Launching into Cyber Security - Discussion Collaboration
Collaborative Learning Discussion 1
Discuss why Cyber Security is now a global issue and why it is important for companies to invest in Cyber Security. Your discussion could consider the following: the economic benefits to companies, the implications of a breach of regulations and laws such as reputational damage and trust and business competitiveness. Identify a typical global company and describe the nature of the business to set the context for the discussion.
Initial Post
Cybersecurity is one of the fastest growing industries globally, as supported by Plachkinova and Pittz (2021). The demand for cybersecurity is due to the increase in cyber-attacks and data breaches to companies around the world. Cyber-attacks pose a threat to companies as they migrate to the digital online world. Furthermore, the risk of cyber-attacks is intensified through the use of IoT (Internet of Things) devices connected to the internet (Danso, 2021). According to the Global Risks Report 2021 approximately 40% of the World Economic Forum (WEF) respondents forecasted that cybersecurity will become a critical threat to the world within the next two years affecting the global economy (Mclennan, 2021).
In November 2018 Marriott International (a US-based hospitality company) announced a data breach in their network affecting approximately 500 million guests. Marriot acquired Starwood in the year 2016 however according to Marriott’s investigation led by cyber security experts’; hackers gained unauthorized access to the Starwood network in 2014 (Starwood hotels, 2018). This is a typical example of an Advance Persistent Threat (APT) attack where hackers gain access to the network and remain hidden for a long period of time to gather information (Danso, 2021). According to VanSyckel (2018) APT attacks tend to be the most dangerous form of cyber-attacks. Personal Identifiable Information (PII) such as credit card details, travel itineraries, passport numbers, etc. of Starwood’s client base were exposed. As a result of the data breach, a fine amounting $122 million was imposed on Marriott by the General Data Protection Regulation (GDPR) authority (Daigle & Khan, 2020).
Cyber-attacks are constantly evolving and becoming more sophisticated in the present day affecting the global economy. The acts of cyber criminals’ results in companies losing millions in revenue every year (Lewis & Crumpler, 2019) as confirmed in the Marriott case study. This warrants companies and organizations the demand to invest in cybersecurity practices to predict, prevent, detect, and respond to possible cyber-attacks efficiently and successfully. Fines imposed by the GDPR authority are hefty and the reputational damage, financial loss and customer confidence to any organization can be detrimental to its success.
List of References
Daigle, B. & Khan, M. (2020). The EU General Data Protection Regulation: An Analysis of Enforcement Trends by EU Data Protection Authorities. Journal of International Commerce and Economics 332(1): 13-14. Available from: https://www.usitc.gov/publications/332/journals/jice_gdpr_enforcement.pdf [Accessed 13 August 2021]
Danso, S. (2021) Launching into cyber security [Lecturecast]. LCYS_PCOM7E August 2021 Launching into Cyber Security. University of Essex Online.
Lewis, A J, & Crumpler, W., Center for Strategic and International Studies. (2019) The cybersecurity workforce gap. Available from: https://apo.org.au/node/219801 [Accessed 12 August 2021].
Mclennan, M. (2021). The Global Risks Report 2021 16th Edition Insight Report. Geneva: World Economic Forum. Available from: http://www3.weforum.org/docs/WEF_The_Global_Risks_Report_2021.pdf [Accessed 13 August 2021].
Plachkinova, M, & Pittz, T. (2021) Assessing the Awareness of Cybersecurity Within Entrepreneurship Students: The Cyberpreneurship Project, Entrepreneurship Education and Pedagogy 4(3): 564–582. Available from: https://journals.sagepub.com/doi/abs/10.1177/2515127420913056 [Accessed 12 August 2021].
Starwood hotels. (2018). Original notice from November 30, 2018. Available from: http://starwoodstag.wpengine.com/wp-content/uploads/2019/05/us-en_First-Response.pdf [Accessed 13 August 2021]
VanSyckel, L (2018) Sealevel Systems White Paper - Introducing Cybersecurity. Available from https://www.sealevel.com/support/white-paper-introducing-cybersecurity/ [Accessed 13 August 2021]
Click here to download this post as a Word Document The following post is a summary post based on peer responses received during the discussion. Peer Response by Kingsley Onyeemeosi Peer Response by Aldo Madrid Peer Response by Thomas RansonSummary Post
As the world progressively relies on online technologies and as organisations move swiftly into the digital era, the importance of cybersecurity becomes a key focus area. Cybersecurity can be considered as the practice of ensuring Confidentiality, Integrity and Availability (CIA) of information. Confidentiality refers to the controlled access to information, Integrity refers to data that should not be altered in any way and Availability refers to the reliability and uninterrupted access to data (Danso, 2021).
The Cyber Security Breaches Survey 2020 confirms that data breaches are ever-increasing. A major contributor worldwide is the rise in the use of IoT (Internet of Things) devices elaborated in detail in a peer response by Onyeemeosi (2021). According to Kaplan et al. (2019) when companies purchase IoT devices, strong cybersecurity controls is considered first.
Data breaches can have a range of damaging consequences to any organisation as observed in the collaborate learning discussions as well as in the case of Marriott International (Starwood hotels, 2018). Various known attacks are still being used such as Malware (malicious software), Spear Phishing (targeting a specific individual), Advance Persistent Threats (hackers remain hidden collecting data to further infiltrate), etc. Ranson (2021) highlights the detail of Spear phishing and its effects on organisations. Madrid (2021) delves deep into APT attacks and the protection mechanisms that organisations should introduce to mitigate these attacks - a view that the writer agrees with. These attacks can severely damage a company’s reputation as well as destroy its competitive advantage.
Research suggests that cybersecurity affects the global economy. While companies continue to invest in the latest cybersecurity technologies (Grand View Research, 2021), this will not ensure that companies are 100% cyber-attack proof (VanSyckel, 2018). It is therefore important to understand cyber-risks as well as create a cybersecurity culture within the organisation that shares a common way of thinking; in doing so security across the entire organisation is enhanced (Boehm et al., 2019).
List of References
Boehm, J., Curcio, N., Merrath, P., Shenton, L., Stahle, T., McKinsey & Company. (2019). The risk-based approach to cybersecurity. Available from: https://www.mckinsey.com/business-functions/risk-and-resilience/our-insights/the-risk-based-approach-to-cybersecurity [Accessed 29 August 2021].
Danso, S. (2021) Launching into cyber security [Lecturecast]. LCYS_PCOM7E August 2021 Launching into Cyber Security. University of Essex Online.
Department for Digital, Culture, Media & Sport (2020) Cyber Security Breaches Survey 2020. Available from: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/893399/Cyber_Security_Breaches_Survey_2020_Statistical_Release_180620.pdf[Accessed 29 August 2021].
Grand View Research (2021) Cyber Security Market Trends & Growth Report 2021. Available from: https://www.grandviewresearch.com/industry-analysis/cyber-security-market [Accessed 29 August 2021].
Kaplan, J., Richter, W., Ware, D., McKinsey & Company. (2019). Cybersecurity: Linchpin of the digital enterprise. Available from: https://www.mckinsey.com/business-functions/risk-and-resilience/our-insights/cybersecurity-linchpin-of-the-digital-enterprise [Accessed 29 August 2021].
Madrid, A. (2021). ’Collaborative Learning Discussion 1’. Peer response submitted to University of Essex Online for [LCYS_PCOM7E August 2021] Initial Post by Zihaad Khan. Available from: https://www.my-course.co.uk/mod/hsuforum/discuss.php?d=270234 [Accessed 30 August 2021].
Onyeemeosi, K. (2021). ’Collaborative Learning Discussion 1’. Peer response submitted to University of Essex Online for [LCYS_PCOM7E August 2021] Initial Post by Zihaad Khan. Available from: https://www.my-course.co.uk/mod/hsuforum/discuss.php?d=270234 [Accessed 30 August 2021].
Ranson, T. (2021). ’Collaborative Learning Discussion 1’. Peer response submitted to University of Essex Online for [LCYS_PCOM7E August 2021] Initial Post by Zihaad Khan. Available from: https://www.my-course.co.uk/mod/hsuforum/discuss.php?d=270234 [Accessed 30 August 2021].
Starwood hotels. (2018). Original notice from November 30, 2018. Available from: http://starwoodstag.wpengine.com/wp-content/uploads/2019/05/us-en_First-Response.pdf [Accessed 29 August 2021]
VanSyckel, L (2018) Sealevel Systems White Paper - Introducing Cybersecurity. Available from https://www.sealevel.com/support/white-paper-introducing-cybersecurity/ [Accessed 29 August 2021]
Click here to download this post as a Word DocumentTutor Feedback
Thank you for your participation in the first discussion forum of Launching into Cybersecurity Module.
In this discussion forum you were invited to discuss why cybersecurity is now a global issue and why it is important for companies to invest in cybersecurity. The learning outcomes from this discussion were: a) to be able to identify and explain the architecture, structure and functionality of basic components of a computer system, considering cybersecurity issues; b) evaluate critically implications of the key vulnerabilities and threats of software and network security and approaches to mitigate these issues.
Knowledge and understanding of the topic issues under considerationYou demonstrate a clear appreciation of the importance of cybersecurity in your initial post, citing the Marriott APT attack which resulted in a huge financial cost to the company. Your follow-up posts further demonstrated clear understanding of the issue under consideration, arguing out the need for companies to protect customer data as top priority to prevent the impact of cybercrime.
Collaboration / independent workingYou build on points made by others by providing further data to support, which is excellent. Your engagement and collaboration were very good. You made a total of 6 posts; I think you could still contribute more to the discussion.
CriticalityYou demonstrated some criticality in your posts drawing links between sectors and how these sectors are interlinked. Your point about the need to understand cyber-risk and develop a cyber security culture in institutions was excellent. This and many other points you made demonstrate criticality and provided additional perspective to the discussion.
Structure and presentationThe structure of your presentation in your posts is good. All points were coherently made to advance the argument or discussion. Your summary post is well constructed.
Use of relevant resources / Academic IntegrityYou used some relevant sources and cited these sources to support your points. Please make sure to provide original sources as references as much as possible and limit the use of secondary sources.
Overall, an excellent start to the module. To improve your grades further, do take note of the developmental areas highlighted above.
Collaborative Learning Discussion 2
Identify and discuss two security technologies and the context in which they can be employed. Your discussion could consider either network or/and software security issues. For example, if a network issue, what type of firewall would be ideal for the solution? What are the strengths and weaknesses of the solution?
Learning Outcomes1. Identify and explain the architecture, structure and functionality of basic components of a computer system, considering Cyber Security issues.
2. Evaluate critically implications of the key vulnerabilities and threats of software and network security and approaches to mitigate these issues.
Initial Post
Network security keeps evolving as new technologies emerge. A common method used to protect networks is a packet filtering firewall. Packet filtering firewalls implement policies based on IP addresses, ports or protocols (Rountree, 2011). These firewalls are considered to be inexpensive and can operate at high speeds since their processing logic is simple. Hardware devices such as routers and switches still make use of packet filtering firewalls due to its high speed networking requirement (Melanson, 2014). In contrast packet filtering firewalls do not store any state information i.e. ports will need to be open statically for traffic to pass through (Andress, 2014). Packet filtering firewalls operate at level 3 of the OSI (Open Systems Interconnection) model rendering it ineffective against layer 7 (HTTP/S) attacks; since they cannot inspect the payload of a packet and can be easily spoofed (fake IP addresses inserted into packets) by an attacker (Rountree, 2011).
One method of protecting against HTTP/S attacks is through the implementation of a Web Application Firewall (WAF) which aims at protecting applications accessible from the internet. WAF’s run at layer 7 of the OSI model and are able to filter, monitor and block malicious HTTP/S traffic destined to web applications (F5 Inc, 2021). Internet facing applications require protection against SQL (Structured Query Language) injection achieved by injecting SQL code into a database, XSS (Cross-Site Scripting) attacks achieved by injecting malicious code into a web browser, cooking poisoning which occurs by hijacking a user’s session, amongst others (F5 Inc, 2021). However the draw backs of WAF’s includes cost as these can be relatively expensive and performance as WAF’s need to inspect each and every packet thereby slowing down a network. Babiker et al. (2018) further argue that WAF’s produce high false negatives and high false positives as well as their inability to detect unknown attacks.
In conclusion network security forms an important role within an organizations security plan. Selecting an appropriate firewall starts by understanding the architecture and the network that needs to be protected.
List of References
Andress, J. (2014) The Basics of Information Security, Understanding the Fundamentals of InfoSec in Theory and Practice. 2nd ed. Massachusetts: Syngress Publishing. Available from: https://doi.org/10.1016/C2013-0-18642-4 [Accessed 16 September 2021]
Babiker, M., Karaarslan, E., Hoscan, Y. (2018) ‘Web application attack detection and forensics: A survey’, 6th international symposium on digital forensic and security (ISDFS). Turkey, 22-25 March 2018. USA: IEEE. Available from: http://acikerisim.mu.edu.tr/xmlui/bitstream/handle/20.500.12809/1677/Karaarslan.pdf?sequence=1&isAllowed=y [Accessed 15 September 2015]
F5 Inc. (2021) What is a Web Application Firewall. Available from: https://www.f5.com/services/resources/glossary/web-application-firewall [Accessed 16 September 2021]
Melanson, T J. (2014) Firewall Evolution from Packet Filter to Next Generation. Available from: https://www.juniper.net/documentation/en_US/learn-about/LA_FIrewallEvolution.pdf [Accessed 17 September 2021]
Rountree, D. (2011) Security for Microsoft Windows System Administrators, Introduction to Key Information Security Concepts. Massachusetts: Syngress Publishing. Available from: https://doi.org/10.1016/B978-1-59749-594-3.00003-X [Accessed 16 September 2021]
Click here to download this post as a Word Document The following post is a summary post based on peer responses received during the discussion. Peer Response by Michael Geiger Peer Response by Ying Chan Peer Response by Edward van Biljon Peer Response by Jonathan Callaghan Peer Response by Austin Mundy Peer Response by Kingsley OnyeemeosiSummary Post
Technology in general is a world of its own that will never stand still, so too are security technologies continuously evolving. Two security technologies namely packet filtering firewalls as well as Web Application Firewalls (WAF’s) were discussed in an Initial Post by the writer. Packet filtering firewalls are still being used in organisations today and in some cases tightly integrated with network devices (Melanson, 2014), despite its inability to store state information or inspect the payload of a packet (Andress, 2014). WAF’s also play a vital role in protecting organisations publicly accessible assets, a view agreed by Callaghan (2021), Mundy (2021) and Onyeemeosi (2021).
Clincy and Shahriar (2018) suggests that the benefits of WAF’s certainly outweigh the disadvantages, making WAF’s paramount in protecting internet facing applications of the 21st century. Gieger (2021) highlights the importance of WAF’s and their types of detection i.e., blacklist and whitelist as well as contrasting each of them, a perspective the writer appreciates and agrees with.
In contrast, Chan (2021) mentions that WAF’s cannot offer protection to all layer 7 type attacks referencing the use case of blind-SQL injection. According to Dhiraj (2019) blind-SQL injection attacks can bypass a WAF’s regular expression, a viewpoint the writer agrees with. This is supported by Dorai and Kannan (2011) who believe that writing secure code is one way of preventing SQL injection attacks.
Biljon (2021) recommends that access to WAF’s should be integrated with Active Directory Federation Services (ADFS) as well as Multifactor Authentication (MFA) making it difficult for attackers to brute force, an excellent suggestion the writer agrees with. Furthermore, organisations should strive to implement these integrations in an automated way sooner rather than later.
Implementing security technologies in organisations has become imperative to protect network and information assets. A holistic approach should be considered when implementing security technologies which include mandatory security training and awareness i.e., a branch of the human factor in cybersecurity.
List of References
Andress, J. (2014). The Basics of Information Security, Understanding the Fundamentals of InfoSec in Theory and Practice. 2nd ed. Massachusetts: Syngress Publishing. Available from: https://doi.org/10.1016/C2013-0-18642-4 [Accessed 30 September 2021].
Biljon, V, E. (2021). ’Collaborative Learning Discussion 2’. Peer response submitted to University of Essex Online for [LCYS_PCOM7E August 2021] Initial Post by Zihaad Khan. Available from: https://www.my-course.co.uk/mod/hsuforum/discuss.php?d=275575 [Accessed 30 September 2021].
Callaghan, J. (2021). ’Collaborative Learning Discussion 2’. Peer response submitted to University of Essex Online for [LCYS_PCOM7E August 2021] Initial Post by Zihaad Khan. Available from: https://www.my-course.co.uk/mod/hsuforum/discuss.php?d=275575 [Accessed 30 September 2021].
Chan, Y. (2021). ’Collaborative Learning Discussion 2’. Peer response submitted to University of Essex Online for [LCYS_PCOM7E August 2021] Initial Post by Zihaad Khan. Available from: https://www.my-course.co.uk/mod/hsuforum/discuss.php?d=275575 [Accessed 30 September 2021].
Dhiraj, M. (2019) SQL Injection Bypassing WAF. OWASP. Available from: https://owasp.org/www-community/attacks/SQL_Injection_Bypassing_WAF [Accessed 30 September 2021].
Dorai, R. & Kannan, V. (2011) SQL injection-database attack revolution and prevention. Journal of International Commercial Law and Technology 6(4): 224-231. Available from: https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.994.1257&rep=rep1&type=pdf [Accessed 01 October 2021].
Gieger, M. (2021). ’Collaborative Learning Discussion 2’. Peer response submitted to University of Essex Online for [LCYS_PCOM7E August 2021] Initial Post by Zihaad Khan. Available from: https://www.my-course.co.uk/mod/hsuforum/discuss.php?d=275575 [Accessed 30 September 2021].
Melanson, T J. (2014) Firewall Evolution from Packet Filter to Next Generation. Available from: https://www.juniper.net/documentation/en_US/learn-about/LA_FIrewallEvolution.pdf [Accessed 30 September 2021]
Mundy, A. (2021). ’Collaborative Learning Discussion 2’. Peer response submitted to University of Essex Online for [LCYS_PCOM7E August 2021] Initial Post by Zihaad Khan. Available from: https://www.my-course.co.uk/mod/hsuforum/discuss.php?d=275575 [Accessed 30 September 2021].
Onyeemeosi, K. (2021). ’Collaborative Learning Discussion 2’. Peer response submitted to University of Essex Online for [LCYS_PCOM7E August 2021] Initial Post by Zihaad Khan. Available from: https://www.my-course.co.uk/mod/hsuforum/discuss.php?d=275575 [Accessed 30 September 2021].
Clincy, A & Shahriar, H. (2018) ‘Web Application Firewall: Network Security Models and Configuration’, 42nd Annual Computer Software and Applications Conference (COMPSAC). Tokyo, 23-27 July 2018. USA: IEEE. Available from: https://ieeexplore.ieee.org/document/8377769 [Accessed 01 October 2021].
Click here to download this post as a Word DocumentTutor Feedback
Thank you for your participation in the second discussion forum of your Launching into Cyber Security Module.
In this discussion forum you were invited to identify and discuss two security technologies and the context in which they can be employed. Your discussion could consider either network or/and software security issues. For example, if a network issue, what type of firewall would be ideal for the solution? What are the strengths and weaknesses of the solution?
Knowledge and understanding of the topic issues under considerationYou demonstrate great understanding of network security by providing 2 technologies that can be employed to address network security issues in your initial post. Your follow-on posts and contributions to other issues were excellent. You enriched the discussion with good contributions, particularly on stateful packet inspection firewalls, Network Behaviour Anomaly Detection, Next Generations Firewalls and MFA.
Collaboration / independent workingYou build on points made by others by providing further data to support, which is excellent. It was good to see you taking the feedback provided in discussion forum 1 on board, by engaging a little more which reflected in the number of posts as well as quality of your posts. In total you made 8 posts including initial post. These have been spread across the discussion over the three weeks period.
CriticalityYou demonstrate similar critical analysis and evaluation in your contributions to other discussions. Your statement “However, Klein (2021) mentions that relying on firewalls alone to protect networks in its entirety simply aren’t enough; methods such as software-based segmentation are proving to be very effective as well.” is a clear example of criticality and quality of your contributions.
Structure and presentationThe structure of your presentation in your posts is good. All points were coherently made to advance the argument or discussion. The summary post is well presented collating all the issues discussed to present a well-balanced and coherent view of the topic under discussion.
Use of relevant resources / Academic IntegrityYou cite good sources to support your point, demonstrating critical analysis and depth, which is excellent.
Overall, excellent work done. You demonstrated great appreciation of network security and the technologies that can be deployed as part of a cyber security strategy. To improve your grades further, do take note of the developmental areas highlighted above.