Cybersecurity Background

Citi Global Consumer Bank (citi) is one of the world’s leading digital banks, and serves as up to 100 million customers (Citi Group, 2018). As a global leader in wealth management, commercial banking, and Credit Cards, Citi offers attractive franchise through its strong brand, competitive position and digital capabilities. Citi has increased new digital features, achieved double-digit growth in digital and mobile users globally. By partnering with leading digital ecosystems, Citi has embedded their services in the platforms that clients use every day, driving increased engagement.

A Comparison of Cybersecurity and Computer Security 

Cybersecurity is part of information security, involving protecting organization’s data, networks, and computers from unlawful digital access, damage or attack. Bucy (2016) argues that Cyber security involves precautions against online crime using Internet. Therefore, Cyber Security is a practice of protecting electronic data. Whereas, Computer Security or Information Technology Security, is related to procedures of implementing protection measures that safeguard information utilizing various forms of technology. Hence, it secures all types of data – paper or electronic (Solms & Nierkerk, 2013). 

Data Flows across Networks

Advanced technology has led to creation of multiple networks onto which data flows. Businesses have grown and expanded due to rapid movement of digital data (classified as bits and bytes), but protection challenges resulting from data security exist. Since data flows through different infrastructure (software and hardware), which are created and manipulated by people who are guided by laws and regulations, the data flows meet potential risks and vulnerabilities. Furthermore, Communications Systems have evolved, and help transmit data over long distances instantly through mediums such as email and video, using telephones and computers, with excellent quality of information exchange at negligible cost. Essentially, Shared information through Computer networks constitutes devices connected to each other via multiple infrastructures and network topologies to achieve instant data exchange. The network interconnectivities are guided by protocols or rules that enable those networks to communicate.

Cyber Concept Vulnerabilities

Injection vulnerabilities: Occurs when untrusted applications send data to an interpreter, and affect SQL, XML, LDAP, and Xpath parsers and program arguments. This vulnerability leads to data loss, exposure to sensitive data, and denial of access (Infosec Institute, 2015). 

Buffer Overflows: An application tries to exert more data in a buffer against its capacity to hold, hence overworking the buffer and allows the attacker to overwrite content on adjacent blocks of memory resulting in either a crash program, or executes a malicious code. Buffer flow vulnerabilities are frequent, but hard to detect. 

Sensitive Data Exposure: Occurs whenever sensitive data is accessed by any given threat. For example, data stored lies idle in a system in the midst of two entities like the web browser and server. Therefore, once exposed, the same data lacks enough protection. Other vulnerable data include: data is that that is in transit, is in browsing history, or in backups.

Most Common Cyber Attacks

Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks. It refers to an attack that overpowers the capacity of the system’s resources, making it unable to respond to service requests. The attackers in this case do not gain access, but are satisfied by denied access of service. 

Phishing and spear phishing attacks. Involves sending multiple emails that appear to be coming from trusted sources, intended to gain access to personal information or influence users to perform certain acts. Attacks characterized by both technical trickery and social engineering. An example can be a request for a user to open an attachment from a friend, and the attachment loads malware onto the user’s computer (Rapid7, n.d.). 

Password attack. Since passwords are used for verification of entry into an information system, hackers can “sniff” around users’ workstations and access unencrypted passwords. Afterwards, they can easily gain access to database passwords or just do “intelligent guessing” (Melnick, 2018). 

Eavesdropping attack. Attack involves intercepting a network traffic, where an attacker eavesdrops or “listens”, obtains passwords, confidential information, or credit card numbers that a user might be sending over the network. 

Malware attack. Here, malicious software is installed into a user’s system without permission, then the software attaches itself to a legal code and proceeds to propagate it. Malwares consist macro viruses, file infectors, system boot infectors, Trojans, worms or logic bombs, and can lead to system crashes or malfunctions.

Penetration Testing

Penetration testing is a process of mimicking real attacks to evaluate probable security breaches and the risks posed. The testers of penetration ascertain both vulnerabilities within the systems that attackers can exploit and evaluate what attackers might benefit once they successfully exploit the situation (Weidman, 2014). 

Employment of Network Forensic Analysis tools (NFAT) to identify software communications vulnerabilities

Security administrators are equipped with tools that help them to be proactive in their security monitoring. Network Forensic Analysis Tools (NFATs) come handy in making it possible for administrators to monitor their network environment to undertake forensic analysis, check on anomalous traffic, and be in a position to have a clear picture of activities on their networks and systems. The most common tools employed to achieve this are: NetIntercept, NetDetector, and SilentRunner. 

Enterprise Cybersecurity

Major Concepts of Enterprise Cybersecurity.

Enterprise Cybersecurity adopts the inclusion of cybersecurity in business processes. Enterprise cybersecurity provides an infrastructure and models that demonstrate both the business and technical elements working together (Chmielecki et al., 2014). The key concepts of enterprise cybersecurity include ontologies (meta-models), composition of enterprise components, design and evolution, and guiding principles. 

Principles Underlying the Development of An Enterprise Cybersecurity Policy Framework and Implementation Plan.

Donaldson et al. (2015) propose the following principles relevant for the development of an enterprise Cyber Security. Firstly, there is a need to tie together policy, programmatics, IT life cycle, and evaluations through one framework for the purposes of coordination and delegation. Secondly, there is a need to break down enterprise cybersecurity into different areas to highlight the fact that cybersecurity is more than firewalls and anti-virus software. The third aspect needs aligning cybersecurity with real-world skills that will support cybersecurity personnel, like budget control. Fourth, there should be sub-areas needed to facilitate rapid and prompt reporting of the status of cybersecurity to executives to create understanding of what works and what does not work. Finally, there is need to establish areas that support business decision-making processes and help leaders to define priorities and strategies. 

Major Types of Cybersecurity Threats Facing Modern Enterprises

Phishing. Here, hackers gain illegal access to enterprise systems and tactfully convince business leaders to make money transfers via online platforms. The hackers target individuals in positions of financial influence and use information from social media accounts to pry on the vulnerable. 

CEO spoofing. The cybercriminal traces the whereabouts of a CEO in case he/she traveled and using that correct information, can send an email that looks genuine to a Chief Finance Officer instructing him/her to wire money for a given expenditure. 

Insider threats: This involves people within the organization who resigned or were terminated and create a backdoor for themselves or provide insider information to a rival organization. 

Ransomware; Cybercriminals illegally access one’s network, encrypt all the data and ask the data owner to pay some fee to access their own data. 

References

Buchy, J. (2016). Cyber Security vs IT Security: Is there a difference? https://www.novainfosec.com/2014/05/05/cyber-security-versus-information-security/

Chmielecki, T., Cholda, P., Pacyna, P., Potrawka, P., Rapacz, N., Stankiewicz, R., & Wydrych, P. (2014). Enterprise-Oriented Cybersecurity Management. ACSIS, 2, 863-870.

Donaldson, S. E., Siegel, S. G., Williams, C. K., & Aslam, A. (2015). Enterprise cybersecurity: How to build a successful cyberdefense program against advanced threats. Berkeley : Apress

 INFOSEC INSTITUTE. (2015). The top 5 cyber vulnerabilities. Retrieved from https://resources.infosecinstitute.com/the-top-five-cyber-security-vulnerabilities-in-terms-of-potential-for-catastrophic-damage/#gref

Melnick, J. (2018). Top 10 most common types of cyber attacks. Retrieved from https://blog.netwrix.com/2018/05/15/top-10-most-common-types-of-cyber-attacks/

Rapid7 (n.d.). Common types of cybersecurity attacks. Retrieved from https://www.rapid7.com/fundamentals/types-of-attacks/

Solms, R. V., & Niekerk, J. V. (2013). From information security to cyber security. Computers and Security, 38, 97-102. Weidman, G. (2014). Penetration Testing: A hands-on Introduction to Hacking. William Pollock, U.S.A.