Comments for discussion 4

Discussion 1 Now a days Cyber Security is leading a major role and we know Emerging threats and countermeasure becomes a familiar with fundamental cyber security principles and security issues arising in a wide range of domains  in this threats are also emerging equally with new innovative approaches, in this world facing lot of issues due to some security reasons lots of risks could be happen just because of this cyber warfare this cyber ware could be of any type that they could be sending some malware through the social media, or messaging services this could be very important to have that breaching the firewalls (Butler, 2005).

In networks today organizations are faced with hundreds of new web and non-web applications these are available to users, an attacker can use these applications to obtain initial access into an organization in this by passing any perimeter security. 

By understanding current situation of the current threats they could be dramatically challenge towards the any organization that was targeted and get victim for the application intensity like vise they could impose the level of severity based on the level of the information they could able to breach. IBM provides IBM X force Trend and Risk report four times a year and in this it may check and monitor the latest security threats include software vulnerabilities and public exploitations software bucks total reports , malware reports , phishing attacks if its occurred and spam reports and also web based threats and lot of cybercriminal activities and authenticated attempts these type of issues monitor and submitted each report as well .

One simple security parameter breach could cause the huge loss towards the organization in this some applications at work as they do in private lives and a user can access these applications download and install and control of this type of applications use, in todays environment of APTs  social media applications and ubiquitous web , every organization needs a deep insights into the usage patterns on  their networks so that can secure and effectively use their network assets and some advanced threat detections and prevention using some security networks are on box analysis and off box analysis granular controls of web applications networks access policy and IP reputations (Ellison & Akdeniz, 1998).

References:

Butler, R. (2005). Investigation of Phishing to Develop Guidelines to Protect the Internet Consumers' Identity Against Attacks by Phishers. South African Journal of Information Management, September 2005. Volume 7(3). Retreived from http://scholar.sun.ac.za/handle/10019.1/19466.

Ellison, L. & Akdeniz, Y. (1998). Cyber-stalking: the Regulation of Harassment on the Internet. Criminal Law Review, December Special Edition: Crime, Criminal Justice and the Internet, pp. 29-48.

In May 2017, President Trump signed Executive Order 13800, Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, to improve the nation’s capabilities and postures in the face of intensifying cybersecurity threats (The White House, 2017). The Executive Order further focuses Federal efforts to modernizing Federal information technology (IT) infrastructure, collaborating with foreign allies and working with state and local governments as well as private sector partners, to fully secure critical infrastructure (The White House, 2017). The Order can be summarised into three major sections: Cybersecurity of Federal Networks; Cybersecurity of Critical Infrastructure; and Cybersecurity for the Nation (The White House, 2017).

Take the example of China, organizing and coordinating a cyber attack against the United States. The attacks would halt the functioning of government agencies, part of the critical infrastructure and commercial ventures, paralyzing the IT infrastructure of several agencies and shutting down the electric grid in most parts of the country. The attack also limits telephone traffic and downs satellite communication, limiting the Department of Defense (DOD)'s ability to communicate with command controls overseas. It also severely hits international commerce and financial situations. In such a case, the Department of Homeland Security (DHS) would be relied on.

First, they would assess the nature of the cybersecurity risk. Secondly, they would protect Federal government information systems, reducing the vulnerabilities of Federal agencies, and ensuring they achieve an adequate level of cybersecurity (Roesener, Bottolfson & Fernandez, 2014). Thirdly they would protect critical infrastructure from further damage by engaging key stakeholders. In response to a cyber incident like the one above, DHS would coordinate with all agencies responsible, including the Departments of Defense and Justice (Howard & Arimatéia da Cruz, 2017). They would then strengthen the security and reliability of the cyber ecosystem, and finally, they would improve the management of DHS cybersecurity activities.

DHS strives to understand the nation’s cybersecurity risk posture better and engages with critical partners to collectively address cyber vulnerabilities, threats, and consequences (Roesener, Bottolfson & Fernandez, 2014). DHS builds on ongoing efforts to reduce and manage vulnerabilities of federal networks and critical infrastructure to harden them against attackers. They also reduce threats from cyber-criminal activities through prioritized law enforcement intervention (Howard & Arimatéia da Cruz, 2017). Finally, DHS engages with the global cybersecurity community to strengthen the security and resiliency of the overall cyber ecosystems by addressing systemic challenges. As a result, the malicious attack from China would severely be dealt with by the DHS, in collaboration with other Federal agencies.