Security Technologies
Short Discussion on Security Technologies
"Identify and discuss two security technologies and the context in which they can be employed."
Introduction
The discussion concluded; firewalls and intrusion detection systems are integral for security posture, overall, a hybrid and varied approach to security is ideal as not one security protection is fit for all, especially as our technological landscape is ever evolving.
Personal Findings
It is apparent that setting up firewalls in larger organisations is difficult due to many subnets, so upon further research and commentary from colleagues, having combinations of protection such as firewall as a service (FWaaS), software-defined wide area networking (SD-WAN), and endpoint micro-segmentation would help protect cloud networking and remote working (Illumio, 2022).
Intrusion detection systems in conjunction with firewalls offer an excellent partnership as one detects and one protects, an issue that is routinely brought up is the fact that IDS can take considerable amounts of time to distinguish between regular activity and malicious activity, meaning false positives can occur, in addition, packets are not filtered individually, and data leakage is not protected from devices. Due to these aspects mentioned in the discussion, based on a study by Mudzinwag et al, using a hybrid or signature methodology reduces this as they produce the least number of false positives (David Mudzingwa, 2012). The signature methodology compares observed signatures to signatures on a database or list of known attack signatures, with any unknown signatures flagged as a security breach.
Overall Discussion
In addition to firewalls and IDS, the topics discussed included micro-segmentation and antivirus software. With antivirus software, it became obvious that this area of security and research has its own flaws that must be taken into consideration when planning an organisation's security measures. In addition, malware has become more sophisticated (Thornton, 2017). With Avast stealing unnecessary data from its users and anti-virus software not being updated as frequently as needed (Martens, 2022), this layer of protection could not be seen as a ‘one-size-fits-all’ as each antivirus software is not built equally. As the cyberinfrastructure includes remote working and larger more flexible organisations, security options must reflect these needs, end-point micro-segmentation was mentioned, and found to be essential for fast-evolving companies.
Conclusions
To conclude, firewalls and intrusion detection mentioned in the first week of discussion are both paramount for network security, a take home from the discussion amplifies the need for a variety of types of defence and detection for cyber posture to improve globally. Closing the cybersecurity gap of knowledge is essential for all organisations to survive by adopting a multi-layered security system, such as the defence-in-depth (DiD) (OneLogin, 2022).
Works CitedDavid Mudzingwa, R. A., 2012. A study of methodologies used in intrusion detection and prevention systems (IDPS). Orlando, 2012 Proceedings of IEEE Southeastcon, pp. 1-6.
Martens, B., 2022. Avast Scandal: Why We Stopped Recommending Avast & AVG. [Online] Available at: https://www.safetydetectives.com/blog/avast-scandal-why-we-stopped-recommending-avast-avg/ [Accessed November 2022].
OneLogin, 2022. What is Cybersecurity and Why is it Important?. [Online] Available at: https://www.onelogin.com/learn/what-is-cyber-security#:~:text=With%20DiD%20%E2%80%93%20also%20known%20as,to%20prevent%20or%20stop%20cyberattacks. [Accessed 13 November 2022].
Thornton, M., 2017. You Can’t Depend on Antivirus Software Anymore. [Online] Available at: https://slate.com/technology/2017/02/why-you-cant-depend-on-antivirus-software-anymore.html [Accessed 13 November 2022].
Illumio, 2022. What is Micro-Segmentation?. [Online] Available at: https://www.illumio.com/cybersecurity-101/micro-segmentation [Accessed 12 November 2022].