Response to the First Question
Undoubtedly, Internet of Things is likely to lead to many insecure endpoints, especially because of the use of IP-enabled devices. For instance, heating systems, intelligent meters, and lighting equipment will involve installation of IP services. Therefore, new IP-enabled devices pose a security threat to the organization because of the several reasons. First, due to the availability of internet connectivity on the devices, many of the new gadgets will not have protection against online attacks. Notably, some of them will not have patches, anti-virus and anti-spam; thus, increase the risk of attack (Amadeo, Campolo, Quevedo, Corujo, Molinaro, Iera, & Vasilakos, 2016). Moreover, they lack anti-malware infrastructures, which are essential in preventing threats.
Second, touch points makes the organization vulnerable to attacks, especially because they form the location in which the companys network intersects with the Internet of Things. As a result, it will lead to a hectic task of managing internal and external devices that use IP addresses to access information from organizational servers or from the cloud. Third, the heterogeneous nature of the systems will cause a different model from the layered software approach that many security individuals are used to. Notably, IP enabled gadgets handle problems related to HTML 5 and TCP/IP, however, organization will face greater issues related to Webhooks and Zigbee, which have the potential to cause great harm. Moreover, security visibility is likely to reduce to a great extent because of the sudden shift from the use of layered software to embedded systems.
With the aim of managing the security threats posed by IP enabled devices, organizations should educate their security teams on the devices in their networks (Amadeo, Campolo, Quevedo, Corujo, Molinaro, Iera, & Vasilakos, 2016). Understanding the network infrastructure is a crucial step towards blocking unwanted or unauthorized individuals and programs. Because end-point security functions are highly vulnerable under IP devices, there is a need to focus on data security at the network level to reduce threats.
Response to the Second Question
State-sponsored espionage is more concerning than traditional espionage because it involves heavy capital outlay. Additionally, the security breaches by spy services providers are likely to be encouraged by the legal systems of the country; thus, limit the arrest of perpetrators (Banks, 2016). Markedly, the fact that the foreign intelligence services are highly dominated by the military personnel indicates that state sponsored espionage may cause damages and unauthorized access to organizations.
A good example is the United States, which records losses of $25 to $100 billion of cyber espionage annually. Conversely, the Russia preferred strategy against Estonia and Ukraine, the host nations lost large sums of money to an extent that their security visibility was greatly limited. Experts assert that national espionages could lead to costs equivalent to 1.5% of a countrys budget on a single incidence (Banks, 2016)
Both encryptions on transit and on rest can lead to substantial benefits if the organizations apply them. First, it prevents unauthorized access to the information and data files that are crucial to the firms and individuals. Second, encryption against espionage is a good strategy to mitigate occurrences; thus, protecting vital data folder contents. Moreover, it prevents the access to vital emails, tax information, and sensitive information. Access models can improve data security because they assist data managers and data security personnel in managing access and controlling information flow. I would recommend Mandatory Access Control model because it checks the sensitivity of data and information before it is processed and allowed to be consumed in the firm.
Amadeo, M., Campolo, C., Quevedo, J., Corujo, D., Molinaro, A., Iera, A., ... & Vasilakos, A. V.
(2016). Information-centric networking for the internet of things: Challenges and opportunities. IEEE Network, 30(2), 92-100
Banks, W. C. (2016). Cyber Espionage and Electronic Surveillance: Beyond the Media Coverage. Emory LJ, 66, 513
If you are the original author of this essay and no longer wish to have it published on the ProEssays website, please click below to request its removal:
- Linear Programming Case Study
- Nursing Informatics Quality Improvement Plan - Essay Example
- Online Adult Education - Essay Sample
- Spyware on Children - Argumentative Essay Sample
- Data Transcribing and Data Analysis using Nvivo Program
- Books and Article Review on Cyber Culture
- Linear Programming Case Study