Protecting the Homeland (Research Paper Sample)
You and your nation state have just suffered an intrusion attack. You are on a team of Cybersecurity intelligence analysts working for the USA Federal Government you are responsible for the development of a Risk Profile. Conduct independent research on your assigned sector (USA Federal Government). Determine and report the noted risks to your sector and your organization in the form of a tHREE-page Risk Profile.source..
Protecting the Homeland: Risk Profile
Protecting the Homeland: Risk Profile
The US Federal Government does need effective cyber security in identifying, prioritizing and managing cyber risk across its departments. There are different manifestations of cyber risks, such as the complex techniques that pose threats that are compromising in nature to the malicious techniques that infect user machines with malware without their knowledge (Office of Management and Budget, 2018). To identify cybersecurity threats, the DHS should establish a descriptive Risk Profile that provides a comprehensive outline of the possible cyber threats. A Risk Profile outlines the known risks, policies, and practices that provide guidance as to what can and should be done to protect an organizations data and assets (Amundrud, Aven, & Flage, 2017). This outline concisely summarizes the cybersecurity risks so as to give priority to the strategies for mitigation. Due to technological advancements, a Risk Profile should be constantly modified and updated to retain its efficacy. The top three cyber threats identified by the US Federal Government will be discussed in this Risk Profile.
1. Threat 1
An insider threat originates from within the federal government. It could come from present or previous employees, consultants, or other affiliates with access to the Federal Government's data and computer systems. Furthermore, this threat may or may not come from Executives, Senior Management, or System Administrators, and it is one of the most expensive and difficult to detect of all known attacks (Portman & Carper, n.d.).
Money is the primary motivation for malicious insider threats. Other motivations include emotional and political motivations. Unintentional Insider threats and are motivated by a lack of knowledge, ease of access, and misguided technology (Portman & Carper, n.d.).
Malicious or intentional attempts to access sensitive data.
Has a considerable impact on the organization. Has a profound impact on the company. In addition to the lost asset value due to removal, divulgence or destruction, institutions may experience instant decline of intrinsic value and revenue loss.
United States Federal Government.
U.S. Federal Government data, databases, and file servers.
Unauthorized access to intentionally or unintentionally harm the government or agency and its resources.
In most cases, the usual employee is unaware of the unintended loss of data. System administrators tend to misuse their privileges and may use un - authorized devices to smuggle exfiltrated data. The Executives and Senior management are commonly targeted by Spear-Phishing. Also, they may deliberately exfiltrate data after leaving their previous organizations, especially if they were not in good terms with them.
These are groups sponsored by foreign governments to use force and illegal access to the networks of the U.S. Government or other U.S.-owned commercial networks with the intention of stealing, damaging, or altering information (Portman & Carper, n.d.).
Espionage and nationalism.
Obtaining secrets from other nations, sabotaging their networks and computer systems, to disrupt their operations, and compromising data (Portman & Carper, n.d.).
Nation-State Actors are highly-skilled, well-funded through government resources, and operate in the dark, often never acknowledging responsibility for their actions.
U.S. Federal Government.
Networks, servers, computers, and systems operated or owned by the U.S. Government or those in which there is a possibility to exploit vulnerabilities, and also U.S. Government officials.
Social engineering, phishing, compromising stolen data and credentials, social network spoofing, brute force attacks, data export through malware and hacking.
To steal secrets from the government, disrupt crucial information systems, influencing government mistrust and interrupting policy discussions and decisions through propaganda
In the context of the U.S. Government, cybercrime includes the use of computers to commit crimes such as denial of service attacks, hacking, online fraud, privacy violation, and identity theft against the U.S. Government’s digital services, systems, and networks (Portman & Carper, n.d.).
The main motivation is financial gain. Other motivations include ego, espionage, activism, and cyber theft.
Deliberate or competitive intent.
Cyberattacks against the
- A Comparative Analysis of the National Cybersecurity in Saudi ArabiaDescription: Abstract: Technological advancement in the modern world has amplified security concerns, thus emerging cybersecurity to counter the emerging security threats in the contemporary world. Each country stipulates its National Cyber Security Strategy (NCSS) to counter the threats. NCSS depicts the strength...12 pages/≈3300 words| 30 Sources | APA | IT & Computer Science | Research Paper |
- Understanding and Mastering the Blockchain Technology DevelopmentDescription: Blockchain technology development in the field of e-government still needs to be discussed from a variety of points of view, offering a new method of delivering and managing public services and ensuring that standards set, robust management systems deployed, and adequate security are ensured that services...4 pages/≈1100 words| 2 Sources | APA | IT & Computer Science | Research Paper |
- Discussing Hashing and its EffectsDescription: Basically, hashing the secret key on the client side is just barely better compared to submitting it as plain text to the server. Somebody, who can tune in for your plain text passwords is absolutely additionally ready to tune in for hashed passwords, and utilize these caught hashes him/herself to validate ...1 page/≈275 words| 2 Sources | APA | IT & Computer Science | Research Paper |