Network Security Fundamentals Exam 212-82 PDF

Summary

This chapter discusses information security fundamentals, including security challenges, compliance issues, and the impact of information security attacks on organizations. It covers topics such as the lack of qualified cybersecurity professionals, fragmented privacy regulations, and the relocation of sensitive data to the cloud.

Full Transcript

Certified Cybersecurity Technician Network Security Fundamentals Exam 212-82 Security Challenges Z4b> Annd \\}-L/ QU Compliance to government laws and regulations Lack of qualified and skilled cybersecurity professionals Difficulty in centralizing security in a distributed computing environment Fragmented and complex privacy and data protection regulations Compliance issues due to the implementation of Bring Your Own Device (BYOD) policies in companies Relocation of sensitive data from legacy data centers to the cloud without proper configuration Copyright © by EC-C iL Al Rights Reserved. Reproductionis Strictly Prohibited Security Challenges The accelerating digitization has benefited the IT industry in all ways but, it has also paved way to sophisticated cyber-attacks and cyber security challenges. There is a need for security professionals in every organization to secure their sensitive and private data. The security professionals face many challenges and threats from the cyber-attackers who are disrupting their networks and assets. The following are some of the security challenges faced by security professionals and organizations: = Compliance to government laws and regulations = Lack of qualified and skilled cybersecurity professionals = Difficulty in centralizing security in a distributed computing environment = Difficulty in overseeing end-to-end processes due to complex IT infrastructure = Fragmented and complex privacy and data protection regulations = Use of a serverless architecture and applications that rely on third-party cloud providers = Compliance issues and issues with data removal and retrieval due to the implementation of Bring Your Own Device (BYOD) policies in companies = Relocation of sensitive data from legacy data centers to the cloud without proper configuration = Weak links in supply-chain management = Increase in cybersecurity risks such as data loss and unpatched vulnerabilities and errors due to the usage of shadow IT = Shortage of research visibility and training for IT employees Module 03 Page 415 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Fundamentals Exam 212-82 R Financial losses faced by the organization may be direct or indirect Losses Loss of Confidentiality Results in the loss of trust in data or resources; damage to the corporation’s and Integrity reputation; and the loss of goodwill, and business credibility Damaged Customer Relationship 0 Loss of Business V~ Reputation =47 Legal and Compliance Issues Operational Impacts Impacts the organization’s relationships with its customers, leading to the loss of customers, a decrease in sales, and a drop in profits Hurts the business’s reputation, leading to loss of existing loyal customers as well as of the potential to attract new customers Results in negative publicity for the organization and affects the business’s performance L May disable the organization by disrupting the operations of an entire organizational network Copyright © by L Al Rights Reserved, Reproductionis Strictly Prohibited. Impact of Information Security Attacks Information security attacks are a major security concern for any organization, as they can have a severe impact on the organization’s assets, resources, financial records, and other confidential data. Information security attacks are carried out by attackers with various motives and objectives and may have a severe impact on network and system resources as well as other organizational elements. Following are the impacts that information security attacks can have on the organization: * Financial Losses Organizations can go through huge financial losses due to information security attacks. Financial losses faced by organizations can be either direct or indirect: direct losses refer to the amount of money businesses have to remunerate for professional services, covering lost contracts and downtime, while indirect losses refer to the money that will be allocated by the organization organizational infrastructure. = to hire new staff, train them, and upgrade the Loss of Confidentiality and Integrity Confidentiality and integrity are They assure that the information access and is sufficiently accurate may occur due to improper data the most essential elements of information security. is accessible only to those who are authorized to have for its purpose. Confidentiality and integrity breaches handling or a hacking attempt. This results in loss of trustworthiness of data or resources, goodwill, business credibility, and trust. Module 03 Page 416 damage to corporate reputation, and loss of Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Fundamentals = Exam 212-82 Damaged Customer Relationship Trust is an important component that is required to establish customer relationship. Once an organization has been attacked, it causes permanent impact to organizational reputation and results in loss of trust among customers. This impacts the customer relationship and leads to loss of customers, decrease in sales, and drop in profits. = Loss of Business Reputation Data protection and security are fundamental components that are helpful in protecting business reputation and maintaining customer loyalty. Information security attacks diminish business reputation and lead to loss of the existing loyal customers as well as the potential to attract new customers. The impact of reputational damage can even affect suppliers, relationships with partners, investors, and other third parties. = Legal and Compliance Issues Organizations often face legal and compliance issues while dealing with security incidents. Managing the legal challenges of addressing information security is a complex process for organizations that impacts business reputation and public relations. Legal and compliance issues result in negative publicity for an organization and affect the business’s performance. = Operational Impacts Information security attacks may leave the organization disabled as they disrupt the working of an entire organizational network. They affect the operations of the organization by causing degradation in the quality of services, inability to meet service availability requirements, decrease in staff efficiency and productivity, and so on. Module 03 Page 417 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.