Fluent Essays

6.1 Assignment: Devotional 1. Review the material in the Getting Started section, including the specific Bible passage. 2. Be sure to address to the following prompts in your paper: a. How might this verse impact your work as an IT professional? b. How would you apply the principles of this verse to your personal life as well as professional? 3. Your paper should be at least 250 words in length. 6.2 Discussion: Textbook Reading Resources · Textbook: Principles of Computer Security: CompTIA Security and Beyond Instructions 1. Read Chapters 22–25 in your textbook. 2. Using the discussion link below, respond to the following questions: a. What was the most useful takeaway for you from this workshop’s reading? b. What concept from the reading is the most applicable to you now in your profession, and how might you implement it? 6.3 Discussion: Responses to Security Breaches 1. Read Chapters 22–25 in your textbook. 2. Using the discussion link below, respond to the following prompts and questions: a. What types of security incidents are possible within an information systems infrastructure? Select one such incident and detail how you would respond to the incident. b. Describe key concepts in computer forensics. What important practices should be followed when gathering forensics data? c. Categorize the most important concepts related to legal, ethical, and privacy issues in the field of computer security. How would you go about implementing compliance to the policies to protect your organization? 3. Your initial post should be at least 300 words and supported with at least three references. 6.4 Assignment: Final Paper (Phase 4 of Final Project) 1. Phase 4 of the Final Project is a proposal to provide a comprehensive security plan for your organization. 2. As the final step of this proposal, you will prepare a comprehensive Security Awareness and business continuity plan (taking what you did in Assignment 5.3 and expanding upon the summary) that will be used throughout the organization. The plan should address awareness from the perspective of employee expectations. The business continuity plan should address the requirements needed to recover from potential disasters, whether through natural causes (weather, fire, etc.) or a security breach. The paper should be outlined as follows: a. Executive Summary/Introduction b. Threat Analysis (Assignment 2.4) c. Mitigation Strategies (Assignment 4.4) d. Business Continuity Plan (Assignment 5.3 was an overview) e. Security Awareness Program Plan/Overview f. Conclusion 3. Provide transitions between these six sections. The total length of the paper should be 15–20 pages. You may use graphics or other features within your paper; however, these do not count toward the 15–20 page total. 4. Make sure the paper is double-spaced and in  APA format. The paper should have a minimum of five references, which should be cited correctly within the paper as well as on the Reference page using APA format. Business Continuity Plan The Concepts and Practices of Designing and Implementing a Business Continuity and Disaster Recovery Plan A Business continuity refers to a plan of action that assures that normal operations continue even in the event of a calamity. A disaster recovery plan, on the other hand, is a subset of ongoing business planning that entails the restoration of critical support systems. Communications, hardware, and IT assets are among the systems (Conklin et al, 2018). When building and implementing a business continuity and disaster recovery plan, goals that strive to minimize downtime as well as a focus on returning technical operations to normal in the shortest amount of time are important considerations. The strategy lays out the steps that colleagues must follow to ensure that normal business operations continue. A business impact study, which estimates the impact of a business function interruption, and data gathering, which is essential to establish recovery plans, are among the plan's priorities (Han et al, 2020). Lost sales and income, higher expenses, client retention, regulatory fines, and contractual penalties are all factors considered. Following the study, the plan will concentrate on data backup and recovery. The plan outlines pre-planned activities and business processes that will negatively influence the company, as well as the measures required to offset the damage. Testing a Disaster Recovery Plan Good contingency planning necessitates continuous testing and evaluation of the strategy. Because of the nature of data processing, equipment, programs, and documentation must be updated on a regular basis. It's critical to think of the plan as a living document because of these efforts. A checklist of things for testing a disaster recovery strategy is supplied. When conducting a recovery test, the following are considered (Han et al, 2020): 1. The test's purpose and the components of the plan that are being reviewed. 2. The test's objectives and how to determine whether they were met. 3. Meet with management to discuss the test and goals to secure their approval and support. 4. The test should be announced by management, along with the projected completion time. 5. At the end of the test time, the findings were collected. 6. Assessing the outcome to determine whether the recovery was effective 7. Consider the implications of the test results. Does a successful recovery in a basic case imply that all critical jobs will be restored within the allowed outage time? 8. Make change suggestions by calling for responses by a given date 9. Notify on areas of results including users and auditors 10. Change the disaster recovery plan if necessary. The disaster recovery plan should also specify the areas that will be tested to ensure its success. Individual application system recovery using off-site files and documents, reloading of system save media, processing capabilities of different machines, management's capacity to establish system priority, and ability to recover and process successfully without key personnel are among the areas covered. Other areas tested include the effectiveness of security measures and security bypass procedures during the recovery period, the plan's ability to clarify areas of responsibility and chain of command, the ability to complete emergency evacuation, and the ability of users of real-time systems to cope with temporary loss of online information. Risk management plan A risk management provides insight n ongoing activity that will continue throughout the life of the project and the process should include risk identification, risk assessment, plans for newly identified risks, trigger conditions and contingency plans as well as reports of risks on a regular basis. The management plan has four essential components: risk identification, risk assessment and measurement, risk mitigation, risk reporting and monitoring, and risk governance. Impact of Change Management Plan on the Overall Risk Strategy Effective change management assists firms in avoiding the additional and excessive expenditures generated when the people side of change is not appropriately managed by the administration. The purpose of risk management is to recognize potential problems before they occur, so that risk-management measures can be planned and implemented as needed throughout the product or project's life cycle to minimize negative consequences on goal achievement. To be effective, the change management process must consider how a change or replacement will impact the organization's processes, systems, and employees. One of the most common change risks is that the change program may face strong opposition from end users, impacted groups, and even managers. The management plan considers degrees of resistance, awareness, or desire to support change, stakeholder commitment, leadership support, budgeting, uncertainty, a strategic communication plan, and organized governance. As a result, the plan has an impact on the best methods of risk identification, and the analysis recognizes the severity and extent of the impact on groups, processes, and tools. The more the consequences, the greater the dangers to the change management program (Altamony et al, 2016). Therefore, the management plan influences development of a pram leadership with an understanding of the implementation risk for the program hence overall risk strategy development. Concepts included in a security plan for the Development of secure software A secure program is composed of the same fundamental building parts, which comprise concept and planning, architecture and design, implementation, testing, and bug fixing, release and maintenance, and end of life. The concept and planning stage's purpose is to define and evaluate the application concept. This process includes developing a project plan, writing project specifications, and allocating human resources. SDL discovery, security needs, and security awareness training are among the approaches (Fujdiak et al, 2019). The goal of the architectural and design stages is to create a product that fits the requirements. This process includes modeling the application's structure and usage scenarios, as well as selecting third-party components to aid speed up development. Writing the application code, debugging, and creating stable builds appropriate for testing are all part of the implementation stage. Testing and bug fixing entails detecting and correcting application faults, as well as conducting automated and manual tests, identifying problems, and resolving them. New versions and patches are made available during the release and maintenance process. When a piece of software reaches its "end of life," the developer no longer supports it. Specific end-of-life laws may apply to applications that store sensitive data. (Fujdiak et.al, 2019) References Altamony, H., Al-Salti, Z., Gharaibeh, A., & Elyas, T. (2016). The relationship between change management strategy and successful enterprise resource planning (ERP) implementations: A theoretical perspective. International Journal of Business Management and Economic Research, 7(4), 690-703. Conklin, W. A., White, G., Cothren, C., Davis, R. L., & Williams, D. (2018). Principles of computer security: CompTIA Security+ and beyond (5th ed.). McGraw Hill Professional. Fujdiak, R., Mlynek, P., Mrnustik, P., Barabas, M., Blazek, P., Borcik, F., & Misurec, J. (2019, June). Managing the secure software development. In 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS) (pp. 1-4). IEEE. Han, W., Xue, J., Zhang, F., & Sun, Z. (2020, October). An Effective Remote Data Disaster Recovery Plan for the Space TT&C System. In International Conference on Machine Learning for Cyber Security (pp. 31-41). Springer, Cham. Threat Analysis (Phase 1 of Final Project) Executive Summary Information security research aims to tackle technical issues with information systems and, more significantly, to increase the effectiveness of information security. There have been numerous trials to address individuals who utilize the organization's computer systems because they are the ones who cause the information system's various vulnerabilities. The threats that end-users bring to the security of American International Group's plans are examined and addressed in this study. Human factors have been discovered to be the most significant threat to security, despite the introduction of technology solutions to address system weaknesses. Introduction Information security can be defined as safeguarding an organization's information and data in terms of confidentiality, integrity, and access. It's worth noting that, no matter how many technical safeguards are in place, organizations will continue to have security breaches. This is because information security is both a technological and a human issue. Employees have been the primary source of these insecurities since they fail to follow the information security policies in place. Individual hackers aiming to create a name for themselves by employing visible and visible exploits that are impossible to miss have given way to the structured and financially motivated attacker who employs stealthy ways to avoid discovery while slowly taking data from organizations for profit. Information warfare, cyber terrorism, organized crime, and sophisticated insider attacks are just a few of the risks that are becoming more prevalent (Johnson, & Easttom, 2020). Information technology threats include natural calamities, infrastructure failures, internal abuse, accidents, external targeted attacks, and external mass attacks. Although it is normal for a security professional to assume that threats would come from malicious attackers, organizations must also consider the possibility of human mistake or accidents leading to security breaches. As dangerous as a well-organized hacking gang can be, most security teams spend significantly more time dealing with manual errors that occur in routine operations or other staff mishaps that can inflict just as much damage to the company by accident (Conklin et al., 2018). In general, each danger type will have a different chance of occuring. Many businesses, for example, are grappling with more regular and well-publicized mass attacks such as generic infections and phishing scams. For many years, information security specialists and those from other media outlets have tried to understand the trends in data breaches. The trends in data breaches have been tracked and displayed, according to Statista (Morana & UcedaVelez, 2021). The records indicate the branches since 2005, with an upward trend in branches (Benson, McAlaney & Frumkin, 2019). For example, 157 data breaches were reported in 2005, exposing 66.9 million people. Seven hundred eighty-three breaches were reported in 2014, resulting in the exposure of 85.61 million records. As the years pass, the number of breaches appears to be increasing. As of 2020, the number of breaches has been 1001 million, with 15.8 million people exposed. Annual Number of Data Breaches and Exposed Records in the United States from 2005 to 2020 (in millions: Source: https://www.statista.com/statistics/273550/data-breaches-recorded-in-the-united-states-by-number-of-breaches-and-records-exposed/ It is clear from above figure that trend is not continuing to rise. However, the number of breaches documented in 2009 was 498, a decrease from the total records of 656 in 2008. Following that, the number of breaches increased dramatically, from 35.7 million in 2008 to 225.5 million in 2009. Such numbers indicate that, despite a few breaches, individual breaches have been on the rise, resulting in a higher number of file exposures per single breach documented. However, the number declined in 2017 rose again from 2018 to 2019. The numbers recorded since 2019 to 202o reduced significantly from 1257 million breaches to 1001 in 2020. Notably, between 2010 and 2011, there was a significant decrease in the number of data breaches. Six hundred and sixty-two data breaches were recorded in 2010, and four hundred and nineteen in 2011. The frequency of breaches reported has been steadily increasing since 2011. Six hundred and fourteen violations were reported in 2013, and seven hundred and eighty-three in 2014. In 2016, there were 1,093 breaches, and in 2017, there were 1,579. Information System Vulnerabilities Human factors are significant information system vulnerabilities, which include both purposeful and inadvertent acts that might lead to a security breach. Clicking on links from unknown senders, for example, provides a security risk to systems because such links typically contain malware and spyware that will take control of the system once accessed (Johnson & Easttom, 2020). It is important to remember that these unverified links compromise security since phishing attackers use social engineers to persuade individuals to disclose their information and that of others. The security risk of information systems is further increased by the lack of strong passwords, or rather the usage of incorrect passwords that are too obvious. It may be deduced that actions that could jeopardize passwords include using passwords that are easily guessed by attackers, which poses a significant threat to information system security (Johnson & Easttom, 2020). To ensure that passwords are effective, best practices include choosing unique and long passwords that are difficult for attackers and cybercriminals to guess. Another information system flaw is leaving computers turned on and unattended. Unauthorized personnel may take advantage of this and move sensitive data to their storage devices for their own nefarious purposes (Johnson & Easttom, 2020). To avoid this, people should make sure that their computers are constantly turned off when not in use to prevent unwanted access. There should also be systems is designed to guarantee that any attempted logins that exceed three are locked until the security administrator determines whether unauthorized persons attempted to access data. Conclusion To summarize, critical information system vulnerabilities can be described as human factors, which include both purposeful and unintentional acts that lead to a security compromise. The security risk of information systems is further increased by the lack of strong passwords, or rather the usage of incorrect passwords that are too obvious. It may be deduced that actions that could compromise passwords include using passwords that are easily guessed by attackers, which poses a significant threat to information system security. Another weakness in the information system is leaving computers on and unattended. Unauthorized individuals may take advantage of this chance to move sensitive data to their storage devices for their nefarious purposes. References Benson, V., McAlaney, J., & Frumkin, L. A. (2019). Emerging threats for the human element and countermeasures in the current cyber security landscape. In Cyber Law, Privacy, and Security: Concepts, Methodologies, Tools, and Applications (pp. 1264-1269). IGI Global. Conklin, W. A., White, G., Cothren, C., Davis, R. L., & Williams, D. (2018). Principles of computer security: CompTIA Security+ and beyond (5th ed.). McGraw Hill Professional. Johnson, R., & Easttom, C. (2020). Security policies and implementation issues. Jones & Bartlett Learning. Morana, M. M., & UcedaVelez, T. (2015). Risk centric threat modeling: Process for attack simulation and threat analysis. John Wiley & Sons. Mitigation Strategy (Phase 2 of Final Project) Abstract Data is unquestionably becoming an organization's most important asset in the modern internet era. As a result, the data is recorded and saved in the cloud for later processing and decision-making. To accomplish this, data warehousing, in conjunction with machine learning strategies, enables enterprises to make use of their data and forecast the future of their businesses. However, the internet has also resulted in data breaches and security attacks, resulting in business losses (Conklin et al., 2018). In this context, businesses should implement mitigation strategies that will aid in the avoidance of such hazards and, more crucially, the reduction of their effects. Breach Handling Procedure It is critical to develop a breach handling procedure before an organization implements mitigation methods for potential risks. Breach handling procedure is a series of measures for ensuring that any suspected breach is detected, and the appropriate course of action is done before the cyber criminals carry out the breach. Breach Detection According to the flowchart above, a breach sensor data is installed in the organization's network system to identify any data breach incidents. If a breach is discovered, the owner is alerted so that a corrective action can be taken. If there is a reason to whitelist, the owner can do so. It is quarantined if there is no whitelisting. If a whitelist exists, confinement should be implemented, and data should be given the option of being restricted or not. The restriction will necessitate the use of Critical Incident Response (CIR) (Thomas & Galligher, 2018). Critical Incident Response is also established if the breach is critical. Otherwise, it is restored and recovered. Breach Handling Procedure The CIR is triggered if the data breach is determined to be critical or if restricted data has been compromised, as shown in the diagram above. The information provided by the first respondent aids in determining whether the impacted hardware should be confiscated or not, preventing further access to the system. The inquiry has been launched in order to determine what may have caused the data breach, so that when it comes to devising mitigation methods, the business would consider all variables (Thomas & Galligher, 2018). It's worth emphasizing that the management team should be informed of all of this, and a report of each step should be created to ensure that the correct procedures are documented for future use and advancement. Security Mitigation Strategy American International Group can adopt a variety of mitigation techniques, including always keeping software up to current. To accomplish this, the company must verify that their systems have the most recent security and operational patches from reputable providers. As a result, the susceptibility of systems will be reduced (Cormier & Ng, 2020). The current software includes built-in security detection technologies that aid in the detection of any types of ransomwares commonly utilized by cybercriminals. Additionally, an organization should verify that anti-virus software is installed on all its computer systems. Anti-virus software that was kept up to date provided excellent protection for the computer systems while also ensuring that any security flaws in the organization's system were addressed. Most importantly, using antivirus will ensure that your machine is safe from any virus breakouts (Cormier & Ng, 2020). This is because any virus signature discovered will be intercepted and quarantined, stopping it from propagating to other computers. Consequently, businesses should make sure that any data they consider vital is backed up. It is vital to highlight that there is a broader flexibility for the business in terms of mitigation procedures that should be put in place to help mitigate cybersecurity risk and secure the most sensitive and secret information (Dooley & Rooney, 2017). Putting these safeguards in place aids in the creation of backup data, which allows a company to continue operations even if its computer systems are disrupted by a disaster. Investing in security through employee training is another excellent way for a firm to mitigate security threats. Since the staff is the one that always has significant amount of time to the access to data, instructing them on safety precautions is critical. Employees should be taught on information ethics and what to do in computer systems to keep the systems safe from hackers. Employees, for example, should be taught about various forms of attacks, such as phishing, spyware, and others, to ensure that they are not targeted. Most significantly, multi-factor authentication is the greatest mitigating mechanism that should be deployed. These include adopting two-factor authentication or multiple authentication factors, which is a very powerful tool for mitigating cyber dangers. Personal access to the system is granted after using the password and any other form of authentication accessible with two-factor authentication. In this sense, no one will be able to access the system without successful authentication (Dooley & Rooney, 2017). This deters potential hackers because the process is difficult and ensures the security of the organization's data. Conclusion It may be inferred that one of American International Group's multiple mitigation techniques is to always maintain its software up to current. To accomplish this, the company must verify that their systems have the most recent security and operational patches from reputable providers. As a result, the susceptibility of systems will be reduced. Additionally, an organization should verify that anti-virus software is installed on all its computer systems. Anti-virus software that was kept up to date provided excellent protection for the computer systems while also ensuring that any security flaws in the organization's system were addressed. As a result, businesses should make sure that any data they consider vital is backed up. It is vital to highlight that there is a broader flexibility for the business in terms of mitigation procedures that should be put in place to help mitigate cybersecurity risk and secure the most sensitive and secret information. References Conklin, W. A., White, G., Cothren, C., Davis, R. L., & Williams, D. (2018). Principles of computer security: CompTIA Security+ and beyond (5th ed.). McGraw Hill Professional. Cormier, A., & Ng, C. (2020). Integrating cybersecurity in hazard and risk analyses. Journal of Loss Prevention in the Process Industries, 64, 104044. Dooley, M., & Rooney, T. (2017). DNS Security Management. John Wiley & Sons. Thomas, J., & Galligher, G. (2018). Improving backup system evaluations in information security risk assessments to combat ransomware. Computer and Information Science, 11(1).