Abstract
This chapter examines the threats in cyber security. It identifies the risk of cyber attacks and argues the inability to defend against those threats in a cyber security program. The introduction provides a brief history of cyber security and how the information highway arrived at this point in cyber security. The first analysis examines the threats in cyber security in personal, private, and government computer systems. The second analysis examines the approaches to attacking those systems. The third analysis examines threats against private companies and government agencies. The final analysis examines major threats to cyber security.
TopWhat Is Cyber Security?
Cyber Security is defined as the measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attacks (Webster Dictionary).
Key Terms in this Chapter
Denial-of-Service (DOS) Attack: An assault on a service from a single source that floods it with so many requests that it becomes overwhelmed and is either stopped completely or operates at a significantly reduced rate.
Wi-Fi Protected Access 2 (WPA2): This replacement security method for WPA for wireless networks that provides stronger data protection and network access control. It provides enterprise and consumer Wi-Fi users with a high level of assurance that only authorized users can access their wireless networks. Based on the ratified IEEE 802.11i standard, WPA2 provides government-grade security by implementing the National Institute of Standarss and technology (NIST) FIPS 140-2 compliant advanced encryption standard (AES) encryption algorithm and 802.1X-based authentication.
Security Metrics: A standard of measurement used in management of security-related activities.
Phishing: This is a type of electronic mail attack that attempts to convince the user that the originator is genuine, but with the intention of obtaining information for use in social engineering.
Risk Assessment: A process used to identify and evaluate risk and potential effects. It includes assessing the critical functions necessary for an organization to continue business operations, defining the controls in place to reduce organization exposure and calculate the cost of such controls.
Antivirus Protection Software: An application software deployed at multiple points in an IT architecture. It is designed to detect and potentially eliminate virus code before damage is done, and repair or quarantine files that have already been infected.
Information Security Policy: Ensures that only authorized users (confidentiality) have access to accurate and complete information (integrity) when required (availability).