Page 63 - Cyber Warnings
P. 63
Overview of Security Issues
There are many reasons why enterprise systems have a challenge with security. The
global news has exposed several businesses for breaches in security such as Worldcom,
Morgan Stanley, Target (Harris & Perlroth, 2014; Pagliery, 2015). The federal government also
had security breaches that may have been prevented. For example, a group of Russian hackers
breached the unclassified section of the White House computers which caused a delay in
services while the cyber security team worked to find and eliminate the breach (Nakashima,
2014). Other departments like the postal service, the FBI, and the Senate experienced breaches
within the last 10 years (Ten Big Federal, 2011). These breaches in security show that there is a
need for something else to be done.
Organizations are constantly dealing with cyber-attacks which may cost over $70 billion
on IT security each year (Soluade & Opara, 2014). In contrast, the Department of Defense
(DoD) spent in access of $15 million of the $50 billion budget that the federal government
spends on cyber security (Paganini, 2014). In all cases, hacking continues.
Cyber criminals have more sophisticated ways of attacking systems and are able to
bypass traditional technologies because hackers have learned where systems are generally
most vulnerable (Saluade & Opara, 2014). For example, all systems have loopholes that the
organization may find, but when it is found, there exists a time gap between the attack and the
repair. This time gap is when the organization is most vulnerable and attackers can use this
time to attack.
Many businesses have moved to the cloud thinking that it would be more secure, but
there are still problems. Using the cloud means that customers will change software applications
frequently (Subashini & Kavita, 2011). All software platforms are vulnerable to hackers and must
secure data, the network, authenticity and authorization to secure the organization. The
challenge for organizations is that these systems must constantly be updated and many
organizations are not sure how to keep up with updates.
Another issue for organizations is the lack of understanding of what is needed to guard
networks. The government is not exempt from this problem. For example, Edwards (2013)
noted that the Department of Defense (DoD) attempted to move to a unified capabilities strategy
to integrate and form a collaborative platform. One challenge for DoD in attempting this was that
the system was to bring all data into one place.
Without proper security, the DoD could create more vulnerability, especially because
designers have challenges when developing this process that can create challenges to security.
Another problem for DoD designers is that they must work quickly to circumvent emerging
threats, however, they use traditional ways of testing and validating systems. The traditional
methods for certifying a system may not be able to keep up with newer threats (Edwards, 2013).
63 Cyber Warnings E-Magazine – September 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
