- What are the CIA values and the applicability of each value in their respective environments (academia, commercial, government)?
Confidentiality, integrity, and availability are also known as the CIA triad, which is a set of guidelines and policies for information security in an organization. Information security is a term used to mean protecting information from modification, unauthorized access, destruction, use or disclosure. Data and systems security is critical in education, government, and business. According to Collberg (2012), the information must have the following aspects:
Confidentiality
It means that it has been preserved from unauthorized access or disclosure thus protecting an individuals or organization’s privacy.
Availability
It is important to ensure that information has reliable and timely access to authorized personnel.
Integrity
The information should be kept guarded against modification or destruction to ensure accuracy, authenticity, and non-reproduction.
- Define insider threat and why this threat method is the most difficult to mitigate
It is a malicious risk to an organization or an individual that comes from within the employees, contractors, former employees, or associates who may have access to information regarding the organization’s computer/network systems. Insider threats may lead to serious data leaks and breaches in an organization. Loss of critical data may occur due to phishing, where a malware may be introduced to the system unknowingly. However, it is difficult for organizations to prevent insider threats as they usually come from unexpected individuals. Additionally, the attacks may occur when an employee clicks on a malware inadvertently, which is quite difficult to control (Department of Homeland Security (DHS), 2014). Moreover, there are individuals who are former employees and are aware of the system structure, thus making it simple to stage a cyber-attack. However, it is essential to ensure that computer systems and data are well protected and can only be accessed by authorized individuals to reduce such attacks.
- What are the cybersecurity threats associated with cloud computing solutions?
Cloud computing technology allows access to configured computer systems that require minimal management and are usually accessed over the internet. According to Potey, Dhote, and Sharma (2013), the technology is usually exposed based on some threats indicated below.
Data Breaches
This kind of an attack may lead to loss of data or leaking. Loss of information may take place both from outside or inside the organization.
Data Loss
In most cases, if a user or cloud provider does not put strict controls in place, an intruder may alter or delete crucial information. Sometimes, dissatisfied employees may gain access and maliciously delete data.
Account hijacks
This happens when an intruder steals login credentials through phishing or any other social engineering. Indeed, this may result in compromised data and loss of intellectual property.
Denial of service
The attack makes the services offered by given organization unavailable online due to flooding of unauthorized requests. This is a major threat to cloud computing, as most organizations need full-time access.
- What are the cybersecurity threats associated with on-premise (datacenter) solutions?
Organizations work very hard to protect themselves from cyber-attacks by deploying computer-based appliances. The devices usually have several disadvantages, especially while defending on-premise installations. First, they may not be effective in preventing an attack that seeks to block internet as they are in the data center. Second, they may become a performance choke point, which may result in significant cyber attack. Third, on-premise software and appliance burden may cost an organization a huge sum of money in setting up and maintenance. Lastly, the aspect of on-premise is usually at risk of physical damage by malicious individuals or fire (Port, 2015). Therefore, it is crucial for organizations to weigh the best option that has less risk.
- If an adversary has physical access to your hardware (computer, phone, misc device) what is the likelihood of a security exploit and why?
If an adversary has access to any of the hardware such as the phone or computer, he/she can bypass most of the security protections that are laid to avert unauthorized access. Any task performed by an adversary attracts negative effects on the confidentiality, availability, and integrity of the information. Thus, unless the data on the computer or phone is encrypted, there is a high likelihood of data being compromised. The issue of adversary access mostly occurs in an event of laptop theft or loss. The main reason of gaining unauthorized access to a computer or system is to steal information that is useful to the owner and which may lead to the loss of an organization’s reputation (Aslkoxylakis, Loannids, Katsikas, & Meadows, 2016). It is, therefore, important for organizations to have multiple security layers and intrusion detection to make sure that such attacks are detected before they cause serious damage.
- What does it mean to hardening a system and what are the associated benefits?
System hardening is the process in which computer system security is increased to reduce vulnerability. The risk of cyberattack is usually higher when a system is designed to carry out several functions. The hardening of a system involves removing of unnecessary logins, software, change of passwords, and other unnecessary services. The process has several benefits to an organization, which include making the system stronger and resistant to most or attempted security issues (Norman, 2016). The process is usually a cheap task, which in turn improves the overall performance of a given system. In addition, it reduces the expensive failures that may cause downtimes and attract quite huge sums of money to repair.