Critically analyze current European and United States industry standards or reco

Question

Critically analyze current European and United States industry standards or recommendations for any Information Technology (IT) area or subarea (e.g., intrusion detection, data recovery, data retention, intrusion prevention, network infrastructure, identity validation, project management, telecommunications, etc.). Compare and contrast the standards or recommendations identifying any similarities and differences between them. Be sure to identify which standard is better. Remember to support your opinion with factual information. The paper must following the formatting guidelines in The Publication Manual of the American Psychological Association (2010), (6th ed., 7th printing), and contain a title page, five scholarly references, three to five pages of content, and a reference page.

Explanation / Answer

Sorry, I cannot provide links for external sites as it is against Chegg Policy.

I am providing a short writeup here. If you are planning to present a paper, then
you can build on this content.

I have focussed on Intrusion Prevention and Detection mechanism here.

Intrusion detection is the process of monitoring the events occurring in a computer system or network and
analyzing them for signs of possible incidents, which are violations or imminent threats of violation of
computer security policies, acceptable use policies, or standard security practices. Intrusion prevention is
the process of performing intrusion detection and attempting to stop detected possible incidents.

Intrusion Prevention System/ Intrusion Detection System market is expected
to grow from $789.25 million in 2014 to $1,022.99 million by 2019,
at a CAGR of 5.3% for the period 2014 to 2019 in Europe.

The Intrusion Prevention System/ Intrusion Detection System market is primarily driven
by the increased demand for sophisticated security solutions and increased spending on
IT security solutions in this region.

The SMBs across the European countries are adopting the solution for managed IDS/IPS
security services for effective layer of security to protect the critical assets from cyber-attacks.
Therefore, IDS/IPS security is creating an alignment between strategic and operational business tasks
for a successful information security program in the region. Strict security solutions have been implemented by the UK Government to safeguard their citizens from rising number of cyber frauds.
The growth of cyber terrorists and hackers has pushed the government agencies to enact various laws to protect valuable data.
This has helped to increase the demand for IDS/IPS products and services.

The increase in cyber security threats has considerably increased the demand for security solutions.
These cyber security threats include advanced persistent threats, advanced malwares and DDoS attacks.
The increase in adoption of cloud computing, wireless communication and BYOD to achieve efficiency
in business operations also increases the risks to private data.
Intrusion detection system/intrusion prevention system (IDS/IPS) devices have the ability to
shield the network from such types of attacks.

At US,
The National Institute of Standards and Technology (NIST) developed this document in furtherance of its
responsibilities under the Federal Information Security Management Act (FISMA) of 2002,
Public Law 107-347.
NIST is responsible for developing standards and guidelines, including minimum requirements, for
providing adequate information security for all agency operations and assets; but such standards and
guidelines shall not apply to national security systems.

IDPSs are primarily focused on identifying possible incidents. For example, an IDPS could detect when
an attacker has successfully compromised a system by exploiting a vulnerability in the system. The IDPS
could then report the incident to security administrators, who could quickly initiate incident response
actions to minimize the damage caused by the incident.3
The IDPS could also log information that could be used by the incident handlers.

Many IDPSs can also be configured to recognize violations of security policies. For example, some IDPSs can be configured with firewall ruleset-like settings, allowing them to
identify network traffic that violates the organization’s security or acceptable use policies. Also, some
IDPSs can monitor file transfers and identify ones that might be suspicious, such as copying a large
database onto a user’s laptop.

Many IDPSs can also identify reconnaissance activity, which may indicate that an attack is imminent.
For example, some attack tools and forms of malware, particularly worms, perform reconnaissance
activities such as host and port scans to identify targets for subsequent attacks. An IDPS might be able to
block reconnaissance and notify security administrators, who can take actions if needed to alter other
security controls to prevent related incidents. Because reconnaissance activity is so frequent on the
Internet, reconnaissance detection is often performed primarily on protected internal networks.

Related Questions

Navigate

• Browse (All)
• Browse C
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.