational awareness in every path of our life. Similarly, situational awareness will be acting like a driver for detection and response controls to minimize the damage. Whatever the situation can be having situational awareness can impact things in a large way that can be saving our lives, preventing malfunction etc. It helps us in identifying our weak areas and improves our flexibility to face diverse problems.ReferencesDetecting Cyberattacks. (2019, November 27). Retrieved from https://www.getsmarter.com/blog/career-advice/how-…post 2:  S T BOne of the critical measures for information privacy and infrastructure safety is the measures that are implemented to provide a better security infrastructure and better safety measures for the information privacy that is available in the infrastructure.  There are many ways security measures are implemented including for the historical and known security issues as well as detecting the future possibility of security breaches through the monitoring process.One of the key ingredients for a successful security measure is clear identification of the assets of the infrastructure and their purposes for which they are established and facilitated.  They enable better security measures to be envisioned and appropriate security measures to be implemented in the first place to avoid unwanted activities on the infrastructure.  The way of implementing security measures and its enforcement is through security policies and control measures that have to be established to maintain the security of the infrastructure to allow activities to be conducted only for the purpose intended and restricted for any other activities that are nonofficial.  Comprehensive understanding of the infrastructure and its need and their security policy establishment provides the analysts better opportunity to identify lapses in the security policies, deficiencies, improvements, and other aspects that are affecting the ability of security measure to defend itself and provide better clarity on the policies to be created are modified (Onwubiko, 2012).Establishing the right to use the infrastructure for official purposes and job limitations is one of the enforcement that the security policies should establish with the access management systems that provide identity and access control mechanisms to be implemented effectively.  Limiting the possibility of any user with anticipation of wrong conduct that can happen with excessive rights provides better clarity on the ability of the user and the restrictions to be applied and allow the user to conduct the daily job responsibilities but restrict from any additional activities that are out of the boundaries of the job responsibilities.  The ability to retain the rights to the minimum in connection with the job responsibilities provide better security measures and control over all the process is conducted by each user and also record every action to validate the enforcement of security policies and their effectiveness.Another important measure for security awareness is the ability to detect an anomaly in the network activities carried out from historical values compared to the current activity to enforce and identify additional activities that are carried out that were not in the scope of the activity are Network Communications.  The ability to detect any difference in the way of daily routine happening in the network can provide initial input to words identifying an anomaly in the processing capability and information exchange process that is irregular.  This will help analyze the issue properly to identify any possible infiltration attempt that is been carried out, isolate the attempt, identify the root cause and the source, identify the people behind it are the origination of such activity and provide additional restriction measures appropriately to curb such activities and defend the network completely (Alexander Kott, 2015).References:Alexander Kott, C. W. (2015). Cyber Defense and Situational Awareness. Springer.Onwubiko, C. (2012). Situational Awareness in Computer Network Defense: Principles, Methods and Applications.IGI Global.Post 3: He SAnticipation and recognition of digital dangers lie on the association’s capacity to control and get to, screen the earth, and react to occurrences immediately. In any case, since such controls don’t ensure 100% viable, it is fundamental to upgrade security through circumstance mindfulness. Utilizing circumstance familiarity with the earth, one can convey security by reacting to risk levels recognized continuously. Circumstance mindfulness upgrades venture security through smart utilization of organization items, procedures, and work force that inside around data framework systems. 

Security mindfulness assists with comprehension and address the unpredictability of the advanced utility framework. Ensuring information against potential dangers, for example, robbery, fire, and interruption is a critical procedure in cybersecurity. Security mindfulness helps in dynamic on issues identifying with cybersecurity. Security mindfulness engages the undertaking to see, understand, and venture the identification and reaction control to present and future dangers. Situational mindfulness empowers an association to utilize time assets to precisely evaluate dangers in the digital condition and expeditiously settle on the important choice. The SA improves the checking of uncommon events inside the cybersecurity system and upgrades the utilization of an adaptable way to deal with moderate potential dangers before they happen.Basically, a circumstance mindfulness framework shares constant data about an occurrence or circumstance as it occurs. The SA gives subtleties of the episodes, area, and concerned faculty. Filling in as the basic occasion ready circumstance mindfulness assists with having any kind of effect by identifying the risk. Hence, circumstance mindfulness assists with opening the capability of cybersecurity and consequently guarantee data resources are secure. Circumstance mindfulness gives a powerful way to deal with react to current and advancing dangers.

References

Amoroso, E. G. (2013). Cyber attacks: Protecting national infrastructure. Amsterdam: Elsevier.

Harkins, M. W. (2016). Emerging Threats and Vulnerabilities: Reality and Rhetoric. In Managing Risk and Information Security. Apress: Berkeley, CA.

Jajodia, S. (2010). Cyber situational awareness: Issues and research. New York, NY: Springer.