Cybersecurity challenges

Cybersecurity challenges

Introduction

Cybersecurity is defined as the activity of protecting programs, networks, and systems from numeral attacks. Cyber-attacks aim at changing, destroying, or accessing sensitive info; interrupting the daily processes in the business; or extorting cash from individuals. Examples of cyber-attacks include spamming, phishing, ransomware, hacking, spooning in the United States Congress, it established safety for information and their system. Security is categorized based on their potential impact in a firm in case there is an event that jeopardizes the info and the firms’ information system. In case the info is essential to the firm in accomplishing its mission, meeting its legal requirement, protect people, protect its assets, and run its daily activities. The categories of security should, in combination with threats and vulnerability information in measuring the risk that a firm is facing. According to the federal information security Management Act (FISMA), security objectives are defined according to their integrity, confidentiality, and availability.

The first step followed when categorizing the system is by determining the types of information that the system processes and stores. The second step involves provisional categorization, which is classifying a particular kind of info without using any specific factors. The third step consists in adjusting for exceptional factors where the firm should review any unique factors that might affect the category of provisional. The fourth step is categorizing the system of info as a whole, where the owner of the system chooses the highest value for integrity, availability, and confidentiality. When a cyber-attack happens, the potential impact on a person may either have high, low, or moderate.

Low impact means that the adverse effect that the attack had was limited to the firm’s individual assets or operations. The effectiveness of a firm is reduced, there are minor damages on the assets, slight financial loss, little harm to employees, but the firm can run its primary roles. When the impact is moderate, there are serious effects such that the capability of the firm achieving its mission is significantly degraded. There are significant damages on assets, financial loss, and employees are significantly damaged. In high impact, there is a catastrophic effect on the assets, individual, ad operations. The firm’s mission is degraded severely such that the firm is unable to run its daily activities, assets are majorly damaged, a lot of financial loss or individuals are severely injured or lost life.

The damages caused by cybersecurity annually around the world add up to $6 trillion, where there is an average of one hacker hacking a computer in every 39 seconds. Semantic technologies are defined as a term that stands for several techniques that are different aimed at deriving the meaning for the data. Such technology includes ontologies, semantic search engines, and semantic technologies.  The semantic web defines a philosophy, offers useful data over the network by the use of ontology, comes with regulations to use the data, and permits reasons that are semantic to deduce info using the data and rules. In cyber defense, big data analytics focuses on the capability to collect massive levels of digital info to analyze, process, interpret, and visualize results to predict and end cyber-attacks. Big data analytics plays a vital role in the detection of crimes and security occurrences.

Challenges

The challenge that is big data faces is that its success in protecting cyber-attacks solely depends on the correct combination of methods, personal insight, professional understanding of the landscape of threats, and the effectiveness in processing big data to create unlawful intelligence. According to a study, there was a 61% of participants that agreed to have strong security against hackers that required the firm to be able to identify and contain potentially and anomalous malicious traffic attacks in the networks. Nonetheless, only 35% of the participants were able to use these tools.

A second challenge faced in cybersecurity is the increase in the complexity of heterogeneous elements example, the varying types of computer systems, networks, and many layers of software. Conflicts within adversaries are moving into the Internet and aiming the cyber-infrastructure. Many tools, techniques, and technologies developed and designed based on an ad-hoc without investigating what principles they are founded. Thus, the results produced are a critical supply for SoS.

An added significant challenge that comes up in the establishment of science for cyber-security is ways to create metrics to assess how secure the system is. Coming up with a single number that quantifies security is a problem. The security of a network or system is dependent on who the attacker of the system is, the resources they use, human factors, and the internals of an order. Thus, any strategy that the defendant uses to protect his system can make the attackers change and adapt to the policy. Therefore there is a need to model the whole interaction between defenders and attackers as a game.

Another challenge is that developing tools that are based on Semantic Web Rule Language, Web Ontology language is complicated. OWL is intended for a parsing system in the computer but not for easy consumption by individuals. Likewise, SWRL is not English-like and thus difficult for people to understand. Therefore it becomes challenging to use development tools to protect the system from cyber-attacks.

There is a challenge in the reproducibility of safety experiments. In developing human models, a security attack and operations on the defense requires the involvement of people. It is challenging on ways to reproduce experiments that involved people as it is not possible and difficult to use the same people that were used in the first stage. Some operations are compassable as a system may encounter several attacks at the same time. Another challenge is on the development of query languages that are capable of retrieving experiments and compare them.

Conclusion

Challenges that are related to the consumer’s viewpoint need to be addressed. Problems such as usage monitoring and compatibility testing need sending to as to help consumers gain a good understanding of the procedures and policies. This will help in supporting the acquiescent usage of resources that are protected. The use of semantic Web technologies should make policy interpretation. The compatibility test should also be addressed by the use of both Semantic Web technologies and deontic logic.