Cyber reference to a leaked Snowden document, insists that

Cyber
security refers to a body of technologies, processes, or practices that are
designed in a way to protect networks, computers, computer programs, and data
from attacks, damages, and unauthorized access. Cyber security is commonly
known as security in the computing context. In computing, cybersecurity is used
to attain and maintain the security properties of the organization’s system and
user’s assets against the various forms of security risks in a
cyber-environment (Semer, 2015). The main objectives of cybersecurity are: the
availability of a secure cyber environment, integrity that involves
authenticity and non-repudiation, and confidentiality. The world will come to
heavily rely on these three aspects in its increasing use of computers and the
internet. Communication has also been made efficient through the use of
smartphones and emails and in the transport sector, navigation and car engine
systems are designed and controlled using computers and software. This raises
concerns on how secure people are as they develop and make advancements in the
computing world, although it is believed that life has been made easier by use
of computers. As such, cybersecurity is important to protect information in
computing environment by preventing, detecting, and giving response to attacks.

Encryption With No
Language

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

As
computers continue to be integrated in human daily life activities, security
risks that computers are exposed to are evolving rapidly. This is a challenge
to cybersecurity because the solutions associated with a problem in the current
or previous environment or situation fails to be a solution to another problem in
a future time. Because of these rapid evolutions, encryption has remained the
best solution to provide cybersecurity. As Ball (2015) explains, encryption is
the process of making data that is readable unreadable to humans using
algorithms that create complex codes from simple data. This makes it hard for
cyber thieves to access the data or even if they have access to the data, it
becomes extremely difficult to make sensible information out of it. Ball
(2015), while making reference to a leaked Snowden document, insists that
encryption remains the best way for people to protect their information from
cyber theft. The multifactor authentication required to access encrypted data
makes it hard for hackers and other data thieves to recreate the encrypted files
and data.

Even
though encryption remains the best option to protect data in a computing
environment, hacking is becoming more complex due to the current problem of
lacking a common language to design cybersecurity solutions. There is a wide
variety of security options in the market today that are being used by both
public and private sector agencies to protect information and data. According
to Bolton (2013), the various options available do not use a similar language
or terminologies making it frustrating for a cybersecurity specialist to
compare cybersecurity programs when addressing the digital threats that may
affect the agencies. There is a need to have a common and standardized language
to help gauge how strong the cybersecurity of an organization is from another
organization. This will deliver significant benefits to government agencies and
organizations in their endeavors to implement cybersecurity software and
ecryption, eliminating the need to contract another organization while
protecting themselves from cyber threats. On the other hand, adopting a similar
language is a challenging affair considering the costs that come along with the
language. The frameworks that have been proposed previously have been too
expensive to implement, especially for small organizations that have unstable
financial strength. Although it can be argued that there are some free services
available for the public sector, the proactive measures that have been put in
place makes their use unstable with time, leaving the users with no other
option other than purchasing the stable versions which are quite expensive.

Problems with
Professionalization and Recruitment

Even
though there is need to have a unified framework to approach cybersecurity, the
increase in cybercrimes shows that there is acute shortage of professionals to
combat the crimes. As such, according to Burley et al. (2014), there is need to
professionalize cybersecurity. Currently, cybersecurity professionals that
exist did not specify their study in securing systems but as a subsidiary of
another course in the information and communication technology area. This
limits their skills to handle the rampant and ever dynamic forms of security
threats that data thieves are using to have access to data. As Burley et al.
(2014) say, there is a widening gap between the required supply of qualified
cybersecurity professionals and the available demand for skilled professionals
with the ability to secure critical cyber space and infrastructure. The current
cyber market is described by foggy and competing requirements, disjointed
programs for security development, conflicting security role’s definitions, and
fragmented and confusing cybersecurity certifications. The evaluation done on
the security professionals as explained by Burley (2014), shows that the
assessment is too wide and mixed up with other concepts that are not security
oriented, making it hard for the professionals to tackle issues that come along
with data security.

The
lack of professionals in the cybersecurity area of study has made it hard for
all sectors to be equipped and secured from cybersecurity threats (Lewis,
2014). Some sectors that require professionals to be available always have
remained vulnerable to information security threats making it hard to implement
the current communication trends and stick to the old methods of communication.
A good example according to Caponi & Belmont (2015) is the maritime
vessels, which find themselves not in a position to implement cyber securities
due to the long time periods they take offshore. The limit in the number of
professionals on the other hand does not allow maritime companies to employ
information security professionals who will remain onboard the vessels
throughout their voyage. Most of cybersecurity experts attract high
remunerations making it hard for the maritime companies to employ many
professionals to be accommodated by the vessels. This according to Caponi &
Belmont (2015) exposes information used in the vessels at a high risk making
the companies vulnerable. In some instances, the maritime vessels are installed
with communication equipment but have no information security professionals to
ascertain that the systems are secure. This information is hacked by data
thieves who distort it and make it unusable. The costs incurred by the
companies to repair the systems are high making it not worth an investment for
the company. The same situation is replicated in unstable economies across the
world. Countries that are not in a position to pay the information security
professionals or provide education to the available professionals find
themselves with the challenge of protecting themselves from cyber threats.

Effects of Hacktivism

From
late 1980’s to early 1990’s, information access was impossible and most web
platforms were restricted to the objectives and goals of their creation. The
need to inform people and have access to information was becoming a growing
concern as time went on. Activists wanted to spread information of good will to
people all over the world and created a worm that infected the browser and
transmitted messages automatically without the users’ knowledge. As such,
hackers used the worms and made decoys of the messages of good hope to access
the system back end information and data. In some cases, instead of sending the
messages intended, people would send unintended unethical material to other
systems. Despite the misuse, hacktivism is becoming one of the major threats to
information security as it is being funded and used by wealthy politicians and
stable companies or organizations to spread messages against their competitors.
According to Kelly (2012), followers of the trending news and affiliated users
who have more interest in the services provided by the company or the political
affiliation fall prey to the hackers when they open the links bearing the
content. Unaware of the threat, the user’s system is infected by viruses that
transmit data and information to the hacker.

With
increase in hacking and hacktivism, states and governments derive ways of
safeguarding the innocent persons in the society who are likely to fall prey to
the activities of hackers. As news platforms highlight, cybercrimes have become
a regular feature on the daily news that calls for extra or additional policing
(Milone, 2003). As shown by Kremer (2014), the stories continue to intensify
the culture of fear among the users about cybercrime and exert pressure on
policing and need for military involvement. The military has to follow the
mindset system where the strategic goal remains to liberate the innocent
victims of cybercrime and balance between national security of the country in
question and the interest of the offender. Since the affected platforms are web
based, the military has to come up with strategies and work with the local
police to see to it that the transnational threats caused by cybercrimes over
the global network are not delivered in the country (Lewis, 2014). The
reassurance gap between the public demand for the police to deliver and what
the police and the military can deliver at the end of the day worsens. This
creates an overall assumption that it is impossible to control the internet and
there is need for self-policing as the government uses its arms to improve and
regulate offending behaviors over the internet.

 Common Internet Security Risks and Safeguards

With
need for self-policing arising, users can be protected by a secured socket
layer protocol, which creates a secure tunnel between the browser and the
server to safeguard any data or information that is exchanged within the
secured tunnel. Secure socket layer provides authentication to the server using
certificate from the users as a form of prove of their identity. Data in
transit over the internet is very vulnerable yet important. As such, user’s emails,
credit card details and other forms of data are at a risk. An SSL protocol
within the TCP/IP helps support the typical application of communication tasks
between the server and the client to protect the client’s information from
hackers (Lewis, 2014). Protocol encryption comes in handy in such scenarios as
well. A description of the protocol defines the details about the data
structures and the representations that define the point to which the
implementation of multiple and interoperable versions of a program can be done.
Cryptographic protocols are used to secure the application level by considering
the following key aspects: establishment of key arrangement, authentication of
entities, symmetric encryption of material construction within the network,
enforcement of the non-repudiation methods, and creation of a secure
multi-party computation. According to Micciancio (2010), the cryptographic
protocol is used in most cases to secure the HTTP and the HTTPS connections and
uses the X.509 system mechanism.

There
are very many risks ranging from more serious to less serious that come along
with cybercrimes. The worst of all is the effect caused by viruses that wipe
clean files making the files unrecoverable. Unfortunately for the user, there
is no guarantee that even when using the best precautions available in the
market, some of the cybercrimes will not happen at some point when using or
interacting with computers especially on the internet (Morrissey, 2015). To
safeguard the system from the many anomalies that exist, it is important for
the users to perform safety practices before opening files like running a scan
of the files, installing anti-malware software to protect the system and allow
the browser to run a scan of the emails before opening or downloading the
emails and their attachments to the computer. Before running a programmed code,
it is important to test and verify the development platform and process
alongside the authenticity of the software vendor. Many software that are not
well programmed come along with programming errors making them vulnerable to
cyber-attacks (Winnefeld et al., 2015). There is a realistic assumption that
has been overlooked on several occasions about the existence of an attacker
somewhere in the cyber space that is ready and willing to attack another
person’s computer. The most vulnerable people to the ignored assumption are the
small enterprise users who see no need to protect their computers with the
assumption that they do not have important information that anyone may need.
Such users in the recent years have fallen prey to phishing on the social media
platforms.

Conclusion

Governments
and the military organizations on the global front have made all the efforts to
protect their information. Despite the efforts, users find themselves under
attack from the hackers and other data thieves. This leaves the public with
questions that need to be addressed like:

·  Whose
role specifically is it to protect the user from Cyber security threats?

With
increasingly sophisticated attackers, it would be unwise to expect the layman
to understand how to properly protect themselves for more serious attacks.
While certain types of malware and spyware should without question be placed in
the territory of the user to guard against, ransomware and data breaches should
be delegated to more specialized organizations. Whether this should be assigned
to the government or private companies is still a topic for debate.

·  If
the government wants to introduce cybersecurity bill into a law, will the law
be applied to other citizens who steal data yet are not residents within the
country of criminal activity?

It
is well known that most high-profile attacks are perpetrated from outside the
borders of the victim country. The methods that these countries use to
extradite the criminals also is not always legal, and is creating an air of
mistrust on both sides. This problem needs to be addressed internationally,
with standardized definitions of territory in cyberspace and to which country
it belongs too.

·  How
and why do computer breaches really occur?

While
there are many reasons that computer and data breaches are occurring in the
world today, it is still vital to understand why they occur and how. This is
paramount in anticipating the targets of a future attack. While the realm of
cyberspace is changing rapidly, it is becoming an environment of anticipation
and proactiveness, rather than that of passiveness and reactiveness. Responding
to attacks is no longer sufficient, as the amount of damage from a single attack
can be enormous.

Cybersecurity
is important to protect information in computing environments by preventing,
detecting, and giving response to attacks. Despite the high costs that come
along with it, the protection it accords the data and information is worth
protecting and the costs incurred. Cybersecurity standards are being
implemented so as to have a uniform platform to approach the threats. Although
there is no professionalism that specifically addresses every issue in the
field, the available people who can secure the software try to use the
available resources to protect data from data thieves and monitor the systems
against cybercrimes. It is hard for the police and the
military to protect people from cybercrime due to different laws that have been
adopted by different countries yet the crimes are committed over the global
network. Therefore, this calls for self-policing and the need to have
information assurance and information security.