Essay Human Vulnerability and IT Security - 2336 Words

Information Technology (IT) managers are constantly tasked with evaluating their organization’s overall security posture and reporting the greatest vulnerabilities to leadership. Senior management is often surprised to hear that the greatest vulnerability within an organization is not a misconfigured firewall or a virus being forwarded across an internal e-mail server, but rather a human being. When compared to a piece of hardware or software, a human user is easily the single most targeted weakness within an organization. Defining the Human Vulnerability Charles and Shari Pfleeger define a vulnerability as â€Å"a weakness in the security system, for example, in procedures, design, or implementation, that might be exploited to cause loss†¦show more content†¦The combination of any of these vulnerabilities puts a user and their organization at risk of being exploited by a threat. Password Management is the process of ensuring that systems are protected with unique and complex passwords. Effective password management safeguards data confidentiality, integrity, and availability to intended and authorized users. Individuals who are unfamiliar with the concept of password management may opt for weak passwords because they are easier to remember, or possibly even write their passwords down and leave them in their work environment. In 2002, the British online bank known as Egg found that 50% of user passwords for their e-banking services were family member’s names (Pfleeger Pfleeger, 2007, p. 225). According to Gregg Kreizmen, Gartner’s research director â€Å"two-thirds of U.S. consumers surveyed use the same one or two passwords for all Web sites they access that require authentication† (â€Å"Gartner Says Consumers†, 2009). Many security professionals advise that passwords should be at least seven characters long, and avoid eas ily guessed phrases such as names, places, or things. Additional best practices include using a blend of special characters, numbers, and upper and lower case letters. If an adversary is capable of exploiting a weak or unprotected password, he or she could cause a great deal of damage to an organization’s resources. Inappropriate data storage refers to the process of improperly storing orShow MoreRelatedSecurity Vulnerability Of Information Technology1116 Words   |  5 PagesThis paper explores the most significant security vulnerability that information technology (IT) professionals face in the future. It provides definitions, dissimilarities between vulnerabilities, risks, threats, and risk along with real-world examples of each. This conclusion is the result of several research reports from various sources, to include IT professionals such as the Apple Developers who propose that there are several variations of vulnerabilities which exist, Microsoft, and The CertifiedRead MoreMicrosoft Windows And Remote Procedure Call ( Rpc ) Facilities1558 Words   |  7 Pages(RPC) facilities. RPC is specific to the Windows operating system. The vulnerability was in Port 135 which handles transmission control protocol (TCP) the language in which a system communicates in. Port 135 did not require aut hentication about a server it was communicating with. Therefore, the Blaster Worm was able to inundate the port with data, in turn, injecting malicious code into the system. By exploiting this vulnerability in Port 135, the Blaster Worm would install itself on a computer andRead MoreAdvanced Threat Analytics Use Behavioral Analytics Essay1662 Words   |  7 Pagesorganizations to consider the predominant role of human factor in cybersecurity issues. This report will aim at demonstrating that the human element represents the top cybersecurity threat for hospitals, and perhaps any organizations. Ultimately the goal is a collaborative effort on designing effective policies to manage cyber threats facing the healthcare industry. Part I: The Human Factor Problem Description Health IT: Example of Intersection of Human Behavior and Cybersecurity Healthcare IT hasRead MoreInformation Security, Minor Assignment1575 Words   |  7 Pages ITECH 3215 INFORMATION SECURITY MINOR ASSIGNMENT THREAT PROFILING VIVEK CHARY DADUVAI (30312832)â€Æ' Contents Summary 3 Introduction 3 Profile of Threat 3 Profile Completion 4 Situational crime Prevention 4 Law 6 International scope 6 Conclusion 7 Reference 8 â€Æ' Summary Computer security is the security applied to the computers and their networks including the internet. Physical security and information security are the two types of computer securities which prevent theft of equipmentRead MoreCyber Terrorism And Cyber Attacks1367 Words   |  6 Pageshacking the big companies and breaking their security. But the companies started a process called penetration testing this is like hacking our own computer and when any vulnerability is found and they can protect themselves from that vulnerability. Microsoft is hiring the people hacking the Microsoft so these hackers can improve their security level What is penetration testing? This process is used to find out the security vulnerabilities. Vulnerabilities can be caused by number of reason like designRead MoreSecuring It Infrastructure At Wd Enterprises1268 Words   |  6 Pagesproperly secure the Information Technology (IT) infrastructure today, there are many different areas that need to be addressed. Each of these areas pose different vulnerabilities and challenges to properly securing an IT environment. By identifying these vulnerabilities, applying controls to address them, and designing a robust security plan the IT infrastructure at WD Enterprises will be more secure and provide better protection against these threats. This plan along with design and application ofRead MoreEssay On Vulnerability826 Words   |  4 PagesAlternate Title Where Have All the Vulnerabilities Gone? Application development and use has been changing for several years. The growth of software-as-a-service has created new challenges for security tools — challenges that legacy products are simply unable to meet. Relying on vulnerability scanners that used public databases of vulnerabilities can have disastrous consequences, but it was often necessary to do so. However, scanners cannot defend against a vulnerability that they cannot identify — andRead MoreWhy Vulnerabilities Remain Hidden899 Words   |  4 PagesAlternate Title Why Vulnerabilities Remain Hidden Application development and use has been changing for several years. The growth of software-as-a-service as well as the move to cloud-based applications has created new challenges for security tools — challenges that legacy products are simply unable to meet in a world in which new threats appear almost daily. Relying on vulnerability scanners, web application firewalls and antivirus software can have disastrous consequences, but until recentlyRead MoreTechnology Based Medical Technology822 Words   |  4 PagesThis research paper examines Internet of Things (IoT) based medical technology from a cyber-security perspective, aims to better understand the security landscape of IoT in medical technology and come up with solutions for enhanced IoT security. The paper was prepared through researching online resources and applying critical thinking. A simple vulnerability in a protocol such as Interoperable Telesurgery Protocol (ITP) while conducting remote surgeries, can result in hackers gaining control of theRead MoreWhen Cybersecurity Policy Is Discussed The Topics Often1145 Words   |  5 Pagestechnology, corporate culture, and security awareness. The success of an organization in defending its most valuable asset, data, depends on the proper implementation of several security practices. Ensuring that the â€Å"human aspect† of cyber security is addressed is vital, for the culture of an organization can greatly impact both the security posture and defense of information networks. This paper addresses the human aspects responsible for SCADA System vulnerabilities and provides a holistic solution