scholarly journals A Design Methodology and Implementation for Corporate Network Security Visualization: A Modular-Based Approach

2011 ◽  
Vol 3 (2) ◽  
pp. 104-132 ◽  
Author(s):  
Andy Luse ◽  
◽  
Brian Mennecke ◽  
Janea Triplett ◽  
Nate Karstens ◽  
...  
Keyword(s):  
Network Security ◽  
Design Methodology ◽  
Corporate Network

scholarly journals Efficient Algorithm for Providing Live Vulnerability Assessment in Corporate Network Environment

2020 ◽  
Vol 10 (21) ◽  
pp. 7926
Author(s):  
Michał Walkowski ◽  
Maciej Krakowiak ◽  
Jacek Oko ◽  
Sławomir Sujecki
Keyword(s):  
Network Security ◽  
Relational Databases ◽  
Significant Risk ◽  
Environmental Data ◽  
Large Delay ◽  
Corporate Networks ◽  
Flexible System ◽  
Public Announcement ◽  
Corporate Network ◽  
Time Gap

The time gap between public announcement of a vulnerability—its detection and reporting to stakeholders—is an important factor for cybersecurity of corporate networks. A large delay preceding an elimination of a critical vulnerability presents a significant risk to the network security and increases the probability of a sustained damage. Thus, accelerating the process of vulnerability identification and prioritization helps to red the probability of a successful cyberattack. This work introduces a flexible system that collects information about all known vulnerabilities present in the system, gathers data from organizational inventory database, and finally integrates and processes all collected information. Thanks to application of parallel processing and non relational databases, the results of this process are available subject to a negligible delay. The subsequent vulnerability prioritization is performed automatically on the basis of the calculated CVSS 2.0 and 3.1 scores for all scanned assets. The environmental CVSS vector component is evaluated accurately thanks to the fact that the environmental data is imported directly from the organizational inventory database.

Firewalls as Continuing Solutions for Network Security

2009 ◽  
pp. 98-108
Author(s):  
Andy Luse
Keyword(s):  
Network Security ◽  
Cost Benefit Analysis ◽  
Cost Benefit ◽  
Benefit Analysis ◽  
Internal Security ◽  
Starting Point ◽  
Corporate Network ◽  
Distributed Firewall

This chapter describes various firewall conventions, and how these technologies operate when deployed on a corporate network. Terms associated with firewalls, as well as related concepts, are also discussed. Highly neglected internal security mechanisms utilizing firewall technologies are presented, including host-based firewalls and the more novel distributed firewall implementation. Finally, a section on how to perform a cost-benefit analysis when deciding which firewall technologies to implement is included. The chapter is designed as an introductory tutorial to the underlying concepts of firewall technologies. This understanding should provide a starting point for both systems support specialists implementing network security and researchers who are interested in firewall technologies.

Investigating the work practices of network security professionals

2015 ◽  
Vol 23 (3) ◽  
pp. 347-367 ◽  
Author(s):  
Muhammad Adnan ◽  
Mike Just ◽  
Lynne Baillie ◽  
Hilmi Gunes Kayacik
Keyword(s):  
Network Security ◽  
Design Methodology ◽  
Online Survey ◽  
Empirical Studies ◽  
Security Management ◽  
Work Practices ◽  
Content Type ◽  
Proposed Model ◽  
Network Security Management ◽  
Practical Implications

Purpose – The purpose of this paper is to investigate the work practices of network security professionals and to propose a new and robust work practices model of these professionals. Design/methodology/approach – The proposed work practices model is composed by combining the findings of ten notable empirical studies performed so far this century. The proposed model was then validated by an online survey of 125 network security professionals with a wide demographic spread. Findings – The empirical data collected from the survey of network security professionals strongly validate the proposed work practices model. The results also highlight interesting trends for different groups of network security professionals, with respect to performing different security-related activities. Research limitations/implications – Further studies could investigate more closely the links and dependencies between the different activities of the proposed work practices model and tools used by network security professionals to perform these activities. Practical implications – A robust work practices model of network security professionals could hugely assist tool developers in designing usable tools for network security management. Originality/value – This paper proposes a new work practices model of network security professionals, which is built by consolidating existing empirical evidence and validated by conducting a survey of network security professionals. The findings enhance the understanding of tool developers about the day-to-day activities of network security professionals, consequently assisting developers in designing better tools for network security management.

Cybersecurity governance: a prehistory and its implications

2017 ◽  
Vol 19 (6) ◽  
pp. 449-465 ◽  
Author(s):  
Bradley Fidler
Keyword(s):  
Network Security ◽  
Department Of Defense ◽  
Design Methodology ◽  
Internet Governance ◽  
Historical Sources ◽  
Content Type ◽  
Security Technologies ◽  
The Us ◽  
The Usa ◽  
Military Networks

Purpose The purpose of this paper is to understand the emerging challenges of cybersecurity governance by analyzing the internet’s early history. Design/methodology/approach Tracing the design and management of early internet and network security technologies in the USA in the 1970s and 1980s. Findings The US Department of Defense separated the research and management regimes for networks and network security, with the latter restricted to military networks. As such, the absence of cybersecurity technologies on the early internet was not an oversight, but a necessary compromise. This ordering of networks and security had enduring technological, political and even cultural consequences, which are breaking down today. Social implications Political, technological and metaphoric distinctions between networks and security should be challenged; cybersecurity will transform internet governance. Originality/value New historical sources and analysis provide a novel perspective on contemporary challenges of cybersecurity governance.

Sign in / Sign up

Export Citation Format

Share Document