Cybersecurity standards have existed over several decades as users and providers have collaborated in many domestic and international forums to affect the necessary capabilities, policies, and practices – generally emerging from work at the Stanford Consortium for Research on Information Security and Policy in the 1990s. Also many tasks that were once carried out by hand are now carried out by computer; therefore there is a need for information assurance (IA) and security.Growing dependence on networked digital systems has brought with it an increase in both the variety and quantity of cyber-threats. The different methods governing secure transactions in the various Member States of the European Union sometimes make it difficult to assess the respective risks and to ensure adequate security. There is a need to come up with a global cyber security ecosystem of standardization and other activities.
Cyber security
This is also known as computer security or I T security which implies protection of the information systems from theft, hardware damage, and to the information on them, as well as from disruption of those services that they provide by controlling the physical access to the hardware and protecting against any harm that might come through network access, data, and code injection due to users malpractices.
Cyber security standards
Cybersecurity standards are those measures are techniques generally set forth in published materials that attempt to protect the cyber environment of a user or organization. This environment includes users themselves, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks. The principal objective is to reduce the risks, including prevention or mitigation of cyber security attacks.
Unified architecture
This a platform-independent standard through which various kinds of systems and devices can communicate by sending messages between clients and servers over various types of networks. It supports robust, secure communication that assures the identity of clients and servers and resists attacks.
Proprietary technology
A process, tool, system or similar item that is the property of a business or an individual and provides some sort of benefit or advantage to the owner.
Merits of unified architectures vs. proprietary technologies
Unified architecture and proprietary technologies uses a mature security concept to ensure protection against unauthorized access to data and also against errors due t careless operations.
They defines an integrated address space and an information model in which process data, alarms, historical data and program calls can be represented. The items of information are defined as typed objects, which can be placed in relationship to each other.
They offer strong performance and protection of investments through development of its own, lean TCP based UA binary protocol with efficient data coding.
They offer data security and reliability since they have reliable communication channels, configurable timeouts, automatic error detection and recovery mechanisms.
They provide more application mechanisms. The enterprise levels can e connected to 0one another with much ease.
The capability model is a development model created after study of data collected from organizations that contracted with the U.S. Department of Defense, who funded the research. The aim of this model is to improve existing software-development processes and it can also be applied to other processes. The Capability Maturity Model was originally developed as a tool for objectively assessing the ability of government contractors’ processes to implement a contracted software project. The model is based on the process maturity framework first described in the 1989 book “Managing the Software Process,” by Watts Humphrey. This model can also be used to aid in business processes generally, and has been used extensively worldwide in government offices, commerce, industry, and software-development organizations.
Cyberattack technologies pose some greater degree of challenges to the process of developing global standards in the following ways:
Cyber actors, from individuals, to criminal groups, to rogue states and terrorists, can today easily combine to launch a customized cyber threat. Individuals. At the lowest end of the threat spectrum are uncoordinated individuals acting on their own. Although some individual actors are highly intelligent and may pose a risk to systems, their motivation is often limited to achieving personal satisfaction or recognition based on the disruption they hope to cause. The limited level of resources available to individuals reduces the risk posed by this class of threat. Corporations. Industrial espionage has developed in cyberspace as a way to maximize investment – or deny others the fruit of their efforts. Whether conducted by otherwise legitimate corporations, or any of the other classes of cyber actors mentioned here, industrial espionage undermines fair business practices and is often supported by nation states as a means to advance their societal capabilities and industrial base with little investment. Corporate actors are also difficult to pin down because assets may be compromised from both inside and outside the corporation. Criminals and Criminal Enterprises. Many threats in cyberspace are motivated by personal financial gain or related to criminal acts of vandalism. Criminals and criminal enterprises within cyberspace have become more organized, including highly organized rings that traffic in personal information, credit cards, identities, and other information with value. In many cases, criminal software and hardware development capabilities rival those of software and hardware industry leaders. Terrorists. Because cyberspace offers anonymity, terrorist organizations have begun to use the Internet as a key tool to support recruitment, funding, and organization goals. Cyberspace provides an easy way to fund terrorist activities and transfer resources through anonymous online transactions. It also provides the means to transfer knowledge and provide command and control to support the terrorist organization. Unlike criminal enterprises, because motivations are not driven entirely by greed, terrorist activities are more difficult to counter. Nation States. Nation states have long recognized the value of information systems as critical elements of good governance practice, but they have also been used to subvert other nation states’ security. In the national security arena, computing systems have long been used to break encrypted messages and disrupt communications and command and control systems. Because identities are difficult to trace in the cyber domain, it is difficult to determine the nation state behind a given attack. These challenges must be addressed accordingly.
Penetration testing
A penetration test is a proactive and authorized attempt to evaluate the security of an IT infrastructure by safely attempting to exploit system vulnerabilities, including OS, service and application flaws, improper configurations, and even risky end-user behavior. Such assessments are also useful in validating the efficacy of defensive mechanisms, as well as end-users’ adherence to security policies. Penetration tests are typically performed using manual or automated technologies to systematically compromise servers, endpoints, web applications, wireless networks, network devices, mobile devices and other potential points of exposure. The fundamental purpose of penetration testing is to measure the feasibility of systems or end-user compromise and evaluate any related consequences such incidents may have on the involved resources or operations.

Published by Andrew Author at Best term paper site, paper writing service,  and Dissertation writing service