5 Dec 2022

55

Cybersecurity Tools, Tactics, and Procedures

Format: APA

Academic level: College

Paper type: Essay (Any Type)

Words: 976

Pages: 3

Downloads: 0

Increased technology in networking has brought with it threats to cyber security as attackers have become more technologically savvy and use complicated techniques during attacks. Advanced Persistent Threats (APTs) are still ongoing even though most organizations have beefed up their security tools and procedures. This essay will give a detailed description of the current software-based and hardware based cybersecurity tactics, tools, and procedures. The essay will also consider the software and hardware solutions used today in the defense-in-depth context. Lastly, the essay will elaborate on why the devices are not successful against the APTs. 

The increased technological advances made in the networking sector come with new security threats which grow on daily basis. As a result, current tools, tactics, and procedures need to be updated as well. Some of the tools, tactics, and procedures are discussed below: 

It’s time to jumpstart your paper!

Delegate your assignment to our experts and they will do the rest.

Get custom essay

Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) 

IPS and IDS tools are essential in helping a network administrator to identify and secure both wireless and wired networks from different types of security threats. The deployment of this technology is done with greater a frequency as the networks increases in complexity and size. The tools are able to detect threats in different forms including viruses, worms, and spyware. IDS are best known for monitoring and detecting suspicious activities while IPS are well known for both monitoring and preventing suspicious activities. 

Penetration testing and vulnerability scanning 

Penetration testing and vulnerability scanning is an example of a tactic used in cybersecurity to ensure both the hardware and software components of a system are safe. The main purpose of a penetration test is to exploit a possible weakness in a system’s environment while vulnerability scans are primarily used to search for known vulnerabilities. 

Business Continuity Plan (BCP) 

The main purpose of the BCP procedure is to coordinate several efforts across an entire business organization and to restore lost files and documents ( Hayslip, 2019). The BCP procedure makes use of the disaster recovery plan to bring back lost applications, hardware, and data considered important for the continuity of business ( Hayslip, 2019). Each organization has its own unique BCP procedure that dictates how the organization will respond during an emergency. 

Defense-in-depth Hardware and Software solutions deployed today 

Defense-in-depth is a technique in cybersecurity where a number of defense mechanisms are put so as to fully protect important information and data. Most data breaches happen because of blind spots or difficulties in monitoring the network. Organizations often focus only on perimeter security protecting them against external attacks but seem to ignore internal activities especially on their Local Area Networks (LANs). As a result, unmonitored conversations and traffic flows are likely to occur on some parts of the network. Defense-in-depth solutions are devised to protect both known and unknown threats through a number of techniques. 

Reading the network’s traffic patterns is one of the solutions in developing a strong defense-in-depth posture. For complete visibility, all endpoints (including the internal network and the enterprise edge firewall) should be monitored for traffic flows in the network (Hacker, 2017). This can be done using switches, routers, and firewalls from main vendors like HP, Cisco, and Juniper. Effective analyses and monitoring of the data flows is essential in giving network administrators an upper hand in discovering additional weaknesses and blind spots. To effectively design a defense-in-depth solution, the current assets should be deployed as a Network as a Sensor (NaaS) first for the network to detect the possible flaws (Hacker, 2017). Setting activity baselines to employees using the network the next step where each employee can be monitored while either uploading or downloading files using the network. Notifications can be sent to the network administrator in case one of the employees uploads huge and unnecessary amounts of data using the network. 

Enforcing the limits is another step towards achieving defense-in-depth as an organization can change the network from NaaS into Network as an Enforcer (NaaE) which can act according to instructions in case the baseline has been compromised. The NaaE can find the source of breach and block data delivery or shut down access depending on the written policy. The next step is to back up other network securities other than NaaS and NaaE. Organizations can opt for Security Information and Event Management (SIEM) systems such as application-based firewalls and Splunk in place of NaaS and NaaE. When there are possibilities of gaps in a system’s defense the system should be upgraded with a component that is stronger and with a broader defense-in-depth posture ( Hacker, 2017). Lastly, trading up and upgrading both hardware and software of an outdated systems should be part and parcel of an organization’s defense system. 

Defense-in-depth devices Vs. Advanced Persistent Threats (APTs) 

Advanced Persistent Threats (APTs) makes use of clandestine, sophisticated, and continuous techniques in hacking and accessing a system. As much as an organization can beef up other securities and monitor most operations conducted by its employees, APTs still find their way into the networks. In the first place, most APT attackers use smaller companies making up the supply chain as stepping stones to gain access to their prime targets (Kim, 2014). This technique can be hard to mitigate since such small companies are often trusted by the target companies and most of them have access to the organization’s networks and devices. The human factor is also one of the causes prevailing APT attacks as most employees unknowingly participate in the attacks ( Kim, 2014). Techniques like spear phishing have been used severally to lure unknowing employees to leak vital information and this technique can be hard to get rid of ( Zhurin & Komarkov, 2018). Another reason for the prevailing nature of APT attacks is the possibility of several remaining backdoors left by hackers which cannot be easily detected even after scanning and the hackers might decide to conduct another attack any moment. 

Conclusion 

Cybersecurity tools, procedures, and tactics include IDS, IPS, BCPs, penetration testing, and vulnerability scanning. When it comes to defense-in-depth solutions, an organization is required to consider both external and internal security attacks. However, the devices used in defense-in-depth may not always be successful since most APT attackers use complicated techniques to lure employees into giving out important and sensitive information. 

References 

HACKER, D. (2017). Defense in depth: Building a solid cybersecurity environment. Smart Business Akron/Canton, 27(5), 6. Retrieved from http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=125665255&site=eds-live 

Hayslip, G. (2019). 9 policies and procedures you need to know about if you’re starting a new security program. Retrieved from https://www.csoonline.com/article/3263738/9-policies-and-procedures-you-need-to-know-about-if-youre-starting-a-new-security-program.html 

Kim, Y. H. (2014). A study on cyber threat prediction based on intrusion detection event for APT attack detection. MULTIMEDIA TOOLS AND APPLICATIONS, (2), 685. Retrieved from http://search.ebscohost.com/login.aspx?direct=true&db=edsbl&AN=RN355212073&site=eds-live 

Zhurin. S, & Komarkov. E. D, (2018). Protection of external information perimeter of organization from spear phishing. Bezopasnostʹ Informacionnyh Tehnologij, (4), 96. https://doi.org/10.26583/bit.2018.4.09 

Illustration
Cite this page

Select style:

Reference

StudyBounty. (2023, September 14). Cybersecurity Tools, Tactics, and Procedures.
https://studybounty.com/cybersecurity-tools-tactics-and-procedures-essay

illustration

Related essays

We post free essay examples for college on a regular basis. Stay in the know!

Security Implication of the Internet of Things

The Internet of Things (IoT) can be described as s system of interconnected devices that have the ability to transfer information over a computer network without the need of human-to-computer or human-to-human...

Words: 892

Pages: 3

Views: 96

Modern Day Attacks Against Firewalls and VPNs

Introduction The need to have an enhanced security of the computer connectivity happens to be one of the reasons that attract companies and organizations towards wide usage of VPNs. Several simple techniques...

Words: 2025

Pages: 7

Views: 134

How to Deploy and Administer Windows Server 2012

Securing a reliable, and expandable configuration for a company is important to build a strong network. The new and enhanced features of the Windows Server 2012 can be used to implement the network. In this...

Words: 1673

Pages: 6

Views: 87

Deployment Model in Cloud Computing

Deployment model is a representation of a cloud environment primarily distinguished by parameters such as accessibility, proprietorship, and storage size. The National Institute of Standards and Technology gives the...

Words: 254

Pages: 1

Views: 82

How to Use Web Search Engines for Business Research

The advancement of technology has made it possible for many people around the world to have easy access to information whenever they want. The development of the Wide World Web-enabled different kinds of information...

Words: 773

Pages: 3

Views: 86

Distributed Database Management System (DDBMS)

Introduction Data management has been a headache to many technology enthusiasts for quite a long period of time. They have successfully managed to logically collect interrelated data and share it. If the data is...

Words: 799

Pages: 3

Views: 127

illustration

Running out of time?

Entrust your assignment to proficient writers and receive TOP-quality paper before the deadline is over.

Illustration