Wednesday, February 3, 2016

My Take on Information and Cyber Security Defense

Information and Cyber security have never been more critical than today as computer and control systems are increasingly connected to the Internet and they have become targets of enemies and attackers from inside and outside of organizations. Therefore we need to continuously find better approaches to protect our systems against increasingly sophisticated attacks. Specifically, attempts to compromise the confidentiality, integrity and/or availability of systems are on the rise. The first line of defense is to have preventive measures such as strong authentication, access control, and encryption. However, it has been proven time and time again that preventive measures alone are not sufficient to protect ever sophisticated and interconnected systems we currently have. As we all know, it is an elusive goal to build exploit free systems due to, but not limited to, design and implementation errors, configuration errors, vulnerabilities in the third-party systems and libraries, and social engineering attacks. For example, buffer overflow vulnerability has been known for many decades, but we are still hearing damaging attacks exploiting this vulnerability in current systems. Given the disadvantaged situation we are in, what can we do to protect our systems? In my humble opinion, there is no single silver bullet solution that solves the issue. Instead we should take a holistic approach where multiple lines of defense are utilized along with attack detection and mitigation techniques.

3 comments:

Aeldra Robinson said...

Your blog is very helpful and informative. Thanks for sharing great information.
cloud based disaster recovery

world cricket championship 2apk said...

Nice post but I think it should be more clearly!

cyber news said...

thanks for sharing the information.Indian Cyber Army is announcing “ Summer Internship 2018” on “ Ethical hacking and Cyber Crime Investigation” for the enthusiasts of Cyber security. Here internship will give you on-the-job experience, help you learn whether you and Cyber security industry are a good match and can provide you with valuable connections and references. Here interns are usually exposed to a wide variety of tasks and responsibilities which allows the intern to showcase their strengths by working on projects for various managers that work on different parts of Indian Cyber Army. Becoming a high performing intern is a fantastic way to improve your employment prospects. This internship can be a great way to get your foot in the door of success with a prestigious or desirable Organization