Prevention / Containment Measures For Cyber Threats

1406 WordsMar 2, 20176 Pages
1. Prevention/Containment Measures for Cyber Threats. Protecting classified documents or valuable information is very hard against any kind of cyber-terrorism, there are no universal safeguards. There is no existence of any agreement or policy to define cyber-terrorism. Threats can come from hackers, criminal group or terrorist group; governments use computers and internet to attack without knowing the victims. It is not easy to stop such attacks but not impossible to stop if following basic prevention steps follows by organizations administration. • Maintain an Accurate Inventory of Control System Devices and Eliminate Any Exposure of this Equipment to External Networks • Implement Network Segmentation and Apply Firewalls • Use Secure…show more content…
• Security policy must be created and train personnel against attack like not opening suspicious or unidentified emails, keep restriction on unsecured websites etc. • Regular testing for defense software should be conducted 2. Preventing and Detecting Cyber Threats using Commercial Log monitoring software’s. The possibility of signs of cyber security incidents may arise every day and recorded or logged in security software, but it will be difficult to trace each one of threats as high importance and low importance. Based on requirements organization need to identify the most applicable software for detecting and logging the cyber-attack, It is not only the case of logging and monitoring cyber-attack analysis is very important part need to be considered before choosing any software. There are four key phases which need to follow for effective cyber security monitoring as follows: • Collect relevant event data • Fuse events together • Analyze anomalous events • Take appropriate action Figure1: Four key monitoring phases The proper guide shown in the figure 2: Cyber Security Framework how to implement cyber monitoring capability which will support using cyber security software. The capability of security intelligence helps to identify and respond back to security threats. Both company and provider of cyber security software need to focus on monitoring and software, security of company assets, responses and organizational operation.
Open Document