Post your thoughtful analysis about one key point you took from this assigned reading. (This first week you are not required to post: One question to ask your fellow classmates to facilitate discussion, nor are required to post In The News nor comment on other students’ postings.)
Reader Interactions
Comments
Leave a Reply
You must be logged in to post a comment.
Jon Stillwagon says
One section or key point that I found interesting is about worms and how they can traverse from one computer to another. This would mean if you had routers and switches that are connected to the organization’s network it could potentially jump from one state to another. If the worm was designed for that specific vulnerability and that organization was having trouble with a specific vulnerability it could cause a lot of damage especially if the company doesn’t recognize this. Using WAN technology could really cause the worm to do harm to multiple sectors.
Yannick Rugamba says
One thing that really caught my attention in this chapter is the acknowledgment of the range of cyber threats those coming from other companies. The chapter explains how competitors can use tactics like gathering information from sources or even resorting to covert actions such, as hacking or bribery to steal trade secrets. It also points out that even national intelligence agencies are involved in espionage activities. This thorough understanding of the threat landscape highlights the importance of having diverse cybersecurity strategies, within our domain.
Ooreofeoluwa Koyejo says
From my reading in this chapter, I am particularly intrigued by the activities of People: employees, ex-employees, and security professionals named as threats to organisations today. This has been stated in different actions done by these persons such as abuse of authorized access, extortion, theft, harassment etc. because of the access they have been authorized for, knowledge of the systems, as well as the trust in them as part of the organisation.
The Roman statement “Who watches the watchers?” is a call to adopt an approach to implementing controls that protect the organisation from malicious activities such as data theft, financial fraud, sabotage, cyber espionage and other threats by these designated ‘watchers’.
Edge Kroll says
One key point I took from this first week’s reading was the threat to employees. Employees are always going to be the weakest link within an organization. When planning security architecture for an organization the human aspect must always be a major focus. No matter how secure a process is, if a human must manually input data, open files, transfer data, etc. there is always potential for a security error.
Edge Kroll says
*****the threat of employees
Celinemary Turner says
One thoughtful analysis of one key point I took from “The Threat Environment” was an insight into the classification of cybersecurity threats based on their origin (internal vs. external) and intent (intentional vs. inadvertent). Internal threats refer to potential dangers within a business, such as an employee who acts carelessly. On the other hand, external threats arise from external sources, such as hackers. Intentional threats refer to purposeful actions aimed at causing harm or taking advantage, such as cyberattacks. On the other hand, incidental threats arise unintentionally, for example, when an employee inadvertently clicks on a phishing link. Comprehending these classifications is vital for enterprises to formulate efficient security measures. Understanding the different types of threats helps organizations create a comprehensive cybersecurity strategy. It’s not just about having the right technology; it’s also about having the right policies and training in place. This holistic approach is necessary to protect against the wide range of risks in the digital world. Also based on my reading I have learned that Threat Environment effectively highlights the need for a multifaceted and informed approach to cybersecurity, emphasizing the importance of both technological defenses and human factors in protecting information systems
Bo Wang says
One of my concerns is the influence of spy agencies on companies. Cyber security is not only a domain between companies, but also between countries.
Eyup Aslanbay says
The one key point is how uniqueness and danger of computer worms in cybersecurity. The distinction between computer viruses and worms are interesting. Unlike viruses, worms are stand-alone programs, not requiring attachment to other software to propagate. This independence marks a significant difference in the way they spread. A critical feature of worms is their method of propagation. Some worms have the capability direct propagation, meaning they can jump from one computer to another without any user intervention. Direct propagation worms exploit vulnerabilities in software. When they encounter a system with a specific weakness they are designed to exploit, they can automatically install themselves, using the compromised system as a launchpad to infect other vulnerable systems. These are alarming because it bypasses one of the common defense mechanisms against malware: user awareness and caution.