Last week, you received indications of anomalous behavior in the network. The behavior could have an...

Question

Last week, you received indications of anomalous behavior in the network. The behavior could have an innocent explanation, or it could be the symptom of a security breach. You, as CIO, must narrow the possibilities and possibly start an incident response. Two conflicting risks make this difficult: there is a lack of information about what has happened and a lack of time to get more details.

In response to your request last week, you receive some operations reports from your staff. They may not be exactly that for which you had hoped. After all, the IT staff is under time pressure, too. It is time for you to make some decisions based on the information you have.

The initial response to a security incident often is to “stop the bleeding,” that is, to shut off any continuing unauthorized access to your organization’s assets. This is true even if the incident was not detected for weeks or months. Recall that your role as CIO requires more than technical leadership. You also are responsible for communications, both internal and external, and coordination of compliance actions. The longer and more severe the problem, the more difficult your job can be. In a real crisis, you likely would face some long days with little sleep.

To prepare for this Assignment, analyze the reports you received. Look for evidence that confirms or rejects each of your hypotheses. For any hypothesis you cannot reject, review and refine your qualitative risk analysis from last week. There could be more than one problem in the network. Review this week’s resources to understand reporting and other compliance requirements that affect your organization. These responsibilities can vary based on the location, type of business, and type and amount of information disclosed. Search the Walden University Library and web for specific guidance on what types of communication are necessary, appropriate, and for which stakeholders.

In a real organization, you would be under extreme time pressure to make technical, compliance, and communication progress. To allow time for you to reflect and obtain feedback, your work on this Assignment is due in
Week 5. Please start your incident analysis and response planning immediately.

As you work through this Assignment, keep a record of your analyses and actions in your logbook. This information allows your Instructor to assess not only the results you achieve, but also the way you approach the problem. Explain your conclusions of how the reported information disproves, or is inconclusive, about each hypothesis. What other possibilities might the data suggest? Summarize the consequences of all the hypotheses that you cannot reject.

Given your conclusions, note in your logbook what can be done immediately to stop further compromises. Indicate how you would have your staff make these things happen.

The company must take various actions to comply with applicable laws and regulations. Note these requirements and the deadlines in your logbook.

Finally, assess how public awareness of the problem may affect the organization’s reputation and business. Outline the communications that should be initiated to each of the stakeholders.

Once you have completed your general plan for managing the crisis, begin working on specifics. You do not have to complete all of these components this week.

Analyze what must be done to identify and close the vulnerabilities so that this situation does not recur. Evaluate the security gaps and their risks to the organization and outline a plan to close the most significant ones. Does your plan require buy-in from the CEO or other stakeholders? Why? Will you need to divert resources from other initiatives or acquire additional resources? If so, outline how to make these things happen.

Create memos to anyone responsible for compliance actions and provide all of the information they need to act. It is a good practice to draft the documents they must submit and include them with your memos.

Notify anyone who should be making an internal or external communication regarding the situation. Draft the memo, press release, or other statement you would like them to deliver.

Turn your plans into stakeholder meetings and directions to your staff (simulated in your logbook) to accomplish the tasks.

005_vdgajo-xiorehhn.pdf

Robert · Accepted Answer

Running Header: IT Security Plan  1
IT Security Plan 
Submitted by 
Course 
Professor 
Date
IT Security Plan  2
Introduction 
With the innovation in technology, the data has turned into the important resource in 
numerous associations. The protection of data from hackers is so challenging. The current report 
has demonstrated that, the security breach of data has been stored into ICT resources (e.g. 
frameworks which acknowledge, process and store information) is very difficult. (Mbowe, J., E., 
Zlotnikova, I., 2014). Data security is divided into various categories that mainly covers all parts 
of ensuring the integrity of a system or the entire network of an organization. By looking at its 
most liberal translation, information security includes to protect a system from any type of threat 
like external threat, internal (it includes main staff of an organization) or it may be hardware or 
software threat. (Tiwary, D., K., 2011).  
 This paper describes a novel approach for assessing data security controls in order to help 
managers and opting the best in the given resources. This proposed method utilizes Desirability 
Functions to evaluate the attractive quality of each data security control by considering its 
advantages as well as limitations that are related with actualizing the control. This method 
provides the Management with the value that is illustrative of the quality of every data security 
control in light of authoritative objectives. By having contextual investigation, the approach is 
demonstrated to be effective in giving the method to measure the quality of data security controls 
for particular associations. (Otero, A., R., Otero, C., E., 2010). 
Security Weakness 
The network vulnerability is the imperfection or shortcoming in the outline or usage of the data 
framework (counting the security methods and security controls connected with the framework) 
that could be deliberately or unexpectedly abused to unfavorably influence an association's 
IT Security Plan  3
operations or resources through lost classification, respectability or accessibility at first glance. 
The network vulnerability represents a potential avenue for assault or security break against the 
framework. This can incorporate things like infections, disclosing password on mouse pads, 
inaccurately arranged frameworks etc. This kind of indecencies expand the danger to the 
network, however there is a more extensive connection to this idea than have been expressed 
above and inside of the security group. (Awodele, O., Onuiri, E., E., 2012). 
Security Awareness Program 
The main risk to the information security in the given scenario is lack of awareness in the 
employees. Sometimes, employees are the responsible for the actions by which security incidents 
can happen. Eg: divulgence of data that could be utilized as a part of a social designing attack, 
unusual activities are not reported and to access the data which is very sensitive for which users 
are unauthorized to access etc. This becomes consequently fundamental that the organization 
must have a security awareness program set up to guarantee workers get aware of the 
significance of ensuring any type of sensitive data, what they ought to do to handle data safely, 
and what are the risks of misusing data. The understanding of employees for authoritative and 
individual outcomes of misusing sensitive data is critical to an organization.  
The security awareness program need to be directed as an ongoing program which guarantee that 
the information and training is not simply delivered as a yearly movement, rather it is utilized to 
keep up an abnormal state of security awareness program. As a CIO, I have to make sure that 
staff is enough aware of the significance of the importance of data security. (Security Awareness 
Program Special Interest Group PCI Security Standards Council, 2014).
IT Security Plan  4
Securing Data in the Cloud 
The protected framework guarantees as well as develop confidence that the information which is 
stored is secure in suppliers' side. Appropriate execution of security efforts is obligatory in 
distributed computing. The way that application is propelled over the web makes it powerless for 
any type of risk with regards to security. Cloud suppliers are supposed to make efforts regarding 
security beyond their expectation. Physical area of stored information is additionally imperative 
and it's the duty of the supplier to pick the correct location of saving data. Confined client access 
can be from simple user password to CAPTCHA log in details.

Last week, you received indications of anomalous behavior in the network. The behavior could have an innocent explanation, or it could be the symptom of a security breach. You, as CIO, must narrow the...

Answer To: Last week, you received indications of anomalous behavior in the network. The behavior could have an...

Answer To This Question Is Available To Download

Related Questions & Answers

Submit New Assignment