Why should you research IT Security?
Table of Contents
Cyber criminals are causing more IT Security incidents every week than ever before. This is affecting more individuals and corporations. According to Symantec Security Report (Symantec International Security Threat Report) and Kaspersky Security Bulletin (Kaspersky Security Bulletin 2017, 2017), the number of IT-related incidents is increasing and more end users are being affected. The researcher is trying to find better ways for anyone using technology to be more aware of the latest attacks by hackers/ cyber criminals.
The current state-of-the-art in IT Security
Most cyber-attacks are based on software vulnerabilities, according to Microsoft SIR (Microsoft Security Intelligence Report), and Secunia Vulnerability Report [Secunia Vulnerability Report]. Cybercriminals are creating malware based upon software vulnerabilities. E-mails based on Erdal Ozkaya’s (Ozkaya 2017, 2017) are widely used to spread their malware.
The “Carbanak” malware, which infected the bank network via email, caused more than 1 Billion US dollars of damage to 10 banks based on Kaspersky reach labs (Carbanak APT – The Great Bank Robbery, 2015).
IT Security is the specific problem
Software creation is not as fast as other industries like automobile, where there is a high cost of goods. The market is growing quickly and software is no exception. Cyber-criminals can launch new attacks and find vulnerabilities in software due to the rush. Software’s are not being tested against the most recent attack vectors because of this rush. Software vendors are often limited in time and cybercriminals spend a lot of time testing one product to discover new attack vectors.
The graph below is from White Hat Security technical brief (White Hat Sec 2014). It clearly shows how there is a direct correlation (a negative one) between the time a vulnerable code was written and its discovery. The more time it takes for a software security process to report the error and the creation of bad code, the more time it will take for a development team to fix it. Software testing speed – whether it is fast or slow, has the same effect on time and cost.
Why research IT Security Dr Erdal OzkayaThe importance of the research
The researcher wants to raise awareness about the importance IT Security, particularly against Vulnerabilities. He also hopes to help Governments, Businesses, and the IT community find workarounds for software vulnerabilities. He will also help them understand the importance whitelisting and patching, and the dangers they face.
The innovation portion of research
IT Security is such an important topic that many IT professionals are afraid of getting into it. Security should not be a responsibility of only IT teams. It should concern anyone who uses a smartphone, tablet, or computer. Any weakness in any one of these endpoints could cause damage to a network or individual.
The researcher hopes to find a simple way to make everyone who uses technology aware of the dangers. This will help developers to find a solution to a vulnerability, as they will have fewer users.
The End result
Why research IT Security Dr Erdal OzkayaSoftware vulnerability is one of the most popular attack vectors used to launch new attacks by cybercriminals. Recently published commercial reports provide the facts about how these attacks occur and the damage they cause. The researcher is trying to solve the IT Security problems and find solutions. His research aims at