{"title":"端点网络安全:当智能设备变得愚蠢","authors":"Thomas Acton, P. Datta","doi":"10.1177/20438869241242142","DOIUrl":null,"url":null,"abstract":"With the proliferation of ever-cheaper IoTs (or smart devices) from smart doorbells to WiFi security cameras and baby monitors and hybrid work arrangements involving relaxed BYOD (Bring Your Own Device) policies, cybersecurity education must build awareness on the threats that endpoints pose. While securing corporate networks from cyberattack gains much attention, there is a dearth of educational material that exemplifies the processes by which endpoints are used in hacks, and how to build defenses against endpoint vulnerabilities. This teaching case provides a Defense in Depth (DiD) learning framework on how to defend industrial cyber-physical systems, digital infrastructure and assets. The case illustrates the applicability of a DiD framework independent of attack vector yet particular to endpoint vulnerabilities and shows how lessons from the past can help defend and mitigate future cyberattacks.","PeriodicalId":37921,"journal":{"name":"Journal of Information Technology Teaching Cases","volume":"8 3","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Endpoint cybersecurity: When smart devices turn stupid\",\"authors\":\"Thomas Acton, P. Datta\",\"doi\":\"10.1177/20438869241242142\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the proliferation of ever-cheaper IoTs (or smart devices) from smart doorbells to WiFi security cameras and baby monitors and hybrid work arrangements involving relaxed BYOD (Bring Your Own Device) policies, cybersecurity education must build awareness on the threats that endpoints pose. While securing corporate networks from cyberattack gains much attention, there is a dearth of educational material that exemplifies the processes by which endpoints are used in hacks, and how to build defenses against endpoint vulnerabilities. This teaching case provides a Defense in Depth (DiD) learning framework on how to defend industrial cyber-physical systems, digital infrastructure and assets. The case illustrates the applicability of a DiD framework independent of attack vector yet particular to endpoint vulnerabilities and shows how lessons from the past can help defend and mitigate future cyberattacks.\",\"PeriodicalId\":37921,\"journal\":{\"name\":\"Journal of Information Technology Teaching Cases\",\"volume\":\"8 3\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-03-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Technology Teaching Cases\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1177/20438869241242142\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"Social Sciences\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Technology Teaching Cases","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1177/20438869241242142","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"Social Sciences","Score":null,"Total":0}
引用次数: 0
摘要
随着从智能门铃到 WiFi 安全摄像机和婴儿监视器等越来越便宜的物联网(或智能设备)的普及,以及 BYOD(自带设备)政策放宽的混合工作安排,网络安全教育必须建立对端点所构成威胁的认识。尽管确保企业网络免受网络攻击备受关注,但却缺乏能举例说明端点在黑客攻击中的使用过程以及如何针对端点漏洞建立防御的教材。本教学案例提供了一个深度防御(DiD)学习框架,介绍了如何防御工业网络物理系统、数字基础设施和资产。该案例说明了 DiD 框架的适用性,它独立于攻击载体,但又特别针对端点漏洞,并展示了过去的经验教训如何帮助防御和减轻未来的网络攻击。
Endpoint cybersecurity: When smart devices turn stupid
With the proliferation of ever-cheaper IoTs (or smart devices) from smart doorbells to WiFi security cameras and baby monitors and hybrid work arrangements involving relaxed BYOD (Bring Your Own Device) policies, cybersecurity education must build awareness on the threats that endpoints pose. While securing corporate networks from cyberattack gains much attention, there is a dearth of educational material that exemplifies the processes by which endpoints are used in hacks, and how to build defenses against endpoint vulnerabilities. This teaching case provides a Defense in Depth (DiD) learning framework on how to defend industrial cyber-physical systems, digital infrastructure and assets. The case illustrates the applicability of a DiD framework independent of attack vector yet particular to endpoint vulnerabilities and shows how lessons from the past can help defend and mitigate future cyberattacks.
期刊介绍:
The Journal of Information Technology Teaching Cases (JITTC) provides contemporary practical case materials for teaching topics in business and government about uses and effectiveness of technology, the organisation and management of information systems and the impacts and consequences of information technology. JITTC is designed to assist academics, scholars, and teachers in universities and other institutions of executive education, as well as instructors of organizational training courses. Case topics include but are not restricted to: alignment with the organization, innovative uses of technology, emerging technologies, the management of IT, including strategy, business models, change, infrastructure, organization, human resources, sourcing, system development and implementation, communications, technology developments, technology impacts and outcomes, technology futures, national policies and standards.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
