Cybersecurity Issues and Challenges

Cybersecurity Issues and Challenges

Neda Azizi, Omid Haass
Copyright: © 2023 |Pages: 28
DOI: 10.4018/978-1-6684-5284-4.ch002
OnDemand:
(Individual Chapters)
Available
$37.50
Current Special Offers
No Current Special Offers
TOTAL SAVINGS: $37.50

Abstract

Interest in study about cybersecurity and related security topics has grown dramatically in recent years. This interest has been motivated by a number of elements, two of which stand out: 1) In this business world, information systems, databases, and distributed internet-based systems and communications become significantly universal. Hence, organizations recently recognize the requirements for a fundamental security strategy because of increasing intensity and complexity of security-related attacks and risks. This strategy may be considered as the use of authorised hardware and software and skilled and trained personnel to meet the requirements. 2) Cybersecurity education has developed as a national objectives/strategy in most of the countries. Further, a number of frameworks and standards is designed and developed for computer security education. Accordingly, the number of fields and subjects offered at universities, education colleges, and other institutions in terms of cybersecurity and related fields has increased.
Chapter Preview
Top

1. Cyber Threats And Attacks

This section provides an overview of cybersecurity issues and challenges. We begin with an introduction to cybersecurity and develop a discussion of computer-related assets that are subject to a variety of cyber threats and risk analysis. Accordingly, the section provides an overview of the classifications of cyber threats and attacks that users and managers wish to identify and manage them, and a look at the security engineers to protect computer assets and networks and track incidents. However, the focus of this section, is on four fundamental topics including introduction to cyber Security, the challenges of cybersecurity, various cyber threats, and security engineering and risk analysis.

1.1 Introduction to Cyber Security

The NISTIR 7298 report (Glossary of Key Information Security Terms, July 2019) defines the cybersecurity concept as measures used to protect confidentiality, integrity, and availability of system, and data (such as software, hardware, network), and information being processed, stored, and communicated.

This definition represents the concepts of confidentiality, integrity, and availability that build what is merely referred to as the CIA triad. These three concepts are at the heart of cybersecurity and include security goals for information and computer systems. The FISMA (Standards for Security, Categorization of Federal Information and Information Systems, February 2004) defines three security goals for information and computer systems:

  • Confidentiality: Considering permissible limits on access and disclosure of information, including tools to protect sensitive personal information and proprietary information.

  • Integrity: Protection against correction or destruction of false information, including ensuring non-repudiation and accuracy of information.

  • Availability: Ensuring timely and reliable access of authorized users to resources when needed.

Depending on an organization’s security objectives and their regulatory requirements, one of these three concepts (confidentiality, integrity, and availability) might take precedence over another. For example, confidentiality is critical for certain government agencies; integrity is vital for financial sector; and availability is important in both the ecommerce and the healthcare sector (Dalziel, 2014). An organization could decide how to use these three concepts given their specific requirements, balanced with their goals to develop a seamless and safe user experience. An organisation that requires high confidentiality and integrity might sacrifice lightning-speed performance that other organisations might value more highly.

Complete Chapter List

Search this Book:
Reset