Citi Global Consumer Bank (citi) is one of the world’s leading digital banks, and serves as up to 100 million customers (Citi Group, 2018). As a global leader in wealth management, commercial banking, and Credit Cards, Citi offers attractive franchise through its strong brand, competitive position and digital capabilities. Citi has increased new digital features, achieved double-digit growth in digital and mobile users globally. By partnering with leading digital ecosystems, Citi has embedded their services in the platforms that clients use every day, driving increased engagement.
A Comparison of Cybersecurity and Computer Security
Cybersecurity is part of information security, involving protecting organization’s data, networks, and computers from unlawful digital access, damage or attack. Bucy (2016) argues that Cyber security involves precautions against online crime using Internet. Therefore, Cyber Security is a practice of protecting electronic data. Whereas, Computer Security or Information Technology Security, is related to procedures of implementing protection measures that safeguard information utilizing various forms of technology. Hence, it secures all types of data – paper or electronic (Solms & Nierkerk, 2013).
Advanced technology has led to creation of multiple networks onto which data flows. Businesses have grown and expanded due to rapid movement of digital data (classified as bits and bytes), but protection challenges resulting from data security exist. Since data flows through different infrastructure (software and hardware), which are created and manipulated by people who are guided by laws and regulations, the data flows meet potential risks and vulnerabilities. Furthermore, Communications Systems have evolved, and help transmit data over long distances instantly through mediums such as email and video, using telephones and computers, with excellent quality of information exchange at negligible cost. Essentially, Shared information through Computer networks constitutes devices connected to each other via multiple infrastructures and network topologies to achieve instant data exchange. The network interconnectivities are guided by protocols or rules that enable those networks to communicate.
Cyber Concept Vulnerabilities
Phishing and spear phishing attacks. Involves sending multiple emails that appear to be coming from trusted sources, intended to gain access to personal information or influence users to perform certain acts. Attacks characterized by both technical trickery and social engineering. An example can be a request for a user to open an attachment from a friend, and the attachment loads malware onto the user’s computer (Rapid7, n.d.).
Password attack. Since passwords are used for verification of entry into an information system, hackers can “sniff” around users’ workstations and access unencrypted passwords. Afterwards, they can easily gain access to database passwords or just do “intelligent guessing” (Melnick, 2018).
Eavesdropping attack. Attack involves intercepting a network traffic, where an attacker eavesdrops or “listens”, obtains passwords, confidential information, or credit card numbers that a user might be sending over the network.
Malware attack. Here, malicious software is installed into a user’s system without permission, then the software attaches itself to a legal code and proceeds to propagate it. Malwares consist macro viruses, file infectors, system boot infectors, Trojans, worms or logic bombs, and can lead to system crashes or malfunctions.
Penetration testing is a process of mimicking real attacks to evaluate probable security breaches and the risks posed. The testers of penetration ascertain both vulnerabilities within the systems that attackers can exploit and evaluate what attackers might benefit once they successfully exploit the situation (Weidman, 2014).
Employment of Network Forensic Analysis tools (NFAT) to identify software communications vulnerabilities
Security administrators are equipped with tools that help them to be proactive in their security monitoring. Network Forensic Analysis Tools (NFATs) come handy in making it possible for administrators to monitor their network environment to undertake forensic analysis, check on anomalous traffic, and be in a position to have a clear picture of activities on their networks and systems. The most common tools employed to achieve this are: NetIntercept, NetDetector, and SilentRunner.
Major Concepts of Enterprise Cybersecurity.
Enterprise Cybersecurity adopts the inclusion of cybersecurity in business processes. Enterprise cybersecurity provides an infrastructure and models that demonstrate both the business and technical elements working together (Chmielecki et al., 2014). The key concepts of enterprise cybersecurity include ontologies (meta-models), composition of enterprise components, design and evolution, and guiding principles.
Principles Underlying the Development of An Enterprise Cybersecurity Policy Framework and Implementation Plan.
Donaldson et al. (2015) propose the following principles relevant for the development of an enterprise Cyber Security. Firstly, there is a need to tie together policy, programmatics, IT life cycle, and evaluations through one framework for the purposes of coordination and delegation. Secondly, there is a need to break down enterprise cybersecurity into different areas to highlight the fact that cybersecurity is more than firewalls and anti-virus software. The third aspect needs aligning cybersecurity with real-world skills that will support cybersecurity personnel, like budget control. Fourth, there should be sub-areas needed to facilitate rapid and prompt reporting of the status of cybersecurity to executives to create understanding of what works and what does not work. Finally, there is need to establish areas that support business decision-making processes and help leaders to define priorities and strategies.
Major Types of Cybersecurity Threats Facing Modern Enterprises
Buchy, J. (2016). Cyber Security vs IT Security: Is there a difference? https://www.novainfosec.com/2014/05/05/cyber-security-versus-information-security/
Chmielecki, T., Cholda, P., Pacyna, P., Potrawka, P., Rapacz, N., Stankiewicz, R., & Wydrych, P. (2014). Enterprise-Oriented Cybersecurity Management. ACSIS, 2, 863-870.
Donaldson, S. E., Siegel, S. G., Williams, C. K., & Aslam, A. (2015). Enterprise cybersecurity: How to build a successful cyberdefense program against advanced threats. Berkeley : Apress
INFOSEC INSTITUTE. (2015). The top 5 cyber vulnerabilities. Retrieved from https://resources.infosecinstitute.com/the-top-five-cyber-security-vulnerabilities-in-terms-of-potential-for-catastrophic-damage/#gref
Melnick, J. (2018). Top 10 most common types of cyber attacks. Retrieved from https://blog.netwrix.com/2018/05/15/top-10-most-common-types-of-cyber-attacks/
Rapid7 (n.d.). Common types of cybersecurity attacks. Retrieved from https://www.rapid7.com/fundamentals/types-of-attacks/
Solms, R. V., & Niekerk, J. V. (2013). From information security to cyber security. Computers and Security, 38, 97-102. Weidman, G. (2014). Penetration Testing: A hands-on Introduction to Hacking. William Pollock, U.S.A.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more