Most Important Cybersecurity Vulnerability Facing It Managers Computer Science Essay

intimately outstanding Cyber auspices department Vulnerability Facing It Managers calculator Science EssayVulnerabilities to exploitation in modern calculators argon varied. They spue from electronic network boniface vulnerabilities that allow aggressors to take over the web server to very forward-looking side channel exploits that enjoyment things like sheaf timing or instantaneous power consumption to glean hugger-mugger information from computers. Vulnerabilities appear in the node softwargon product that members of an ecesis drill to cast their jobs d peerless. The conclusion of this authorship is that un shucksed thickening side softwargon is the to the highest degree important cyber bail pic facing the IT community to daytime. Since all modern organizations (companies, non-profits or government entities) ingestion computers and networks as part of everyday operations, this vulnerability is relevant to all of them. For this reason, this paper does not foc us on a incident organization or industry.Vulnerability vs. ThreatCybersecurity vulnerability is defined as weakness in a computer hardw be or software product program system that mickle be exploited. This is different than a nemesis. A threat is the way in which vulnerability is exploited. An example of a cybersecurity threat is spyware or malware worldly concern introduced into a computer. Vulnerability is the weakness in the computers systems that allowed the threat to succeed. This paper focuses on the vulnerabilities, not the threats. Vulnerabilities can be very expensive. The 2009 Computer trade protection Institute / Federal Bureau of Investigations Computer Crime and Security accompany reports that average losses per respondent were $234,244, although that number was down from the previous year (Peters, 2009). Cybersecurity vulnerabilities can be present in any part of a computer systems software or hardware. According to the SANS institute, the number of vulnerabil ities discovered in software applications far outnumber those found in operate systems. (Top security risks-vulnerability exploitation trends). This is because operating systems tend to be more long lived and hence more tested than applications. Vulnerabilities can also be more sophisticated than the normal vulnerabilities we read about often. For example, bingle can contain what operands are being handleed by a computer by monitor it instantaneous power consumption. This, along with a knowledge of what algorithms are being processed can lead to the guessing of an encryption key (Brooks, 2010). at one time the encryption key is guessed, files and communications involving that host could be decrypted. Another queer vulnerability is the fact that keystrokes are sent across communications networks one at a time, so that if one captures the communications of an ssh session, the keystrokes can be guessed based on the time between them and the layout of a QWERTY keyboard (Brooks, 2 010).The Origin of Vulnerabilities intimately vulnerabilities occur because of programmer error. hotshot of the just about common errors that cause cybersecurity vulnerability is called buffer overflow. In buffer overflow, more data is provided as commentary than the program is expecting. This causes a corrupted stack and can allow an attacker to inject rouge edict. The use of modern programming languages and proper mark techniques can eliminate the possibility of buffer overflow, but at that place is big amount of software out there that has this vulnerability, Much work has at peace(p) into mitigating and go oning this sign of vulnerability to exist in software, or if it exists, to not be exploited. Vulnerabilities that appear in software may not be the conduce of programmer error. They may be inserted into software applications intentionally by double-dealing employees of software vendors. The fact that there is not much reporting of the discovery of such vulnerabilit ies does not mean they dont exist. Consider the factors that might retain a software vendor from publicizing the discovery of deliberate catty code in one of their products. There are liability issues and the companys reputation would hurt if such a thing became known (Franz, 2008).Human VulnerabiltiesVulnerabilities that allow malicious actions to take place on an organizations computer systems sometimes have goose egg to do with hardware or software. An organizations personnel can be a considerable cybersecurity vulnerability as well. Since it is the organizations personnel who implement any cybersecurity measures that are dictated from the CIO staff, it is they that are the key to the cybersecurity plans potence. If people are practicing dangerous activities on the organizations computers, then all the planning in the world wont prevent bad things from happening. There are factors that brook to the cybersecurity vulnerabilities that personnel contribute to. nonpareil stud y divided these factors into nine areas, external influences, human error, management, organization, performance and preference management, policy issues, technology, and training (Kreamer, Carayon, Clem, 2009). The authors make the point that not all vulnerabilities are ca utilize by bad programming. Personnel issues are a big factor, also. Take, for example, the Stuxnet writhe that infected the Iranian nuclear facilities and has reportedly caused lots of damage and has hold up the Iranian nuclear development. The cyberdefenses that the Iranian IT security staff put in place were circumvented by the actions of at least one employee. The worm was introduced via an infected flash drive (Paulson, 2010). All the perimeter defense in the world wont work if an insider does something wrong either intentionally or unintentionally.Impacts of Vulnerabilities on OrganizationsSome of the cybersecurity vulnerabilities faced by an organization largely depend on what type of business that org anization is diligent in. For example, if an organization has a large presence in online commerce (Amazon, New Egg) it has more vulnerability to web based attacks than an organization that doesnt use the internet for commerce. An organization that possesses unique hardware, for antecedent an electric utility or a hospital, has vulnerabilities that most organizations dont face.Regardless of the type of business an organization engages in and the associated vulnerabilities that are unique to that type of business, a modern organizations day-to-day operations are performed on computers. Computers and networks are at the core of every process that a company uses to do business. Most managerial and technical employees of any organization have access to and use a computer for performing his or her work. There are inside web sites and email systems that allow communications between employees. Employees use these computers to do research and purchase products from web sites. This require s that these computers be connected to the internet.The Most Important Cybersecurity Vulnerability Un sliceed Client SoftwareBecause internet connected computers are present in an organizational setting, these computers must be kept up to date stamp with relevant security tackes to prevent attacks against known vulnerabilities. For a large organization, this can be a daunting task. The fact that a patch exists for a vulnerability means that the vulnerability has been found and probably publicized. This means that the constitutional hacker community has access to the exploit and there is a secure chance more attacks exploiting this vulnerability will be engulfed. This makes it imperative that the patch be put in place quickly. Failure to do this leaves an organization open to This is why the SANS institute ranked as the number one vulnerability facing organizations today (as of 2009) unpatched lymph gland side software (Top security risks executive summary, 2009). The number two ranked vulnerability was internet facing web sites. SANS also stated that on average, major organizations are taking at least twice as long to patch client side vulnerabilities than they are to patch operating systems (Top security risks executive summary, 2009). Because the unpatched client software vulnerability is not industry or business var. dependent it is applicable to any company, non-profit organization or government entity. For this reason, the tidings of unpatched client side software does not focus on a particular class of organizations.Unpatched client side software can be exploited in galore(postnominal) different ways. One of the more habitual methods is by use of directed email attacks called spear phishing. In a spear phishing attack, a computer user is sent an email intend to entice the user into opening an attachment or clicking on a link that results in malware being installed on the users computer. When the user opens the attachment or clicks on the li nk, vulnerabilities in the client software on his or her computer are exploited to gain access to the users machine or the finished corporate network. The exploited vulnerabilities may be in any client software such as browsers, document readers, or image viewers. These types of attacks are a common method of gaining footholds into corporate networks (ICS-CERT, 2011) and were the method used to launch some well publicized attacks, like the Aurora attack against Google, adobe and other tech companies (Zetter 2010). While the Aurora attack was not enabled by unpatched client software (it used previously unknown, or zero day vulnerabilities in Microsoft Internet Explorer to enable the exploit), it is relevant to this discussion because the methods used in this attack have been make knowned, making it easy for other attackers to duplicate it. This makes it imperative that patches are applied in a timely demeanor to prevent it.There are two main problem areas that contribute to the large amount of unpatched client software that remains in use in an organization. The first is that the software vendors sometimes do not publish patches in a timely manner. The second is that once a patch is issued by a software vendor, the patch does not bewitch deployed to the organizations computers for non-homogeneous reasons. As an example of software vendors not fixing vulnerabilities quickly enough, a company called TippingPoint (now a part of Hewlett Packard) recently released the details of 22 unpatched security vulnerabilities. Some of these vulnerabilities had been reported to their developers over two and half years agone (Keizer, 2011). TippingPoints Zero Day Initiative buys exploits from independent researchers. They also sponsor contests that takings the best exploits. They then provide their customers protection from these exploits and notify the developer of the targeted software of the mankind of the vulnerability that allowed the exploit to work. When a patch is issued by a software vendor, it then has to be applied to an organizations infrastructure in order to be effective. The application of patches does not always happen quickly for several reasons. One reason is that the application of patches is disruptive to the organizations operation. The patches must be vetted by the security personnel and tested by the IT department. Testing patches prior to deployment is critical in avoiding incompatibility problems which would disrupt the organization even more. Another reason that patches dont get applied quickly is that they may not be compatible with in-house operating software. For instance, if Microsoft announces an upgraded browser that fixes many security holes, an organization may not be able to use it because internal software such as an write up or HR system that they use is not compatible with it.How to foil Unpatched Client Software VulnerabilitiesOrganizations can deal with the problem of unpatched client software by being pr oactive in subscribing to a service that informs them of the origination of new vulnerabilities and in creating and implementing a patch management process. A patch management process is a multifaceted one. The following elements must be embroild in the patch management process (Gerace and Cavusoglu)Senior executive Support. Without which this, no process can succeed.Dedicated Resources and Clearly Defined Responsibilities. If there is no staff assigned to the patch management process, it wont get done.Creating and Maintaining a Current Technology Inventory. This helps the patch management team determine which and how many systems need to be patched.Identification of Vulnerabilities and Patches. This allows the team to be alive(predicate) of what patches are applicable to the organizations machines.Pre-deployment testing of patches. This should be done in a controlled environment to prevent adverse side effects.Post-deployment scanning and monitoring. This gives an indication of the say-so of the patch.As with any other business process, the patch management process must be audited by the use of measurements and metrics. Key metrics include severity/priority incidents associated with mission-critical application outages for inaccurate patching (Colville, 2010). Measuring the effectiveness of the patch management process then leads to modifications to it that improve the effectiveness.ConclusionOf the many different cybersecurity vulnerabilities that face organizations in todays world, unpatched client side software is the most dangerous. This is because this type of vulnerability threatens all organizations, regardless of the type activities they are engaged in. If they utilize computers, then this vulnerability must be addressed to prevent cybersecurity exploitation.