Response giving

Instructions: Add additional insight to these opinions or challenge the opinions. Use real world experience to support your views, as appropriate. 1)  You don’t know what you don’t know! This website, United States Computer Emergency Readiness Team (US-CERT) is an extremely important tool for cybersecurity professionals as well as system administrators.  As computers continue to evolve, information becomes more valuable to our advisories and as hackers become more embolden, how can anyone expect to keep up with the threats and vulnerabilities to our systems? That is where US-CERT comes in.  On their website, you have access to the National Cyber Awareness System which “offer a variety of information for users with varied technical expertise.”<u1:sdt> (United States Computer Emergency Readiness Team, 2018)  On this page, you can set up an account that will send you emails on alerts and activities that are pertinent to you, with topics including: Current Activity - Provides up-to-date information about high-impact types of security activity affecting the community at large. Alerts – Provide timely information about current security issues, vulnerabilities, and exploits.  Bulletins – Provide weekly summaries of new vulnerabilities. Patch information is provided when available. Tips - Provide advice about common security issues for the general public.<u1:sdt> (United States Computer Emergency Readiness Team, 2018) Under the Current Activity link, you can find the most important information on current threats.  On the Alerts link you can find just about every known security threat/vulnerability that is out there.  From malware, viruses, port vulnerabilities, ransom-ware threats, operation system and software vulnerabilities.  An example of how in-depth these alerts can be can be found in Alert (TA15-119A) Top 30 Targeted High-Risk Vulnerabilities.  In this alert, it lists the “Overview, Description, Impact, and Solution to the systems affected.”<u1:sdt> (United States Computer Emergency Readiness Team, 2018) Here are just a few of the affected software: “Internet Explorer, Office (Windows and Mac), Visual Basic, SQL Server, Silverlight, Java, Acrobat Reader, Acrobat Flash, etc.”<u1:sdt> (United States Computer Emergency Readiness Team, 2018) This alert alone has 30 fixes!  In the Bulletins section, you can find a synopsis of all of the vulnerabilities over the course of a year, going back nine years. So, if you are researching vulnerabilities, you can skim the bulletins to track down what you might be looking for. Finally, in the Tips section you can find guidance on a number of topics, ranging from “voter registration data, cyber bullying, Social Networking safety, Chat and Instant Messaging safety.”<u1:sdt> (United States Computer Emergency Readiness Team, 2018).While this site contains an overwhelming amount of data, you really can know what you don’t know.

2) It is imperative to keep up with today’s technology threats in the world.  You do not have to be a system administrator or work in the information technology field to keep current.  Majority of devices today has some type of technology or future capability to link to the internet.  The United States Computer Emergency Readiness Team (US-CERT) website provides numerous updated information on current security incidents.  As information technology departments review this website, so are the hackers that mean harms to an organization or just a device.                 As I read over these security threats, the Adobe security update for Flash player catches my eye.  After reading the bulletin, Adobe provided updates for their flash player because there was a vulnerability that gave remote code execution on version 28.0.0.137.  The affected player were on Windows, Macintosh, Linux and Chrome OS platform.  I believe even though this Adobe security update was released, there was still people out to test this vulnerabilities to see if it was still valid.  There were already some targeted attacks again Window users, but not in a big scale.  Another benefit to this website is the user or Information technology department are provided steps to resolved the vulnerability if human interaction is needed.  This website is also good for training awareness to ensure the organization’s employees have some insight on some current threats that they might come across. For example, this website also mentions about being Cyber safe during the Olympics.  A lot of people are not thinking about protecting their personal information because their mind is solely on the Olympics events.  At the Olympics, electronic device use is more evident with all the wonders you will see at this world wide event.  Cell phone can pretty much do anything you need it to do especially with the ability to connect to any free Wi-Fi hotspots and/or Bluetooth connections.  Large crowds like at the Olympics is just a great opportunity to catch someone that does not have a keen mind on technology device security.  I have used this website in the past for briefings and to keep myself up to date on some security threat areas.