Protecting information and all assets is critical in today’s time. The military faces three major types of threats: Employees, Zero-Day Exploits, and Cyber Espionage. It is imperative, due to the information and assets on-hand, that the military mitigates these risks.
The first major threat, employees, is a very common threat to all organizations. Employees can be broken down into three types of threats which include, employees that are careless and untrained, employees that are tricked or fall prey to social engineering, and employees with malicious intentions. This will always be a potential threat because every organization requires employees to run and function. Protecting a network ...view middle of the document...
Anyone who’s currently serving in the military or works for the Department of Defense has probably gone through basic computer security education, often consisting of nothing more than a one hour self-guided online course once a year. Nobody can reasonably deny that the military is effective in training its people in executing their missions – they train hard, they train continuously, and the result is a force for whom reacting to threats becomes instinct. Yet when it comes to protecting computer systems and preventing data leakage, it appears to be applied as more of an afterthought than a real training regimen. With nearly all the information the military handles stored digitally, every service member should be trained continually, and tested in their response to threats on a regular basis” ("U.S. Naval Institute", 2013).
The second major threat the military faces is zero-day exploits. Zero-day exploits occur when attackers can compromise a system based on a known vulnerability with no known patch or fix. No software is perfect and is guaranteed to have bugs in it. This is what hackers are counting on and they create exploits that use these vulnerabilities to gain access to the network. The military has a tendency to be behind the information technology power curve and using outdated software and programs has put the military more at risk. With annual tech refreshes occurring the military is always updating their information systems but not at a pace that can keep up with other organizations.
The third major threat that the military faces is cyber espionage. Other countries spy and pry to find out what the U.S. government and military are currently doing and any information they can get their hands on. “Tracing malware and breaches to their attackers is not straightforward -- anyone can hide behind layers of IP addresses -- but China has been confirmed as a major player in cyber espionage in multiple reports this month…(Higgins, 2013).” Being the top military force to be reckoned with in the world is something that each country strives for. The U.S. will always be a major target for hackers from other countries as long as we have the technologies we have and are developing each day.
With employees, zero-day exploits, and cyber espionage, the U.S. military has a high overall information security risk. Users will always be present and an ever growing vulnerability. Zero-day exploits have no patch or fix available and therefore will pose an increasing risk as the military stays behind the information security curve. Cyber espionage will always be a threat as countries fight to be the top force in the world.
The military already knows how valuable the information and assets it has...