Cyber Security and Recovering From a Cyber Attack Paper Example

Introduction

Today's connected world alongside technological advancement in both software and hardware has enabled individuals and companies to conduct businesses online and perform other things like data storage. New features of the internet and Information technology are seen day by day, the interest to know new people and simplify task through the internet has been a significant concern. However, this has not been easy, and there are cyber activities that are a threat to many people, these threats need cybersecurity. Cybersecurity is the practice of protection of inter-network connected systems, these systems include the hardware and software, and they are protected from cyber-attacks. Cybersecurity is all about protection, detection, recovery, and reliability. Cybersecurity consists of multiple layers that drive across the computer, programs, networks, and data. Ensuring there is security in the systems requires that there is coordination of efforts in the IT systems which includes data security, network security, operational software/application security, recovery and continuity, and user education ("NIST gifts guidebook for recovering from the cyber attack," 2018).

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

Goals to Cybersecurity

Several goals are undertaken to make sure that everything on the internet is 100 % efficient. These goals include:

(i) Availability

Availability is a key concern when it comes to inter-connected systems and for those who conduct businesses online. Data must not be tempered, modified and lost. Accessibility deals more on data reliability. Many cyber attackers target the data saved in a system to gain access to other places. SQL injection is a standard method used by the attackers to access the database of operation and hence modify data.

(ii) Integrity

Integrity is another major concern when it comes to IT systems, a wholeness of computer systems is not simple to get. This goal needs the computer systems to adopt the primary requirement of information systems, and this is to gain trust, honesty and all other positive virtues. A system can never be 100 % secured, despite, an improvement on Password, encryption software, firewall, and antivirus which are recommended by Homeland Security.

(iii) Confidentiality

An information system must engage privacy, data encryption and changing passwords on a regular basis supports confidence of informational systems, the Central Intelligent Agency refers to secrecy as integrity and availability. Many organization in the United States like National Infrastructure Protection Plan (NIPP), provides security measures on confidentiality and reliability of data through program protections (Abrams, M., & Weiss, J., 2008).

(iv) Accountability

Accountability is another concern in cybersecurity, for instance, in an organization that runs things through the internet, every member is entitled to a specific task and responsibility. When anything goes wrong in a particular area, then the people associated with the city are accountable. Homeland Security provides measures to ensure a system moves with the changes in technology and security levels available, for instance, the communication sector is a specific sector for communication integrity.

(v) Assurance

Assurance consists of all the other goals for cybersecurity. One cannot be assured of integrity if the availability of data or completeness is not tackled correctly. There are several federal laws relating to cybersecurity and charges too. Computer security act was addressed in 1987 that aligned with the National Institute of Standards and Technology.

Categories of Services

To achieve or these measurable goals are some categories followed to make sure these issues are addressed and taken into account. These categories include federal laws and regulations, they are support, prevention, detection, and recovery, and all these are relevant in achieving goals.

(i) Supporting

In supporting there are several organizations concerned in making sure that a system is fully supported in any cyber-attack. For instance, the Cyber Resilience Planning has a platform to make sure that an organization is a conduction their activities in a free cyber-attack zone through strengthened email defense.

(ii) Prevention

Prevention is said to be better than cure, prevention of an attack may come before or after a known attack. Coffee CBFREE offers educational information to an organization about cyber-attacks after detecting that they are happening. Prevention of cyber-attacks calls for internal training programmes that are parallel to the technological. NIST also provides a forum for cybersecurity protection and critical infrastructure resilience.

(iii) Detection

The most important category to make sure cyber-security goals are reached is the detection. Discovery makes a system a threat to attackers. When cyber-security is modified with good detection systems, then it becomes easier to spot them a mile away. The most common cyber-attacks like ransomware and Distributed Denial of Service are easily detected since a company or organization miss some parts of their data immediately. When is realized a company can report to the legal organization concerned in these crimes (Hathaway, O. A., Crootof, R., Levitz, P., 2012).

(iv) Recovery

Some members of the organization would still work with the organization even when a company has had such issues before, but again, data was recovered. A tactical recovery mechanism is made by NIST, where steps that include identity protect, detect, respond, and finally recovering. This is a priority already set for data recovery in a company, it is recommended for all organization.

References

Abrams, M., & Weiss, J. (2008). Malicious control system cyber security attack case study-Maroochy Water Services, Australia. McLean, VA: The MITRE Corporation.

Hathaway, O. A., Crootof, R., Levitz, P., Nix, H., Nowlan, A., Perdue, W., & Spiegel, J. (2012). The law of cyber-attack. California Law Review, 817-885.

NIST gifts guidebook for recovering from a cyber attack. (2018). Retrieved from https://federalnewsradio.com/technology-main/2016/12/nist-gifts-guidebook-recovering-cyber-attack/

Tipton, H. F., & Nozaki, M. K. (2007). Information security management handbook. CRC press.