I need help with a Computer Science question. All explanations and answers will be used to help me learn.
please read below student posts and reply accordingly each in 150 words.
abhilash – Protection Against Possible Threats and Potential Vulnerabilities
Generally, risks are common for any business entity in their day to day businesses. The different sectors like the private sector and public sector both are struggling for providing secure, efficient and timely services effectively internationally as well. Likewise, these services remain at risk totally from potential attacks through the internet. As a result, everyone wants to minimize the disruptions facing in order to protect the public, they are increasing capabilities to address cyber risks which are associated with these networks and the information systems as well (Damodaran, 2017).
The potential vulnerabilities can be reduced according to the form of risk and the different factors associated with such risk such as, we have to find and fix the vulnerability process it means to have to take essential steps for this process and the different factors should also be considered, the first step is to know the code means with which we are working with and which software components are being used and the which needs an immediate attention to those processes. Secondly, we have to give priority to the vulnerabilities as well which means we have to prioritize when we have a doubt regarding. After prioritizing the vulnerabilities have to fix the process and have to fix it with a permanent and solution to a security vulnerability (Schia, 2018).
Likewise, many intrusions can also overcome in the process, as a result, there has been a major change in the system and providing servers as well, for managing intrusions we have to overtake some of the measures as they work effectively in reducing intrusions as well. A network intrusion is an unauthorized activity that enables unwanted activity to enter in many ways. intrusions prevention can be done, intrusions are file comparisons against malware signatures. It is a security policy violation and virus. For preventing intrusions, we have intrusion prevention systems (Wright, 2014).
Rahul – Safeguarding the national security information of the USA
National critical infrastructure refers to the system or asset that is located in the Member States and is necessary for the proper maintenance of critical societal functions, safety, and security, health, the social or economic well-being of citizens. Any kind of destruction or disruption to it would have a devastating impact on the country’s national image, public safety and health, national security and defense, government functions and capability and the economic strength of the nation. However, since IT provides both the governmental and private sectors with an effective means of delivering key services across the world, they are constantly under the radar of cyberattackers. Therefore, it is imperative to prevent or mitigate any kind of disruptions to these infrastructures.
How can potential cyber threats be prevented?
There are several ways by which these potential vulnerabilities of the national infrastructure can be reduced, intrusion attempts can be checked, and future threats can be detected much earlier and prevented. It is important to note that the efforts to protect the governmental network systems from cyber threats must be collaborative (Amoroso, 2012). First and foremost, it is necessary to ensure that IT security is well-funded and maintained. Developing a National Center for Cybersecurity for the purpose of addressing cyberattacks and vulnerabilities is an effective way to ensure that efforts involved in ensuring cybersecurity are continuously increasing. Another important measure would be to expand the NCIJTF to include the U.S secret Service and many other government agencies (Harrop & Matteson, 2015). Also, the expansion of the EINSTEIN Program to all government agencies and department agencies can aid in the earlier detection of any intrusion or malicious activity, thereby providing a more comprehensive system of the defense of the network. Moreover, this program will also help in the identification of unusual trends and patterns in network traffic which would signal towards unauthorized network traffic. This would alert the security personnel to quickly respond to such intrusion attempts.
Additional measures to be taken to ensure complete protection
Besides the steps and measures discussed above, there are more ways through which protection from unauthorized access and early identification of potential threats can be ensured. For example, it would be beneficial if the external connections that are part of OMB are consolidated. This would help in managing and implementing various security measures. Furthermore, the coordination and sharing of information between the private sector and the Federal Government can be facilitated to minimize the probability of cyber risks and threats, distribute information and awareness related to potential threats, sharing and applying the best practices that are highlighted within the NIPP framework (Caplan, 2013).
Thus, it can be said that the protection and security of the national critical infrastructure is indeed the need of the hour, especially given the rise in the number of cyberattacks. The proper implementation of the above-discussed steps can prove to be of much help in ensuring the same while also securing the privacy and confidentiality of the citizens.
Jayakrishna – Understanding the concept of CIIP
CII or Critical Information Infrastructure refers to those interconnected communication and information infrastructures that are extremely essential for maintaining vital functions related to society including health and safety, social and economic well-being and the security of people. If these infrastructures are destroyed or disrupted due to any reason whatsoever, the impact could be disastrous. This necessitates the raising of awareness on the significance of CII protection from highly-sophisticated cyber threats. Therefore, it is the policy of the United States to reduce the possibilities of such attacks on the national infrastructure for protecting and securing the people, economy, federal services and security of the nation.
Ways to prevent and predict cyber threats
Several effective ways are designed for ensuring the protection of CII. They are listed below:
- Facilitating the exchange of information and coordination between the private sector and the government to minimize the chances of cyber risks, spreading information related to cyber threats to increase awareness about them among the public, applying the most effective practices and protective actions that are outlined in the NIPP (Amoroso, 2012). For example, specific tools can be created that would help all sectors of critical infrastructure to evaluate certain already existing policies, procedures and plans to minimize cyber vulnerabilities and make the most out of recognized and acceptable standards.
- Increase in the funds allocated for IT security, which would guarantee better protection and safeguarding.
- Building a National Cybersecurity Center that is aimed at addressing the threats and risks associated with cyberattacks and increasing the efforts involved in ensuring security and protection from such cyberattacks (Von Solms & Van Niekerk, 2013).
- Strengthening the supply chain defense is needed to minimize the opportunities for cyberattackers to manipulate products of IT before they are brought into the U.S.
- Recruiting more people who would be responsible for supporting the US-CERT is a good way to help the government and the private sector to analyze the various vulnerabilities and threats and respond to them in the best possible way.
What else can be done?
The measures and steps are not limited to the ones discussed above. Other alternatives are there as well which can help in serving the same purpose. The EINSTEIN Program which is very useful in identifying unusual and suspicious patterns in the network traffic can be expanded to encompass all government agencies and Federal departments (Merabti, Kennedy & Hurst, 2011). Doing so shall provide an early warning to all government officials regarding an impending attack which would help them to become alert and prepare for countermeasures. Apart from the EINSTEIN Program, the NCIJTF can also be expanded by including members of several government agencies such as the U.S Secret Service. This can act as a national pivot for multiple agencies that would coordinate, integrate and share relevant information related to investigations of cyber threats.
Therefore, it is understood that critical systems of national information must be protected and secured to maintain the smooth functioning of the country’s administration and governance. And for that, effective measures must be implemented by private sector organizations as well as government agencies at regular intervals.
