Covid-19 Update: We've taken precautionary measures to enable all staff to work away from the office. These changes have already rolled out with no interruptions, and will allow us to continue offering the same great service at your busiest time in the year.

Annotated Bibliography on Cyber Security

2486 words (10 pages) Essay in Security

08/02/20 Security Reference this

Disclaimer: This work has been submitted by a student. This is not an example of the work produced by our Essay Writing Service. You can view samples of our professional work here.

Any opinions, findings, conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of UK Essays.

Introduction to cyber security

Cyber-security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It’s otherwise called data innovation security or electronic data security. Cybersecurity alludes to the act of guaranteeing the trustworthiness, classification, and accessibility (ICA) of data. Cybersecurity is included an advancing arrangement of instruments, chance administration approaches, innovations, preparing, and best practices intended to ensure systems, gadgets, projects, and information from assaults or unapproved access.

Cyber security is significant in light of the fact that government, military, corporate, financial, and hospitals gather, procedure, and store exceptional measures of information. These information can be delicate data, regardless of whether that be licensed innovation, money related information, individual data, or different sorts of information for which unapproved access or presentation could have negative results. Associations transmit touchy information crosswise over systems and to different gadgets throughout doing organizations, and digital security portrays the order committed to ensuring that data and the frameworks used to process or store it. As the volume and complexity of cyberattacks develop, organizations and associations, particularly those that are entrusted with defending data identifying with national security, wellbeing, or financial organisations, need to find a way to ensure their delicate business and staff data.

One of the most problematic elements of cybersecurity is the constantly evolving nature of security risks. The traditional approach has been to focus resources on crucial system components and protect against the biggest known threats, which meant leaving components undefended and not protecting systems against less dangerous risks. This field is growing in importance due to advancement in technology and reliance on the computer systems, internet and electronic gadgets for our day to day life.

To deal with this situation, organisations are promoting proactive and adaptive approach. National Institute of Standards and Technology (NIST), for example, recently issued updates guidelines in its risk assessment framework that recommend a shift toward continuous monitoring and real-time assessments.

At the point when an association has a solid understanding of system security and a powerful incident response plan, it is better to be ready to avert and prevent these attacks. For instance, end user protection provides assurance and guards the theft and loss of sensitive information from malicious attackers.

Ensuring cybersecurity requires the coordination of efforts throughout an information system, which includes:

  • Data Security
  • Network security
  • Application security
  • Incident response plan
  • End-user training

Data Security (Hari- 30364363)

“Data security” covers a lot of different aspects of data infrastructures that may be both technical and organizational: procedures, policies, physical access, etc. The extraordinary relevance of security services into any workflow taking place on data infrastructures and therefore, the need that those services can be used as transparently as possible. Security services must be considered as one of the foundation services for data infrastructures and therefore offer developers and users the possibility of implicitly applying them unless more fine-grained explicit control is required.

Data security is at the core of what needs to be protected in terms of information security and mission-critical systems. Ultimately it is the data that the organization needs to protect in many cases, and usually data is exactly what perpetrators are after, whether trade secrets, customer information, or a database.

Example of data breach, millions of data of Facebook users were accessed by third company, which led to downfall of share market by billion dollars. This can be the better example for why an organisation should regulate and make strong policy for data security, data containment and destruction.

Once we draw up a plan and assess risks, it is time to put data security system into action. Since data can be compromised in many ways, the best security against misuse or theft involves a combination of technical measures, physical security and a well-educated staff. You should implement clearly defined polices into your infrastructure and effectively present them to the staff. Below are some of the things an organisation can do to protect data:

  • Protect your office or data centre with alarms and monitoring systems
  • Keep computers and associated components out of public view
  • Enforce restrictions on internet access
  • Ensure that your anti-malware solution is up to date
  • Ensure that your operating system is up to date
  • Fight off hacking attacks with intrusion detection technology
  • Utilize a protected power supply and backup energy sources

What can you do to protect your data?

Its not hard to protect our data from loss or theft if we follow simple guidelines. For data loss protection, have a backup of your data in multiple copies and multiple location. Having backup in multiple location ensures your data to be protected even if your primary location gets destroyed.

But bear in mind, nothing is 100 percent secure, all we need to do is to increase the layer of security. To protect data against theft, some of the best practices an individual can take into consideration are listed below:

  • Never click on spam, phishing, or a suspicious email. Confirm or verify an email before opening any attachment.
  • If something seems too good to be true, it probably is.
  • Stop using pirated copies of software.
  • Use genuine antivirus and antimalware software.
  • Two-factor authentication can be additional protection for your online accounts.
  • Do not share your password and personal information.

Encryption

Encryption is the process of encoding information or a message in such a way that only the authorised person/organisation has access to it. Encryption translates the desired data or information into another form which does not give meaning on its own. So that only the authorised person with secret key (encryption key) can unlock or decrypt the message. An encryption key is a collection of algorithms designed to be totally unique which can scramble and unscramble data, essentially unlocking the information and turning it back to readable data.

Computer based encryption seems to have been started during the Second World War with European military forces were tasked with breaking Germany’s Enigma code.

How does it work?

Encryption uses complex algorithm called cipher to change plaintext into series of random text (cipher text) which is unreadable to those without decryption key. There are two types encryption in practice; Symmetric which is also known as private key encryption and Asymmetric known as public key encryption.

Symmetric key encryption

Source: https://static.makeuseof.com/wp-content/uploads/2015/02/private-key-encryption.png

Asymmetric Key encryption

Source: https://static.makeuseof.com/wp-content/uploads/2015/02/public-key-encryption.png

Data Backup & Retention

Data backup is copying or archiving files and folders for being able to restore them in case of data loss and accessing them whenever required and from wherever required. Data retention can also be called as records retention and can be done for different reasons. One reason could be to comply with federal and state regulations and another reason could be, to provide organisations the ability to recover data in case of data loss.

Loss of data can be caused by many things like virus, hardware failure, or in some case natural disaster like flood or earthquake. If you are an individual, losing your data might not affect you that bad but if you are an organisation who deals with business or health data, data loss can cause havoc.

Backup can be done in different ways and can be onsite and offsite. Company/organisations policy normally defines:

  • What data should be backed up
  • What compression method to use
  • How often the backup should take place
  • What types of backup media should be used
  • Where should data be backed up

Data retention is the process through which organisations (normally telecommunications and health) and government agencies store and record various (individual and business) data. It normally refers to how the internet user data is stored and handled. Countries, businesses and most government organisations have their own data retention policies that defines how they approach this.

Data Disposal

Data disposal or destruction simply means destroying the data. It is the process of destroying the data stored on hard disks, tapes, USB drives or in any other forms so that it is completely unreadable and cannot be accessed or used for unauthorised purposes.

Corporate information is an imperative part in an organization’s survival. It contains data that relates to its profit, activity, organization, and coordination’s. These kinds of data must be taken care of cautiously and with the most elevated feeling of secrecy. Industries such as defence, aerospace, government security, finance and healthcare are amongst those at most risk. The highly sensitive data they handle on a routine basis could easily be exploited by hackers or wrongdoers and incur terrible consequences.

There are various ways how the data can be destroyed depending on the material the data is stored on. Degaussing can be done for the data stored on magnetic devices, Shredder can be used to shred the data stored on hard copy format like paper. The main purpose of disposal is to ensure the data is gone forever. Every organisation has their own policy about how the data is managed, some use in-house disposal process where as some hire contractors.

References

  • Redlich, R. M., & Nemzow, M. A. (2006). U.S. Patent No. 7,103,915. Washington, DC: U.S. Patent and Trademark Office.
  • Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud computing. In 2012 International Conference on Computer Science and Electronics Engineering (Vol. 1, pp. 647-651). IEEE.
  • Pfleeger, C. P., & Pfleeger, S. L. (2002). Security in computing. Prentice Hall Professional Technical Reference.
  • Wilkowska, Wiktoria, Martina Ziefle, and Matt-Mouley Bouamrane. “Privacy and Data Security in E-health: Requirements from the User’s Perspective.” Health Informatics Journal 18.3 (2012): 191-201. Web.

Appendices

Initial Individual Pieces of Writing and Reviews

SOAR model (strength, opportunities, aspirations, results)

Group mind map

 

 

Time Estimation for assignment 2

Task

Best time (OD)

Worst Time (PD)

Estimated time (ED)

Topic analysis

35 mins

90 mins

60 mins

Selection

20 mins

60 mins

45 mins

Brief Discussion

45 mins

75 mins

60 mins

Gathering key points

35 mins

80 mins

50 mins

Creating Summary

30 mins

70 mins

45 mins

Review

20 mins

30 mins

25 mins

Creating PowerPoint

60 mins

130 mins

80 mins

Presentation practice

60 mins

100 mins

80 mins

Final touch

40 mins

60 mins

30 mins

Total

5 hour 45 mins

11 hour 35 mins

7 hour 55 mins

 

Now let’s calculate the final time based on above values

D = ((1 * OD) + (4 * ED) + (1 * PD))/6

   = ((1 * 345) + (4 * 475) + (1 * 695))/6

   = (345 + 1900 + 695)/6

   = 2940/6

   = 490

   = 6 hours 4 mins

Reflection on time estimation

The duration of task and the assessed time has an immense time gap. As this is group assignment, we need more gathering. The extensive discussion, handling the gathered data, and managing the different angles incorporated into the determination direct and so forth have taken much time while experiencing the assignment. Even though, this table has met our arrangements and destinations in less time. In this manner, if we can adhere to our arrangements and timings, we can complete the undertaking in time. The distinction in the perspectives among the individuals set aside more effort to determine, anyway we had the option to understand the issue and execute our arrangements.

GROUPWARE USED: Facebook Messenger

We used messenger as our group discussion tool which was easily available from the App Store and all team members were comfortable using it. Despite having some disadvantages, we still considered messenger as our communication platform for this assignment.

Pros and cons of using messenger as a group discussion tool are discussed below:

Pros:

  • All the members were familiar and were using it.
  • Group chat features that allowed us to add our group members from contact list.
  • Multiple video chat features helped us for virtual group meetings
  • Message seen, and delivery report helped us to identify which group members were active.
  • Easy for quick pictures and file transfer which helped to review each other’s works.

Cons:

  • App didn’t work offline.
  • Picture quality got reduced, so it was unrealistic to exchange figures and diagrams with group members.
Get Help With Your Essay

If you need assistance with writing your essay, our professional essay writing service is here to help!

Find out more

Cite This Work

To export a reference to this article please select a referencing style below:

Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.

Related Services

View all

DMCA / Removal Request

If you are the original writer of this essay and no longer wish to have the essay published on the UK Essays website then please:

McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams Prices from
£124

Undergraduate 2:2 • 1000 words • 7 day delivery

Order now

Delivered on-time or your money back

Rated 4.6 out of 5 by
Reviews.co.uk Logo (198 Reviews)