Identification should state that preventions and protections against cyber-attacks change as the targets, vulnerabilities, and threats change.
Identification should state that each vulnerability will have its own unique set of preventions and protections, and should include, but not be limited to the following:
- Network protection is often the initial line of defense (e.g., authentication, firewalls, end point protection software, intrusion detection system [IDS]/intrusion prevention system [IPS], vulnerability scanners).
- Operating systems and applications are critical to reducing vulnerabilities. Identification of systems maintenance measures that assist in system protection include, but should not be limited to, system updates and audits.
- Secure coding practices in database information and programming are critical to preventing injection vulnerabilities, in which an application sends untrusted data to an interpreter. Attackers use exploit injection flaws to steal data and compromise the target system. Protection measures should be evaluated in the system design and programming phase. Addressing this concept in design and development will prevent flaws in production.
- User training will make the users aware of the potential threats due to their actions.