I have question and answer for this question below , try to improve this answer

Question

I have question and answer for this question below , try to improve this answer and Feel free to agree or disagree with it (in few paragaraph)

Be detailed in your postings. Please ensure that your postings are civil and constructive.

QUESTION:
Nearly a decade has passed since the National Academy of Engineers declared Cyber Security a "grand challenge for the next century." Every day there is news on ways in which cyber security challenges and responses are complicating every aspect of our lives. Can the challenge be solved?

As a first step to solving any problem, one must understand its nature. So, it is important for all cyber security analysts to keep on top of news stories in the field. In this discussion forum we will do just that with the hope that everyone will make it a daily habit throughout their career.

Today, some cyber news has been flooded out of the headlines by Hurricane Harvey, but as noted in this article, cyber concerns are front and center as students return to school.

https://www.cnet.com/news/cybersecurity-101-how-universities-are-dealing-with-hackers/

What do you think about the recommendations from Carnegie Mellon (link above)?

ANSWER:

Reading through the article it made me reflect on some similar issues I have faced in the past. For many years I headed up the IT operations and infrastructure for a global financial firm. Security was always a major issue that literally keep me up at night. I can appreciate the circumstances of a college environment where your dealing with numerous unknown personal devices. We had similar issues in our firm initially but we developed policies that required everyone to submit their device to the IT department for scanning and certification if they wanted to connect to our main network. We managed the personal device as a corporate device because we had more control of the environment.

We did create separate networks for devices that were not certified but they were limited in their connectivity. We also implemented multiple levels of firewalls, intrusion detection/prevention devices and virus/spam filtering devices. I like the idea of a tech literacy course. We implemented something similar and I found that we had to periodically provide refreshers so people would keep their guard up. I like Carnegie Mellon’s practice of being proactive by running the monthly phishing campaign. It is important for everyone to understand the basic issues and the impacts.

One the disappointing things from the article was that the major app stores like Google Play are not as effective as we would like in protecting us from harmful apps. The things to watch for mentioned in the article such as poorly written reviews and public domain emails for contacts seem like good warning signs.

Explanation / Answer

The answer given below is having a perfect explaination to what can be done in the field of network security to provide the user with the proper security. But, I need to remind you in addition to your answers the network created to make the security work kindly must insist of firewalls,routers and switches that to routed with proper care and inclusive of all the security updates.

Updating is the major reason to get the security robust and working. It is mandatory to get all the devices updated and the network must be security proof i.e. it must not have any severe vulnerabilities like phishing, sniffing, broken links, sql injections, XSS attacks, DDoS attacks. The network must also be using virus protection software and must include time to time scan of the various part of network. There must be a system in which all the alerts analyzed and worked on must be prompted to the system administrator and make the netowrk more secure with security updates.

Please rate upvote Thank you...

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects