ASSIGNMENTS AND RESEARCH

ABDULLAH ABBASI

ABBASI-ONE

SECURING ERP SYSTEMS

Contents
RAIL FENCE CIPHER.................................................................................................... 2
ROTOR MACHINE........................................................................................................ 2
SUMMARY INFORMATION SECURITY............................................................................2

RAIL FENCE CIPHER

The rail fence cipher (also called a zigzag cipher) is a form of transposition cipher. It
derives its name from the way in which it is encoded. In the rail fence cipher,
the plaintext is written downwards and diagonally on successive "rails" of an
imaginary fence, then moving up when we reach the bottom rail. When we reach
the top rail, the message is written downwards again until the whole plaintext is
written out. The message is then read off in rows

ROTOR MACHINE
In cryptography, a rotor machine is an electro-mechanical stream cipher device
used for encrypting and decrypting secret messages. Rotor machines were the
cryptographic state-of-the-art for a prominent period of history; they were in
widespread use in the 1920s1970s. The most famous example is the
German Enigma machine, whose messages were deciphered by the Allies during
World War II, producing intelligence code-named Ultra.

SUMMARY INFORMATION SECURITY

As hackers become more advanced, organizations must increase their focus on
cybersecurity to protect sensitive data and systems. No organization, regardless of
size or industry, is immune to cyberattacks, and just one breach could cause
significant financial, reputational or regulatory consequences. However, an effective
control environment can reduce the likelihood of a breach, enhance incident
detection and response, and accelerate recovery efforts to limit damage. While
many organizations think they may not have the type of data hackers seek, the
reality is all information has value. Implementing the right security controls can help
deter hackers, but the three distinct disciples each require their own focus.
Preventive controls keep incidents from occurring and deter unauthorized
access. Preventive controls seek to secure the perimeter, but with technology
such as the cloud and remote access, organizations must expand controls
beyond traditional boundaries.
Detective controls help to monitor and alert the organization of malicious and
unauthorized activity. Infiltration is typically the focus of detective controls;
however, these controls can be implemented at any stage in the attack life
cycle to increase data security.
Corrective controls are designed to limit the scope of an incident and mitigate
unauthorized activity. Many organizations view corrective controls as solely
technical, but they can also be physical, procedural, legal or regulatory in
nature.
There is no one-size-fits-all approach to applying security controls. However,
implementing the right strategy can make an organization more difficult for hackers
to exploit and limit potential damage.