Post your thoughtful analysis about one key point you took from this assigned reading. (This first week you are not required to post: One question to ask your fellow classmates to facilitate discussion, nor are required to post In The News nor comment on other students’ postings.)
Reader Interactions
Comments
Leave a Reply
You must be logged in to post a comment.
Zibai Yang says
The one key point I choose to talk about is cyberterror. Terrorism has a long history, and during the thousands of years of its development, different periods have different characteristics. The form of modern terrorism is other from the assassination and poisoning of ancient terrorism, and it is also different from the typical state terrorism of contemporary terrorism. Today, the development of terrorism is no longer a pure form of violence. The structure of terrorism has stepped onto the stage of history. Its activities make full use of the Internet as a tool and weapon, brilliant and uncontrollable.
Cyber terrorism poses new threats to national political security, economic security, cultural security, and military security. To prevent and stop cyber terrorism, we must address both symptoms and root causes: we must recognize and value cyber terrorism; improve legislation and responsibility implementation; protect key targets; strengthen international cooperation; possess advanced and unique technologies and independent intellectual property rights; establish a monitoring system and rapid response Team; cultivate a large number of outstanding reserve talents. Preventing cyber terrorism has become an essential part of the national security defense system, and this is also a war without gunpowder.
Wenyao Ma says
This chapter discusses the threat environment faced by enterprises. The key point I draw from this chapter is to understand the need for all potential threats and the importance of defensive measures against them. Organizations need to understand all potential threat agencies, attackers’ motivations, and attack methods to protect themselves.
In addition, this chapter also introduces the basic terms related to network security, well-known network attack methods, attack analysis and the necessity of network countermeasures. It is the beginning of the network field to prove the existence of network threats and the key points of development countermeasures and network awareness.
Mei X Wang says
The chapter explains what’s a threat environment: the type of attack and the attackers the enterprise might face. A challenge enterprises face in attempts to mitigate associated risk is not understanding the enemy. Many times, internal attackers are what causes the most extensive attacks.
The chapter explains the danger of the employee and ex-employee threats. Many times, it isn’t high-level technology that causes the breach but a disgruntled employee attempting to retaliate. Employees and ex-employees are the most dangerous “enemy” because of the extensive knowledge they developed of the company during their time of work. They also have the credentials readily available to access sensitive/non-public sectors of the systems. They know how the enterprise operates and ways to thwart the controls in place to avoid being detected. Also, many times these disgruntled employees are able to take advantage of the “this is our people” mentality. They manipulate those that are too trusting of their employees, managers might defend them even if they created a violation.
The chapter also explores types of employee executed attacks such as employee sabotage, hacking, financial theft, intellectual property theft, extortion, harassment, internet and non-internet abuse, data loss, and other types of internal attackers such as contractors or employees in contracted companies.
Priyanka Ranu says
This chapter focuses on the importance of understanding the threat environment which consists of the types of attackers and attacks that companies face. One key point that I took away from this reading is the dangers of insider threats. Insider threat is a security risk to an organization that comes from within the business itself. It may originate with current or former employees, contractors, or business associates that have or have had access to an organizations data and computer systems. Insider threat is dangerous as the employees usually have extensive knowledge of systems and credentials to access sensitive data.
I found this article which highlights the rise of Insider threats and how they are growing more costly to the organizations. The main problem is that insider threats are difficult to detect and prevent than external attacks and organizations need the right tools to detect insider threats. The author recommends a combination of user behavior analysis and identity attributes and privileges to discover anomalous activity which will set off alerts prompting response and mitigation.
https://securityboulevard.com/2021/01/insider-threats-are-on-the-rise-and-growing-more-costly-you-need-the-right-tools-to-detect-them/
Haozhe Lin says
The first chapter discusses the types of attackers and the attacks faced by companies. A part of this chapter focuses on the threats of employees and former employees. How many of the same general crimes that humans may commit to each other can also be adapted and applied to the workplace. Sabotage, hacking, theft, blackmail, sexual/racial harassment, and Internet abuse are some of the crimes being committed. More notable is that before 2003, most of the external attackers were employees, former employees, or traditional external attackers. Today, external assailants are occupation criminals who are trying to earn money illegally. The strategy they use is a computer adaptation of traditional crime. Criminals soon took advantage of the opportunities provided by the digital environment. The chapter also mentions that many of the crimes committed are committed by groups that may be associated with more than one criminal activity. Viewing and analyzing the predictive software of these groups’ IP addresses will be interesting. It can find out different types of crimes and whether these crimes happen in the workplace or elsewhere.
Ting-Yen Huang says
The one key point I found from chapter one is that the CIA security goal is a good point to start designing the security protocol and to evaluate how does the company should face the attack. Also the how does company should prevent their employee attacking or stealing private information, intellectual property and embarrassing information out of the company. Employee sometimes would steal intellectual property which is protected by lay to extort the company. In some cases, out of curiosity, employee may access internal private data about other employee or supervisor. The other potential event would be the employee inject virus into the payroll system to increase their salary by illegal action.
Austin Mecca says
The key point I took away from Chapter 1 was right in the beginning when they are discussing how much a breach in IT security could cost a company. Initially, I thought that it would be a quantifiable number through ALE calculations, however that is not nearly the case. There are so many pieces that we do not have a way to calculate them and in addition when a breach affects hundreds of employees or customers, those numbers increase exponentially. They had mentioned that how would you put a number on working time lost by employees due to some kind of breach. That is simply one variable that is affected that a company could have difficulty calculating. Now add numerous more variables and all of a sudden the numbers can get out of hand quick. A company’s best bet is to be as transparent as possible and do as much as they can but will have to understand they most likely will not be able to calculate losses due to an IT breach down to an accurate dollar amount. It more or less will be an estimated range.
Krish Damany says
In Chapter 1, the topic discussed is about the threat environment in which companies in an enterprise setting may face. Boyle and Panko hammered home the point that rogue employees or ex-employees are potentially very dangerous to an organization. Some of the things these employees could do with company computer access include destruction of hardware and software assets, financial theft, and internet abuse (including downloading pirated software or malware and viruses). The organization must have a system or plan in place to deter such actions, such as blocking certain websites or filetype extensions, managing user accounts to allow users to have certain permissions but not all, and in the event of an employee being terminated, making sure their credentials to access the network are revoked,
Jonathan Castelli says
One key point I took from this first week’s reading was the thread of employees. Employees are always going to be the weakest link within an organization. The human aspect of security will always be the greatest focus when planning the security architecture. One question people may have is, “How can the organization prevent employees from being exploited?” Another is “How can the organization prevent employees from harming the company?”
One answer is, the organization can automate in order to prevent user error, they can educate the user so they don’t make any mistakes with regards to opening files and etc. The organization also have to ensure the employee doesn’t become disgruntled or vengeful. When looking looking at the security architecture or threat environment, employees are going to be a great risk to the organization.
Prince Patel says
In the first chapter “The Threat Environment”, the book provides detailed information about understanding the threat environment meaning knowing and being aware of your enemy, especially from the cybersecurity perspective. This chapter also helped me gain inside knowledge on some of the cybersecurity lingo that I was not aware of. One of the key topics that I found really interesting is 1.3 Malware. As malware has been one of the greatest threats and concerns because of the internet and enterprise’s heavy reliance on the internet. The chapter highlighted different types of malware like viruses, worms, spams, trojan horses, remote access trojans, spyware and rootkits. It was very informative to know the descriptions of these and their differences. I look forward to correctly using this lingo in the future cyber security related endeavors.
Junhan Hao says
I think intellectual property rights, enterprise data information security is very important in this chapter. In recent years, with the rapid development of Internet technology, it has promoted economic development and social progress. Enterprises rely on the application of Internet technology to improve their own competitive advantages and operational efficiency. At the same time, accompanied by data information security problems, enterprises are also faced with significant economic losses. Especially for intellectual property enterprises, each intellectual property enterprise has a large number of confidential or even confidential data information, these data information once the problem, the loss of intellectual property enterprises will be incalculable. For example, a few years ago, the blackmailer virus spread on the network, and the computers of some patent agency companies were infected, resulting in the hard work of patent application documents were encrypted and could not be submitted to the authorities on time, which delayed the client’s submission deadline, making the agency and the client suffered losses. So how to ensure the security of enterprise data information is particularly important.
Anthony Messina says
Chapter 1 is an overview of the types of cyber threats that organizations face today. Some interesting facts that I took away from this chapter. Information loss was the single most expensive consequence of computer crime, with losses averaging $5.9 million annually per firm in 2018. Another interesting takeaway was a study done by the Ponemon Institute, which estimated that there is a 28% chance any organization experiences a data breach over a given 24-month period. Other interesting facts were taken from a 2019 Symantec internet security threat report which stated, 1 in 412 e-mail messages contained viruses, worms, or blended threats. Phishing scams accounted for 1 in every 3,000 e-mails sent, and 55 percent of all e-mail was spam. The final interesting fact I read came from Symantec again. I was shocked at how cheap stolen information sold for on the black market. According to Symantec, in 2015, U.S. credit cards with the card verification value went for between $0.10 and $20 per card. Stolen cloud accounts ranged from $5 to $8. Sending spam to 1 million verified e-mail addresses ranged from $70 to $150. And 1,000 followers on social media went for $1 to $12.
Kyuande Johnson says
The key takeaway I took from this chapter was that the weakest link in an organization when preventing cyber attacks are employees. Security Awareness/Training is essential in preventing successful social engineering attacks. The most common social engineering attack is Phishing. Phishing. Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords and credit card details or other sensitive details, by impersonating oneself as a trustworthy entity in a digital communication. There are many different methods of phishing. Spear Phishing is a targeted attempt to steal sensitive information. The attacker attempts to gain the trust of the individual by impersonating a fellow coworker or someone of authority. Spear Phishing emails contain information specifically relatable to the target. Whale phishing is a term used to describe a phishing attack that is specifically aimed at wealthy, powerful, or prominent individuals.
Vanessa Marin says
The key point I chose in this chapter is the importance of employees as a threat. There are four key reasons that make employees dangerous: extensive knowledge of systems, access to sensitive areas has been granted and they know the control mechanisms that are in place and at time even know how to bypass them and finally the trust a company gives employees with all this information. While many breaches are a result of an innocent employee there are many instances where a threat is a direct result of an ex employee being angry and wants to harm the company, or there is an external factor that causes a once good employee to build on an opportunity to defraud. Intentional threat actors such as employee hackers, saboteurs, and their myriad of motives–financial, intellectual, sexual or racial harassment– pose a serious threat. Simple carelessness or lack of appropriate education can also cause serious alarms and could result in very expensive consequences.
Cami Chen says
This chapter focus on what different types of threat will occur in the organizations. The key point I want to talk about is the malware. Since the malware is sent by the hackers via emails. As the description of the malware, it is evil software, and it will cause the organization to have an unimaginable loss. The purpose of sending the malware to the users is money. The malware not only affects the organization but also the customers. There are several types of malware, including viruses, worms, and Trojan horses. The most common malware is viruses. For example, a user who you are familiar with sending you an email, and this includes an attachment. However, the user does not know the attachment carries the virus, and you do not have the second anti-virus software to protect your device. The hacker can steal and break both of your data and systems. Thus, I think it is important to understand that the different methods of attacks to protect our systems. When we have updated the methods to defend the attackers, the attackers are also refreshing their skills.
Xinyi Zheng says
A key point I noticed is that security goals corporations and subgroups in corporations have security goals, and these three goals are CIA-Confidentiality, Integrity, and Availability. But for companies, there are many other security goals besides CIA .
In addition, the threat environment is changing rapidly. Each company usually have to face several incident, breach, or compromise each year, and the methods and types of these attacks will be constantly updated. In order to deal with these problems, security professionals need to develop different countermeasures. Countermeasures are classified into three types, preventative, detective, and corrective. By formulating effective countermeasures, companies can respond to internal or external threats.
Zhen Li says
This chapter mainly talk about the common types of the threat environment that existed during recently year. The three common security goals for corporation to follow is the CIA. There are also have three types relative compromises to reduce the threat: Preventative, Detective, Corrective.
By looking inside the firm, employees and ex-employee is a part of a dangerous threat for corporate. Firms must also be concerned with traditional external attackers, who use the Internet to send malware into corporations,
hack into corporate computers, So malware is another part of threat in corporate.
By looking outside the firm, Hackers and some malicious attacks are able to break into corporate networks, steal confidential data, or do damage to critical infrastructure from thousands of miles away.
Heather Ergler says
The points from chapter 1 around competitor threats including public information gathering, trade secret espionage and Denial of Service attacks. The fact that trade secrets are protected only if the organization takes steps to protect them is interesting and should turn into a standard control that all organizations implement. I connected this to a project that we did last semester for a small local business and would an organization like this even know that they needed to implement and document controls around trade secrets. Understanding risks to trade secrets is an important concept for small businesses to have.
Anthony Wong says
Chapter 1 discusses the threat landscape for corporations. Threats are mostly external, but can also be internal. Internal threats such as a disgruntled employee is dangerous because of their knowledge of the target systems, but most importantly, they have valid credentials to access the network/system. The chapter goes on to explain the various types of attacks a threat actor can use such as worms, virus, trojan horse, and social engineering. The threat landscape is continuously changing. If corporations are not up to date on the latest attack methods and technologies, they will fall behind as attackers are always on the move.