Personal Data Search ITT-307
docx
keyboard_arrow_up
School
Grand Canyon University *
*We aren’t endorsed by this school
Course
307
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
8
Uploaded by ChefTreeRhinoceros36
1
Personal Data Search
Grand Canyon University, College of Engineering and Technology
ITT-307-TR1100A Cybersecurity Foundations
Albert Kelly
May 14, 2023
Personal Data Search
The personal data search involved using various online tools and services to locate
publicly available personal information. The search included using search engines, social media
platforms, people search engines, and data broker websites. The findings revealed personal
information, including photos, contact information, and employment history, that was publicly
available. Privacy settings were reviewed, and steps were taken to ensure personal information
was set to private.
Common Security Threats
As we rely more and more on digital technology for various aspects of our lives, the risk
of security threats to our digital footprint has also increased. Here are some common security
threats that can affect your digital footprint:
I.
Malware: Malware is a type of software designed to damage, disrupt, or gain
unauthorized access to a computer system. Malware can be delivered through phishing
emails, malicious websites, or infected software downloads. Cybercriminals often use
malware to steal personal information, such as usernames and passwords, credit card
details, or banking information.
2
II.
Phishing: Phishing is a type of social engineering attack in which cybercriminals trick
individuals into divulging sensitive information, such as passwords or credit card
numbers, by posing as a legitimate organization or person. Phishing attacks can come in
various forms, including email, text messages, or phone calls.
III.
Ransomware: Ransomware is a type of malware that encrypts a victim's files, making
them inaccessible, and demands a ransom payment in exchange for the decryption key.
Cybercriminals often deliver ransomware through phishing emails or infected software
downloads.
IV.
Distributed Denial-of-Service (DDoS) attacks: A DDoS attack is a type of cyber-attack in
which multiple compromised computer systems target a single system or network,
causing a denial of service for legitimate users. DDoS attacks can be launched by
cybercriminals or hacktivists, often for political or ideological reasons.
V.
Insider threats: Insider threats are security threats that come from within an organization,
such as an employee who has access to sensitive information and misuses it for personal
gain or malicious intent. Insider threats can be intentional or accidental and can cause
significant damage to an organization's reputation and finances.
In terms of actors that might perform these attacks, cybercriminals, hackers, and state-
sponsored actors are common perpetrators. These individuals or groups may have a variety of
motivations, including financial gain, political or ideological reasons, or simply causing
disruption.
Social engineering continues to be a primary attack vector utilizing personal information
because it is often easier to manipulate individuals than to directly attack a computer system. By
tricking individuals into divulging sensitive information or clicking on malicious links,
3
cybercriminals can gain access to valuable information and systems. As such, it is essential to
remain vigilant and take steps to protect your digital footprint, such as using strong passwords,
enabling two-factor authentication, and staying up to date on the latest security threats and best
practices.
Cyberstalking (CWV)
Cyberstalking, also known as online harassment or electronic harassment, is a serious
issue that can have devastating effects on victims. It involves the repeated use of electronic
communication to intimidate, threaten, or harass an individual, often leading to psychological
harm, stalking in the physical world, and even violence. Cyberstalking can take many forms,
such as persistent and unwanted emails, messages, phone calls, or social media posts, and is
often difficult to detect and prosecute.
From a legal perspective, cyberstalking is considered a form of harassment, which is
illegal in many jurisdictions. However, there are significant challenges to prosecuting
cyberstalking cases, including the difficulty of identifying the perpetrator, jurisdictional issues,
and the need for evidence of a pattern of behavior. Furthermore, many laws and regulations have
yet to catch up with the rapidly evolving world of technology, leaving gaps in legal protection for
victims.
To combat cyberstalking, I propose that laws and regulations should be updated and
strengthened to better protect victims. Specifically, these regulations could include:
I.
Expanded legal definitions of cyberstalking that encompass a broader range of behaviors
and electronic communication methods, including social media and messaging apps.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
4
II.
Mandatory reporting of cyberstalking incidents by technology companies and social
media platforms, with penalties for non-compliance.
III.
Improved coordination between law enforcement agencies, both domestically and
internationally, to address the global nature of cyberstalking and ensure that perpetrators
are held accountable.
IV.
Increased public education on the dangers of cyberstalking and ways to protect oneself,
including the use of privacy settings and two-factor authentication.
From a Christian worldview, the issue of cyberstalking raises ethical concerns about the
inherent value and dignity of human life. As followers of Christ, we are called to love and
respect our neighbors, and to protect the vulnerable from harm. Cyberstalking not only violates
the dignity of the victim, but it also undermines the common good by creating an environment of
fear and mistrust. Therefore, legal and ethical regulations to combat cyberstalking are not only
necessary, but also a moral imperative. By protecting the dignity and well-being of all
individuals, we uphold the inherent value and worth of human life, as created in the image of
God.
Defense Against Attacks
The "defense against attacks" theory is a framework used to protect digital identities and
other sensitive information from cyberattacks. It involves multiple layers of defense, each
designed to prevent, detect, and respond to different types of attacks. Here are several cyber
defense tools/measures, methods, and components that can help repel attacks:
5
I.
Firewalls: "Firewalls are network security devices that monitor and control incoming and
outgoing network traffic" (Abuzar, 2023). They can prevent unauthorized access to a
network and block known threats.
II.
Antivirus software: Antivirus software is designed to detect and remove malware, such as
viruses and trojans, from a computer system. It can scan files and email attachments for
malicious content and block known threats.
III.
Two-factor authentication: Two-factor authentication (2FA) is a security method that
requires users to provide two forms of identification before accessing an account or
system. This can include a password and a code sent to a mobile device, making it harder
for hackers to gain unauthorized access.
IV.
Encryption: "Encryption is the process of converting data into a code to prevent
unauthorized access" (Krishnan, 2023). This can include encrypting files, emails, and
even entire hard drives to protect sensitive information.
V.
Patching and updates: Regularly updating software and applications with the latest
security patches can help prevent vulnerabilities from being exploited by hackers.
VI.
Training and awareness: Providing employees with cybersecurity training and raising
awareness about common cyber threats can help prevent attacks that exploit human
vulnerabilities, such as phishing and social engineering.
In addition to these tools and measures, the "defense against attacks" theory also includes
several components and methods, such as:
I.
Defense in depth: This involves layering different security controls and tools to create a
multi-faceted defense against cyber-attacks.
6
II.
Risk assessment: Conducting regular risk assessments to identify potential vulnerabilities
and threats can help prioritize security measures and mitigate potential risks.
III.
Incident response: Developing an incident response plan that outlines steps to take in the
event of a cyber-attack can help minimize damage and quickly restore systems.
By utilizing these cyber defense tools, measures, methods, and components, individuals
and organizations can better protect their digital identities and sensitive information from cyber
threats. However, it is important to remember that cybersecurity is an ongoing process and
requires regular monitoring, updates, and adjustments to stay effective.
Reference
Abuzar. “Importance of the Internet and What Is Wan.”
Tech Zarar
, 13 May 2023,
techzarar.com/importance-of-the-internet-and-what-is-wan/.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
7
Chik, Joy. “5 Microsoft Tips for Securing Identity and Access.”
Microsoft Security Blog
, 13 Jan.
2023, www.microsoft.com/en-us/security/blog/2023/01/09/microsoft-entra-5-identity-
priorities-for-2023/.
Clark, Caitlin. “Your Digital Footprints Are More than a Privacy Risk – They Could Help
Hackers Infiltrate Computer Networks.”
Texas A&M Today
, 15 Apr. 2022,
today.tamu.edu/2022/04/11/your-digital-footprints-are-more-than-a-privacy-risk-they-
could-help-hackers-infiltrate-computer-networks/.
F. S. Grodzinsky and H. T. Tavani, "Cyberstalking: moral responsibility, and legal liability issues
for Internet service providers," IEEE 2002 International Symposium on Technology and
Society (ISTAS'02). Social Implications of Information and Communication Technology.
Proceedings (Cat. No.02CH37293), Raleigh, NC, USA, 2002, pp. 331-339, doi:
10.1109/ISTAS.2002.1013834.
“Identity Security: What It Is and Why You Need It - Crowdstrike.”
Crowdstrike.Com
, 27 Apr.
2023, www.crowdstrike.com/cybersecurity-101/identity-security/.
Krishnan, Anantha. “Securing Your Data in The Cloud: Understanding How Cloud Security
Works.”
SecureKloud
, 24 Apr. 2023, www.secureKloud.com/blog/how-does-cloud-
security-work/.
Security, Panda. “Your Digital Footprint Explained - and Why It Matters.”
Panda Security
Mediacenter
, 28 Feb. 2023, www.pandasecurity.com/en/mediacenter/tips/digital-footprint/.
8