430 dq1

REPLIES TO RESPONSES. 75-100 WORDS

A Joshua Skinner

Good Morning Class,

Espionage or trespass occurs when an unauthorized individual attempts to gain illegal access to organizational information. There are several security measures that can be implemented to ensure this doesn't happen. One way to prevent espionage is to constantly monitor user activity. Another method is to conduct a risk assessment. Risk assessment is key to a risk-based security approach, which should be part of every organization's security strategy(How to detect and prevent industrial espionage 2022). My next threat is software attacks. Software threats or attacks are malicious pieces of computer code and application that can damage your computer, as well as steal your personal or financial information. This particular threat can be combatted by conducting updates on a regular basis. Updates typically eliminate hidden malware that can lead to software vulnerabilities and threats. Another method is to perform vulnerability assessments. Vulnerability assessments allow cyber analyst to get a better understanding of any issues that may be affecting their systems. To prioritize the solutions I would follow a 5 skey metrics that starts with business criticality, vulnerabilities, threats, exposure/usage, and risk negating effect of mitigating controls.

B Idrisu Rabiu

Among the twelve categories of threat, I am choosing software attack. Many software threats now target smartphones specifically, so approaches to cybersecurity that are based on desktop computers are not always effective. While viruses that target smartphones are simply the mobile versions of ones that target your desktop or laptop computer, man-in-the-middle attacks take advantage of free Wi-Fi in order to place hackers between your device and a Wi-Fi hotspot and steal your information and details from your apps. Bluejacking is the sending of unwanted or unsolicited messages to strangers via Bluetooth technology. It can be a serious problem if obscene or threatening messages and images are sent. Bluesnarfing is the actual theft of data from Bluetooth-enabled devices (including both mobile phones and laptops): contact lists, phonebooks, images, and other data may be stolen in this way. Mobile Ransomware is malware that locks up your device. If your device has been infected with malware, you lose all access to every part of your phone until you pay a ransom to the hacker/criminal who has taken control of your device. Phishing or Smishing usually starts as an email or text claiming to be from a person or business that you know. This email usually contains a link that asks you to verify the information. This information in turn goes straight to the scammer to steal and use your details.

Phishing attacks are one of the most prominent widespread types of cyberattacks. It is a type of social engineering attack wherein an attacker impersonates to be a trusted contact and sends the victim fake emails. Unaware of this, the victim opens the mail and clicks on the malicious link or opens the email's attachment. By doing so, attackers gain access to confidential information and account credentials. They can also install malware through a phishing attack. 

C Olatunbosun Osifowode

Hello Class,

It was because this cannot be avoided and can also occur without control and warning over the situation. Therefore, an organization needs to prepare ahead for the possibilities with solutions such as taking measures to limit the damage that could occur, prepare contingency plans, and obtain casualty or business interruption insurance (Whitman & Mattford, 2016). The different things that organizations can do to limit the damage include adoption of zoning, land-use practices, building codes, awareness, education, warning systems, preparedness and disaster drills, as well as keeping proper backups preferably in an accessible remote location. Appropriate contingency plans for continued operations would include disaster recovery plans, incident response plans, and business continuity plans.

Another serious threat is the threat of human error or failure which often includes unintentional acts or acts done in ignorance by an authorized user. Employees have access to and use sensitive data and information during daily work activities. Any mistakes and misuse that occurs can induce serious threats to the confidentiality, integrity, and availability of data. To prevent this type of threat; ongoing awareness activities and training is needed as well as controls such as having a secondary party verify commands.