OCU C)ISSO C Discussion Lesson 11
- This topic has 5 replies, 5 voices, and was last updated 2 weeks ago by
Joseph Doss.
-
AuthorPosts
-
-
February 15, 2024 at 4:08 pm #93552
Manny Varela
KeymasterThere are many CyberSecurity issues. Of the top 15, choose 3 to explain in detail. In these explanations, discuss how these are important to a security officer and company.
-
June 3, 2025 at 12:47 pm #106313
Ashly Jackson
ParticipantCybersecurity threats continue to grow, affecting businesses and individuals alike. Three critical issues include phishing attacks, malware infections, and data breaches.
Phishing attacks use deceptive emails or messages to trick users into revealing sensitive information. For security officers, it’s crucial to train employees on how to identify phishing attempts, as falling victim to them can lead to compromised accounts and data theft, damaging the company’s reputation.
Malware infections, including viruses, worms, and ransomware, pose serious risks to systems and data. Security officers must implement robust antivirus solutions and regularly update software to reduce the chances of malware infiltrating the network. This protects valuable company data and ensures business continuity.
Lastly, data breaches expose sensitive information to unauthorized individuals. For both security officers and the company, preventing breaches through encryption, access controls, and incident response plans is essential. Breaches can lead to financial loss, legal consequences, and loss of customer trust.
By addressing these three issues effectively, security officers help maintain the integrity, confidentiality, and availability of company resources.
-
June 3, 2025 at 9:51 pm #106323
Amy Hastings
ParticipantI liked the three that you have included and enjoyed reading you discussion over each one. I really think everything you have here is a great way to let someone learn how important it is to know these.
-
-
June 3, 2025 at 9:41 pm #106321
Amy Hastings
ParticipantThe three Cybersecurity issues that I choose are Ransomware, malware, and insider threats. Ransomware is a type of malware that does not allow you to have access to your device or any of the information that is on it. This is also caused by different things like the malicious websites and phishing emails. The purpose of ransomware is to hold your data hostage pretty much. Ransomware is important to a security officer to know of because it puts a huge threat towards the organization, they must be able to understand this so that they can prevent it from happening to their best ability.
Malware is the second one and it is a software that is made to harm or damage computers and servers as well as the client without them ever knowing. Malware is a major problem because it can lead to vulnerabilities within the computers. This is also used to steal data from organizations. A security officer should be aware of this because it is super important to know as a security officer, this can have huge impacts on the company as it can cause system failure if it’s not found in time.
Insider threats are last, and this is another type of cyber-attack, and this happens when a person with unauthorized access causes harm to the organization. This is also a risk that is inside the organization and not an external source. Insider threats are important for a security officer to understand as well because they can cause huge risks the organizations assets and information. These types of attacks are also one of the harder ones to detect so usually they have to go on a breach if not found in time to stop them.
-
June 5, 2025 at 11:40 am #106464
Ashly Jackson
ParticipantHi, I appreciate how you laid out the significance of ransomware, malware, and insider threats so clearly. Your explanation of how ransomware can hold data hostage and the need for security officers to detect and prevent these attacks is essential. Likewise, your points on how malware can cause vulnerabilities and the challenge of insider threats highlight the importance of vigilance and proactive security measures. These insights are critical for any security officer to understand and manage effectively.
-
-
June 7, 2025 at 3:23 pm #106485
Joseph Doss
ParticipantOne type of attack is DNS spoofing, this is where DNS server or a DNS cache is compromised in a way that re directs internet traffic from a website to another, typically a look alike, someone may enter login information, which the attacker then receives.There is also a man in the middle attack, in this security issue internet in routed through an attackers machine before sending the users traffic to the site of resources they intended to access, the attacker then eavesdrops on the traveling data, which is why connecting to a VPN while using public wifi is impossible. A third security issue to keep in mind would be phishing, where face emails are sent out to a specific target or on mass to random people asking for information while appearing to be a trusted source in order to get targets to click links, send information ect. So it is important to be able to tell where the message came from.
-
-
AuthorPosts
- You must be logged in to reply to this topic.