Home » Posts tagged "Cyber"

A new model for cyber security

Digital communications in conjunction with the use of the modern internet have grown exponentially to the point that to communicate digitally has become an indispensable facet of everyday life. From cellphones, to netbooks to email, blogs and online portals, the transfer and exchange of electronic data controls the way many interact with each other and communicate both personally and for business. Now with the current trend moving towards “cloud” computing where all a persons or companies keep important documents stored and accessed online or in the “cloud”, cyber security has now become the number priority of many.

Methods to protect data as encryption, antivirus software, firewalls, and access passwords have been around long before the modern day data revolution, but unfortunately none of such have grown as effective security solutions to accommodate the modern day modes of digital communication. Devices which can connect to the global data network or Internet, have become increasingly smaller and more intelligent. For example with just a modern cellphone, a person can access their email, post updates to blogs, and access personal or corporate documents all through the internet.

The typical security approach in the past has been based on the model to restrict access using firewall systems or detect intrusions as viruses using signature based scanning systems. All such solutions are based upon the concept to restrict, channel, hide and limit access to data. A firewall, for example, borrows its name from “fire retardent walls” which are designed to create safe areas where fire cannot pass because of the material from which they are constructed. In this case any external access that has not been deemed necessary to an internal or public network is considered fire and simply blocked. Antivirus solutions and the Virus signature model have also proven inadequate because of the turn around time required to update signature files and the amount of resources such systems use to scan 1000’s of files. It is like the concept of sending the police to everyones house in a city of millions of people to try and find where the bad guys are hiding. With modern computers containing several 1000 files, and the ever changing almost polymorphic nature of modern viruses, the signature based scanning model no longer is practical.

The problems with the current approaches, is with the increasingly widespread use of digital networks, there has never been any method in which to dynamically update firewalls or signature databases to accommodate for new types of access and threats. Almost daily there are new applications which are constantly becoming necessary for people to effectively gain access to digital services and equally new threats. The current security model was never meant to be a solution that determines quickly between good activity and bad. In fact it restricts the freedom of the entire group to protect from the potential threats of a few. A truly useful security system has to be able to allow and maintain access to the group and then only limiting or denying access to those activities that are out of line with the established norm of operations.

Each security technique brings with it a cost of ownership and generally firewalls, antivirus software, VPN networks, and access control methods serve more to limit access to modern day digital networks than actually protect them. System administrators and corporate IT security directors can no longer feasibly follow the restrict everything model since in the end they are merely restricting legitimate access and extremely limiting the ability of their users to take full advantage of the digital information revolution and doing little to prevent actual “hackers” or unauthorized access to their networks.

]]>

A truly effective cyber security solution has to be as dynamic and flexible as the score of every changing applications and digital services and digital access devices being used. It is no longer a feasible model to restrict everything, or scan everything, as this only serves to hinder users from taking advantage of the increased productivity and power brought by the modern digital networks and internet and is a tremendous use of computing resources.

The cybersecurity security model for data networks can defined as something which protects data and data systems by denying access to unauthorized users, preventing downtime of authorized services by unauthorized activities (Denial of Service attacks), and preserving the overall functional state of health of a digital network at 99%.

1)Protecting of data and data systems from unauthorized access

As more and more information is being stored online as financial information, credit card numbers, classified documents and information that cannot fall into unauthorized hands, data protection is the top concern of cybersecurity. Unfortunately there have been many famous security breaches of important data as millions of credit numbers stolen, to theft of corporate trade secrets and even concerns of foreign countries retrieving national security information by the use of trojans and other intrusion methods.

Methods for intrusion include

The installing of backdoor network intrusion applications hidden in or disguised as legitimate applications that enter inside a network by authorized users inadvertently opening infected emails or websites.

Brute force attacks, where common user names and weak passwords are exploited by systems that try millions of combinations of username, password sets to gain access.

Exploits in operating systems as Microsoft windows that allows a secure or authorized service to be exploited by found flaws in the softwares design.

Theft or breach of internal networks by employees or persons normally authorized with allowed access to the systems, or who hold access to certain areas where by internal snooping they are able to find passwords and authcodes to secure areas. (Notes left on desks, computers left logged in to secure areas.

Exposing of data to external breach by placing documents on USB pendrives and laptops in order to present such data in meetings outside of the network. Many times employees place a document on a USB pen that is for a presentation at a remote location, but they happen to also have secure documents unrelated to the current meeting which got left on their USB. Then they place their pen drive in a third party computer in order to present 1 document, not knowing that particular computer has a trojan which quickly copies all of the data on their USB to an unauthorized 3 party location.

2)Preventing downtime of authorized services by unauthorized activities

Brute force attacks, scanners and denial of service attacks can cause a network, its servers and main access routers, to be brought down to the point that the network is no longer usable in any form. Such attacks cause considerable damage and downtime to networks on a daily basis. The ability to detect such attacks and cut them off at the source farthest away from the core network and its services is very important to the overall health of a strong cybersecurity program.

3) Preserving the overall functional state of health of a digital network.

Preserving the health of a digital network is not just in the prevention of attacks and unauthorized activity but also in the preservation of core services and data access that its authorized users depend upon. It is not a viable solution to stop an attack or prevent potential attacks by also preventing or limiting authorized access. A cybersecurity solution has to be able to isolate and prevent attacks and breaches to its integrity by at the same time not limiting or denying access to its resources by authorized users.

It is clear from the many different ways that security can be breached in data networks, and the overwhelming dependence on such networks that the current security methods are not only no longer adequate to protect such networks, but themselves serve to further cause more security problems and network access issues. As such an urgent need has arisen to change the current mode of approach to cybersecurity and create a new dynamic model that is able to constantly adapt to the ever changing needs to protecting data networks.

A new IDS model must be created that has to adhere to the following goals:

The goal of any IDS system must be to preserve the integrity of the network in which it protects and allow such network to function in its ideal operating state at 99.99%.

An IDS system must be lightweight and dynamically deployed. An IDS system cannot itself become another intrusion and must not break the first rule by comprising the networks integrity in using too much computing and network resources in its attempts to protect the network.

An IDS system must be able to constantly adapt to an ever changing environment and self update its own signature records based on evolving threats. An IDS system must not require extensive hands on resources to constantly update its signature files and require manual verification that the threats it detected are actual and not false

An IDS system has to be able to simultaneously protect the network against attacks, unauthorized use and downtime, without preventing nor limiting network access and use of network resources to authorized clients. As such it must be unobtrusive at all times and preserve the network in an open state where its core services and resources are 99.99% available to the networks authorized users while detecting, isolating and preventing unauthorized activity.

Truly only research in proactive defense mechanisms will hold usefulness in protecting the digital networks of now and in the future.

Brandt Hott

Article from articlesbase.com

DemocracyNow.org – Libyan rebels have consolidated their grip on the capital of Tripoli by capturing Col. Muammar Gaddafi’s main compound, but the whereabouts of the Libyan leader remain unknown and he has vowed his forces would resist “the aggression with all strength” until either victory or death. Reporters in Tripoli say heavy gunfire could still be heard nearby the area of the Rixos hotel where dozens of international journalists guarded by heavily armed Gaddafi loyalists are unable to leave. The Arab league said on Tuesday it will meet this week to consider giving Libyan rebels the country’s seat at the league, after it was taken away a few months ago from the Gaddafi government. Today Britain’s National Security Council is meeting to to discuss unfreezing Libyan assets to financially assist the National Transitional Council. Democracy Now! speaks with Gilbert Achcar, a professor at the School of Oriental and African Studies in London. For the complete transcript, to download the podcast, or for more Democracy Now! reports on the conflict in Libya, visit www.democracynow.org FOLLOW DEMOCRACY NOW! ONLINE: Facebook: www.facebook.com Twitter: @democracynow Subscribe on YouTube: www.youtube.com Daily Email News Digest: www.democracynow.org Please consider supporting independent media by making a donation to Democracy Now! today, visit www.democracynow.org
Video Rating: 4 / 5

More National Security Articles

Posted on August 26, 2011 by , Reply

Reportlinker Adds Global Cyber Security Industry

Reportlinker Adds Global Cyber Security Industry
Reportlinker.com announces that a new market research report is available in its catalogue:
Read more on PR Newswire via Yahoo! Finance

Security That Never Sleeps
Federal agencies have to shift from annual IT security assessments to continuous monitoring of their risks. Here’s a framework for getting there.
Read more on InformationWeek

Posted on June 14, 2011 by , Reply

Corporate Cyber Security: Part One

A basic understanding of computer networks is necessary for understanding the elements and principles of the Internet security. There are tools that can be used to reduce the number of networking attacks. In the modern world of risk to the security computers, a corporation needs to use a multilayered approach in order to protect the information located on the computer from network attacks. The difference of the national security from a corporate cyber security is in its large scale of security issues, problems that have to be solved. Weaknesses in broadly used software and hardware products can create problems at the national level, thus, requiring coordinated activities for the development of improved technologies. Besides, the lack of trained professionals is the issue of a national level concern. The national cyber security focuses on preventing and protecting against cyber attacks at a national level. It is aimed at securing information infrastructures of the USA.

A firewall is a powerful technology used for host protection at a corporation. It can reduce the risk exposure introduced by internetworking hosts, defend the network against attacks. It simply blocks access to ports, IP addresses, protocols and services to prevent the network threats. Many corporations use one of three possible types of firewalls.

1. Application gateways are the first firewalls and are known as proxy gateways. They are created from hosts which use particular software for acting as a proxy server. The application gateways are considered to be the most secure as they do not permit anything to pass by default. Before using it and the Internet one must be proxitized. However, they have a drawback – they are slow in the process.

2. Packet filtering is a tool with the help of which routers have access control lists turned on. There is little overhead in packet filtering as the access control tool is fulfilled at a lower ISO/OSI layer. Besides, a packet filtering gateway is usually faster than application gateways. Still, there are disadvantages of using it as TCP/IP has no possibilities to guarantee the correctness of the source address.

3. Application gateway and packet filtering are useful tools in a cyber security issue. However, there exist hybrid systems, which unite the security of the application layer gateways with the flexibility and speed of packet filtering. Hybrid systems are highly recommended for corporations.

The article was produced by the writer of Essay-Paper.net. Olivia Hunt is a 4-years experienced freelance writer of Research Papers Writing Service. Contact her to get information about writing guide and essay writing tips at our website.

Article from articlesbase.com

Posted on March 20, 2011 by , Reply

National Cyber Security Radio Re-Airs Show Topic: 5 Ways to Reduce Cyber-Bullying by 80%

National Cyber Security Radio Re-Airs Show Topic: 5 Ways to Reduce Cyber-Bullying by 80%











Atlanta, GA (PRWEB) October 25, 2010

National Cyber Security Radio, by LIGATT Security International (OTC: LGTT), an online computer security radio show, will re-air last week’s topic “How to Reduce Cyber-bullying by 80% Immediately” today at 3pm EST on http://www.NationalCyberSecurity.com.

During this week’s show, Host Gregory D. Evans will educate his listeners on the legalities and long lasting effects of cyber-bullying. According to StopCyberbullying.org, children have killed each other and committed suicide after having been involved in a cyber-bullying incident. Cyber-bullying is usually not a onetime communication, unless it involves a death threat or a credible threat of serious bodily harm.

“Cyber-bullying is an ongoing issue that needs to be addressed,” comments Evans. “I want my listeners to understand that cyber-bullies are cowards. The sad part about the Internet is people can portray to be whoever they want to be and hide behind a keyboard.”

Tune in every Monday from 3pm-5pm to listen to World Renowned Cyber Security Expert, Gregory Evans. For more information about Gregory Evans visit http://www.GregoryDEvans.com, or follow him on Twitter @GregoryDEvans. For more information about National Cyber Security visit http://www.NationalCyberSecurity.com, or follow them on Twitter @NCSbyLIGATT.

About National Cyber Security Radio

National Cyber Security Radio is the number one online computer security radio show specializing in reporting all aspects of cyber security news, in addition to, conducting live on air interviews with Internet security professionals and cyber crime victims. Our mission is to inform, educate, and entertain our listeners by providing them with factual stories and evidence.

Safe Harbor Act: This release includes forward-looking statements made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995 that involves risks and uncertainties including, but not limited to, the impact of competitive products, the ability to meet customer demand, the ability to manage growth, acquisitions of technology, equipment, or human resources, the effect of economic business conditions, and the ability to attract and retain skilled personnel.

Media Contacts:

Katrina Highsmith

Cymone Coker

404.713.0138                                            

pr(at)ligatt(dot)com

“How to Reduce Cyber-bullying by 80% Immediately”, will be moderated by Cyber Security Expert, Gregory D. Evans.

###




















Vocus©Copyright 1997-2010, Vocus PRW Holdings, LLC.
Vocus, PRWeb and Publicity Wire are trademarks or registered trademarks of Vocus, Inc. or Vocus PRW Holdings, LLC.







Posted on November 16, 2010 by , Reply

National Cyber Security

The future of security tools has changed greatly for the last several years. Today the network must respond to network attacks maintaining the network reliability, business performance and cyberspace security. The aim of cyber security issue is to make the network more flexible in order to prevent attacks and to keep on working.

Network security is a primary issue for every company, organization or individual. There exist various types and levels of network attacks. The main differences between national, corporate and information cyber security lie in the level of network security and tools applied. The national data requires the highest possible level of network security. The corporation has to use a multilayered approach in order to protect the information located on the computer from network attacks. The level of information security depends on an organization, state or individual, who use it. Thus, the level of network security is defined according to this principle.

Department of Homeland Security and Cyberspace Security (DHS) has been created to improve the cyber security of America. DHS is responsible for developing the national plan for securing the state resources and infrastructure of the US; giving crisis management concerning cyber attacks; providing technical assistance to the government entities concerning emergency recovery plans of critical information systems; coordinating with agencies of the federal government to provide advice about appropriate protective measures to organizations including the private sector, academia, and the public; funding research that will lead to new technologies in support of homeland security.

Strategic principles of the National Homeland Security are directed at securing cyberspace via the following:

• Preventing cyber attacks against US infrastructures;

• reducing national vulnerability to cyberspace attacks;

• reducing the recovery time after a cyber attack occurs.

The national cyber space security has several priorities. They are:

1. The national cyberspace security response system. This system is public/private architecture for analyzing, warning and managing cyber incidents of national importance.

2. The national cyberspace security threat and vulnerability reduction program.

3. The national cyberspace security awareness and training program.

4. Government security cyberspace.

5. International cyberspace security program. It is aimed at preventing cyber attacks that could influence national security. This program improves the international response to attacks of such kind.

The article was produced by the writer of Essay-Paper.net. Olivia Hunt is a 4-years experienced freelance writer of Paper Writing Service. Contact her to get information about custom papers and research paper topic our website.

Posted on August 25, 2010 by , Reply