Week 10

 Security in Estonia

Will be assessing security in estonia through the "Mitnick formula"

Mitnick formula:

- Technology: networks, firewalls, antiviruses...

- Training: awareness of different attacks

- Policy: set procedures and requirements

Technology

Depends on how needed is the cyber defence for certain systems, mostly counted by residual risk and how small it needs to be. If there is a need then implementations of good technology will take place.

While most citizens don't take any extra measures that are already in place by default in their devices, the ones that do are either tech nerds or corporate employees. As a company owner you want to have methods to deal with cyber attacks so that the company wouldn't lose face or profits.

Training

Awareness of social engineering or cyber attacks is about the same as most other countries, if not a bit better, since Estonia is a quite tech oriented country, as an example online voting is a possibility in politics. Giving more courage or motive for everyone to use devices and thus become more accustomed to them.

But once again, it comes down to the need of the training. As people who don't realy browse the internet or do anything outside of calling friends or family every once in a while are a lot less receptive towards attacks compared to someone who has multiple accounts and services active. Similarly in companies where employees are working with e-mails, sensitive data and other important information that should remain confidential are given some awareness training.

Policy

Policy varies from company to company, be it in devices that are sold to the public or devices that are used privately. They are made and revised by IT experts as it is their job to assess the safety and danger. But these policies have to always be updated to stay relevant in terms of having defence againts always evolving attackers.

There still are many cases where policy isn't that well made as the IT expert themselves have to stay up to date with everything to maintain good policy protocols. And so it sometimes happen that policy stays behind of what is needed and thus leaving a weakness open to attackers, being only a matter of time if it gets updated or devices get attacked.

Comments

Post a Comment

Popular posts from this blog

Week 1

Image
HTTPS (Hypertext Transfer Protocol Secure) As the world was getting more digital, there was a need to have secure public connection(e.g.online purchases), in which HTTP got an extension. And so in 1977, Whitfield Diffie and Martin E. Hellman published research about cryptography with the concept of asymmetrical encryption. HTTPS, which was released in 1994 uses the concept, which is based on having a public key and a private key and the exchange of the public key between two devices.   MFA (Multi Factor Authentication)  Earliest occurrence of Two-Factor Authentication was Barclay's Bank machine in 1967, which was based on the combination of "something you have and something you know", which is used till this day. An upgrade of the Two-Factor Authentication happened in 2010 due to a large hack on Google by China. Google then added a Two-Factor Authentication option to its users via an app on the phone, the users would get a code on their e-mail or phone which they would th
Read more

Week 3

 Web forums Forums(Message Boards) have existed for a long time, the first software dedicated to forum protocol was WIT, which was developed by the W3 Consortium in 1994. Since then, there have been hundreds of forum software packages, including phpBB, Invision, vBulletin, MyBB, and others. While the first dedicated software was made in 1994, Message boards have been around a lot longer, for example Usenet in 1980's or BBS, which were used in a similar fashion. But forums have started to change ever since, some turn into piracy, some turn into showing around disturbing or demeaning content, but there has been change for the better. When the start of sharing pictures, gifs or videos via e-mail or a virtual messanger, there came to be Youtube, which is something majority of the world knows about. Similarly the increase for demand for instant messaging started to rise as people in forums found people to talk to, and so without delay, to discuss their topic of interest with one another
Read more