Internet/Network Security/Securing Cyberspace
Dear Mr. Sopp,
I am currently doing a project at my school that involves the 14 Grand Challenges of Engineering. Our group targeted the topic: "Securing Cyberspace". Your expertise lies in security guidelines. I was wondering what kind of security guidelines and metrics you use to help secure cyberspace.
I think the word security can be a misnomer, as it is near impossible to completely secure anything. I like to think of security in the physical world as an analogy to security in the electronic world- as they are both very much alike.
"Lock Your Doors" can be an analogy for using a firewall for example..
Anyway, your paper topic is very very broad and honestly in today's world there isn't any complete answer to this.
You should first think of your perspective for this paper. For example you may want to just talk about ways to secure things...
In this case your topics covered could include(stated in a very general manner..)
Implement security controls to
-Restrict access to only what is needed(Access control lists, firewalls, other permission sets, segregation)
-Disable things that aren't needed(unnecessary services, control what is installed
-Keep things updated(patch management and version control)
-Search for and fix known flaws(web security scanning, pen testing, vuln scanning)
-Ensure consistent configurations
-Identify users and
-Employ proper authentication mechanisms, log sensitive actions and data access, defense in depth, malware protection mechanisms, incident response plans, DR/Backups, secure data in transit, secure data at rest..and so on
Or you can go the route of current state of cyber security(and problems that exist) and recommend ways we can improve it-this is a little harder to pull off and requires alot of research but probably more worthwhile. This may be a good starting point if you decide to go that route-http://www.engineeringchallenges.org/cms/8996/9042.aspx
In either event, take a look at the following links and see if they help spark your creativity: