Question

In: Computer Science

If you consider the cyber security responsibilities and obligations associated with your role or a role...

If you consider the cyber security responsibilities and obligations associated with your role or a role in which you have an interest, what are the cyber security responsibilities? To what extent do they relate in some way to databases?

Solutions

Expert Solution

Answer:-

what are the cyber security responsibilities?

New security threats pop up all the time, and IT security professionals need to stay up to date with the latest tactics hackers are employing in the field. In addition to the high-level responsibilities mentioned above, some specific duties IT security teams do, include:

  • Set and implement user access controls and identity and access management systems
  • Monitor network and application performance to identify and irregular activity
  • Perform regular audits to ensure security practices are compliant
  • Deploy endpoint detection and prevention tools to thwart malicious hacks
  • Set up patch management systems to update applications automatically
  • Implement comprehensive vulnerability management systems across all assets on-premises and in the cloud
  • Work with IT operations to set up a shared disaster recovery/business continuity plan
  • Work with HR and/or team leads to educate employees on how to identify suspicious activity

To what extent do they relate in some way to databases?

Security concerns for internet-based attacks are some of the most persistent challenges to database security. Hackers devise new ways to infiltrate databases and steal data almost daily. Organizations must ensure their database security measures are strong enough to withstand these attacks.

Some of these cyber security threats can be difficult to detect, like phishing scams in which user credentials are compromised and used without permission. Malware and ransomware are also common cyber security threats.

Another critical challenge for database security is making sure employees, partners, and contractors with database access don’t abuse their credentials. These exfiltration vulnerabilities are difficult to guard against because users with legitimate access can take data for their own purposes. Edward Snowden’s compromise of the NSA is the best example of this challenge. Organizations must also make sure users with legitimate access to database systems and applications are only privy to the information they need for work. Otherwise, there’s greater potential for them to compromise database security.

How Can I Deploy Database Security?

There are three layers of database security: the database level, the access level, and the perimeter level. Security at the database level occurs within the database itself, where the data live. Access layer security focuses on controlling who is allowed to access certain data or systems containing it. Database security at the perimeter level determines who can and cannot get into databases. Each level requires unique security solutions.

Security Level

Database Security Solutions

Database Level

  • Masking
  • Tokenization
  • Encryption

Access Level

  • Access Control Lists
  • Permissions

Perimeter Level

  • Firewalls
  • Virtual Private Networks

Database Security Best Practices

Although there are several different approaches to database security, there are some best practices that can help every organization keep its databases safe. These database security best practices enable organizations to minimize their vulnerabilities while maximizing their database protection. Although these approaches can be deployed individually, they work best together to protect against a variety of circumstances impacting database security.

  • Physical database security: It’s critical to not overlook the physical hardware on which the data is stored, maintained, and manipulated. Physical database security includes locking the rooms that databases and their servers are in—whether they are on-premise assets or accessed through the cloud. It also involves having security teams monitor physical access to that equipment. A crucial aspect of this database security best practice is to have backups and disaster recovery measures in place in case of a physical catastrophe. It’s also important not to host web servers and applications on the same server as the database the organization wants to secure

Related Solutions

Discuss Cyber Security as it relates to the role of the US government. Discuss Cyber Security as it relates to the responsibilities of the individuals who are involved in creating the technology.
(a) – Discuss Cyber Security as it relates to the role of the US government. (b)– Discuss Cyber Security as it relates to the responsibilities of the individuals who are involved in creating the technology.  
Prompt: You will submit your creation of a cyber-security policy. The cyber-security policy will assess how...
Prompt: You will submit your creation of a cyber-security policy. The cyber-security policy will assess how the organization will interpret security issues that occur in the workplace. The cyber-security policy will also distinguish and examine ethical issues in the workplace that pertain to social media, email, and privacy. Compose an organizational security policy that protects the confidentiality , integrity , and availability of EQUIFAX DATA BREACH IN 2017 Original Question : Prompt: You will submit your creation of a cyber-security...
Understanding of professional responsibilities, ethical theories, legal and social issues. Understanding of cyber security threats and...
Understanding of professional responsibilities, ethical theories, legal and social issues. Understanding of cyber security threats and corresponding procedures to mitigate these threats. Understanding of risk management, security policies and audit procedures
explain the role of information technology in an organization and the roles and responsibilities associated with...
explain the role of information technology in an organization and the roles and responsibilities associated with creating and managing information technology policies.
YOU ARE AN INTERN AT A BUSINESS FIRM. You are now becoming more familiar with your role and responsibilities
  YOU ARE AN INTERN AT A BUSINESS FIRM. You are now becoming more familiar with your role and responsibilities. You are learning about where you fit in the organization and building a general understanding of how the organization works. You might be gaining some insight into the cultural values that drive the company. You might have the opportunity to witness the core values of the company, seeing them in problem-solving, decision- making and day to- to-day activities. Your comfort...
Cyber security is an essential tool for managing risks in today’s increasingly dynamic and capable cyber...
Cyber security is an essential tool for managing risks in today’s increasingly dynamic and capable cyber threat landscape. Yet the market for cyber security remains small, and organizations are making only tactical investments in cyber security measures—one of the reasons why there has been an increase in cyber-attacks. Evidence suggests that this trend will last for some time to come. However, the anticipation of an increasingly open and mobile enterprise should help refocus the spotlight on strategic investments in areas...
(cyber security ) What is the difference between Cyber Espionage and Nation State Hacking? Explain the...
(cyber security ) What is the difference between Cyber Espionage and Nation State Hacking? Explain the differences with the help of appropriate examples. Please provide your own words. No copy from the internet. 150 to 200 words.
What is your career objective after graduating? Specify an ideal role or responsibilities of a role...
What is your career objective after graduating? Specify an ideal role or responsibilities of a role in which you would like to gain employment. (200 words)
Cyber Security. Dark Web.................................. What is the supposed origin of the Dark Web? What does your...
Cyber Security. Dark Web.................................. What is the supposed origin of the Dark Web? What does your team think about whether it is needed/not needed? Important/not important? A security risk/not a risk? Any security implications? Please, need reference or citation!
Were you surprised that a company as techie as Twitter failed victim to cyber security attacks?...
Were you surprised that a company as techie as Twitter failed victim to cyber security attacks? In your view, did Twitter do a great job identifying that attack? In your view, did Twitter recover form the attack in a timely manner? Please explain.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT