Answer
Response1softwaresecurity.edited1 xcybersecurity.edited xResponse1softwaresecurity.edited x
Running head: RESPONSE TO SOFTWARE SECURITY
1
RESPONSE TO SOFTWARE SECURITY
2
Response to software security
Students name:
Professor:
Date:
Initial post
There is a great need to have the software secured to avoid possible breakdowns and malfunctionings. An attack on software can lead to heavy losses or disasters in which to recover from incidences of disaster is a costly and expensive undertaking. Software is a target of attackers who aim at exploiting the vulnerabilities of the software to enable the threats (Ransome & Misra,2013). The vulnerabilities and the threats that face the software are what make it essential to initiate security strategies and improve on the security plans that are being used or even making them stronger against the vulnerabilities and the possible threats. Throughout the development of software development life, software security is the most important since it would negate the weaknesses from the beginning until the end of the project. During software development, the software must pass through various security phases to satisfy them before being released (McGraw,2006).IT must even pass through the security engineering assessment and PCI phase as final steps towards being published. Some software has security measures codified in the SDLC, especially in some industries like those that use bank cards in the finance industry. Most security measures work the same despite being different but yield the same or similar results,
Clouds have changed the way we think of the development of secure software systems. Cloud computing is considered a safer and more reliable and convenient to store sensitive information since it has more significant storage and retrieval is faster. We used to think that the development of secure software, but we have noticed that despite the efforts to come up with a more secure one, the software is still a subject of compromise, a target of threats, especially by having their vulnerabilities acted in by attackers. With security measures in place, the software is safer compared to those that don’t have security, and complex securities are hard to break in by crackers.
Response 1
Response to Gabriel
I agree with the first document, and I can confirm I agree with it based on its findings and conclusions. The Article talks of the essentiality of security to credit card, and the need for security is enhanced during the requirement phase, and there is also codification in the SDLC. The software must pass through various security reviews, and security is also considered an essential component in the life cycle of the development project. Still, during the development t phase, the final step requires the system to be passed through the security engineering assessment and PCI before it goes to the production phase (Ransome & Misra,2013). There are multiple releases daily and weekly, and they must be subjected to code reviews in both facets manual and automated, and the ability to work in twos allows reviews and writings at the same time depending on the industrial operations. Some industries put more emphasis on security like the Credit cards in is the scenario.
In contrast, others don not .it important to note that information is essential and needs to be treated in a more secure manner (McGraw,2006). Clouds are using different technologies to achieve similar results. Firewall appliances or use virtual ones will give almost the same result but are different, just like the AWS security group.
Response 2
Response to Stephan
I agree with the document as it matches the many types of research I have done and the many articles I have come across. The article speaks of the need to retain and increase the security of the software throughout the SDLC. It allows the issue of security to be designed and planned, especially during the initial stages of the security cycle, with fixed and controllable solutions on one side of the software design (McGraw,2006). Due to the increase in threats and vulnerabilities b and the dire consequences the results can yield, it makes it essential to have security as an important driver. In response to the security measures, cloud computing has also boosted their security attention due to its importance and the need to counter the threats. In the SDLC, it is dynamic. It reconsiders and considers their software to adjust, and fine-tunes are important to them (Ransome & Misra,2013). security component being thought of is the profile of the user, devices such as the IoT, Computer, and iPhone have become part of our culture, and people of all ages are using them. The chances and increase in vulnerabilities are enabled by cloud computing due to their access and control. For convenience, there is a need to ensure more secure system ones in clouds and security ensures that the information is pervasive, secure, and available.
References
McGraw, G. (2006). Software Security: Building Security in. Addison-Wesley Professional.
Ransome, J., & Misra, A. (2013). Core Software Security: Security at the Source. Boca Raton, FL: CRC Press.
Running head: RESPONSE TO SOFTWARE SECURITY
1
Response
to software
security
Students name:
Professor:
Date:
Running head: RESPONSE TO SOFTWARE SECURITY
1
Response to software security
Students name:
Professor:
Date:
Running head:
CYBERSECURITY
1
CYBERSECURITY 5
CYBERSECURITY
Student’s name:
Professor:
Course:
Date:
Discussion 2
From your research, what are the most common cybersecurity threats? Which has proven to be the most costly? What data are the most important to protect?
There are various types of online threats that are witnessed today. The threats do not discriminate against the kind of organization or individuals when it comes to identifying targets. With the massive evolvement of cybersecurity, which has led to the emergence of new strains of cyber threats, most organizations today are on high alert (Voss, 2019). The most common types of cybersecurity threats experienced today include malware, phishing, spear phishing, Trojans, ransomware, a man in the middle attack, denial of service attack, attacks directed on IoT devices, data breaches, and mobile apps malware.
Among the different types of cybersecurity threats, phishing is the most costly cyber threat. According to research done by RiskIQ, phishing accounts for $17,700 losses each minute, which translates to $9.3 billion losses each year (Benson & McAlaney, 2019). In a nutshell, phishing involves obtaining individuals sensitive through fraudulent ways to perform specific actions in their accounts, luring individuals to perform certain operations as well as gaining access to data. I believe the most critical data that should be protected involves sensitive personal data. This data ranges from individual’s login data, passwords, credit card numbers, PINs, financial statements, and health records (Benson & McAlaney, 2019). This data is essential, and its exposure can have severe consequences. Organizations need to ensure that all sensitive data about employees and customers are well protected to reduce the chances of breaches.
Response to Eddie
Before I write my response, I would like to thank you for your excellent work and research. I concur with your post that cybersecurity threats have come so frequently and costly for an organization to deal with it. It is essential to ensure that employees are well trained on better data protection as most of the attacks are tailored towards them as most of them are very unaware of the tricks. I agree with your post that most of the frequent attacks that are witnesses today are tailored toward the human components in terms of scams, phishing, and spams.
It is, therefore, essential to ensure that employees are well aware of the different forms of cyber-attacks such as phishing, Trojans, malware, DDOs attacks, ransomware, and man in the middle attacks, among others. This should be in terms of how they occur and how to deal with them (Voss, 2019). Training is a very effective way through which employees can be sensitized about them; also, it is imperative to ensure frequent refresher training to ensure that employees are briefed about the latest developments and new threats. Lastly, I concur with your post that the most critical data to protect involves the individual’s confidential data. The data is crucial as its exposure can have severe consequences when it lands to the hands of the evil hands. Example of this data is the PINs, passwords, number of credit cards health data, among others. Many organizations have suffered a lot of losses when the data of their employees have been exposed. It is, therefore, essential to ensure that data is well protected to ensure that it does not fall into the hands of the evil-minded individuals (Voss, 2019).
Response to Kimberly
Hello, I like the way you have organized your post. I agree with your position on the different types of cyber-attacks. Looking at the list of cyber-attacks that you have presented, I must say that organizations and individual needs to be vigilant as the number of attacks has significantly increased. Also, attackers have come up with different modes and forms of attacks, posing even many threats to organizations. In addition to this, I believe that organizations need to train their employees and adapt the knowledge of ethical hacking as this is the only way through which they will able to counter the increased amounts of cyber threats (Voss, 2019). I need to say that your article has opened me about the new types of attacks that are present today, which includes crypto-jacking, cloud issues as well as credential stuffing.
With the current advancement in technology, I tend to disagree with your post that the most common type of attack involves direct attack. Currently, I believe that attackers are targeting the human component more, making the human-related attacks such as scams, phishing, and spams where frequent. Because most employees are less informed, attackers are now targeting employees. A direct attack on a system can indeed be very costly to an organization, especially when the system is compromised in a way that services are halted. Lastly, the cost of an attack indeed relies on the type of organization that has attacked. Organizations today need to ensure that proper protective measures are put in place to ensure that its resources are well protected.
References
Benson, V., & McAlaney, J. (2019). Emerging Cyber Threats and Cognitive Vulnerabilities. Academic Press.
Voss, R. (2019). Cybersecurity: What YOU Need to Know about Cybersecurity, Ethical Hacking, Risk Assessment, Social Engineering & How to DEFEND YOURSELF from Attacks. Independently Published.
Running head: RESPONSE TO SOFTWARE SECURITY
1
RESPONSE TO SOFTWARE SECURITY
2
Response to software security
Students name:
Professor:
Date:
Initial post
There is a great need to have the software secured to avoid possible breakdowns and malfunctionings. An attack on software can lead to heavy losses or disasters in which to recover from incidences of disaster is a costly and expensive undertaking. Software is a target of attackers who aim at exploiting the vulnerabilities of the software to enable the threats (Ransome & Misra,2013). The vulnerabilities and the threats that face the software are what make it essential to initiate security strategies and improve on the security plans that are being used or even making them stronger against the vulnerabilities and the possible threats. Throughout the development of software development life, software security is the most important since it would negate the weaknesses from the beginning until the end of the project. During software development, the software must pass through various security phases to satisfy them before being released (McGraw,2006).IT must even pass through the security engineering assessment and PCI phase as final steps towards being published. Some software has security measures codified in the SDLC, especially in some industries like those that use bank cards in the finance industry. Most security measures work the same despite being different but yield the same or similar results,
Clouds have changed the way we think of the development of secure software systems. Cloud computing is considered a safer and more reliable and convenient to store sensitive information since it has more significant storage and retrieval is faster. We used to think that the development of secure software, but we have noticed that despite the efforts to come up with a more secure one, the software is still a subject of compromise, a target of threats, especially by having their vulnerabilities acted in by attackers. With security measures in place, the software is safer compared to those that don’t have security, and complex securities are hard to break in by crackers.
Response 1
Response to Gabriel
I agree with the first document, and I can confirm I agree with it based on its findings and conclusions. The Article talks of the essentiality of security to credit card, and the need for security is enhanced during the requirement phase, and there is also codification in the SDLC. The software must pass through various security reviews, and security is also considered an essential component in the life cycle of the development project. Still, during the development t phase, the final step requires the system to be passed through the security engineering assessment and PCI before it goes to the production phase (Ransome & Misra,2013). There are multiple releases daily and weekly, and they must be subjected to code reviews in both facets manual and automated, and the ability to work in twos allows reviews and writings at the same time depending on the industrial operations. Some industries put more emphasis on security like the Credit cards in is the scenario.
In contrast, others don not .it important to note that information is essential and needs to be treated in a more secure manner (McGraw,2006). Clouds are using different technologies to achieve similar results. Firewall appliances or use virtual ones will give almost the same result but are different, just like the AWS security group.
Response 2
Response to Stephan
I agree with the document as it matches the many types of research I have done and the many articles I have come across. The article speaks of the need to retain and increase the security of the software throughout the SDLC. It allows the issue of security to be designed and planned, especially during the initial stages of the security cycle, with fixed and controllable solutions on one side of the software design (McGraw,2006). Due to the increase in threats and vulnerabilities b and the dire consequences the results can yield, it makes it essential to have security as an important driver. In response to the security measures, cloud computing has also boosted their security attention due to its importance and the need to counter the threats. In the SDLC, it is dynamic. It reconsiders and considers their software to adjust, and fine-tunes are important to them (Ransome & Misra,2013). security component being thought of is the profile of the user, devices such as the IoT, Computer, and iPhone have become part of our culture, and people of all ages are using them. The chances and increase in vulnerabilities are enabled by cloud computing due to their access and control. For convenience, there is a need to ensure more secure system ones in clouds and security ensures that the information is pervasive, secure, and available.
References
McGraw, G. (2006). Software Security: Building Security in. Addison-Wesley Professional.
Ransome, J., & Misra, A. (2013). Core Software Security: Security at the Source. Boca Raton, FL: CRC Press.
Running head: RESPONSE TO SOFTWARE SECURITY
1
Response
to software
security
Students name:
Professor:
Date:
Running head: RESPONSE TO SOFTWARE SECURITY
1
Response to software security
Students name:
Professor:
Date: