A brief overview of the current threat landscape. How does your major relate to cybersecurity technology?
Currently, there are many cyber threats that exist and it’s an ongoing battle to keep them at bay. People specializing in cybersecurity, information technology, or IT security all play a role in maintaining security and fighting off various types of cyber attacks such as APT’s. These can also consist of Distributed denial of service where a server is intentionally overloaded with requests in order to shut it down, inside attacks that deal with individuals utilizing their administrative privileges for misuse of their credentials, Malware, password attacks, and phishing. Even though I recently changed my major from Information Technology to Cybersecurity, they both deal with the information systems and technology that need to be defended and secured through the proper measures that are learned throughout the varying coursework.
Just what is a framework and why can it be useful? Briefly describe the 5 core activities of NIST’s Cybersecurity framework.
A framework is a model for the implementation of any cybersecurity in several different aspects of an organization or business. This model can be used if the security focuses on information technology, industrial control systems, cyber-physical systems, or more generally connected devices, such as the internet of things. While it is not a one size fit all figure, it displays its usefulness by being flexible and providing different ways of implementation, due to each establishment having unique security risks, threats, and vulnerabilities. One way the framework enables organization is by having five different functions.
❏ Identify: These are activities that are used to gain an understanding of any risks in order
to effectively address the issue.
❏ Protect: This is the development and utilization of safeguards against risks found in the
previous step
❏ Detect: This is the development and implementation of actions that alert in the event of a cybersecurity breach
❏ Respond: These are activities that are implemented in response to the breach
❏ Recover: The development and implementation of actions to revert to normal operations while reducing the chances of a repeated breach