Network Security Controls
Always a new company needs to have an extensive and useful network security system to counter the threats that would cause destructive impacts. Networks are significant targets for attackers, and their security must be a priority to organizations. They need to deal with network-related attacks such as direct download, passive monitoring, timing channel, virtual machines’ vulnerabilities, spyware, malware, phishing, and cross-site scripting. These attacks would enable adversaries to take advantage of inadequate network infrastructure to steal data. Losses of confidentiality, integrity, and availability are usually designed with some other effect(s) in mind (Finnemore, & Hollis, 2016). It is therefore essential to deploy the necessary control measures to prevent, detect, and investigate cyberattacks and maintain safe systems.
Recommendations for Probable Security Controls
Among the preventive measures to enact on cyberattacks affecting the company include encryption, access control mechanisms, network-based anomaly detection, and data classification. Potential protection by any security system requires standards when disseminating cyber vulnerability information to allow an analysis of multiple cyber vulnerabilities of users (Shabut, Lwin, & Hossain, 2016). The networks would need detection platforms to identify the entry of suspicious users in time and inform the system administrator to enact the necessary prevention mechanisms to counter the attacks. It is necessary to identify the capabilities of the protection method to ensure that the security team can evaluate their preparedness and identify the resources they need to allocate to the various weakness areas. The IT department identified the above countermeasures and their actions to different kinds of attacks.
Significance of the Cybersecurity Mechanisms.
Encryption is a method for protecting data at rest or in transit by converting it to a code that the attacker would not understand. It is an efficient method for protecting the data transferred over the networks, in a manner that the attacker does not have access to the actual data. The attacker may access the encrypted data, but they cannot read the actual data (plain text) without the decryption key that must stay with the receiver. Encrypting data makes the job of detective systems complicated as they may be unable to monitor the actual data (Ullah, Edwards, Ramdhany, Chitchyan, Babar, & Rashid, 2018).
- Access Control.
Access control mechanisms observe authentication and authorization methods to determine the users who would gain access to a given resource or platform. The technique ensures that only the legitimate users, with the necessary credentials, can access data. The access control system would also help the system administrator to identify intruders and enact the required preventive or investigative measures to learn more about the attacker. The users would, however, have the authority to access the least resources possible for easier management. There are many methods of deploying access control mechanisms, and the company would employ the available ones to ensure safety and elimination of vulnerabilities.
- Network-Based Anomaly Detection.
Several detection techniques would enable the company to identify various types of traffic and content and determine if they contain harmful content, or they have confidential information. Many attacks will be destructive if they take a long time before detection. Network-based anomaly detection is a mechanism that compares ongoing network traffic pattern with the expected behaviour in terms of volume, the source/destination address, diversity of destination addresses, time of the day, and compliance to network protocols. The detection models seek to find the observance to modelling nature of IP flows and protocol membership.
- Data Classification.
It is crucial to group data according to its sensitivity to allow the security team to allocate the necessary resources to the most confidential and significant data. This technique forms the basis for other prevention mechanisms like network traffic monitoring systems, as they would treat data security depending on their sensitivity level. It is expensive and inefficient to monitor and ensure the security of all the data at once. The security systems would focus on certain types of data and ensure that the leaving content does not contain private data.
The Security Measures and the Areas they Protect.
- Encryption – Encryption protects data in transit and at rest from data breaches. It involves the conversion of data into a code that the adversary would not understand.
- Access Control – Access control ensures only the authorized users with the required credentials have access to resources. It protects the network system from unwanted traffic.
- Network-Based Anomaly Detection – It is a detection system that monitors the behaviour of the entering and the ongoing traffic to ensure that it maintains the usual behaviour, and it does not contain private data.
- Data Classification – Data classification guides the other security systems to give sensitive data the required security treatment.
References
Finnemore, M., & Hollis, D. B. (2016). Constructing norms for global cybersecurity. American
Journal of International Law, 110(3), 425-479.
Shabut, A. M., Lwin, K. T., & Hossain, M. A. (2016, December). Cyberattacks, countermeasures,
and protection schemes—A state of the art survey. In 2016 10th International Conference on Software, Knowledge, Information Management & Applications (SKIMA) (pp. 37-44). IEEE.
Ullah, F., Edwards, M., Ramdhany, R., Chitchyan, R., Babar, M. A., & Rashid, A. (2018). Data
exfiltration: A review of external attack vectors and countermeasures. Journal of Network and Computer Applications, 101, 18-54.