Great Deal! Get Instant $10 FREE in Account on First Order + 10% Cashback on Every Order Order Now

Assessment type: Written Individual assignment (2,000 words). Purpose: The purpose of this assessment is to demonstrate student awareness of current industry and research trends in the field of...

1 answer below »
Assessment type: Written Individual assignment (2,000 words).
Purpose: The purpose of this assessment is to demonstrate student awareness of cu
ent industry and research trends in the field of information security. Analyse and evaluate the organizational adoption of security controls. Design solutions for concrete security problems for distributed applications This assessment contributes to learning outcomes c, d.
Value: 30%
Submission requirements details: All work must be submitted on Moodle by the due date. Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using Harvard Anglia referencing style.
Assessment topic: Security Plan and Training Program
Task Details: This assignment requires you to design a security plan based on a given case study. The learning outcomes of this assignment are to recognize the threats that exist in your cu
ent or future work place. Through your research, identify the threats, outline security guidelines and develop a robust and pragmatic training programme. You should develop a plan that you would regard as helpful to you, the information user, as well as protecting your organization’s information environment. Use your imagination in combination with a wide-range of material.
You are required to complete and submit a security plan based on the following scenario:
The assignment submission needs to satisfy two requirements:
Case Study Scenario: You are the recently appointed head of a security team responsible for protecting the information holdings of Innovations IT which is a consulting agency for IT based technologies comprising of 1500 staffs. The organization locates in the central business district of the city. The security team is responsible for administering the security of information from deliberate and accidental threats. The recent information security management team found that the security has not been properly addressed in some key areas such as incident response, disaster recovery, business continuity, social engineering attacks and lack of personnel awareness of the various threats to information, and poor password security. The above issues identified needed urgent remedy. Technical systems were found to be reasonably effective in maintaining database and document management security, and were well serviced by the IT team. As the head of the team, it becomes your responsibility to ask your team to analyze the possible threats and provide a report on the detailed security countermeasures for all the possible threats.
As a part of the security analysis, the tasks of the team are to:
a) Identify and describe the organizational holdings (assets) at risk
) Identify and describe the potential security threats to the organization
c) Design the necessary security counter-measures to manage and address the threats
d) Develop a comprehensive information security training and awareness program for the users of the
organization belonging to the different levels of the organizational hierarchy .
cs-assignment-smvqc2ux.docx
Answered Same Day Jun 04, 2021

Solution

Deepti answered on Jun 05 2021
153 Votes
Executive Summary
This report focuses on outlining an IT Security Plan for the target organization Innovations IT. The report first elaborates the assets of the target organization which may be prone to security threats. Secondly, it enlists the risks that the IT infrastructure of the organization may face. Thirdly, the security countermeasures are outlined in order to protect the IT assets and critical information. The training section further explains the best practices that the employees should follow to prevent any incident. The employees are trained and made aware about these practices and repercussions of lack of awareness r alertness in following those practices. Finally, the report discusses the security policies which Innovations IT should incorporate in order to remain fully prepared against any incident related to its IT assets, network or data.
Contents
Executive Summary    1
Introduction    1
Security Plan    1
Security countermeasures    2
Training    4
Security Policy    5
Conclusion    5
References    6
Introduction
This report is a security plan outlined specifically for the target organization Innovations IT. It offers consulting services for IT based technologies used by its clients.
IT Security is a group of cybersecurity strategies which prevent unauthorized access to organizational assets like information, network, computers. The confidentiality and integrity of sensitive information is maintained by a robust security plan blocking unwanted access to the organization’s IT assets. The threats to IT security come in various forms like ransomware, virus, natural disasters, etc. which impact or infect IT assets. Therefore, it is important to have an IT Security Plan in place with reliable security practices and policies. Different types of IT security include network security, internet security, cloud security and application security.
A robust security plan is needed to protect the digital assets of the organization and its network devices. Although IT security implementation involves high expense, a significant security
each costs much more to the organization in terms of data theft and disruption of business operations.
Security Plan
A security Plan for the target organization is required to identify the types of threats which may affect the business, the assets that may be at risk and the solution to secure the IT systems of the organization. Electronic information can be secured digitally and physically from intruders both where it is stored and during movement through the network. Owing to the size of the target organization Innovations IT, the risks, threats and attacks against which the organization should attain security are
· Physical Threats: The IT infrastructure is prone to threats resulting from accessing it physically or damage caused to the organization’s resources. These comprise of unauthorized access to sensitive information by insiders as well as outsiders, damage from natural disasters like flood or fire, network failure. Budgetary constraints can be considered as an IT infrastructural threat.
· Electronic Threats: These threats may compromise crucial information of Innovations IT through criminal activity. These include cyberattacks in the form of malware, mobile threats, threats to online payments, human e
ors.
The target organization has established an effective database and document management security plan which are maintained suitably by the IT team. Therefore, the technical risks like computer crash or complete component failure would be managed.
The risks may be identified into the list given below which would help the organization to create a security plan for strengthening its defenses against cyber attackers and their unfavorable practices.
· Lack of cybersecurity measures against external and internal vulnerabilities.
· Failure to understand the organization’s vulnerability towards attacks, assessment for critical assets and profile of potential attackers. The various threat vectors include data loss, social engineering attacks, DoS attack, cyber threats, compliance and regulatory incidents, domain-based threats, impersonation, etc.
· Cybersecurity standards not in place for the organization. The organization lacks cybersecurity governance, policies, procedures and risks are not identified.
· Lack of clear differentiation between cybersecurity and compliance.
· Privilege abuse may be...
SOLUTION.PDF
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here
Attach File