Posted: September 9th, 2022

Despite its positive results

2. Summary: Despite its positive results, the team identified the IDS with several faults, such as an increased rate of false positives, which leads to other security incidences that the security team can easily detect. Another issue is that of false negatives, which mostly take place when computer systems are not updated. Cost is also a factor, especially the total cost of ownership which is higher than acquiring a firewall.
The solutions developed to deal with the crypto-jacking issue are very effective and at par with the available regulation. The security protocol, especially the use of Zvelo promote the collection of data used for forensic purposes and in the analysis of security situation. The data collected assists in the investigation of crypto-jacking cases. Also, the security framework consists of several plans, strategies, and policies for reducing cyber threats through blocking crypto-jacking scripts. The solutions used, such as firewall, anti-viruses, education, and awareness creation, assist in mitigating cybersecurity threats, including ransomware and other types of threats. Also, training of various software for blocking domains, and codes, such as SecBi, automatically detects crypto-jacking. On the other hand, the security solutions promote decision-support functionality through a decision support system(DDS). Furthermore, the solutions proposed, such as the use of ad blockers, promote education and training concerning cybersecurity, and importantly how to use and follow security practices and policies, for instance, use of ad blockers and turning off javascript for frequent browsers.

C
The security solutions align with the organization’s security policies, which promote physical and technical security. For instance, the solutions, such as monitoring network services and application of ad-blockers, assist in threat detection and mitigation. The security team can detect and mitigate any potential crypto-jacking security threat through the security policy by sending alert messages to computer systems users in the organization. The team, however, conducts a quick response thorough forensic investigations. Also, the policies align with risk-based vulnerability management, a security policy in the organization that detects and deals with vulnerability. The policy involves tracking any security venerability in the systems and providing risk-scoring information, which assists in mitigating the risks based on risk priorities. Other security policies aligned with the crypto-jacking security solution include enterprise mismanagement, especially the reporting capabilities, Configuration control, complete visibility, and adaptive assessment.
A compatibility test is essential, remediation, and execution, which eliminates any ineffectiveness, and non-authenticity in the policies. The validation process makes the organization’s security team more confident about the implemented security policies, making the organization more accountable for a security issue. A validation test assists in preparing information, which is essential for future use, such as in making remedies for the identified shortcomings.
A compatibility test assesses the effectiveness of the security policies, which is a post-implementation process analysis. The post-implementation security risk assessment assists in preparation for post-implementation maintenance and security management. The risk assessment involves identifying the types of cryptocurrency threats, such as unauthorized access into the computer system. Placing destruction codes into the system and other deliberate human threats. Also, the assessment process evaluates the non-human and internal operating environment, especially on the likelihood of the factors to affect the normal functioning of computer systems or increase the rate of vulnerability in the computer systems. During the post-implementation assessment process, some tools, such as the automated vulnerability scanning tools, automatically scan any vulnerabilities, such as a running crypto-jacking script in the background.
On the other hand, a system penetration test is used for security control testing, especially on making sure the information technology systems in the organization, most computer systems are secure from crypto mining. Due t the faults caused by the IDS, the organization opted for a better alternative, which is unified threat management(UTM), which is a single-end-point solution for the organization. Other alternatives involve installing anti-virus, DDoS protection techniques, Firewalls, IPS, and Web Proxy, which perfectly served the need for the organization.
The post-implementation assessment process checks the likelihood of the system for potential threats and vulnerability, such as undated computer system use of old computer systems, as well as incompatibility ad blockers with the system software In case of any weakness in the system, technical controls, such as cryptography key are used to limit and eliminate vulnerabilities for the effectiveness of the systems, and policies. The stakeholders, such as the employees, consultancies, and organizational leaders, play an essential role in ensuring all security policies are followed and announcing any vulnerability discovered in computer systems. On the other hand, the stakeholder is trained on cryptocurrency security accountability, which follows the designed security policies and solutions. In addition, stakeholders are trained on the effectiveness of the applied security practices, such as the need to use an ad-blocker, firewalls, a computer anti-virus. Also, the stakeholder is trained on computer system security vulnerability and how to detect an embedded crypto-jacking script, which is installed to mine cryptocurrencies without permission.
Cyber risk management and oversight

Crptojacking is a substantial cyber risk to watch for, which has become popular due to the ease of installation, and the difficulties faced in its detection. The development of security risk management and oversight is critical to maintain and improve the organization’s security against crypto miners. Through the Sonicwall capture security center, the organization can afford to comfortably manage, govern and comply with several policies and practices to protect the company from crypto miners. Based on the three core objectives of SonicWall, which include risk management, governing, and compliance, the framework focus on business value which is promoted through risk management. The framework promotes the development of a robust cryptocurrency security framework, which works faster and wiser. However, the cryptocurrency solution assists the organizations’ security team in avid any operational overheads, which is mainly associated with the installation of hardware and software. The risk management framework maintains endpoints, emails, cloud security, networks, and mobile phones. In addition, the security team should maintain the security of cloud delivery services and organization websites to avoid any vulnerability that may lead to crypto-jacking. The use of detection technology and authentication are some of the effective ways that prevent crypto-jacking. The risk management process is conducted by a security team of professionals, especially people familiar with cryptocurrencies and illegal mining g of cryptocurrencies, such as bitcoins.
The security concern requires the security team to be mentally prepared since cryptocurrency. The organizational governance structure in cryptocurrency has advanced and evolved over the years, based on a new type of threat in the market. The cybersecurity governance structure should consist of security roles, such as cybersecurity architecture, that promote awareness by offering cybersecurity education and training. A certified blockchain security professional is skilled and expert in cryptocurrency security that assists in security management and maintenance. A certified blockchain person has taken several courses, such as smart contract security, consensus in the blockchain, basic blockchain security, network-level vulnerabilities, security alternative DLT architectures, and blockchain risk assessment. The professional should have a certificate from the cryptocurrency certification consortium that promoted cryptocurrency standards, privacy, security and promotes decentralization. A certified person in cryptocurrency security has an in-depth understanding of cryptocurrency security threats and attacks and implements several kills in blockchain applications. The professional can also develop new methods and security models that work effectively, especially after ineffective shortcoming of the s already developed solutions. Processionals in cryptocurrency security, especially blockchain, include a network administrator, a security analyst, a blockchain consultant, a blockchain project manager, and s a blockchain architecture. Information tech ology experts and cybersecurity experts have knowledge and skills on cryptocurrency security since the experts are taught on blockchain security through the CBSP training program.

The security team can also take new courses, which IBM also offers concerning blockchain security aspects, including risk mitigation, integrity, node security, threat response, and threat identification. The courses can be undertaken by programmers and other security experts to manage cryptocurrency threats and security risks effectively. The information provided not only focuses on the blockchain as a type of cryptocurrency but also other types such as the ethereal concept and technology. However, the knowledge and information assist the experts in conducting an internal cryptocurrency security audit, track security progress, and develop cryptocurrency security reports that assist in developing new policies and security practices.
Apart from technical security, physical access controls are crucial in risk management, primarily the use of biometric to restrict unauthorized accessibility. Finally, cybersecurity controls that apply to other cybercrime issues are also applicable since crypto-jacking is an example of a cyber issue.
Apart from internal parties and stakeholders in the organization, external parties for security are essential. Some of the external or third parties that can be very helpful include the government, and other organizations, mostly cryptocurrency organizations. Cryptojacking is a growing and evolving threat targeting many government websites. The government, however, plays a vital role in preventing security issues, as well as develop policies and practices that can be used by other organizations in case of an issue. Through a centralized NOC and SOC, the government reduces the risk caused by crypto-jacking and assists other connected organizations in avoiding and preventing the risk. Collaboration with the government and other organizations plays an essential role in reducing the impacts and likelihood of being a victim of crypto-jacking.
Threat intelligence and collaboration against crypto-jacking is essential, especially in s working on preventing potential threats based on the advancement of artificial intelligence. For instance, the collaboration between Microsoft and Intel is a good example, where the parties worked on endpoint detection of crypto-jacking and responding to crypto-jacking malware. The Intel threat detection technology assists the Microsoft defender to detect and identify the available cryptography threats for the development of remedies. Intel TDT is an organization that an organization can apply to make it easier to detect and remediate crypto-jacking.
The crypto-jacking threat landscape is vast, requiring collaboration in monitoring, tracking, and analyzing malicious crypto mining activities. Joining others with similar interests, such as other organizations and the government, would be a significant threat to crypto miners. For instance, the organization can collaborate with the cyber Threat Alliance(CTA), which improves cybersecurity.
The organization, however, urges companies to collaborate and share threat intelligence activities that would disrupt malicious cyber activities. There is strength and value in collaboration, especially when it comes to the detection of crypto-jacking activities. Corroboration provided information that assists nearly detection of, monitoring, and dealing with the issue professionally.
Building cyber resilience is the best way to avoid crypto-jacking and other cybersecurity issues. Cyber resilience is developed through first coming up with a business impacts analysis, reports on cyber incidents, and a business continuity plan.
The organization’s impact analysis focus on the effects of crypto-jacking on the organization’s businesses. As a victim of crypto-jacking, the process works on extorting money through digital masquerading. Cryptojacking causes a significant impact in business, for instance, on overall productivity. The symptoms and signs of crypto-jacking play a considerable role in effective business performance. For instance, having a slow processing unit and overheating are the leading cause of low productivity and poor performance in the organization. When computer systems slow down, it is definitely, that employees will not be able to work well as required and per the scheduled time. Troubleshooting computer systems cause more delays, which leads to low production in the company at the end of the month. Apart from performance, crypto-jacking causes extra and unplanned costs, which are expensive for the company. For instance, the cost of replacing computer systems after crashing from overheating, and infection of malicious codes, and malware. Information technology energy drain is another impact, where the security team works tirelessly to understand the cause of slow computer performance, overheating as well as low performance; detecting crypto-jacking script is not an easy activity, hence an extreme sport from the IT team, especially those with less knowledge concerning cryptocurrency mining, and security threats. Through the impacts, the organization can build resilience, making it more accessible and faster to work on such security cases without spending much time and energy. Building resilience can be done by developing a cyber incident response plan, crisis management plans, continuous monitoring strategy, and systematic development of resilience testing results. The response and management plan ensures that the organization is ready to fight and deal with any intrusion of crypto-jacking scripts that are harmful to the organization’s computer systems. On the other hand, the continuous monitoring strategy works on control ad inspecting computer systems on crypto-jacking codes and malware by checking the computer systems’ performance. After response and management, a business continuity plan promotes the business despite the incident to void more loss on productivity.

Check Price Discount

Study Notes, Research Topics & Assignment Examples: The evaluation aims at improving Dev’s mental »Religion plays a crucial role in cultivating