Running Head: CYBER SECURITY 1

CYBER SECURITY

Name

Institutional Affiliation

Date
CYBER SECURITY 2

Cyber Security

HLS571 Case 2

Today’s connected world alongside technological advancement in both software and

hardware has enabled individuals and companies to conduct businesses online and perform other

things like data storage. New features of the internet and Information technology are seen day by

day, the interest to know new people and simplify task through the internet has been a major

concern. However, this has not been easy, there are cyber activities that are a threat to many

people, these threats need cybersecurity. Cybersecurity is the practice of protection of inter-

network connected systems, these systems include the hardware and software, and they are

protected from cyber-attacks. Basically, cybersecurity is all about protection, detection, recovery,

and reliability. Cybersecurity consist of multiple layers that drive across the computer, programs,

networks, and data. Ensuring there is security in the systems requires that there is coordination of

efforts in the IT systems which includes data security, network security, operational

software/application security, recovery and continuity, and user education ("NIST gifts guidebook

for recovering from cyber attack", 2018).

Goals to Cybersecurity

There are several goals that are undertaken to make sure that everything on the internet is

100 % efficient. These goals include;

(i) Availability

Availability is a key concern when it comes to inter-connected systems and for those who

conduct businesses online. Data must not be tempered, modified and lost. Availability deals

more on data reliability. Many cyber attackers target the data saved in a system to gain access to
CYBER SECURITY 2

other places. SQL injection is a common method used by the attackers to access the database of

system and hence modify data.

(ii) Integrity

Integrity is another major concern when it comes to IT systems, a wholeness of computer

systems is not simple to get. This goal needs the computer systems to adopt the main

requirement of information systems, this is to gain trust, honesty and all other positive virtues. A

system can never be 100 % secured, despite, an improvement on Password, encryption software,

firewall, and antivirus which are recommended by Homeland Security.

(iii) Confidentiality

An information system must engage confidentiality, data encryption and changing

passwords on regular basis supports confidence of informational systems, the Central Intelligent

Agency refers confidentiality as integrity and availability. Many organization in the United

States like National Infrastructure Protection Plan (NIPP), provides security measures on

confidentiality and reliability of data through program protections (Abrams, M., & Weiss, J., 2008).

(iv) Accountability

Accountability is another concern in cybersecurity, for instance, in an organization that

runs things through the internet, every member is entitled to a specific task and responsibility.

When anything goes wrong in a particular area then the people associated with the area are

accountable. Homeland Security provides measures to ensure a system moves with the changes

in technology and security levels available, for instance, the communication sector is a specific

sector for communication integrity.

CYBER SECURITY 2

(v) Assurance

Assurance consists of all the other goals for cybersecurity. One cannot be assured of

integrity if the availability of data or integrity is not tackled properly. There are several federal

laws relating to cybersecurity and charges too. Computer security act was addressed in 1987 that

aligned with the National Institute of Standards and Technology.

Categories of Services

To achieve or these objective goals are a number of categories followed to make sure these

issues are addressed and taken into account. These categories include federal laws and

regulations, they are support, prevention, detection, and recovery, and all these are relevant in

achieving goals.

(i) Supporting

In supporting there are several organizations concerned in making sure that a system is

fully supported in any kind of cyber-attack. For instance, the Cyber Resilience Planning has a

platform to make sure that an organization is a conduction their activities in a free cyber-attack

zone through strengthened email defense.

(ii) Prevention

Prevention is said to be better than cure, prevention of an attack may come before or after

a known attack. Coffense CBFREE offers educational information to an organization about

cyber-attacks after detecting that they are happening. Prevention of cyber-attacks calls for
CYBER SECURITY 2

internal training programmes that are parallel to the technological. NIST also provides a forum

for cybersecurity protection and critical infrastructure resilience.

(iii) Detection

The most important category to make sure cyber-security goals are reached is the

detection. Detection makes a system a threat to attackers. When cyber-security is modified with

good detection systems then it becomes easier to spot them a mile away. The most common

cyber-attacks like ransomware and Distributed Denial of Service are easily detected since a

company or organization miss some parts of their data immediately. When is realized a company

can report to the legal organization concerned in these crimes (Hathaway, O. A., Crootof, R., Levitz,

P., 2012).

(iv) Recovery

Some members of the organization would still work with the organization even when a

company has had such issues before but still, data was recovered. A tactical recovery mechanism

is made by NIST, where steps that include identity, protect, detect, respond, and finally

recovering. This is a priority already set for data recovery in a company, it is recommended for all

organization.

\
CYBER SECURITY 2

References

Abrams, M., & Weiss, J. (2008). Malicious control system cyber security attack case study–

Maroochy Water Services, Australia. McLean, VA: The MITRE Corporation.

Hathaway, O. A., Crootof, R., Levitz, P., Nix, H., Nowlan, A., Perdue, W., & Spiegel, J. (2012).

The law of cyber-attack. California Law Review, 817-885.

NIST gifts guidebook for recovering from cyber attack. (2018). Retrieved from

https://federalnewsradio.com/technology-main/2016/12/nist-gifts-guidebook-recovering-

cyber-attack/

Tipton, H. F., & Nozaki, M. K. (2007). Information security management handbook. CRC press.