27
th
c Octc 2020
Mrc ABC,
Chiefc Informationc Officerc (CIO)
Idealc Infoc Ltd.c
ABCc Lane,c Newc Yorkc
Subject:c Informationc onc thec cyberc domainc toc determinec organization'sc cybersecurityc
needs
Cyberc Domain
Thec cyberc domainc refersc toc thec cyberspacec thatc isc thec resultc ofc technologicalc
advancementc andc evolution.c Itc isc thec fifthc domainc afterc land,c Airc Seac andc spacec thatc
hasc becomec ac necessityc inc thec 21
st
c century.c Itc isc ac humanc creationc thatc isc thec resultc ofc
thec continuousc technologicalc development.c Itc hasc significantc impactc atc thec individualc
levelc asc wellc asc atc thec organizationalc levelc (Efrony,c 2019).c Itc isc thec cyberspacec thatc
existsc withinc thec informationc environment,c encompassingc ofc interdependentc networksc ofc
ITc infrastructuresc alongc withc thec residentc data,c includingc thec Internet,c computerc systems,c
telecommunicationsc network,c asc wellc asc thec embeddedc processorsc andc controllersc
(Crowther,c 2017).c
Keyc componentsc andc aspectsc ofc cybersecurityc andc itsc relationc toc thec cyberc domain
Cybersecurityc isc thec safeguardingc ofc thec internet-connectedc systemsc likec thec
software,c hardwarec andc datac fromc differentc kindsc ofc cyberc threats.c Thisc practicec isc
adoptedc byc mostc ofc thec organizationsc inc thec digitalizedc erac soc thatc thec ITc landscapec ofc
thec undertakingc canc bec protectedc fromc anyc unauthorizedc accessc orc maliciousc practice.c
Thec keyc componentsc thatc makec upc cybersecurityc includec applicationc security,c
informationc security,c networkc security,c andc disasterc recoveryc planning,c operationalc
securityc andc end-userc education.c Eachc ofc thesec componentsc workc togetherc andc helpc ac
businessc entityc toc strengthenc itsc ITc posturec andc havec anc edgec againstc cybercriminalsc
andc onlinec hackersc (Whatc arec thec Keyc Elementsc ofc CyberSecurity,c 2020).c Thec keyc
componentsc ofc cybersecurityc playc ac cardinalc rolec forc anc organizationc inc thec vastc cyberc
domainc andc helpc toc managec thec uncertaintyc andc threatsc thatc couldc affectc thec entityc inc
thec domain.c c
Approachc forc implementingc informationc securityc forc thec organizationc
Thec bottom-upc approachc canc bec adoptedc forc implementingc informationc securityc
inc thec organization.c Itc wouldc bec implementedc byc thec systemc administratorsc andc thec
professionalsc whoc functionc inc thec networkc securityc arenac (Lubell,c 2016).c Thec primaryc
purposec forc choosingc suchc anc approachc isc toc makec thec optimumc usec ofc thec knowledgec
ofc individualsc whoc workc inc thec fieldc ofc informationc system.c Inc thec highlyc unpredictablec
cyberc domainc thec approachc wouldc bec usefulc toc designc ac securec cybersecurityc modelc
thatc isc inc syncc withc thec securityc needsc ofc thec organization.c Thec bottom-upc approachc
couldc bec furtherc adoptedc inc thec broaderc cyberc domainc byc integratingc thec newc insight,c
knowledgec andc expertisec ofc thec employeesc thatc workc inc thec ITc departmentc ofc thec
organizationc (Lubell,c 2016).c
Possiblec threatsc forc thec organizationc inc thec cyberc domain
Ac diversec rangec ofc threatsc couldc arisec beforec thec organizationc inc thec cyberc domainc
thatc couldc negativelyc affectc itsc Informationc Technologyc posturec suchc as:
• Phishingc –c Thisc threatc isc ac fraudulentc practicec involvingc sendingc mailsc toc inducec
thec revelationc ofc sensitivec andc confidentialc datac likec passwordsc (Shic &c Saleem,c
2012).c
• Botnetsc –c Thesec internet-connectedc devicesc couldc bec usedc forc performingc thec
Distributedc Denial-of-Servicec (DDOS)c attacks,c stealc datac andc givec unauthorizedc
accessc toc thec attackerc (Eslahic etc al.,c 2012).c
• Ransomwarec –c Thisc threatc couldc gainc unauthorizedc accessc toc thec ITc systemc ofc
thec entityc andc blockc thec userc access.c
Suchc threatsc couldc compromisec thec cybersecurityc ofc thec firmc inc thec cyberc domain.
Sincerely,
Mrc X,
ITc Supervisor
References
Crowther,c G.c A.c (2017).c Thec cyberc domain.c Thec Cyberc Defensec Review,c 2(3),c 63-78.
Efrony,c D.c (2019).c Thec Cyberc Domain,c Cyberc Securityc andc whatc aboutc thec Internationalc
Law?c Retrievedc Octoberc 27,c 2020,c fromc
https://csrcl.huji.ac.il/sites/default/files/csrcl/files/dan_efrony.pdf
Eslahi,c M.,c Salleh,c R.,c &c Anuar,c N.c B.c (2012,c November).c Botsc andc botnets:c Anc
overviewc ofc characteristics,c detectionc andc challenges.c Inc 2012c IEEEc Internationalc
Conferencec onc Controlc System,c Computingc andc Engineeringc (pp.c 349-354).c IEEE.
Lubell,c J.c (2016).c Integratingc Top-downc andc Bottom-upc Cybersecurityc Guidancec usingc
XML.c Balisagec seriesc onc markupc technologies,c 17.
Shi,c J.,c &c Saleem,c S.c (2012).c Computerc securityc researchc reports:c phishing.c Universityc
ofc Arizona,c Arizona.
Whatc arec thec Keyc Elementsc ofc CyberSecurity?c (2020,c Aprilc 02).c Retrievedc Octoberc 27,c
2020,c fromc https://cyberthreatportal.com/elements-of-cybersecurity/
