Essay Available:
Pages:
7 pages/≈1925 words
Sources:
1 Source
Level:
APA
Subject:
Education
Type:
Essay
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 25.2
Topic:
White Paper Describing Cybersecurity Topic (Essay Sample)
Instructions:
Instructions
Here is an overview for the topic:
Organizations that buy and maintain their own networking equipment for web access, file/mail transfer, authentication, etc. need to have a strong vulnerability management framework to secure their network's security posture. Organizations often hire 3rd party companies to run vulnerability scans on their network and give detailed reports about what needs to be changed to maintain an organization's data confidentiality, integrity, and availability. This cost of this can range depending on the scope of the evaluation of the network which is decided in before any scanning or reporting. These organizations that need this service could benefit greatly from a white paper from a vulnerability analyst that knows the industry and can give some advice to a company's IT team to run scans and develop a report themselves. This could save a lot of money for a company as well as allow them to maintain control of all their IT and cybersecurity operations.
Concepts that I mentioned previously like data confidentiality, integrity, and availability would need to be explained fully as well as other terms and tools used for vulnerability scanning and reporting. Why these terms are important and some low-level cybersecurity concepts would also need to be explained to ensure that there isn't any convoluted information in the paper.
Here are the requirements:
length: 1200-1600 words
the audience for the white paper is clear and the problem being addressed is clear
the white paper provides background context that the audience can use in acquiring new information about the issue or problem
executive summary is thorough -- a busy executive understands the problem described and the purpose of the white paper from the executive summary
introduction: summarizes the research and defines the necessary terms in the report
describes the approaches and strategies that have been previously used or are currently used and integrates research to support the descriptions of the problems with the approaches
describes the findings of the research and presents and interprets the data for the reader and relates these findings to the purpose of the paper
conclusion: reviews the research in light of the previous approaches and provides the audience with information about what steps might be taken
sources listed and cited in APA format and sources are scholarly, primary, or appropriate for the message in the white paper
meets the requirements for the number of graphics: at least three graphics
meets requirements for the number of original graphics: at least two graphics are original
graphics enhance the message of the white paper, graphics are readable, all graphics are labeled, and graphics from other sources are cited appropriately, and graphics are consistent and aligned appropriately for the document
demonstrates accurate word forms, demonstrates accurate sentences, and demonstrates accurate punctuation. source..
Content:
White Paper Describing Cybersecurity Topic
Name
Course
Professor
Date
White Paper Describing Cybersecurity Topic
The audience for the paper
The audience of this white paper is organizations that buy and maintain their networking and equipment for web access. All organizations do this to ensure the smooth running of their operations and efficient and effective resource sharing. The white paper will help organizations understand cybersecurity threats, ways of mitigating them, and ways to react when attached. Additionally, it will benefit the organizations by equipping the organizations’ information technology team with the knowledge needed to run scans and develop detailed reports on what needs to be changed to maintain the organization’s data confidentiality, integrity, and availability. Consequently, organizations will stand a chance to save money and maintain control of all their information technology and cybersecurity operations.
Background context
In response to the challenges associated with the current cybersecurity threats, this white paper addresses the issue of vulnerability in organizations’ networks and how this can be handled to minimize the cases. A vulnerability in a network becomes a catalyst for the cybersecurity attack occurrence. For that reason, regular vulnerability scans are necessary to combat the issue. These scans are more economical when done by an organization’s information technology team rather than hiring a third party to execute the task. This paper shall address the CIA, threats, vulnerabilities and risks, management techniques, and technology infrastructure. The IT team of an organization should refer to these to acquire information about any issue in the organizational network. The organization also includes such devices as intrusion detection and prevention devices. The intrusion detection system detects any malicious or suspicious intrusion into the system and sends a signal to the network administrator and a reaction is made. The intrusion prevention system is also a security control measure that detects and prevents malicious intrusion from happening. These systems can place an organization in a better position of having minimal to no vulnerabilities.
Executive summary
Cybersecurity denotes the protection of internet-linked systems, together with hardware, data, and software from cyber threats. People and organizations utilize the technique to stop unauthorized entry to data centers and other computerized networks. A competent cybersecurity plan may provide a satisfactory security standpoint against malicious attacks focused on obtaining access to, changing, deleting, damaging, or extracting sensitive information from a company’s or user's networks. Cybersecurity is crucial in thwarting hackers who attempt to incapacitate or impair the performance of a network or gadget (Shea et al., 2021).
Currently, organizations are being pursued by cyber attackers for various reasons. Among them include the data and information held in the information systems are very valuable and the systems being full of flaws and vulnerabilities. Cyber attackers take advantage of the vulnerabilities to hack into a system to satisfy their filthy desires towards the organizations. Mostly when this happens, the organizations experience a very significant loss including financial loss, loss of data and information, and breach of privacy, embarrassment among other challenges associated with these cyberattacks. Others take advantage to illegally access the organization's network and cause unwanted traffic, denial of service, wiretapping, and corrupt the network with viruses among other harmful activities.
In the present day, technology, and more specifically the information technology field is experiencing inevitable advancements. As technology advances in the positive direction, the negative direction is also taking advantage, and through this, malicious hackers are employing the new and improved technology to develop more robust malicious viruses to exploit organizations’ vulnerabilities. Others brutally intrude themselves into networks causing severe problems to the victims. The issue of cybersecurity is now global and every organization needs to understand the ways to protect its assets from hackers. Consequently, this white paper explicitly addresses all the organizations that need to know about vulnerability scans, the production of detailed reports concerning the scans and areas that need to be changed, and the maintenance of confidentiality, integrity, and availability.
Vulnerability scanning is the procedure of tracing security flaws and vulnerabilities in computer networks or systems and the software that operates on these systems. This is an important part of a program of vulnerability management that has one main goal: to safeguard the company against security breaches and delicate data disclosure. Organizations need to avoid old vulnerability scanning and adopt the latest techniques to cope with the changes. Traditional vulnerability scanning does not tell when to scan and what exactly to scan.
Introduction
Cybersecurity is among the leading worldwide security problems facing the globe today. As a result, the present regulations and procedures governing the cybersecurity workforce have been scrutinized extensively. As this goes on, cyber threats are evolving daily and new technologies on how to perform the crime are being invented thus empowering the issue. Advancements in technology in the endeavor of creating more robust information systems retranslate to the evolution of cyber threats. For this reason, this white paper will help organizations understand the possible vulnerabilities in the information technology industry, threats associated with any system vulnerability, the significance of running network vulnerability scans, and recommend what needs to be changed to ensure the CIA triad is implemented. The capstone of an organization’s network infrastructure needs to be as strong as possible to keep the organization safe from cyber threats. The most necessary term in this paper is confidentiality which requires that an organization’s data should be kept private, secret, and confidential (Walkowski, 2019). Integrity which refers to the quality of being whole and complete is among the key terms in this paper and availability which means that network or system resources should be available to authorized people any time they are needed without failure.
CIA-triad
The 3 characters in the CIA-triad concept stand for confidentiality, integrity, and availability. An organization’s information technology team needs to measure the organization’s network based on this standard. The network should ensure the confidentiality of the resources shared within it otherwise there is a problem with it and, therefore, a reaction towards the same is necessary.
Confidentiality
Confidentiality includes an organization's attempts to ensure that data is kept hidden or confidential. To do this, information entrance must be limited to avoid the undeliberate or inadvertent leakage of data. Safeguarding confidentiality needs to make sure that individuals who do not have the proper authorization do not have entry to assets that are delicate to the organization. The team can implement this by ensuring that the system can encrypt sensitive files and manage data access among other data confidentiality management tools. The team should be aware of the possible ways in which confidentiality can be compromised to detect them and prevent them from happening as early as possible. These ways are direct attacks and attempts to filtrate applications or databases to interfere with the data stored in the databases (Fortinet, 2021).
Integrity
Integrity entails making sure that data is secure and untampered with. Only original, correct, and reliable data retains the integrity of the data. To ensure the integrity of organizational data is maintained, the organization can install intrusion detection systems (IDS) that monitor the network system for malicious activity or policy violations. Failure to install this software in a system makes the system veneration. The organization can also consider installing firewalls which are very crucial hardware devices in a network that filter any traffic getting into the system and block any malicious traffic. A network system that is safe from cybersecurity threats can detect when an intruder is getting into the system send a notification to the network administrator and can ensure that files or any information can only be modified by authorized people.
Availability
Availability means that resources should be available to the authorized people on demand. The information technology can handle the vulnerability that leads to the failure of the resources by installing such devices as intrusion detection and prevention systems. This prevents hackers from identifying a vulnerability to cause attacks such as denial of service attacks rendering the data inaccessible. The team can also handle this by using redundant applications, servers, and networks that come available when the primary system becomes unavailable.
Threats, Vulnerability, and risks
Understanding what to look for when it comes to cyberattacks is crucial. Phishing attacks, careless and malevolent insiders, zero-day attacks, brute-force, social engineering, known software vulnerabilities, denial-of-service attacks, and cyberattacks assaults are the top ten most prevalent dangers to enterprises (LeadingAge, 2021). The information technology team of an organization should carry out regular vulnerability scans to prevent the organization from becoming a victim of such risks. Additionally, the team can perform a defense in depth. Defense in depth assists in preventing intruders from achieving their aims and at the same time observing their progress, creating and implementing reactions to stop or fig...
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:
Other Topics:
- Education Should Be FreeDescription: Education Should Be Free Education Essay...2 pages/≈550 words| 3 Sources | APA | Education | Essay |
- Advantages and Disadvantages of Being a Commuting StudentDescription: Imagine a college experience where one can savor the comforts of home and forge a path toward independence. This is the world of commuting students where one lives off-campus and travels to the educational institution for classes. Murphy et al. (2020) state that around eighty-five per cent of university...1 page/≈550 words| 5 Sources | APA | Education | Essay |
- Teaching Children to ReadDescription: Teaching children to read is a critical aspect of their development, and there are many modern terms and strategies associated with it. Some of these terms include digital literacy, multisensory instruction, and phonological awareness, all of which can have a significant impact on children's reading...2 pages/≈550 words| No Sources | APA | Education | Essay |