|
| Defense strategy | Countermeasure techniques |
|
| Network-based | (i) Encrypting IP data, IPSec was developed. IPSec has been used for several years to create a private virtual network (VPN) between a remote device and a trustworthy network (i.e., an intranet company), which establishes protected connections through the Internet. |
| (ii) TCP sat above the IP to efficiently send the packets (i.e., retransfer missing packets) and requested packets to be initially sent. |
| (iii) SSL was designed to provide end-to-end protection between two computers that sit across the TCP (transmission control protocol) comparing to the layer-based protocol only. |
| (iv) Securing web page access, SSL/TLS is widely used with https. |
| Software-based | (i) Quantum cryptography is an up-and-coming technology that simultaneously produces two parts of a common, secret cryptographic key by utilizing a quantum state of light [51]. |
| (ii) Continuous risk assessment: no two businesses are identical. This is why each organization has its own risk profile based on its scale, regional structure, market operating environment, etc. Each organization will take a set of measures needed as prerequisites for enforcing security controls, including the detection of threats, weaknesses, and risks, and developing and implementing protection controls that mitigate such risks. |
| (iii) Based on the company assessment of the risk, data could only be protected by a password. For remote access, other sophisticated methods might be required, such as biometric authentication and random PIN. |
| (iv) To strengthen and protect information protection, it may be useful to record the processes and controls enforced in a formalized set of policies and procedures, maintain a consistent and accurate method of knowledge delivery, and increase employee understanding and engagement. |
| (v) The best approach to protect data is to remove any records that are no longer required for everyday business purposes. Data backup and archiving must ensure that data are retained as long as it is necessary for a particular location (server, unique files, etc.) and excluded from the business network, thus limiting the risk of unauthorized access to confidential information. |
| Software-based with hardware-based | (i) Cryptography is an important method to secure the data exchanged between users through the encryption of the data such that it can be decrypted only by authorized users with the appropriate keys. The most used mechanism for data protection is cryptography. One of the latest cryptography techniques introduced by the US National Institute of Standards and Technology (NIST) is Advanced Hash Standard (ASH). It is used for applications involving high-speed encryptions a replacement to the RSA with 2048-bit key and for impracticable involvement of the certifying authorities [52] |
| (ii) Companies will ensure that all their infrastructure (hardware and software), including security software (e.g., antivirus programs) is up-to-date and the new updates are enabled, so no exceptions might occur. It is, therefore, important that businesses ensure that a third-party software agreement is effective to support maintenance and upgrading services. |
| Network-based with software-based | (i) A recent study field where the network professionals and the visualization group need to integrate expertise to map network traffic utilizing improved visualization techniques. Network specialists with the extensive technical expertise in networking technologies can also examine the graphic display of the results [26]. |
| (ii) Companies are supposed to ensure that access for leavers, contractors, or any outside parties who have already demanded access to the company’s network is adequately restricted and promptly terminated. Manual controls or automated controls should disable domain accounts that have not connected to the network during a given period of time. A broad variety of controls mitigate such risks. |
|
