[Jessica Jagerson]

Discuss the various risks and vulnerabilities companies face today as well as mitigating policies that help reduce a network compromise.

[Jacob Mannon]

One of the most common vulnerabilities faced by companies today are that of phishing attempts. Phishing is when an attacker sends what appears to be a credible email in the attempt to gain personal information about you or your company. Vishing is similar but is through phone calls instead of email. My company has a warning that pops up for every email that doesn’t come from within the organization to give you a heads up so that we pay attention to whatever email we are reading. If the email does seem like it is a phishing email, we can mark it as phishing and the I.T. department takes it from there. Another big issue is that of hackers. Hackers are individuals with cyber security skills that will break into a company’s systems to attempt some type of damage to the organization. We can try to mitigate this with firewalls, proxy servers, and proper authentication for access to company computers. Even then, it is not always full proof.

-Jacob Mannon.

[Braden Binegar]

Companies today face numerous risks and vulnerabilities, including phishing attacks, malware, ransomware, insider threats, weak passwords, unpatched software, DDoS attacks, social engineering, IoT vulnerabilities, and cloud security risks. To mitigate these threats, organizations should implement regular employee training on phishing and social engineering, use antivirus software, enforce strong password policies, and ensure multi-factor authentication. Regular software updates and patches are crucial, as is the use of DDoS protection services. Additionally, companies should conduct background checks, monitor user activity, and secure IoT devices. For cloud security, strong access controls, regular audits, and data encryption are essential. By addressing these risks with appropriate policies, companies can significantly reduce the likelihood of network compromises and enhance their overall security posture.

[Jacob Mannon]

Braden,

I think you did a good job with your examples. I liked the password policy example. We shouldn’t make our passwords easy to figure out. Changing letters to characters like “S” to “$” can be a small but effective way to make a password harder to crack. My current company requires password changes every few months, and we are not allowed to reuse old passwords. This keeps our network access restricted to those who have proper need to get in for business purposes.

-Jacob.

[Latoya Stoudmire]

Hello Branden,

I like that you started with employee training to mitigate some potential risk. I don’t think people realize how important it is to keep people informed on how to detect cyber threats or even notice any suspicious activity. Some people I work with are totally oblivious to what trojans or spyware are. This is why I feel employee training on the subject is imperative. Despite having training I agree that it is important to still have antispyware installed to counter any potential threats.

[Amy Hastings]

Companies face a lot of risks and vulnerability when it comes to businesses including phishing as this is an online threat which can lead to companies to go through financial losses as well as the consumers losses. Another would be the ransomware and malware; ransomware can lead the entire business to be at a loss of financial problems and more. Malware is what leads to computer damage, and this allows hackers to gain access to personal and the financial information of that company. Some policies that can help to reduce a networks compromise would be the encryption because this helps to stop any hackers from gaining access or even seeing the company’s important information. Another is the firewall which is a big one because it helps keep the phishing attacks down to a controllable level. The firewall is basically a shield between the company’s device and an attack.

[Jason Springer]

Hello Amy,
You did a great job explaining how companies can be vulnerable to phishing and other malware attacks. I also liked how you brought up how companies can minimize the risk of malware attacks by using firewalls which can detect more important things that sometimes people overlook on their own.

[Jason Springer]

Some of the risks and vulnerabilities that companies face today in regard to networking include updated malware attacks that could attack weaker areas in the company and the possibility of extreme weather such as hurricanes in Florida or wildfires in California. These extreme weather examples aren’t going to happen every day in certain areas but they are more common and should be addressed when planning to expand or construct buildings in these areas. Malware attacks on the other hand are constantly evolving as technology grows and people become more and more knowledgeable about how different technologies function. One way that these attacks get through is by another vulnerability where an employee or owner has a lack of ways to detect fraud which allows hackers to get into the network. A policy that could be mitigated to reduce network compromise is changing passwords on the devices every six weeks or months to prevent password reuse on the network.

[Latoya Stoudmire]

When considering vulnerabilities, the most common is typically user error, this can occur in a multitude of ways. This can be from week passwords where a user may have not updated their password correctly this occurs If a user has a weak password or if they continuously use the same password. Another vulnerability from users is phishing. If a user is not mindful of the information they are giving or who they are speaking with directly. This could leave an organization’s security state very vulnerable exposing them to hackers. Another vulnerability that can often is not viewed as important is system updates. It is important for organizations to keep their system updated with the most current versions of spyware and protection. There are multiple ways to mitigate some of these threats from occurring one way would be to ensure that all employees are continuously using strong passwords that are updated on time intervals, this would allow the user to constantly changed your password. While ensuring that it is strong enough to prevent hacking, ensuring that our updates are complete and that you are using the most current version of any spyware and is system to keep all information and data protected. Training employees in how to be aware of phishing emails. Another way to mitigate phishing attacks would be to implement DMARC (Domain-based Message Authentication, Reporting & Conformance). DMARC ensures messages are coming from a secure source

[Author]

Posts