Scribd
Upload
9 views5 pages

Is 221

The research titled 'Building Stronger Cyber Defenses' aims to create a cybersecurity framework for organizations to identify risks and enhance defenses against cyber threats. It identifies common vulnerabilities, explores threat detection methods, and develops defense strategies, utilizing qualitative methods such as focus group discussions and interviews. Key findings highlight the importance of automated patch management, early threat detection, and the adoption of Zero Trust strategies to mitigate risks and reduce breach impacts.

Uploaded by

chris mwakalobo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
9 views5 pages

Is 221

The research titled 'Building Stronger Cyber Defenses' aims to create a cybersecurity framework for organizations to identify risks and enhance defenses against cyber threats. It identifies common vulnerabilities, explores threat detection methods, and develops defense strategies, utilizing qualitative methods such as focus group discussions and interviews. Key findings highlight the importance of automated patch management, early threat detection, and the adoption of Zero Trust strategies to mitigate risks and reduce breach impacts.

Uploaded by

chris mwakalobo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

IS 221: ICT RESEARCH METHODS

INDIVIDUAL ACTIVITY 4: Data Collection

FULL NAME: CHRISTOPHER S. MWAKALOBO


REG NO: T23-03-13487
PROGRAMME: BSc. IDIT
GENDER: MALE
DATE OF SUBMISSION: 28th April 2025

RESEARCH TITLE
“BUILDING STRONGER CYBER DEFENSES”.

MAIN OBJECTIVE
The main objective of this research is to develop a practical cybersecurity framework that
helps organizations identify risks, detect threats early, and strengthen their defenses to protect
modern IT systems.

SPECIFIC OBJECTIVES

1. Identify common cybersecurity weaknesses in modern IT systems and understand


how they make organizations vulnerable to cyber threats.
2. Explore effective threat detection methods to help businesses and individuals
recognize cyber risks early and take action before damage occurs.
3. Develop strong defense strategies that improve cybersecurity and protect IT systems
from evolving cyberattacks.

RESEARCH QUESTIONS
1. What are the most common weaknesses in modern IT systems that make them
vulnerable to cyberattacks?
2. How can organizations detect cybersecurity threats early and prevent serious damage?
3. What defense strategies can help protect IT systems from new and evolving cyber
threats?

METHODOLOGY USED
Qualitative method using Focus Group Discussions (FGD) and interviews.
AUDIO FILE IN MP3

TRANSCRIBED DATA IN TEXT FORM

 DATA ANALYSIS RESULTS

Data Analysis Results: Cybersecurity Vulnerabilities & Defenses

1. Outdated Software/Unpatched Systems

Metric Value Source


Breaches linked to unpatched vulnerabilities 60% Verizon DBIR 2023
Ponemon Institute
Average time to patch critical vulnerabilities 102 days
2023
Cost of WannaCry ransomware (exploited unpatched
$4B+ Cyentia Institute
Windows)

Key Insight: Organizations with automated patch management reduce breach risk by 58%.

2. Misconfigured Cloud Storage

Metric Value Source


Cloud breaches due to misconfigurations 90% Gartner 2023
Average exposure time for open S3 buckets 7 days Unit 42 Cloud Threat Report
Capital One breach financial penalty $190M FTC Settlement

Key Insight: Companies using automated cloud security tools reduce misconfigurations by
80%.

3. Emerging Technology Security Gaps

Technology Top Risk Example Attack


AI/ML Data poisoning Fake facial recognition bypass
IoT Default credentials Mirai botnet (600K+ devices)
5G Network slicing attacks Edge device compromises
Key Insight: 70% of IoT devices have critical vulnerabilities (Palo Alto Networks 2023).

4. Common IT System Weaknesses

Weakness % of Breaches Impact


Phishing 74% Initial access in most attacks
Weak credentials 23% Account takeover leading cause
Shadow IT 56% Unmonitored data leaks

Key Insight: MFA adoption prevents 99.9% of credential attacks (Microsoft 2023).

5. Early Threat Detection

Method Effectiveness Example Tool


AI anomaly detection 92% accuracy Darktrace
Threat hunting 40% faster breach discovery CrowdStrike
EDR/XDR 75% reduction in ransomware SentinelOne

Key Insight: Organizations with 24/7 SOC teams detect breaches 58% faster (IBM Cost of
Breach Report).

6. Defense Strategies Against Evolving Threats

Strategy Adoption Rate Risk Reduction


Zero Trust 35% (growing) 50% fewer breaches
Deception tech 18% 7x attacker dwell time
Patch automation 42% 60% faster patching

Key Insight: Zero Trust adopters save $1.76M per breach (Forrester 2023).

INTERPRETATION OF YOUR FINDINGS

1. Old Software = Easy Target

Problem:

 60% of cyberattacks happen because companies don’t update their software.


 Example: The WannaCry ransomware attack hit 200,000+ computers because they
weren’t patched.

Why?

 Companies fear updates will break systems or cause downtime.


 Many don’t have automated systems to install patches quickly.

Fix:
Use tools like Qualys/Tenable to auto-scan and patch weaknesses

2. New Tech = New Risks

Problem:

 AI: Hackers trick systems with fake data (e.g., fooling facial recognition).
 IoT: Devices like cameras use default passwords (e.g., the Mirai botnet hacked
600k+ devices).
 5G: Faster networks = more entry points for attacks.

Why?

 Security isn’t built into new tech from the start.

Fix:

 IoT: Change default passwords + update firmware/


 AI: Train models to spot fake data.
 5G: Use Zero Trust to isolate critical systems.

3. Humans = Weakest Link

Problem:

 74% of breaches start with phishing emails.


 23% happen because of weak passwords (like "password123").
 56% of employees use unapproved apps that IT doesn’t secure.

Why?

 People click bad links, reuse passwords, or use apps IT doesn’t know about.

Fix:

 Train staff to spot phishing (simulate attacks.


 Force MFA (like SMS codes) + password managers.
 Monitor shadow IT with tools like Netskope.
5. Best Ways to Stop Hackers

What Works:

 Zero Trust: Treat every login as suspicious → cuts breaches by 50%.


 Honeypots: Fake servers trick hackers → waste their time.

Why?

 Old "firewall-only" security fails against modern attacks.

Fix:

 Start with Zero Trust (verify every user/device).


 Place fake data (honeypots) to trap hackers.

6. Catch Hackers Early

Problem:

 Old security tools miss new attack methods.

Solution:

 AI tools (Darktrace) detect strange behavior (92% accuracy).


 EDR/XDR (CrowdStrike) blocks ransomware before it runs.

Fix:

 Upgrade to AI-powered monitoring.


 Hire threat hunters to search for hidden attacks.

Picture during Data Collection

You might also like