Cybersecurity Safeguards: What Cybersecurity Safeguards Could Have Prevented the Intelligence/Data Breach by a Member of the Air National Guard

Jack Teixeira, a 21-year-old IT specialist Air National Guard found himself on the wrong side of the US law after sharing what is considered classified and extremely sensitive information about USA\u27s operations and role in Ukraine and Russia war. Like other previous cases of leakage of classified intelligence, the case of Teixeira raises concerns about the weaknesses and vulnerability of federal agencies\u27 IT systems and security protocols governing accessibility to classified documents. Internal leakages of such classified documents hurt national security and can harm the country, especially when such secretive intelligence finds its way into the hands of enemies. Unauthorized disclosure of secretive documents and information is a result of rarely noticeable insider threats. Addressing such threats requires highly sophisticated technology such as Zero Trust Architecture based on multi-authentication and continuous monitoring of the behaviors of users of the IT system. A Zero Trust Architecture (ZTA) is recommended as the best solution to assist federal agencies and departments such as the Air National Guard in curbing unauthorized disclosure of intelligence with significant harm to national security. This solution is based on multi-authentication and authorization of users, devices, applications, networks, and links before accessing or using an IT system. Therefore, for the agency, implementing ZTA will offer it an identity-centered access control and continuous monitoring of the behaviors of users to identify anomalies and other suspicious activities that can contribute to leaking classified intelligence. ZTA is the best solution in these federal agencies because despite individuals having security clearance to classified information, they will still be required to be validated, authenticated, and authorized before accessing the systems and other Sensitive Compartmented Information Storage (SCIS). Apart from multiple-authentication, behavioral analytics will be used to analyze and monitor their actions and behaviors while interacting with IT systems and sensitive data storage areas

Security and Privacy Issues in Cloud Computing

Cloud computing transforming the way of information technology (IT) for consuming and managing, promising improving cost efficiencies, accelerate innovations, faster time-to-market and the ability to scale applications on demand (Leighton, 2009). According to Gartner, while the hype grew ex-ponentially during 2008 and continued since, it is clear that there is a major shift towards the cloud computing model and that the benefits may be substantial (Gartner Hype-Cycle, 2012). However, as the shape of the cloud computing is emerging and developing rapidly both conceptually and in reality, the legal/contractual, economic, service quality, interoperability, security and privacy issues still pose significant challenges. In this chapter, we describe various service and deployment models of cloud computing and identify major challenges. In particular, we discuss three critical challenges: regulatory, security and privacy issues in cloud computing. Some solutions to mitigate these challenges are also proposed along with a brief presentation on the future trends in cloud computing deployment

Systematic Review on Security and Privacy Requirements in Edge Computing: State of the Art and Future Research Opportunities

Edge computing is a promising paradigm that enhances the capabilities of cloud computing. In order to continue patronizing the computing services, it is essential to conserve a good atmosphere free from all kinds of security and privacy breaches. The security and privacy issues associated with the edge computing environment have narrowed the overall acceptance of the technology as a reliable paradigm. Many researchers have reviewed security and privacy issues in edge computing, but not all have fully investigated the security and privacy requirements. Security and privacy requirements are the objectives that indicate the capabilities as well as functions a system performs in eliminating certain security and privacy vulnerabilities. The paper aims to substantially review the security and privacy requirements of the edge computing and the various technological methods employed by the techniques used in curbing the threats, with the aim of helping future researchers in identifying research opportunities. This paper investigate the current studies and highlights the following: (1) the classification of security and privacy requirements in edge computing, (2) the state of the art techniques deployed in curbing the security and privacy threats, (3) the trends of technological methods employed by the techniques, (4) the metrics used for evaluating the performance of the techniques, (5) the taxonomy of attacks affecting the edge network, and the corresponding technological trend employed in mitigating the attacks, and, (6) research opportunities for future researchers in the area of edge computing security and privacy