Cyber Security Policies in the Private and Public Sector

2374 Words10 Pages
Cyber Security Policies in the Private and Public Sector Cyber Security Vulnerabilities and Associated Threats of Cloud-Computing 16-03-2013 Table of contents Introduction……………………………………………………………………………………3-4 Cyber Security Vulnerabilities…………………………………………………………………4-5 Cyber Security Vulnerabilities, Threats and Actions.……………………………………….....5 Session Hijacking……………………………………………………………………………….5-6 Virtual Machine Access…………………………………………………………………………6 Service Availability…………………………………………………………………………......6-7 Cryptography Flaws…………………………………………………………………………….7-8 Data Privacy…………………………………………………………………………………….8-9 Dependency on Internet………………………………………………………………………..9-10 Denial of Service (DOS)…show more content…
When an organization has decided to move on the cloud, then it should also consider the associated vulnerabilities and the threats. Some of the major vulnerabilities are discussed below: Session Hijacking It means that the cloud or the required service is hacked by the hackers using a valid session key. This key is used to gain the unauthorized access on the critical resources of the organization. Once hacked, the hackers can have the complete access on the systems, and they can perform any malicious activity they want to do, to hit the company resources. If proper and effective security measures are not followed in the infrastructure then it may cause a heavy business loss in terms of financial terms as well as the reputation of the organization. Probability of Occurrence The probability of occurrence of these types of attack is generally high. The reason being is that the attackers keep on continuously scan the system to find out the vulnerabilities in it. Once they gain the access, they just execute their jobs. Effective Policies & Procedures To mitigate this kind of risk, firewalls should be implemented in the system at the right places. Firewalls prevent unauthorized access of data. Rules and policies should be configured to protect the session keys. To increase the awareness among employees, a proper training should be given to them. For example, session monitoring should
Open Document