VM Scanner Evaluation Background Report

5

MEMO

DATE: 3/ 11/2020

TO: MERCURY USA CEO.

CC: MERCURY USA SUPERVISOR.

FROM: STUDENT NAME AND COURSE NUMBER SECTION

RE: CYBERSECURITY CONCERNS IN THE TRANSPORTATION SECTOR

PRIORITY: (URGENT)

Overview

The key aim regarding this report which was requested is to assist in the addressing of the recent concerns regarding cybersecurity against the identified transportation sector. After effectively viewing the identified pen testing engagement outcomes that were sent to me, I would like to effectively suggest that the identified transportation sector in the company ought to effectively adopt the identified vulnerability management which is key as a cybersecurity principle. Vulnerability management entails the practice associated with making sure that the given business network is effectively protected against any probable security weaknesses that can lead to hacker attacks.

The identified vulnerability management usually works collaboratively with the identified Open Vulnerability Assessment Scanners tool which helps in the reduction of the strain regarding the security personnel and even the operation sectors within the identified transportation segment (Zakareya, 2018). The company may suffer the issue of ransomware if they fail to effectively implement the identified vulnerability management process which could impact the Mercury USA financially.

Part 1: Vulnerability Management (VM) Process Recommendation

When taking part in the implementation of the vulnerability Process, the company needs to consider the identified recognition regarding vulnerabilities as well as the investigation associated with the essential vulnerabilities. It is vital that the organization adopts the internal scans which is regarded as being the kind of vulnerability management which can help in the identification of the loopholes in the given transportation sector which may be associated with damaging the network associated with the company. It is also vital to consider the measure regarding effectiveness associated with the internal scans to make sure that it is the most appropriate strategy that is available (Easttom, 2020).

Part 2: Vulnerability Scanning Tool Evaluation and Recommendations

The identified OpenVas scanning tool is considered to be an open source vulnerability scanning tool which in my personal opinion is considered to be an industry standard. The key benefit for the use of the OpenVas scanning tool is the transparency aspect and it usually does not raise any security associated concerns. It is associated with patching any kind of security issues which may arise since it is easy to locate the bugs but it is also vulnerable to hacking (Easttom, 2020). To ensure feasibility in its use, I would recommend that the identified Mercury USA is involved in the adoption of the OpenVAS scanning instrument because of the capability it has to offer a comprehensive report.

Part 3: Business Case Example

In the situation whereby the company does not take part in the implementation of the given recommendation, there is the risk of ransomware. For the given device to effectively function again, the identified malicious program is associated with infecting the identified protection systems as well as is involved in showing messages requesting for a fee as the charges. It is vital to note that ransomware can also create an essential disruption regarding normal operations at the Identified Mercury USA and in some cases data loss. Ransomware is usually known to be involved in the damage of the companies’ reputation and it is vital for the mercury USA recommendations to be followed to avoid such cases (Foreman, 2019).

Conclusion

Through the adoption of the internal scans as a key vulnerability management kind of process to help in safeguarding the identified transportation sector, the given company can effectively solve most of the cybersecurity breach situations and prevent any kind of losses. Collaboratively with the identified OpenVAS scanning tool, the internal scans can assist the organizations in safeguarding of the essential information and in the reduction of the risk regarding vulnerabilities like the malware infections (Zakareya, 2018).

<Closing Salutation>

<Your Name> Cybersecurity Threat Analyst

Mercury USA

References

Foreman, P. (2019). The vulnerability experience. Vulnerability Management, 7-34.

doi:10.1201/9780429289651-2

Easttom, C. (2020). Vulnerability assessment and management. The NICE Cyber Security

Framework, 241-258. doi:10.1007/978-3-030-41987-5_12

Zakareya, O. (2018). Vulnerability and forensics associated with the smart grid: Cyber attacks. International Journal of Computer Applications, 181(22), 32-38. doi:10.5120/ijca2018917952