An Analysis of Cybersecurity Architectures

International Conference on Cyber Warfare and Security Pub Date : 2024-03-21 DOI:10.34190/iccws.19.1.2115

Noluntu Mpekoa

{"title":"An Analysis of Cybersecurity Architectures","authors":"Noluntu Mpekoa","doi":"10.34190/iccws.19.1.2115","DOIUrl":null,"url":null,"abstract":"The 4th Industrial Revolution has increased high-capacity connectivity, new human-machine interactions largely with IoTs and smart devices. This digital revolution offers incredible conveniences such as the ability for users to access volumes of data, governments can address social challenges, connect remote villages in the country, and more. Once secluded systems are now connected and sharing information. This connectedness also poses some inconveniences as well, whenever a device joins the Internet, it becomes publicly discovered. Once these devices are discovered, they become open to cyberattacks. Cybersecurity has become a crucial part of daily life as cyberattacks have increased over time and have become more and more severe. The challenge that cybersecurity consultants find is the difficulty of measuring cybersecurity efforts in organizations. Another challenge could be finding a cybersecurity architecture that is effective and can fit different situations. The main aim of this study was to develop a comprehensive cybersecurity architecture that can be used by cybersecurity consultants when measuring cybersecurity effectiveness. This study conducted an in-depth literature review on current cybersecurity architectures offered by national and international cybersecurity organizations. The identified cybersecurity architectures that have been developed by other organizations were translated, interpreted, compared, and synthesized and a new cybersecurity architecture is proposed. The proposed cybersecurity architecture has the NIST goals as a foundation and the CIA triad at the center. The proposed cybersecurity architecture has domains such as application and Systems security, Information security, Network security, End-point security, Critical Infrastructure security, Mobile security, Storage security, etc. The proposed cybersecurity architecture seeks to assist cybersecurity consultants in answering questions from executives such as: Are we secure? Are security investments delivering value to the business? What is our preparedness for a cyberattack?","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":" 24","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Cyber Warfare and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.34190/iccws.19.1.2115","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

The 4th Industrial Revolution has increased high-capacity connectivity, new human-machine interactions largely with IoTs and smart devices. This digital revolution offers incredible conveniences such as the ability for users to access volumes of data, governments can address social challenges, connect remote villages in the country, and more. Once secluded systems are now connected and sharing information. This connectedness also poses some inconveniences as well, whenever a device joins the Internet, it becomes publicly discovered. Once these devices are discovered, they become open to cyberattacks. Cybersecurity has become a crucial part of daily life as cyberattacks have increased over time and have become more and more severe. The challenge that cybersecurity consultants find is the difficulty of measuring cybersecurity efforts in organizations. Another challenge could be finding a cybersecurity architecture that is effective and can fit different situations. The main aim of this study was to develop a comprehensive cybersecurity architecture that can be used by cybersecurity consultants when measuring cybersecurity effectiveness. This study conducted an in-depth literature review on current cybersecurity architectures offered by national and international cybersecurity organizations. The identified cybersecurity architectures that have been developed by other organizations were translated, interpreted, compared, and synthesized and a new cybersecurity architecture is proposed. The proposed cybersecurity architecture has the NIST goals as a foundation and the CIA triad at the center. The proposed cybersecurity architecture has domains such as application and Systems security, Information security, Network security, End-point security, Critical Infrastructure security, Mobile security, Storage security, etc. The proposed cybersecurity architecture seeks to assist cybersecurity consultants in answering questions from executives such as: Are we secure? Are security investments delivering value to the business? What is our preparedness for a cyberattack?

查看原文本刊更多论文

网络安全架构分析

第四次工业革命在很大程度上通过物联网和智能设备增加了大容量连接、新的人机互动。这场数字革命带来了令人难以置信的便利，例如用户可以访问大量数据，政府可以应对社会挑战，连接国内偏远村庄等等。曾经与世隔绝的系统现在可以相互连接并共享信息。这种连通性也带来了一些不便，每当一个设备加入互联网，它就会被公众发现。一旦这些设备被发现，它们就会受到网络攻击。随着时间的推移，网络攻击越来越多，也越来越严重，网络安全已成为日常生活中至关重要的一部分。网络安全顾问发现的挑战是难以衡量企业的网络安全工作。另一个挑战可能是找到一个有效且适合不同情况的网络安全架构。本研究的主要目的是开发一个全面的网络安全架构，供网络安全顾问在衡量网络安全有效性时使用。本研究对国家和国际网络安全组织提供的当前网络安全架构进行了深入的文献综述。对已确定的由其他组织开发的网络安全架构进行了翻译、解释、比较和综合，并提出了一个新的网络安全架构。拟议的网络安全架构以 NIST 目标为基础，以中央情报局三要素为中心。拟议的网络安全架构包括应用和系统安全、信息安全、网络安全、终端安全、关键基础设施安全、移动安全、存储安全等领域。拟议的网络安全架构旨在协助网络安全顾问回答高管人员提出的问题，如：我们是否安全？我们是否安全？安全投资是否为企业带来价值？我们对网络攻击的准备情况如何？

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Conference on Cyber Warfare and Security

自引率

0.00%

发文量