Essay: Importance Of Cybersecurity In Developing Programs For Computer Security In The Modern Era.

Describe about the Computer Security For the Developing Program.

In this era of digitization, internet has become the source of modernizing the society and use science as a way of propagating to the future. Cyber Security is similarly a concept within the communal values of interconnectivity of people through internet. The term cyber refers to internet or interconnectivity of the whole world and again, as the world becomes one society through a virtual connectivity, it needs security in order to keep the community and its inhabitants safe. In this modernized era, people are mainly connected virtually as the way is much easier through web connection. Sitting in their homes people can do anything. In exchange, the web connectivity needs information regarding every business aspect that people include in their lives. Cyber security is the process where all these information are kept safe and guarded continuously. This research is conducted in order to analyze the aspects of cyber security and research accordingly for developing the concept. A safe and secure future awaits based on the results of this research.      

Cyber security can be stated as the solutions for cyber crimes. The web technology has developed in such a way that it includes security measures for the information collected by the users. The problem lies within the section of collecting or transferring of information. The transformation of information is insecure due to the facts that similarly with the development of technology, there are such people who are developing their skills of sculpting through the connectivity sections and get a hold of the information being shared.  In other words, the ethical hackers have been the most significant cause for the security issues and hence, the modifications are done within the channels for securing the information only. Firewalls, evident internet platforms and according web channels are modified till date and secured in order to avoid such information loss but according to various reports, the up gradation of the entire system did not become worthy of securing the working principles as lots of news have been heard regarding stealing of data through hacking.

Cloud systems play the role of storing information through various websites. Either government or personal both the systematic process have encountered loss of data by the hacking techniques. Cloud computing introduced the use of SaaS, IaaS and PaaS as the major mediums for channeling information, where the user can get hold of their personal information. Repeatedly the same thing is happening with the mediums as well, when the user is using their systems as a software (SaaS) for gathering information into the cloud, insecure channels and bugged firewalls are making the user lose their information. Hence, through this research the researchers are expected to provide solutions that will be helpful in recovering lost information and accordingly help in securing the information as well.  Similarly, PaaS and IaaS are also effective in making such security issues and the researcher includes responsibility of developing solutions.   

The project statement incorporates if the concept of cyber security can be helpful in creating a virtual world that will make human society follow to a better future. The arguments stand for the security purpose of cyber crimes. As cyber crimes have become one of the largest problems in IT sector, the security measures have been undertaken as one major concern that should be taken care of as soon as possible. The security counters for cloud platforms are also discussed within this report, as the loss of information includes mainly information migration through cloud computing.      

Project Statement

In order to make a research work successful there are several approaches that are undertaken by the researchers. The researchers consider various approaches like deductive and inductive as well, where the processing of further researches is included within the scope of evidences. For deductive approach, the researchers chose already researched articles and journals. Along with that they also chose various resources that can help these researchers with propagating their research in a further volume with the help of attained information through the sources.

In this particular research, the researcher has chosen the inductive approach where the evidences are gathered through various data collection. The data collected from different samples are assessed and hence, results are delivered. In case of cyber security, then researcher has chosen various employees of IT companies as the samples and represented different qualitative and quantitative questions regarding the issues they have faced till date.

The quantitative questions in the inductive approaches are meant to answer as numerical values. The numerical values indicate how many times the company has faced such issue as in how many times they have lost their information. How long they are insecure with the web applications they are sing for their business processes etc.

In other hand, the qualitative data collection is done in order to equip the evidences from very depth of their originality. Inductive approaches on the basis of collected data are done by assessing the collection through evaluation towards whether the data proves anything or not. It can be stated that when the researcher is providing results on the basis of gathered data, the assumptions are not wrong as they are collected through various data gathering approaches and all the information collected regarding cyber security are true to the facts and hence, the recommendations are also correct as required.   

There are no such chosen organizations for this project as the issue covers a whole industry rather than any individual companies. Information technology is a bliss to this modern world where maximum of the business processes are conducted using web technologies only. Hence, the chosen industry on this research is the IT industries that are facing loss of information issues due to engagement of cyber criminals. Cloud computing and cyber criminals are effecting the world as they can for their personal profits, similarly the web industries are becoming afraid of using web service applications as per their needs due to fact of information loss.

The key concepts of this research are stated within this chapter. Concept of cyber security includes the concept of IoT and its initials for acknowledgement. IoT is the abbreviation of Internet of Things, which is basically referred to the aspects of web technology and in other words use of internet. In this era, using internet all the business procedures are involved in a virtual multitasking platform that helps in each aspects of business considerations. The elements of cyber security include these virtual platforms and all these platforms include threat from different online resources. As the whole world is connected through cyber connections, the applications are involved with vigorous information of different users. The elements mainly incur application security and information security but there are also threats for network security, end user security and operational security. All these aspects are illustrated in the following section.  

Key Concept 1 Application and Information security

Approach

People nowadays prefer working from home using a laptop or a desktop, which is connected through internet. In the recent traditions of IT industry, there are various web based applications that ensures online transactions. Using money, people can do anything in their lives. The threat of cyber security mainly threatens the loss of information that is monetary. Loss is calculated on the basis of not only information loss but also the loss of the transactional details that will be loss of money directly from bank account. In addition, the major concern here is that information is tie to toe related with the application based security. Any application for business purpose is concerned with the identities of users for validation and transactional details as in bank account, phone number etc. Hence, the key concept 1 is mainly focusing on securing the online software programs that include various details of the users. Such applications are PayPal, American Express online features and many more. Database stealing is the major consideration for the researcher in order to make application and information more secure when operating on web.       

 Key Concept 2 Operational and Network security

The concept of operational and Network security is also included in the section of key concepts that is covered within the aspects of cyber security. Operations can be done only when the system is connected with an internet connection or a web network central. Web based operations are done through network connectivity and the perspectives of cyber security includes the significance of network security and hence, operational security.

Digital Security is likewise an idea inside the public estimations of interconnectivity of individuals through web. In this modernized period, individuals are for the most part associated basically as the way is considerably less demanding through web association. Sitting in their homes individuals can do anything. In this time of digitization, web has turned into the wellspring of modernizing the general public and utilize science as a method for spreading to what's to come. In return, the web availability needs data with respect to each business perspective that individuals incorporate into their lives. Digital security is where all these data are remained careful and protected constantly. This exploration is led with the end goal to investigate the parts of digital security and research as needs be for building up the idea. A protected and secure future anticipates dependent on the aftereffects of this exploration. The term digital alludes to web or interconnectivity of the entire world and once more, as the world winds up one society through a virtual availability, it needs security with the end goal to protect the network and its occupants.

Loss of information

The web innovation has created so that it incorporates safety efforts for the data gathered by the clients. The issue exists in the segment of gathering or exchanging of data. Digital security can be expressed as the answers for digital wrongdoings. As it were, the moral programmers have been the most critical reason for the security issues and subsequently, the adjustments are done inside the channels for anchoring the data as it were. Firewalls, obvious web stages and agreeing web channels are changed until date. These are also anchored with the end goal to maintain a strategic distance from such data loss. However, as per different reports, the up degree of the whole framework did not end up deserving of anchoring the working standards as loads of news have been heard in regards to taking of information through hacking. The change of data is unreliable because of the realities that comparably with the improvement of innovation, there are such individuals who are building up their aptitudes of chiseling through the network segments and get it together of the data being shared. 

Organization of this Project Report

Based on the data collected and results the recommendations goes to a secure software build up, where payment transactions can be done securely. The steps for designing the software application include a step by step process, where the security for the information is provided through encryption. Securing the program also needs integration of security aspects through various additions of secure phases. The stages that are needed to be followed are,

• Requirement analysis stage for the software
• Designing stage
• Development stage (Coding)
• Review for the codes
• Testing stage (Pen test)
• Production and publishing stage

The designing of the software system includes multiple stages for developing through proper coding. The codes are written and tested accordingly after that only the codes are implemented.

• The stages include,
• Least privilege
• Complete mediation
• Multiple security layers
• User friendly security
• Privilege separation

Analyses for the codes are main methods of finding for the proper solutions. The codes are secure for penetration testing and through pen test, the codes are implemented within the application layer.

There are several methods used for penetration testing of a developing program. The developing program includes several pen test series and their results to go through, only then the results can be implemented. The series are,

If tested manually, the researcher followed,

• Reconnaissance
• Exploitation (Internal and External attacks)
• Analysis of the vulnerabilities
• Post exploitation testing
• Results

Again if tested automatically through software, the researcher undertook,

• NMap
• VeraCode
• Wireshark
• Metasploit
• Nessus   

Hence, the results have gone through these stages post creation and pre implementation.

The penetration testing results showed the developed software is secure of out world hacking and can be used while online payment transactions can be done. Some  of the results showed,

Pen test results

Pen Test Results

All the three aforementioned phases directly talks about the development of a secure software program through which people can use their online transactions successfully and securely. Majorly, the steps described are for developing the software.

Conclusions

Distributed computing presented the utilization of significant mediums for directing data, where the client can get hold of their own data. It can be summarized that the overall problem lies in development of programs that have been used in the online programs since. More than once a similar thing is occurring with the mediums also, when the client is utilizing their frameworks as a product for social occasion data into the cloud, uncertain channels and bothered firewalls are influencing the client to lose their data. Subsequently, through this examination the specialists are relied upon to give arrangements that will be useful in recouping lost data and as needs be help in anchoring the data too. Essentially the mediums are additionally compelling in making such security issues and the analyst similarly incorporates obligation of creating arrangements. Cloud frameworks assume the job of putting away data through different sites. Either government or individual both the methodical procedure have experienced loss of information by the hacking systems.

The potential impacts for this research includes the security measures that people are counting for since using the internet as their business platforms. The secure software programs will be hack proof and people will be easily utilizing their payment transactions over internet.

The research is done on a basic adjustment of parameters, there is still a lot of scope for several future works, as this research cannot achieve some extended cases, where researchers will follow for a future research.

References

Allen, L., Heriyanto, T., & Ali, S. (2014). Kali Linux–Assuring security by penetration testing. Packt Publishing Ltd.

Buczak, A. L., & Guven, E. (2016). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys & Tutorials, 18(2), 1153-1176.

Craig, J. (2018). Cybersecurity Research—Essential to a Successful Digital Future. Engineering, 4(1), 9-10.

Forte, D. V. (2016). U.S. Patent Application No. 14/521,328.

Holik, F., Horalek, J., Marik, O., Neradova, S., & Zitta, S. (2014, November). Effective penetration testing with Metasploit framework and methodologies. In Computational Intelligence and Informatics (CINTI), 2014 IEEE 15th International Symposium on (pp. 237-242). IEEE.

Macaulay, T., & Singer, B. L. (2016). Cybersecurity for industrial control systems: SCADA, DCS, PLC, HMI, and SIS. Auerbach Publications.

Newmeyer, K. P. (2015). Elements of national cybersecurity strategy for developing nations. National Cybersecurity Institute Journal, 1(3), 9-19.

No, W. G., & Vasarhelyi, M. A. (2017). Cybersecurity and Continuous Assurance. Journal of Emerging Technologies in Accounting, 14(1), 1-12.

Paté?Cornell, M. E., Kuypers, M., Smith, M., & Keller, P. (2018). Cyber Risk management for critical infrastructure: a risk analysis model and three case studies. Risk Analysis, 38(2), 226-241.

Qusef, A., & Kiswani, J. (2017). Project Manager Roles in Software Information Systems: Case Studies from Jordan. In Leadership, Innovation and Entrepreneurship as Driving Forces of the Global Economy (pp. 223-227). Springer, Cham.

Sekaran, U., & Bougie, R. (2016). Research methods for business: A skill building approach. John Wiley & Sons.

Shoemaker, D., Kohnke, A., & Sigler, K. (2016). A Guide to the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (2.0): A Guide to the National Initiative for Cybersecurity Education (NICE) Framework (2.0) (Vol. 3). CRC Press.

Singh, H., Surender, J., & Pankaj, K. V. (2016). Penetration Testing: Analyzing the Security of the Network by Hacker’s Mind. Volume V IJLTEMAS, 56-60.

Tung, Y. H., Lo, S. C., Shih, J. F., & Lin, H. F. (2016, October). An integrated security testing framework for Secure Software Development Life Cycle. In Network Operations and Management Symposium (APNOMS), 2016 18th Asia-Pacific(pp. 1-4). IEEE.

Yunfei, L., Yuanbao, C., Xuan, W., Xuan, L., & Qi, Z. (2015, August). A Framework of Cyber-Security Protection for Warship Systems. In Intelligent Systems Design and Engineering Applications (ISDEA), 2015 Sixth International Conference on (pp. 17-20). IEEE.