Report on a Cyber Security Firm Verizon

Verizon Report

About Verizon

In 2000, Verizon Communications Inc. had been formed and led in offering communication and technology services. It has its headquarters in New York. Verizon specializes in data, voice, and video services. It offers network solutions by responding to customers' demands and providing secure connections and control features. Verizon is also a player in fixed wireless connection and mobile computing. Besides, it was the first company to launch mobility 5G. These operations aim to serve businesses and consumers, aiming to offer environmental, social, and economic advancement (Verizon, 2022).

Verizon's Value Proposition

Verizon is guided by three propositions: innovation, performance, and brand. The goal is to have these effects felt by consumers and businesses (Verizon, 2022).

Workforce Size

According to Forbes, data recorded in May 2021 shows that Verizon has 132,200 employees who hold different roles (Forbes, 2021). Verizon serves an extensive network of mobile network carriers. Among them include US Mobile, Ting, Net10, Red Pocket, Pix Wireless, and Straight Talk (Verizon, 2022)

Cyber Security at Verizon

According to Stanton (2017), users expect data privacy, which is instrumental in defining how they interact with various companies such as Verizon. Companies are expected to collect and transmit data securely and mitigate any data-breach risks. Laws require the government to access cell-site information, and according to Verizon and other key players, the Fourth Amendment should be applied in accessing such data. Laws that focus on content distinction and third-party doctrine have little contribution in the digital era, especially when responding to privacy needs. The author explains that a substantial amount of data is transmitted across networks, which cannot be avoided.

Consequently, there should be robust legal platforms that promote data privacy. As a company, Verizon is dedicated to ensuring data privacy. However, there are legal challenges that tend to compromise this commitment. For instance, Stanton explains that in 2018, there were about 40000 court orders requiring Verizon to service the law-enforcement agencies with cell-site data.

Messmer (2014) explains that in 2013, Verizon recorded 1367 cases of data breaches across 95 countries, and most of these attacks were through Web applications. Indeed, a Verizon report indicates that 35 percent of Verizon data breaches are linked to Web applications, with the main reason for the attack being financial gain. According to Jacobs, a Verizon analyst, Messmer explains that the attackers exploit weak codes on Joomla, WordPress, and Drupal, which shows the importance of Verizon enhancing its security features. Messmer also notes that Verizon emphasizes the need for companies to deploy security features in their CMS through automatic patching. Besides, collaboration with other security organizations like McAfee helps enhance security systems for Verizon network users. Messmer adds that Verizon notes that some attacks emanate from insiders who collaborate with cybercriminals or engage in risky cyber activities, especially real estate. For instance, some users exchange emails containing malicious attachments, which provides an ideal avenue for attackers. Thus, these threats can be intentional or unintentional. Verizon notes that data security requires organizations to have training programs in such instances. Thus, training is one of the cyber threat mitigation processes by Verizon. Verizon collaborates in such initiatives to ensure safety for consumers and businesses.

Antivirus form part of the most critical cyber security assets. They aid in sensing cyberespionage and network intrusions (Messmer 2014). The author adds that external sources play a significant role in identifying threats and attacks. Consumers are also active players in identifying the attacks. Efforts by auditors also serve an instrumental role in identifying avenues of attacks and the nature of cyber damage hence offering recommendations. Thus, Allodi and Massacci (2017) note that qualitative and quantitative assessment of cybersecurity risks is essential in responding to the increasing risks. The assessment is based on IT firms' infrastructure to serve their customers. The data security models employed by companies like Verizon influence how attackers structure their attacks to identify the vulnerabilities. The authors indicate that vulnerability in one area of the infrastructure increases the risk of attack on other platforms. Thus, the authors explain the significance of understanding the initiators of attack. First, there are targeted attacks that involve key players. For example, attacks specific to Verizon are thus sophisticated because they need a deep understanding of the company's operations and infrastructure. Allodi and Massacci explain that these attacks are called Advanced Persistent Threats (APT). The other is untargeted attacks that are not specific to any victim. They are launched automatically using various tool kits. They penetrate the network looking for vulnerable targets. The authors explain that untargeted attacks constitute 70 percent of the attacks. They are executed in two steps. The victim's machine is probed for attacks to determine its vulnerability and other features such as location. This is followed by attack delivery using payloads such as bash scripts, malware, and shellcode. These payloads initiate the execution of unwarranted processes. It is for this reason that Verizon emphasizes data encryption. The company uses WPA2 encryption for wireless routers, which provides high-security levels (Verizon, 2022). The security layer also applies to PDA options.

In assessing and auditing these risks, companies follow industry standards and regulations, and platforms like Security Operations Center (SOC) aid in assessing these cybersecurity risks. However, companies like Verizon integrate their audit systems based on customer needs and the company's level of risk (Allodi & Massacci, 2017). According to Verizon (2022), five major mobile security risks face the company and other players in the industry. First are the social engineering attacks disguised as emails that imitate official emails. When users interact with such emails, they risk losing their credentials. As a result, Verizon explains that the best approach to mitigating this security risk is through employees' training and sensitization about such incidences and defense mechanisms. For instance, the use of multifactor authentication during logins minimizes this threat. The next form of attack is crypto-jacking, where attackers use the victim's processing power to mine cryptocurrencies. These functions compromise power levels in affected machines. Verizon notes that this is a newer attack that can be prevented by using strong passwords and resetting default passwords. Besides, management systems to lock devices can be used to counter this attack.

The third threat that Verizon experiences are mobile malware. It is the most common because it is highly effective. Downloaded apps that imitate professional business tools are planted on various stores or websites. Unfortunately, such apps even get their way into official stores, escalating the risk. Verizon advises users to be sensitive about the apps they download and from which sources. Besides, organizations should have policies that define which apps employees should download. The fourth threat is public Wi-Fi, where an insecure network becomes a convenient avenue for hackers. Man-in-the-middle attacks are executed through such networks. Verizon advises that employees should be educated about the risks associated with public Wi-Fi and how to manage their data. The last threat presented by Verizon is Bring-your-own-device (BYOD) which exploits insecure devices and retrieves sensitive information. Access is also used to interrupt the network.

Verizon explains various ways it interacts with heterogeneous information. According to the privacy in their official website (Verizon, 2022), the company collects users' data that is useful in facilitating effective services. Besides, the company gets information from other agencies, such as demographic data, and this helps in enhancing the communication process. For instance, data from social media sites when users interact with Verizon through social media platforms. Information is shared when Verizon wishes to inform customers about new products. In some instances, Verizon can share private information with other parties. For example, when compelled by the law to share such information, acting in the public interest, credit companies, for regulation and auditing, and in cases where users' consent is obtained.