Вы находитесь на странице: 1из 3

Topic 1:

State of Network Security

Learning Outcomes

By the end of this topic, you should be able to:

1. Define the current state of network/cyber security;

2. Identify the key characteristics of attacks; and

3. Describe the security principles of network/cyber security.

Topic Overview

Network or cyber security is an important issue in organisations, especially in terms of protecting the organisation’s critical assets. The protection needed depends on the situation faced by the organisation. It requires identifying and managing the risk, determining the attacks and implementing the principles of network/cyber security. Thus, this topic is an introduction to network/cyber security, which describes the concept of security, the characteristics of attacks and the security principles needed to implement a secure networking and communication in an organisation as well as to protect its critical assets.

Focus Areas and Assigned Readings

Focus Areas

Assigned Readings

 

Cole, E. (2009). Network security bible (2nd ed.). Indianapolis, IN: Wiley Publishing.

1.1 Introduction to Network/Cyber Security

Chapter 1

1.2 Network/Cyber Security Risks

Chapter 1

1.3 Network/Cyber Security Trends

Chapter 1

1.4 Characteristics of Attacks

Chapter 1

1.5 Network/Cyber Security Principles

Chapter 4

Content Summary

1.1 Network/cyber security is the process of taking preventive measures to protect an organisation’s underlying networking infrastructure from unauthorised access, misuse, malfunction, modification, destruction or improper disclosure by creating a secure platform for computers, users and programs to perform their permitted critical functions within a secure environment. It includes understanding, managing, controlling and mitigating risks to an organisation’s critical assets.

1.2 Risk refers to any possible event that is uncertain but that could result in harm. In other words, risk is the probability of loss. The level of risk can be identified based on the threats and vulnerabilities that have been received and can be presented as:

Risk = Threats x Vulnerabilities

1.2.1 Threat is the potential of harm. It refers to anything that can exploit vulnerability, intentionally or accidentally, and obtain, damage, or destroy an asset.

1.2.2 Vulnerabilities are weaknesses that allow a threat to manifest itself against an organisation.

1.3 The complexity and sophistication of current networks lead to the network attacks and increase the level of risk to an organisation.

1.3.1 The success rate of network attacks is increasing due to the lack of understanding and knowledge of users on the vulnerabilities of their appliances and applications.

1.3.2 Organisations' current approach in handling security is focused on a threat-based security (reactive security approach). In this approach, users react to the problems after the damage is done.

1.3.3 Based on attack trends today, there is a need to shift the security approach from reactive to proactive security to ensure that key operations of the business will continue.

1.4 There are several potential attacks to networks based on current network trends. The key characteristics of these attacks are:

1.4.1 Attacks are growing dramatically: Criminal activities are exponentially increasing with the number of attacks and instances of malware;

1.4.2 Threats are more sophisticated: Threats have become more sophisticated depending on the type of crime;

1.4.3 Knowns outnumbered by unknowns: Focus on what is known and be ready to respond to each known and unknown attack; and

1.4.4 Current approach is ineffective: The current approach is insufficient to address the level and type of attacks that are presently occurring due to the ever-changing nature of attacks.

1.5 Network/cyber security principles are:

1.5.1 Confidentiality (C): This principle is concerned with preventing the unauthorised disclosure of sensitive information.

1.5.2 Integrity (I): This principle is concerned with:

(a)

Preventing

the

modification

of

information

by

unauthorised users;

 

(b)

Preventing unauthorised or unintentional modification of information by authorised users; and

(c)

Preservation of the internal and external consistency.

 

1.5.3 Availability (A): This principle assures that a system’s authorised users have timely and uninterrupted access to the information in the system and to the network.

Study Questions

1. What is network/cyber security?

2. Describe the relationship between risk, threats and vulnerabilities in network security.

3. List the key characteristics of attacks.

4. What is the current approach used in handling security?

5. Define the goals of the integrity principle in network security.