Reply To: OCU ISSO Week 4 Lesson 14 Discussion
Hi Kevin,
I completely agree with you on the importance of database security. It’s fascinating to learn about the various measures that are used to protect sensitive data from cyber-attacks and misuse. As you mentioned, database security programs not only protect the data within the database but also the entire data management system and every application that accesses it.
It’s scary to think that threats can come from both inside and outside an organization. I was surprised to learn that insider threats are one of the most common causes of database security breaches. It’s crucial to ensure that employees with privileged user access are thoroughly vetted and monitored to prevent potential threats.
Another type of attack that caught my attention was the use of arbitrary non-SQL and SQL attack strings into database queries. It’s scary to think that almost all database systems are vulnerable to these attacks if developers do not follow secure coding practices and if the organization does not conduct regular vulnerability testing.
It’s clear that understanding the enemy is the first step in defending against these threats. Thanks for sharing your insights on this important topic.