This class has proven to be
increasingly interesting. I’m taking this class simultaneously with Ethical
Hacking and Response, and both classes have really opened my eyes to the world
of cyber security, as well as current trends in cyber security. As I go through
each week’s readings and assignments, I see many areas where I can apply what I
learn to our corporation and in my own personal life. As I begin to learn about
threats and vulnerabilities and the risk to pose, I’m gaining a better understanding
of how I need to exercise good security measures in all my computing endeavors.
The Security Trends forum has been
an excellent way to discover more of the cyber security environment; not just
threats and vulnerabilities, but ways to mitigate those risks, which often
involved good security policies that are already in existence. A good security
policy is a proactive way organizations can ensure they are protected. It also
establishes rules for good user behavior, and has to include employee training,
and follow up to ensure users are in compliance. Security policies also serve
to ensure the organization is in compliance to any applicable federal and state
regulations. These classes are really helping me to understand how taking seemingly
small security steps can help companies avoid data breach that can have major
impacts.
In my Ethical Hacking and Response
class, I was surprised to discover how much vulnerability has been discovered
with the Apple iOS. I only use Apple devices, absolutely love them, and won’t switch
to an Andriod device, ever. However, I must admit I was concerned. Like other Apple
users, I thought Apple’s operating systems had the greatest high-tech security,
but I am coming to grips with the fact that Apple mobile devices are also
targets for attackers, and that any iOS device can be subject to attack sources
of malware and viruses. For example, a Tech World article referenced 15 of the
biggest Apple security threats, and I was surprised to learn about MacDefender,
which was a malware that masqueraded as a security app users were invited to
install an app as a way to detect non-existent security threats on their
devices. Read more about it here https://www.techworld.com/picture-gallery/security/biggest-mac-security-threats-from-adware-icloud-hacks-ransomware-3623261/.
A different article from Norton Security pointed out some common threats for Android,
iOS, and Windows devices, with the rapidly advancing pace of technology
bringing more sophisticated attacks. Some of the more common threats include collecting
sensitive data stored on a device, spying on users and logging their activity, tracking
locations, and opening back doors into a device to allow attackers to take
control. Read more at https://www.nortonsecurityonline.com/security-center/mobile-threats-protection.html.
Back to my class, Current Trends in
Cybersecurity, this is a great opportunity for me to learn more about perform
threat and systems analysis, and discovering and analyzing certain threats and
vulnerabilities so I can perform a risk assessment. I believe a threat
analysis can be very useful in identifying and assessing threats and
vulnerabilities, and, in the long run, create a more resilient network against
threats, and mitigate any threats that do happen to break through. The fact is
that a threat analysis allows IT personnel to locate vulnerable devices and
systems, which can allow the company to respond quickly and make a considerable
difference to limit damage from a cyber attack. Cyber attacks are on the rise,
where attackers can wreak havoc on a corporation without ever leaving the safety
of their homes. As attacks become increasingly sophisticated using technical
skills and social engineering tactics to breach networks and gain access to sensitive
data, the need for threat analysis becomes more apparent and more important.
No comments:
Post a Comment