Electronic Thesis/Dissertation

 

A CONTINUOUS MONITORING FRAMEWORK TO MANAGE CYBERSECURITY AGAINST INSIDER THREATS Open Access

Downloadable Content

Download PDF

In today’s “Cyber-Society,” an enterprise faces numerous Cybersecurity challenges as Cybercriminals, hackers, and insider threats constantly threaten to compromise the Confidentiality, Integrity, and Availability (CIA) of the enterprise’s assets and data. This research presents a Dynamic Framework system that has a proactive security concept as opposed to the traditional reactive approach. This Dynamic Framework system minimizes the risks that Cybercriminals, hackers, and insider threats pose to an enterprise’s CIA. The Dynamic Framework system is mapped to the National Institute of Standards and Technology’s (NIST) Risk Framework (RF), is designed based on three functional Controls (Preventive, Detective and Corrective), enables an enterprise to develop a healthier Cyber Hygiene (CH) through continuous monitoring of its assets, and is capable of ensuring a proper alignment between the business functionality and Cybersecurity missions of an enterprise. Furthermore, although the Dynamic Framework system was developed based on the Financial Services Sector’s vulnerabilities, its functionality applies to all enterprises.This research recognizes that the current Cybersecurity practices are insufficient to prevent a Cyber-Attack, respond to a Cyber-Attack, and, most importantly, remain resilient during a Cyber-Attack. The purpose of the Dynamic Framework system is to recommend a new and near-future Cyber-Ecosystem (CE), which an enterprise in the Financial Services Sector, or other sectors, can use to improve its security posture.

Author Language Keyword Date created Type of Work Rights statement GW Unit Degree Advisor Committee Member(s) Persistent URL
License

Relationships

Items