Discussion week 5: Advanced Persistence Threats (Coursework Sample)
1.One of the biggest risks that companies face is advanced persistent threats. Discuss the most effective way to implement policies that mitigate the chance of an insider either taking part in or facilitating an advanced persistent threat. What policies can help manage the insider threat for an organization’s supply-chain companies, or the organization’s off-shore contractors? Integrate the concept of separation of duties into your discussion. 2.On Feb. 19, 2013 Mandiant released a report alleging that a specific Chinese military unit is behind one of the largest cyber espionage and attack campaigns aimed at American infrastructure and corporations. Public understanding of Advanced Persistent Threats (APT) is weak, attribution remains difficult, and cyberattacks are often dismissed as criminal or peripheral to national security. This carefully-researched report is significant because it convincingly and publicly assigns attribution for ongoing cyber espionage to groups supported by China. By publishing, Mandiant hopes that -- (a) this report will lead to increased understanding and coordinated action in countering APT network breaches; and (b) its resulting exposure and discussion may thwart APT activities. Discuss whether Mendicant’s two desired outcomes above are likely to occur. 3.While the daily news contains a wealth of information about vulnerabilities, threats, and hackers, there are still several national cybersecurity concerns about which little is known by the general public. Electromagnetic pulse (EMP) is described by several experts as a low-probability, high-effect event. First, read the journal article by Dan Dickerson: “No Defense: America’s Growing Vulnerability to an EMP Attack.” Another low-probability, high-effect threat are "Coronal Mass Ejections, more commonly known as Solar Flares. Our own sun goes through an eleven-year Sun Spot cycle, with the next maximum Solar Flare activity predicted to occur between 2013-2014. An "EMP" spike, or either a "Coronal Mass Ejection" magnetic field, can each disrupt or permanently disable power lines and computer circuitry. They can each fry transformers or overheat transistors. When an EMP event, or a Solar Flare, involves enough high energy, the resulting damage to electronic equipment may be so severe that a re-boot or re-start may not be possible. The equipment is trashed. The DOD, and possibly other countries are currently studying design for new energy weapons that can direct EMP against enemy computers. After reading the EMP article, discuss with your classmates your opinion about the likelihood of an EMP attack by an adversary, or the likelihood of a Solar Flare that could permanently damage much of our sensitive electronic infrastructure equipment. Answer these questions: (1) to what degree should US policy makers should be concerned about a high-effect, low-probability EMP attack, or a powerful Solar Weather event? (2) describe measures that may mitigate damage to the US power grid; and (3) measures individuals can take to mitigate the consequences to their personal electronic equipment.source..
Advanced Persistence Threats
Advanced Persistence Threats
The biggest challenge facing companies is the likelihood of an employee misusing the trust a company has on them, the risk posed is known as the trusted insider threat (Cole & Ring, 2005). Similarly, companies are also exposed to Advanced Persistence Threats (APT) (ISACA, 2013). Access to the computer systems should be limited to an internal control such as segregation of duties (SOD). The control involves disseminating roles and their privileges among many employees. SOD minimizes the powers given to one person. Generally, to combat a trusted insider threat, a firm should define if it is exposed to any threat, if a threat exists, then adequate security measures to lessen the risk will be a good option (Donaldson & Siegel, 2015).
The two objectives that Mandiant had will be achieved since the publication will enable the general public to comprehend APT. The public will gain an insight into the nature of the APT network breaches and this will greatly frustrate APT activities (Poindexter, 2015). The media has given cyber espionage and cyber-attacks a lot of attention as APTs have greatly affected companies in the U.S. The subject...
- Social Structure and Social InteractionDescription: Social Structure and Social Interaction Literature & Language Coursework...1 page/≈275 words | 1 Source | APA | Literature & Language | Coursework |
- Project Management And Swot Analysis: Strengths, Weaknesses, OpportunitiesDescription: Propose an idea for a project that you would like to do throughout this course. Your project ideas will be grouped by interest and teams will select one ...1 page/≈275 words | 3 Sources | APA | Literature & Language | Coursework |
- ENL 207: Common Sentence Problems — PracticeDescription: The sentences below contain common problems. Work to correct and identify the errors with a partner. Identify and label the type of problem using the choices from the list....1 page/≈275 words | No Sources | APA | Literature & Language | Coursework |