Enc Project 3 Artifacts 1

Download as pdf or txt
Download as pdf or txt
You are on page 1of 8

Fatehali 1

Alizain Fatehali

ENC 2135

So Young Koo

1 December 2023

Artifact 1:
Fatehali 2

Artifact 2: A Short Guide to Staying Safe Online

In our interconnected world, ensuring your online safety is paramount, whether you're a

casual internet user or a small business owner. This guide aims to provide a concise overview of

common online security issues and simple, non-disruptive solutions to bolster your digital safety.

Password Protection is crucial. Weak or reused passwords are a significant threat. Use

complex, unique passwords for each account. Consider employing a password manager for

convenience and enhanced security.

Beware of Phishing Attacks, which often come disguised as emails, texts, or websites

aiming to trick users into sharing sensitive information. Verify sender authenticity before

clicking links or providing personal data. Look for subtle signs of phishing attempts, like

misspellings or unusual URLs.

Keep Software Updated to patch security vulnerabilities. Regularly update operating

systems and applications to avoid known exploits.

When using Public Wi-Fi, exercise caution. Unsecured public networks expose sensitive

data to potential interception. Avoid sensitive transactions on public Wi-Fi and utilize a virtual

private network (VPN) for added security when necessary.


Fatehali 3

Implement Two-Factor Authentication (2FA) wherever available. This adds an extra layer

of security, typically requiring a verification code sent to your phone or email.

Encrypt sensitive data using encryption tools or secure messaging apps to enhance

security.

Regularly backup critical data to prevent loss due to cyberattacks or system failures.

For Small Businesses, prioritize Employee Awareness Training on cybersecurity best

practices to reduce the risk of data breaches or attacks on business systems.

Regularly review and adjust Privacy Settings on social media platforms and other online

accounts to control the information you share.

Improving online safety doesn’t always demand complex, disruptive changes. By

integrating these simple practices into your online routine, both individual users and small

business owners can significantly reduce their vulnerability to common cyber threats. Stay

vigilant, update regularly, and prioritize security without compromising usability for a safer and

more secure online experience.


Fatehali 4

Artifact 3: Advanced Cyber Threats and Mitigation Strategies

for Small Businesses

In the intricate landscape of cyberspace, small businesses face increasingly sophisticated

threats that demand a deeper understanding and proactive measures. This guide aims to provide

an extensive analysis of niche cyber threats specifically targeting the small business sector. It

delves into advanced strategies to safeguard sensitive customer information and day-to-day

business practices from evolving cyber risks.

Advanced Threats Overview

1. Advanced Phishing Techniques:

- Issue: Phishing attacks have evolved beyond traditional emails to include voice phishing

(vishing), SMS phishing (smishing), and spear phishing targeting specific individuals or

businesses.

- Mitigation: Implement rigorous employee training programs to recognize and respond to

advanced phishing attempts. Utilize email filtering tools to identify and block suspicious

messages.
Fatehali 5

2. Ransomware and Targeted Attacks:

- Issue: Ransomware attacks have become highly targeted, infiltrating systems to encrypt data,

paralyze operations, and demand hefty ransoms for decryption keys.

- Mitigation: Employ robust endpoint security solutions, regularly back up data, and segment

network access to limit the impact of potential attacks. Create incident response plans outlining

steps to contain and recover from a ransomware attack.

3. Insider Threats and Data Breaches:

- Issue: Employees or insiders with malicious intent or inadvertent actions can lead to data

breaches, compromising sensitive customer information.

- Mitigation: Implement strict access controls, conduct thorough background checks during

hiring, and regularly monitor employee access to sensitive data. Encrypt critical data and enforce

a principle of least privilege.

4. Supply Chain Attacks:

- Issue: Cybercriminals exploit vulnerabilities in the supply chain to infiltrate business

systems, potentially affecting numerous interconnected organizations.

- Mitigation: Vet and monitor third-party vendors and partners for their cybersecurity

practices. Implement protocols for secure data exchange and regularly assess the security posture

of the supply chain.


Fatehali 6

5. Zero-Day Exploits and Vulnerabilities:

- Issue: Cyber attackers exploit unknown vulnerabilities (zero-days) before developers can

patch them, making systems susceptible to attacks.

- Mitigation: Employ intrusion detection and prevention systems (IDPS) to identify suspicious

activities. Establish a dedicated team to monitor emerging threats and promptly apply security

patches and updates.

Advanced Strategies and Best Practices

1. Cybersecurity Incident Response Plan:

- Implementation: Develop a comprehensive incident response plan outlining procedures for

detecting, responding to, and recovering from cyber incidents. Regularly test and update the plan

to align with evolving threats.

2. Continuous Employee Training:

- Implementation: Conduct regular, specialized training sessions that simulate real-world

cyber threats to educate employees on advanced attack techniques and how to respond

effectively.
Fatehali 7

3. Endpoint Security Enhancement:

- Implementation: Utilize advanced endpoint protection solutions equipped with

behavior-based detection and response capabilities to thwart sophisticated attacks targeting

endpoints.

4. Advanced Encryption and Access Controls:

- Implementation: Implement advanced encryption protocols for data at rest and in transit.

Enforce stringent access controls based on the principle of least privilege to restrict unauthorized

access.

5. Threat Intelligence Integration:

- Implementation: Integrate threat intelligence feeds and services to proactively identify and

respond to emerging threats specific to the business's industry and operating environment.

Conclusion

Cyber threats targeting small businesses have evolved in complexity and sophistication.

Mitigating these advanced risks demands a comprehensive approach that goes beyond basic

cybersecurity measures.

By understanding the intricacies of advanced phishing techniques, ransomware, insider

threats, supply chain vulnerabilities, and zero-day exploits, small businesses can proactively
Fatehali 8

fortify their defenses. Implementing advanced strategies such as incident response planning,

continuous training, enhanced endpoint security, robust encryption, and leveraging threat

intelligence is paramount.

Small businesses are not immune to cyber threats, but with a proactive and adaptive

cybersecurity approach, they can significantly reduce the risks and protect both their sensitive

business operations and the valuable information entrusted to them by customers and

stakeholders. Stay vigilant, update defenses regularly, and foster a culture of cybersecurity

awareness to navigate the ever-evolving cyber landscape securely.

You might also like