4 responses 01/14

Dushyanth Work:

Threat to Data Confidentiality, Integrity, and Availability

            Confidentiality refers to protection of data from unauthorized accessibility. Integrity is data protection from unauthorized alteration (Kerr, 2015). On the other hand, data availability refers to authorized access to services. Data users have to understand that, “cybersecurity threat” in turn means “an action, not protected by the First Amendment to the Constitution of the United States, on or through an information system that may result in an unauthorized effort to adversely impact the security, availability, confidentiality, or integrity of an information system or information that is stored on, processed by, or transiting an information system” (Kerr, 2015). Therefore, they have to determine security vulnerabilities threatening their security posture.

            The users have to differentiate between consumer licensing agreement and cybersecurity threats. The two terms are significantly different since the users cannot use the latter to claim data comprise (Kerr, 2015). The former involves attack on  hardware, software, process, or procedure void of the users’ approval. The hackers comprise the applications and affects data confidentiality, integrity, and availability (Kerr, 2015). They can lead to denial of service attacks, where users fail to access services.

            Mahairas (2018) argues that The judicial branch is as vulnerable, as all other sectors, to be the subject of targeted attacks focused on the confidentiality, integrity, and availability of its information and networks.”  Therefore, all enterprises are prone to data vulnerability issues. In the case of courts, they hackers have launched numerous DDoS and ransom-ware attacks (Mahairas, 2018). One of the attacks was from the European Cyber Army organization, which occurred in 2014.

            The attack affected the functionality of the federal court systems. Therefore, it was hard to access services from various government websites (Mahairas, 2018). The challenges resulted from the compromise of the electronic court filing database. They delayed operations by lawyers who utilize the uscourts.gov and other web sites. They also had trickle down impacts on other court operations. For instance, the courts had to change their calendars to solve the impacts of the delay (Mahairas, 2018). The lawyers could also not collect funds meant for payment of fines access case records.

            The analysis shows that organizations have to safeguard data confidentiality, integrity and availability. They need not follow the example of Equifax that facilitated data confidentiality compromise (Rogers, 2018). The attack claimed lots of personal financial information. Moreover, “The Dyn DDoS attack, which knocked major sites like Twitter and Netflix offline for many hours, was a major failure of the mission to ensure the availability of information” (Rogers, 2018). It severely affected data availability.

            The management has to understand that, “When you ask traditional information security practitioners about what they imagine a major failure in the protection of the integrity of information might look like, they quote almost comically mundane examples, like the case of the student hacking into their school’s IT systems to change their grades, or some ridiculously contrived scenario that involves hacking into a medical record to change a blood type or medication dosage.” It has to ensure data remains consistent and complete void of the vulnerabilities.

References

Kerr, O. (2015, December 24). How does the Cybersecurity Act of 2015 change the Internet surveillance laws? The Washington Post, np

Mahairas, A. (2018, April 25). Confidentiality, Integrity, or Availability: The Cyber Threats to Our Judicial System. Bloomberg Law News, np.

Rogers, D. (2018, May 21). #FakeNews As An Information Security Problem. The Forbes, np.

Jacob Work:

Data plays a crucial role in every organisation and it is the primary need to furnish majority of the activities in the business. With the technological advancements, hackers are finding modern and creative ways to penetrate into user system and steal sensitive data. It is high time for the business to recognise the need of data security and deploy high end security mechanism which will enable best security standards. Database of an organisation demands for good security requirements to mitigate risk occurrence. The main objective of database security is to protect three main elements which include, data integrity, data confidentiality and data availability. As cyber attacks are increasing in number and attackers finding modern and creative ways to penetrate into user system and steal sensitive data. Data in this modern technological world is more vulnerable to cyber breaches as data is perquisite need to execute all business tasks and lack of data availability can pose halt to entire busines. So, it is very important for the business to develop models which will ensure better security from cyber attacks on data integrity, data confidentiality and data availability(Goldstein et al., 2019).

For this week discussion, I would like to provide details on NG 911 communication system and its working efficiency with emergency communication system. The main objective of NG 911 communication system is to gain access to gather all the information and enable emergency services to the general public of the United states of America. NG 911 communication system serves the function of enabling services to the general public when there is need and will provide general information to the public safety access points which will further transmitted to NG 911 communication system for the operator on other end of communication which will ensure public gain access to data during emergency and can furnish their tasks. In general data is transferred through different node points to reach final destination. In the process it will be verified through NG 911 communication system services(Bashay., n.d).

Though the NG 911 communication system has its own merits and demerits which need to be addressed while dealing with cyber security related issues. NG 911 communication system finds its application in easy file transferring i.e., it will enable the victim to send any kind of information in terms of audio or video files which will help the victim in emergency situation. When it comes to dis-advantages of NG 911 communication system is while dealing with the data security and data privacy issues. They are prone to cyber attacks as NG 911 communication system allows the hackers to gain access to system database and will pose damage to data integrity, data availability and data integrity. The NG 911 communication system must install and deploy high end security network infrastructure to avoid denial of services attacks and to resolve data access issues in an organisation. It is also recommended to deploy the concept of data encryption which will ensure security to sensitive data and it will be difficult for the hackers to modify the encrypted data and can maintain data integrity within the firm(Walkowski., 2019).

References:

Goldstein, P., Goldstein, P., EdTech, & New York Yankees. (2019, December 6). The Cybersecurity Needed for NG911 Systems. Retrieved from https://statetechmagazine.com/article/2019/10/cybersecurity-needed-ng911-systems

Bashay, F. (n.d.). What Is the CIA Triangle and Why Is It Important for Cybersecurity Management? Retrieved from https://www.difenda.com/blog/what-is-the-cia-triangle-and-why-is-it-important-for-cybersecurity-management

Walkowski D (2019) What Is the CIA Triad? (2019). Retrieved 1 July 2020, from https://www.f5.com/labs/articles/education/what-is-the-cia-triad