Search for: All records

The imperative factors of cybersecurity within institutions have become prevalent due to the rise of cyber-attacks. Cybercriminals strategically choose their targets and develop several different techniques and tactics that are used to exploit vulnerabilities throughout an entire institution. With the thorough analysis practices being used in recent policy and regulation of cyber incident reports, it has been claimed that data breaches have increased at alarming rates rapidly. Thus, capturing the trends of cyber-attacks strategies, exploited vulnerabilities, and reoccurring patterns as insight to better cybersecurity. This paper seeks to discover the possible threats that influence the relationship between the human component and cybersecurity posture. Along with this, we use the Vocabulary for Event Recording and Incident Sharing (VERIS) database to analyze previous cyber incidents to advance risk management that will benefit the institutional level of cybersecurity. We elaborate on the rising concerns of external versus internal factors that potentially put institutions at risk for exploiting vulnerabilities and conducting an exploratory data analysis that articulates the understanding of detrimental monetary and data loss in recent cyber incidents. The human component of this research attributes to the perceptive of the most common cause within cyber incidents, human error. With these concerns on the rise, we found contributing factors with the use of a risk-based approach and thorough analysis of databases, which will be used to improve the practical consensus of cybersecurity. Our findings can be of use to all institutions in search of useful insight to better their risk-management planning skills and failing elements of their cybersecurity. 

Cybersecurity is a concern for organizations in this era. However, strengthening the security of an organization’s internal network may not be sufficient since modern organizations depend on third parties, and these dependencies may open new attack paths to cybercriminals. Cyber Third-Party Risk Management (C-TPRM) is a relatively new concept in the business world. All vendors or partners possess a potential security vulnerability and threat. Even if an organization has the best cybersecurity practice, its data, customers, and reputation may be at risk because of a third party. Organizations seek effective and efficient methods to assess their partners’ cybersecurity risks. In addition to intrusive methods to assess an organization’s cybersecurity risks, such as penetration testing, non-intrusive methods are emerging to conduct C-TPRM more easily by synthesizing the publicly available information without requiring any involvement of the subject organization. In this study, the existing methods for C-TPRM built by different companies are presented and compared to discover the commonly used indicators and criteria for the assessments. Additionally, the results of different methods assessing the cybersecurity risks of a specific organization were compared to examine reliability and consistency. The results showed that even if there is a similarity among the results, the provided security scores do not entirely converge. 

Vulnerability Management, which is a vital part of risk and resiliency management efforts, is a continuous process of identifying, classifying, prioritizing, and removing vulnerabilities on devices that are likely to be used by attackers to compromise a network component. For effective and efficient vulnerability management, which requires extensive resources– such as time and personnel, vulnerabilities should be prioritized based on their criticality. One of the most common methods to prioritize vulnerabilities is the Common Vulnerability Scoring System (CVSS). However, in its severity score, the National Institute of Standards and Technology (NIST) only provides the base metric values that include exploitability and impact information for the known vulnerabilities and acknowledges the importance of temporal and environmental characteristics to have a more accurate vulnerability assessment. There is no established method to conduct the integration of these metrics. In this study, we created a testbed to assess the vulnerabilities by considering the functional dependencies between vulnerable assets, other assets, and business processes. The experiment results revealed that a vulnerability's severity significantly changes from its CVSS base score when the vulnerable asset's characteristics and role inside the organization are considered.