Provide (2) 150 words substantive response with a minimum of 1 APA references for RESPONSES 1 AND 2 below. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet deadline.
RESPONSE 1:
Threats targeting remote workers will increase, particularly if the work from home movement continues post-COVID. This in turn raises the threat against VPNs and cloud-based usage, such as overall misconfigurations, login/username/passwords issues, data retention and deletion concerns, etc. (StealthLabs, 2020).
Also, while not specifically network-focused, insider threats will potentially increase as well (which then takes advantage of network vulnerabilities). This includes unauthorized remote access (connecting unsecured mobile devices, for instance), utilizing misconfigured network weaknesses, and other vulnerabilities which lead to compromises and/or attacks (Hendry, 2021).
To remedy these two threats (and others), evolving technologies may be able to assist. For instance, artificial intelligence and machine learning can be used to analyze network traffic or user movements, and quickly alert security officials to anything unusual. Machine learning may also be able to proactively identify any threats prior to compromises even occurring (Brooks, 2020). Super computing or quantum computing will also eventually be used to better encrypt connections, files, etc. NIST is currently evaluating 65+ methods of post-quantum cryptography which may be used to secure systems in the future (Denning, 2019). On the flip slide, though, this technology can also be used by malicious actors to decrypt and attack systems.
Also, governance, risk and compliance (GRC) will help with all of these above, in that GRC outlines a way forward to protect systems from compromises. For instance, governance includes drafting policies and procedures to ensure data and network security. Risk is when an organization identifies specific threats and how to best remedy those vulnerabilities. And compliance works to ensure all users are adhering to the requirements implemented by the organization.
References
Brooks, C. (05 July 2020). Four Evolving Technology Areas of Smart Cybersecurity. Forbes. Retrieved 15 March 2021, from https://www.forbes.com/sites/chuckbrooks/2020/07/05/4-evolving-technology-areas-of-smart-cybersecurity/?sh=462b067f68fc
Denning, D. (2019). Is Quantum Computing a Cybersecurity Threat. American Scientist. Retrieved 15 March 2021, from https://www.americanscientist.org/article/is-quantum-computing-a-cybersecurity-threat
Hendry, J. (2021). Ex-Contractor Accessed Vic Govt IT System 260 Times a Year After Leaving. IT News. Retrieved 15 March 2021, from https://www.itnews.com.au/news/ex-contractor-accessed-vic-govt-it-system-260-times-a-year-after-leaving-562038
StealthLabs (2020). Cybersecurity Trends in 2021 and Beyond. StealthLabs. Retrieved 15 March 2021, from https://www.stealthlabs.com/blog/top-10-cybersecurity-trends-in-2021-and-beyond/
-GRETCHEN
RESPONSE 2:
1. List your thoughts on what the future holds for network security threats (what they are, will they increase, decline, etc.).
Bigger and better Malware and botnets that attack in more sophisticated ways. Starting in the “Cloud” as businesses increasingly rely on various cloud services for managing their customer data, internal project plans and financial assets, we expect to see an emergence of attacks targeting endpoints, mobile devices and credentials as means to gaining access to corporate or personal clouds. It’s hard to predict what form future attacks will take – but we can imagine ransomware taking hostage not just your local documents, but any type of cloud-hosted data. These attacks may not require data encryption and could take the form of blackmail – threats of going public with your confidential data. Strong password and cloud data access policies are more important than ever, your security is only as good as your weakest point!
2. List any evolving technologies (new) that you are aware of that can help with the threats you listed.
The next generation of firewalls is a hardware or software-based network security system that is able to detect and block sophisticated attacks by enforcing security policies at the application level, as well as at the port and protocol level. Next-generation firewalls integrate three key assets: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control. Like the introduction of stateful inspection in first-generation firewalls, NGFWs bring additional context to the firewall’s decision-making process by providing it with the ability to understand the details of the Web application traffic passing through it and taking action to block traffic that might exploit vulnerabilities. This is the single best example of what is evolving for network security a more intuitive firewall that has multi-levels of protection.
3. Explain how Governance, Risk and Compliance (GRC) will help with these matters, what part will they play (Chapter 15).
GCR when broken down its part plays an effective role in helpin shore up your network security. Governance makes sure that everyone from admins to users is following the security policy rules. Compliance makes sure your company is following all laws that apply to your business’s network, and finally Risk management. One of the foundations of any information security programs is a robust risk management practice. If you don’t identify your risks, how do you know which security technologies to deploy and where. All these put together create an equilibrium that keeps the network in good order.
Reference:
Steward, James M. Network Security Firewalls and VPNs. Sudbury, MA: Jones & Bartlett Learning, 2011. Print.
– MARIAH
