The Techniques Used To Manage Cyber Vulnerabilities: [Essay Example], 1013 words GradesFixer
exit-popup-close

Haven't found the right essay?

Get an expert to write your essay!

exit-popup-print

Professional writers and researchers

exit-popup-quotes

Sources and citation are provided

exit-popup-clock

3 hour delivery

exit-popup-persone
close
This essay has been submitted by a student. This is not an example of the work written by professional essay writers.

The Techniques Used To Manage Cyber Vulnerabilities

Download Print

Pssst… we can write an original essay just for you.

Any subject. Any type of essay.

We’ll even meet a 3-hour deadline.

Get your price

121 writers online

blank-ico
Download PDF

Now that it is established that threats are continuously being used to attack the network and that they move from unknown to known and within a short space of time, a new one shows up. The question is what measures of cybersecurity we are taking to protect the sensitive data.

Reduction of IoT on the network

Internet of Things refers to the thousands of devices that will be connected to the internet 24/7. Examples are the webcams, smart TVs, Smart fridge, and the list goes on. These devices are basically, plugged to power and they work fine. The problem here is that most these devices, after installation, still hold their default passwords which are not a secret, thus can be exploited as an access into the network or even corrupted to do something different from its purpose. The increasing number of IoT in a network, the more the risk of a network breach.

People management

It is often said that people are the most significant weakness in an information system. The human nature is not security conscious therefore regular training need to be done until it becomes second nature. Until we get to a point where we do not become victims of phishing attacks, or social engineering, or to always subconsciously lock their PCs when not in use, or to not divulge critical information like username and password, Cybersecurity cannot just work. Nevertheless, technology should be built in a way that will give the staffs no choice but to be security compliant. The technology should implement an additional authentication process to the regular usernames and password (e. g. SMS One time Password, or Token generated numbers, or use biometric), PC automatic lock within seconds of not being in use or even specifying the kind of URL links that are allowed on the network. This process will reduce the risk of vulnerability that employees pose to the network.

Encryption- Authentication, confidentiality and integrity

To protect the confidentiality of all data in transit, or being processed or even stored, encryption is the key. The increased rate of Middleman attack is alarming, and this tool is the only way to protect data. Encryption uses algorithms such as DES, 3DES, AES, to convert the plain text to a form that is not easily intelligible. This ciphertext can only be decrypted using a key. There is two primary type of key: the public key and private key. The secuity of the message is highly dependent on the size of the key.

To authenticate that a data has not been tampered with, a technique called hashing is used. This technique hashes all the data and the encryption key into a fixed size. This hashed messaged referred to as a digest or tag and the encrypted data is sent to the receiver. At the receivers end, the encrypted message is decrypted using the key, revealing the raw data and the tag. The raw data is then rehashed and compared with the first tag that was initially sent. Any differences spotted between the two of them proves that the message has been tampered with thus its integrity remains the same. Employing access control to confirm the identification of a user, is equally germane thus making it difficult for unauthorized use of system resources or access to system data. New technologies employ the use of biometrics as it has proved to be very effective over the years.

Topological analysis of the vulnerability of the network

It is generally said that it is impractical or practically impossible to have a perfect network system free of faults. Nevertheless, the topology of a computer network has to be checked for vulnerabilities. The idea is to know the weakest link of the network. This way, the risk it poses to the entire security of the system is weighed, and the decision to close it or not is made. Sometimes, it might cost more to incur a solution for it than to absorb the risk. At this point, the vulnerability is best left open. For more extensive networks, there might be more than one vulnerability available at separate parts of the network. Therefore, an analysis is needed to know if their combination can be exploited to cause more significant damage to the network. The organisation is thus, put in a better-informed position to take action. In large networks, more than few vulnerabilities might be overwhelming. Therefore, the use of automated tools will come in handy. There are several tools available for this. Some popular analysers are Tripwire IP360, Wireshark, Microsoft Baseline Security Analyzer Intrusion Preventions and Detection System.

These are devices put in place to detect block and report any malicious activity in a network. Those days, organisations wait to, first of all, be attacked or hear news of the demise of another organisation before their software engineers begin to enhance their security against that threat. These days, Intrusion prevention systems are places in a network to fight against know threat, and thus protecting the system vulnerabilities. Thus, reducing the risk of being attacked and will also reduce the impact of risk if it occurs. Latest Intrusion Detection technologies, use either machine learning IDS or Anomaly IDS to monitor the network and detect intrusions of any sort. The machine learning made IDS are trained to learn how good network traffic looks like and thus, it detects any network traffic that doesn’t look. On the other hand, the anomaly ID works with set rules that the system can use to identify abnormal traffic. Therefore, the latter is a produces more accurate results than the former, with fewer numbers of false positives, because it works from a set down rules identifying what should not be found in the network. Many Cybersecurity companies avoid using Machine learning because it is more stressful to build, after which, it still outputs lots of false positives. As they continue getting these results, administrators get used to them and stop investigating them, in the cause of this the bad actor successfully carries out his attack.

Nevertheless, Intrusion Prevention and Detection system must not be overlooked as it remains an integral part of the network.

Remember: This is just a sample from a fellow student.

Your time is important. Let us write you an essay from scratch

100% plagiarism free

Sources and citations are provided

Cite this Essay

To export a reference to this article please select a referencing style below:

GradesFixer. (2020). The Techniques Used To Manage Cyber Vulnerabilities. Retrived from https://gradesfixer.com/free-essay-examples/the-techniques-used-to-manage-cyber-vulnerabilities/
GradesFixer. "The Techniques Used To Manage Cyber Vulnerabilities." GradesFixer, 30 Apr. 2020, https://gradesfixer.com/free-essay-examples/the-techniques-used-to-manage-cyber-vulnerabilities/
GradesFixer, 2020. The Techniques Used To Manage Cyber Vulnerabilities. [online] Available at: <https://gradesfixer.com/free-essay-examples/the-techniques-used-to-manage-cyber-vulnerabilities/> [Accessed 14 July 2020].
GradesFixer. The Techniques Used To Manage Cyber Vulnerabilities [Internet]. GradesFixer; 2020 [cited 2020 April 30]. Available from: https://gradesfixer.com/free-essay-examples/the-techniques-used-to-manage-cyber-vulnerabilities/
copy to clipboard
close

Sorry, copying is not allowed on our website. If you’d like this or any other sample, we’ll happily email it to you.

    By clicking “Send”, you agree to our Terms of service and Privacy statement. We will occasionally send you account related emails.

    close

    Attention! this essay is not unique. You can get 100% plagiarism FREE essay in 30sec

    Recieve 100% plagiarism-Free paper just for 4.99$ on email
    get unique paper
    *Public papers are open and may contain not unique content
    download public sample
    close

    Sorry, we cannot unicalize this essay. You can order Unique paper and our professionals Rewrite it for you

    close

    Thanks!

    Your essay sample has been sent.

    Want us to write one just for you? We can custom edit this essay into an original, 100% plagiarism free essay.

    thanks-icon Order now
    boy

    Hi there!

    Are you interested in getting a customized paper?

    Check it out!
    Having trouble finding the perfect essay? We’ve got you covered. Hire a writer

    GradesFixer.com uses cookies. By continuing we’ll assume you board with our cookie policy.