Cyber Security Policies in the Private and Public Sector

Cyber Security Policies in the Private and Public Sector Cyber Security Vulnerabilities and Associated Threats of Cloud-Computing 16-03-2013 Table of contents Introduction†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦3-4 Cyber Security Vulnerabilities†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦4-5 Cyber Security Vulnerabilities, Threats and Actions.†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.....5 Session Hijacking†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.5-6 Virtual Machine Access†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦6 Service Availability†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦......6-7 Cryptography Flaws†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.7-8 Data Privacy†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.8-9 Dependency on Internet†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦..9-10 Denial of Service (DOS)†¦show more content†¦When an organization has decided to move on the cloud, then it should also consider the associated vulnerabilities and the threats. Some of the major vulnerabilities are discussed below: Session Hijacking It means that the cloud or the required service is hacked by the hackers using a valid session key. This key is used to gain the unauthorized access on the critical resources of the organization. Once hacked, the hackers can have the complete access on the systems, and they can perform any malicious activity they want to do, to hit the company resources. If proper and effective security measures are not followed in the infrastructure then it may cause a heavy business loss in terms of financial terms as well as the reputation of the organization. Probability of Occurrence The probability of occurrence of these types of attack is generally high. The reason being is that the attackers keep on continuously scan the system to find out the vulnerabilities in it. Once they gain the access, they just execute their jobs. Effective Policies amp; Procedures To mitigate this kind of risk, firewalls should be implemented in the system at the right places. Firewalls prevent unauthorized access of data. Rules and policies should be configured to protect the session keys. To increase the awareness among employees, a proper training should be given to them. For example, session monitoring shouldShow MoreRelatedCyber Security Role For Homeland Security Intelligence1153 Words   |  5 Pagesshown major flaws within the intelligence community. Those events led the creation of the Department of Homeland Security and with it pooled federal agencies into in umbrella for it to be centralized in order to be effective. There are three categories in which the Homeland Security Intelligence face in the 21st century. Those categories are technological, political, and cyber security. In this day in age everything from critical infrastructure, government information to money is being digitalizedRead MoreCyber Security : The Security Of The Nation s Computer And Telecommunications Infrastructure1091 Words   |  5 PagesCyber Security can be defined as â€Å"The security of the nation’s computer and telecommunications infrastructure that include military, all forms of communications networking, electrical grids and power plants.† (Dhillon, 2013) The attacks can involve both public and private sectors including: †¢ Government Agencies †¢ Banks †¢ Power Companies †¢ Any other companies that utilizes computer and telecommunication systems. Very little research exists regarding power in information system (IS) security. HoweverRead MoreThe European Union1015 Words   |  5 Pagesit placed on its public borrowing and financing of infrastructure. To meet its social responsibility the United Kingdom government started the private finance initiative. 1992 - Private finance initiative is the resultant means of financing infrastructure following the Maastricht agreement to reduce public sector borrowing requirement. It was first introduced in the 1992 Autumn Statement by Conservative Chancellor Norman Lamont. PFI was a means through which the private sector finances major infrastructureRead MoreDefence Policy And Military Strategy1134 Words   |  5 Pagesconcept of Defence has gradually changed as cyber security is streamlined into defence policy coupled with economic influence and globalisation. ‘In the military, information and intelligence operations, routine administrative functions, and a wide array of everyday jobs have been increasingly developed and transformed with the support of interconnected electro-electronic devices’ . Defence policy and military strategy go hand in hand and Defence policy have been directly linked to current economicRead MoreThe Emergency Management Response Team1581 Words   |  7 Pageselectric is a regulated distribution and transmission business of the private sector and owned by a limited number of investors. Oncors’ responsibility is to deliver reliable and safe electricity to the private sectors, so they can have the power to maintain productivity by keeping the backbone of our economy (oncor 2012). We are known as the â€Å"poles and wires† infrastructure company, we manage our business like the private sector does and our company invests in the latest technology and by puttingRead MoreObama Administrations Policy Views on Cybersecurity1338 Words   |  6 PagesTitle Page Contents Introduction Obama Administration’s Policy Views on Cybersecurity 1.1. Enhancing Resilience 1.2. Reducing Threats Obama and Bush Administrations 1.3. Bush Administration 1.4. Policy Similarities 1.5. Policy Differences Recommendations for Improvements 1.6 Cyber Czar Position 1.7 International Organization and joint punishment Works Cited Introduction The following document will provide information pertaining to presidential administrationsRead More Cyber Security Policies and Defense Contractors Essay1087 Words   |  5 PagesAbstract Cyber security policies in the private sector have been a challenging issue for major defense contractors, especially after recent attacks. As a result, the U.S. increased its strict enforcement against these companies by justifying its intervention to improve cyber security. The government would like to impose standards for companies who lack the proper protocol. Due to the revised and new procedures, corporations are responding by rejecting any congressional intervention. This has causedRead MoreA Supervisory Control And Data Acquisition1491 Words   |  6 Pagesand username sharing (Adams, 2015). Stuxnet was a worm that was created in June 2010 that was supposed to precisely target Siemens SCADA industrial software and equipment operating at Iranian nuclear facilities (Chung, 2013). Stuxnet was a cyber weapon that could alter and damage industrial control systems. These are the same systems that control water treatment plants, the electrical grid, and nuclear facilities all over the world (Ferran, 2012). â€Å"Although the worm was intended for a specificRead MoreThe Government s Methods Of Intervention891 Words   |  4 PagesThe government’s methods of intervention are to enhanced public/private collaboration, proposing new cybersecurity legislations, established partnerships to secure technology, data information sharing, protected consumers, and increase security on Federal networks† (Fact Sheet). By detecting common cyber dangers and obtain additional resources from the private sector assets can reduce the risk of threats against our country. Presi dent Obama and his Administration has addressed the major risk of cybersecurityRead MoreImportance of Cyber Security1744 Words   |  7 Pagesbecome prey to cyber threats. The United States Executive Office of the President stated, â€Å"The President identified cybersecurity as one of the top priorities of his administration in doing so, directed a 60-day review to assess polices.† (United States Executive Office of the President, 2009, p.2). Furthermore, critical infrastructure, our network, and internet alike are identified as national assets upon which the administration will orchestrate integrated cybersecurity policies without infringing