Reduce potential vulnerabilities

I’m trying to learn for my Communications class and I’m stuck. Can you help?

Reply with 50-100 words for below 3 posts

1. Reducing Vulnerabilities, Protecting Against Intrusion, And Anticipating Future Threats

In the pursuit of protecting the national information infrastructure from the rapidly increasing frequency and consequences of cyber-attacks, the application of optimal strategies fundamental. From the perspective of reducing any potential vulnerabilities, for instance, some of the best approaches include the optimization of both IT and IS programs for robust security – which promotes the upholding of integrity, availability, confidentiality, and accountability of corporate information. There is also the attribute of treating and incorporating IT security as a priority component in the risk management architecture of the entire organization. As Deutscher et al. (2015) further explain, potential vulnerabilities are reduced through first identifying the risk factors and determining the most practical strategies for their avoidance, mitigation, transfer, or adoption.

Protection against intrusion, which is an important attribute in the minimization of national information infrastructure disruptions subject to cyber-attacks features a number of bottom line approaches too. It is worth noting that the consequences of successful attacks include huge financial costs for the affected organizations – which calls for the development of robust protection strategies. Bisson (2019) discusses some of the mainstream strategies, including proactive reconnaissance. This means that there has to be active system monitoring to ensure that there are not loopholes for attackers to exploit. Most importantly, however, is the installation of relevant tools that help in intrusion protection. VPNs and firewall systems are an example of proactive intrusion protection.

Lastly, strategic foresight is the necessary solution for promoting better anticipation of future threats. Notably, strategic foresight incorporates the gathering of intelligence aimed at using the current trends to articulate the future of IT and IS security. Tesh (2016) recommends the use of the following criteria while choosing the best foresight strategies and methods. First, applying expert knowledge while developing long-term strategies. Second, applying rich statistical and quantitative data. And finally, identifying all action points that strongly define the development of the IT and IS security environment.


Bisson, D. (2019). How to Foil The 6 Stages of A Network Intrusion? Tripwire. Available at…

Deutscher, S., Bohmayr, W., Yin, W. & Russo, M. (2015). 7 Steps to Reducing the Risk of a Cyber-Attack. World Economic Forum. Available at…

Tesh, J. (2016). Preparing Governments for Long Term Threats and Complex Challenges. OECD Conference Centre. Available to…


The reduction of cybersecurity threats requires concerted efforts of all internet dependents (Kott, Wang & Erbacher, 2015). A majority of breaches result from unpatched systems of known vulnerability software. Therefore, it is important to develop a constant process of vulnerability identification and work with software developers and hardware manufacturers to try and deploy patches to rectify any vulnerability. The process involves collecting data from internet servers, including IDS alerts, windows event logs, antivirus reports, and even firewall logs. Additionally, it is crucial to keep devices updated to keep various threats at bay.

Protection of intrusion attempts is also mandatory to avoid losses. This technique is a proactive measure that involves reliance on strong authentication. As such, setting up strong passwords and robust network firewalls for all internet-connected devices helps a great deal. These measures keep potential intruders at bay. The other strategy involves changing default logins for different nodes. This process is essential since prolonged use of specific login credentials become highly susceptible to intrusion. Lastly, it is significant to filter open ports to guarantee effective communication of cybersecurity issues. Filtering removes all obstacles that may block ports and inhibit the prediction of whether the port can be open or closed.

The anticipation of future threats is also necessary since cyber attackers change strategies regularly. As such, it is of essence to establish user-defined policies that help to pinpoint network anomalies. The other approach involves estimating the capability, intent, and opportunity of attackers. Capability measure envisages services that malicious individuals can target based on what was breached before. Opportunity determines the possibility of an attacker’s clue to insider information about a network and its underlying safeguards. Combating against coordinated cyber-attacks demands attack characterization, host clustering, and attack prediction (Moskal, Yang & Kuhl, 2018). The future of cybersecurity requires the use of sophisticated models that will foretell threats before they happen and allow individuals and organizations to apply the most appropriate remedies.


Kott, A., Wang, C., & Erbacher, R. F. (Eds.). (2015). Cyber defense and situational awareness (Vol. 62). Springer.

Moskal, S., Yang, S. J., & Kuhl, M. E. (2018). Cyber threat assessment via attack scenario simulation using an integrated adversary and network modeling approach. The Journal of Defense Modeling and Simulation, 15(1), 13-29.


In a current emerging world with technology government and public sectors are widely depend on information technology. Thus, this results in the utmost importance for security and privacy concerns (Bada, 2019). Cyber security system plays a crucial role in analyzing and protecting from various potential vulnerabilities and threats to the organizations. Different cyber threats like ransomware, malware, phishing, and social engineering attacks increasing rapidly. To protect from these threats and vulnerabilities various strategies had developed. Primarily awareness must be created in the employees about the advanced threats and their preventive measures. Frequent training sessions should be conducted to employees on how to detect and how to prevent threats and vulnerabilities (Bada, 2019).

Using complex passwords for authentication, firewall protection, using antivirus and encryption software’s, avoiding public wireless networks and maintaining regular backups can help to mitigate the risk of cyber criminals. Internet of things (IoT) is also a source for cyber-attacks like malware and virus. Cyber risk assessment in IoT strategies are categorized as risk identification assessment strategy, risk estimation strategy, and risk prioritization strategy (Radanliev, 2018).

To prevent social engineering attacks security policies with technical and non- technical approaches are executed, audits and compliance programs are conducted to review network logs and employee authorizations, technical procedures like utilizing the software’s like Intrusion preventions system (IPS), Intrusion detective system (IDS) and Virtual private networks (VPN) are implemented in every government and private organizations (Conteh, 2016).

Supervisory Control and Data Acquisition (SCADA) systems are implemented in critical infrastructures like power generations, water boards, transportation and defense system to prevent cyber threats and vulnerabilities. SCADA is an industrial control system (ICS) which monitors and controls assets of huge industries and utilizes the master terminal unit (MTU) and remote terminal unit (RTU). Future deployments of SCADA projects would see more tightly combination between the data process and artificial intelligence (AI) based information examination motors watching recorded information for bizarre conduct to obstruct cyber security breaches (Nazir, 2017).


  1. Bada, M., Sasse, A. M., & Nurse, J. R. (2019). Cyber security awareness campaigns: Why do they fail to change behaviour?. arXiv preprint arXiv:1901.02672.
  2. Radanliev, P., De Roure, D. C., Nicolescu, R., Huth, M., Montalvo, R. M., Cannady, S., & Burnap, P. (2018). Future developments in cyber risk assessment for the internet of things. Computers in Industry, 102, 14-22.
  3. Conteh, N. Y., & Schmick, P. J. (2016). Cybersecurity: risks, vulnerabilities, and countermeasures to prevent social engineering attacks. International Journal of Advanced Computer Research, 6(23), 31.
  4. Nazir, S., Patel, S., & Patel, D. (2017). Assessing and augmenting SCADA cyber security: A survey of techniques. Computers & Security, 70, 436-454.