For the past twelve weeks, the students in the Bellevue University Cyber Security Master’s degree program taking the CYBR 650, Current Trends in Cyber Security Class have experience several learning opportunities. We spent considerable time reviewing past courses and assignments in preparation for developing a process model and creating a system analysis for a real or fictional cyber security network. Developing the process model required us to formalize a means of diagraming how to determine a threat and to repeat the process for emerging or newly identified issues. The systems analysis required us to identify the “as-is-state” of the cyber security system used in the process model to develop a network diagram, identify physical description of the facilities, documentation of the policies, standards, and procedures required from the case study. In addition, we have investigated several trends associated with cyber security. Specifically, we looked at how these trends have impacted the security of computer systems and what is needed to protect these systems. Expansion of cloud computing has introduced new vulnerabilities and threats into the world of computing. Cloud computing has added a third dimension to the, heretofore relatively planar concept of computing. In the past computing was limited to one person to one computer, then progressed to the networks, wired and wireless. The next step of the progression, of course, is to add a third dimension, whereby, multiple devices are connected to a single or multiple individuals – cloud computing. With each step of progression, the security needs are increase exponentially. For example, the posting indicates that there may be a conflict of interest introduced into the security model for cloud computing. The enterprise must be aware of potential conflicts of interest and/or ensure appropriate agreements are in place to prevent and eliminate such conflicts. The cyber security job market is exploding. The need for trained, certified and qualified personnel to fill these jobs is not being met fast enough. The news media is replete with stories about the hot job market in cyber security. The rate of online attacks against companies and government agencies is causing the cyber security job market to grow at 3.5 times the pace of the overall IT job market. This rate of growth is 12 times the overall job market making it the most highly-sought after fields in the country. The threats from cyber attacks are coming from within the US and from abroad also. This is disconcerting to many and the need for cyber security specialists is ever expanding. It seems that everything is under attack, including all manner of infrastructure. The demand for cyber security experts grew 73% during the five years from 2007 through 2012. Compensation for cyber security experts, including engineers, analysts, managers, architects and others is averaging over $101,000/annum, whereas, the average IT job is only paying $89,000. If one does not already have a job in this area but they have the education and experience, gaining employment should be rather easy. Another trend in the industry is the Bring Your Own Device or BYOD, whereby, corporations are replacing their owned devices for those their employees own. Mobile devices and their apps are becoming ingrained into the business culture, and their complexity is growing with their popularity. This includes the operating systems, security, and ownership. They are being integrated into the daily business processes and operations of organizations, improving productivity and becoming a critical, yet complex, component of the computing environment. Mobile devices and their apps are becoming more powerful than their counterpart personal computers. As with any new and very popular technology, there are those out there who will find a way to outsmart the unprotected smart devices giving them access to even more valuable backend data such as bank accounts, corporate (organizational) intellectual property and personal health information. The industry has seen a significant uptick in mobile malware according to a report by Juniper Networks. Something I hadn’t considered was the need for cyber security insurance. Of course it stands to reason that if there is money to be made, the insurance industry would find a way to do so. The Ponemon Institute conducts independent research on privacy, data protection and information security policy. Its mission is to assist private and public enterprises in understanding the trends in practices, perceptions and potential threats that will affect the collection, management and safeguarding of personal and confidential information about individuals and organizations. The Ponemon Institute research educates these enterprises organizations on how to better protect their data, and in doing so, help with their brand and reputation as a trusted enterprise. As part of its research, the Ponemon Institute estimates organizations were hit by $5.4 million in costs per data breach in 2013. This is an increase of 26% from the year before. According to the Ponemon Institute, enterprises are opting automatically to purchase cyber insurance. The study also determined that approximately 40% of their study subjects have the insurance, whereas, and other 40% are planning on purchasing such insurance. The trend here is for company’s that are more regulated are more likely to purchase cyber insurance. Also, larger, more sophisticated companies are more likely to purchase the insurance. They are most likely able to afford it, can spread the costs more easily, and have much more to lose in reputation. Retailers are especially slow, however, this trend is, too, picking up. Universities, who are subject to a large trend in breeches, are also slow to purchase insurance. However, they are not as regulated as most and they are considered as an institution (of higher learning) and not as a business, which in fact they are. Many businesses use satellite communications to upload and download information and data. This includes, for example, Walmart Stores, which use both the telephone system (T1 lines) to download information and satellites services to upload. (Note: the power to send information to a satellite is prohibitive for a single store, but the corporate headquarters can provide (afford) the necessary power/service to hundreds of its stores.) The principal threats associated with satellite transmissions are similar to those of the wired/wireless cyber networks. However, satellite communications provide other avenues of disruption. One of the greatest weaknesses of the satellite system is its GPS control system. Here, spoofing is the biggest vulnerability. GPS spoofing can be used to hijack a drone or a vessel. The good news pertaining to satellite hacking is that it takes expensive and specialized equipment. Your normal teenager hacker is not likely to conduct such operations, but certainly, governments, like the US and Russia, have the technology and resources to conduct such an evolution.