[Manny Varela]

Discuss the various risks and vulnerabilities companies face today as well as mitigating policies that help reduce a network compromise.

[Kanthony]

I can’t believe we are in Week Five!!

Below is a devotion from Billy Graham’s Devotions and what you have to do this week!  

The last day of class and the last day any work is accepted is December 16.  

Merry Christmas!!

Devotion:

And suddenly there was with the angel a multitude of the heavenly host, praising God . . . 
—Luke 2:13
When at this season of the year we wish our friends a “Merry Christmas,” it is essential to realize that true merriment of heart is contingent upon the recognition of the truth that Christ was born in Bethlehem for our salvation. The word “merry” is from an old Anglo-Saxon word which sometimes meant “famous,” “illustrious,” “great,” or “mighty.” Originally, to be merry did not imply to be merely mirthful, but strong and gallant. It was in this sense that gallant soldiers were called “merry men.” Favorable weather was called “merry weather.” Brisk winds were called a “merry gale.” Spenser speaks of London as “merry London.” The word “merry” carries with it the double thought of “might” and “mirth,” and is used both ways in Scripture. One of the early Christmas carols was “God Rest You Merry, Gentlemen.” The Christian is to engage in spiritual merriment as he thinks upon the fact that, through the redemption, he becomes a child of God’s family. The Bible teaches that the angels made merry at Christ’s birth.

Preparation:
 Read Chapters 10 and 11 in your E-book.
 Watch Chapter 10 and 11 videos
Discuss:
 Week Five Devotional
 Week Five Discussion Questions
Submit your initial post to discussion forums by Day Four of the
week, midnight (Eastern Time). See the discussion forum rubric in
your syllabus as to requirements for posting, including replies to
fellow students.
As to the devotional, the initial post is due by Day 7. Replies to fellow
students encouraged but not required.
Submit:
 Chapter 10 end of chapter exam
 Chapter 11 end of chapter exam

[Jacob Mannon]

Today we face many issues such as cyberattacks, phishing, vulnerabilities in software, insider threats, ransomware, malware, and many others. We can do our best to lower the risks in our company and reduce vulnerabilities with things like multi-factor authentication, security awareness trainings, encryption, utilization of the least privilege principle, DLP strategies and penetration testing on our software. Nothing in life is perfect, but we can try and lower risk where we can and make our companies safer and more secure.

-Jacob

[Amy Hastings]

There are a lot of different risks and vulnerabilities that companies face today including inside and outside threats as well as Cloud security. The inside threats include people that are capable of stealing important information and sabotaging the company as well. The external threats would include data breaches which means that people can gain access to any of the unauthorized and sensitive data. Cloud security is simply the vulnerabilities that are found in cloud environments. There are also many ways to reduce networks compromise like the strong authentication and access controls, this includes privileged and the multi-factor authentication. The privileged one is where the controls are for that sensitive data in the system. Multi-factor is the company knowing of any types of unauthorized access to the data in their systems.

[Jason Springer]

Hello Amy,
After reading your discussion, I thought you did a great job of explaining the different vulnerabilities companies face today in cyber security. I’ve also used multi-factor authentication a lot more now compared to five or ten years ago both in college and with gaming as well. Two-factor authentication is a pretty secure way to ensure that the user signing into an account is the correct person or not by sending a code to a secondary device.

[Jason Springer]

Companies today face many risks that can harm their networks. These include cyberattacks like hacking, viruses, and phishing scams, which can steal data or damage systems. Insider threats from employees who accidentally or intentionally misuse data are also a concern. Other risks include using outdated software or having weak security systems, as well as relying on third-party vendors who may not have strong security.
To protect against these risks, companies need solid policies. Regular software updates fix security problems, while strong passwords and multi-factor authentication help limit unauthorized access. Training employees to recognize online scams reduces human mistakes. Segregating networks and using firewalls help stop attacks from spreading. Companies should also have plans to respond quickly if a breach happens. Lastly, encryption keeps sensitive data safe, even if it’s intercepted. These steps together help reduce the chances of a network compromise.

[Jacob Mannon]

Jason,

I like that you mentioned training employees to recognize scams. My current company sends out monthly scam emails to the staff to test and see whether or not we recognize them and report them to the I.T. department as phishing or scam emails. I feel that many staff in many companies do not check their email on a regular enough basis to even know whether or not they are receiving spam emails.

-Jacob

[Latoya Stoudmire]

Companies face and multitude of risk and vulnerabilities while maintaining the safety of their network. This may come in the form of physically protecting a data center, to restricted areas or simply restricting access without proper credential to buildings. Vulnerabilities may also come in the form of software issues where users are primarily, the biggest risk. When overall looking at system vulnerabilities lot of times human error is the number one cause. A lot of times this is prevented by mitigating policies that help protect against these type of risk. Some of the policies to protect a companies network are encryptions or cyber security like firewalls and anti-firmware. It is also very important for a company to have the most current version of an application that it is using for its system. When a company uses outdated programs the company is more susceptible to invasion. Despite many companies using a legacy system, it is still best to use a more up-to-date version. Other types of policies that are put into place are business continuity plan. This type of plan will prepare a company to operate while experiencingy system issues. I believe this policy is one of the most important only second to access control.

[Braden Binegar]

Companies today face significant cybersecurity risks, including phishing, unpatched software, ransomware, insider threats, weak passwords, and advanced persistent threats. To mitigate these risks, they can implement employee training and awareness programs, comprehensive patch management, multi-factor authentication, regular data backups, strict access controls, incident response planning, and network segmentation. These strategies help reduce the likelihood of network compromises and enhance overall cybersecurity resilience.

[Author]

Posts