The Security Manager For One Of The Largest Financial Organizations

Despite the presence of network security devices such as firewalls and other security appliances, today's corporate networks are still vulnerable to both internal and external attacks by hackers intent on creating havoc. By proactively

Sadly, there is no way to alleviate the numerous amounts of threats that haunt networks and computers worldwide. The foundation and framework for choosing and implementing countermeasures against them are very important. A written policy is vital in helping to insure that everyone within the organization understands and behaves in an appropriate manner with regards to the fact that sensitive data and the security of software should be kept safe.

IS355_BestW5Assignment Lab #6 – Report file Developing a Risk – Mitigation Plan Outline for an IT Infrastructure Course Name and Number: Risk Management IS355 Student Name: Sherry Best Instructor Name: Nicole Goodyear Lab Due Date: 2/13/2018 Risks, Threats, and Vulnerabilities Primary Domain Impacted Risk Impact/ Factor Unauthorized access from public Internet Remote Access Domain 1 User destroys data in application and deletes all files Systems/Application Domain 3

During this course there have been a number of key learning points that would help every organization protect itself from a cyber-event. These include password management, patch management, security policies, encryption, and user training. In each of the cyber security breaches one or more of these standard security protocols were not used.

As such, our company’s people resources pose the greatest risk for security breach. Our way to help mitigate risk in this area is to keep communication lines open in this area and to continually mandate security knowledge training, with mandatory updates on a regular basis. When the employees are informed of company policy when facing a security matter, they are better equipped to act in the best or right way. In this way knowledge is power – or at least empowerment to act in the best interest of the company’s information security.

Risk management includes the “overall decision-making process of identifying threats and vulnerabilities and their potential impacts, determining the costs to mitigate such events, and deciding what actions are cost effective to take to control these risks” (Conklin et al, 2012, pg. 678). For the proper development of risk management techniques, every person at every level of the organization, especially those involved in the Information Security (IS) department “must be actively involved in the following activities:

Action shall be based on the approved incident response plan” (The Computer Technology Documentation Project, 2015).

The risks that face an organization are going to always be present. However, an incident response plan outlines procedures for handling security incidents that occur within the organization and for correcting and documenting the security issue in a timely manner. The incident response team is trained to effectively implement the incident response plan. By containing an attack, and limiting the amount of time that an attack is allowed to continue, further risks to the organization can be mitigated.

Abstract— In business, disasters can happen anytime if information security is compromised at some point. In most of the disaster caused by humans, small incidents happened before can be prevented with some careful planning. Proper incident response should be integral part of overall security policy and risk mitigation strategy. This paper provides steps forming and operating Incident Response Plan.

An organization’s BCP is that entity’s guide for continuing, or restarting, operations after an event that impedes those operations. Although a BCP in the past has typically focused on such events as fire, weather, or the loss of access to property in some way, these days they need to include issues related to cyber intrusions from in and out of the company. IT has even become a more critical item in BCPs because events negative affecting IT systems are more likely to occur to a business in any given year than other events (Zurcher, 2015). Developing a BCP requires an organizations’ management, and other concerned stakeholders, to deeply analyze their business. This analysis will inform the developing BCP through an understanding the company’s long and short term goals, as well as the inclusion of which designated resources to be included. In addition they can be aware off forecasted budget and anticipated issues or obstacles. All this information can be used to inform recommendations about the business’s testing, training, and recovery options.

incident). The main aim of incident response plan is to handle the situation in a way that limits

Blue Moon Financial (BMF) is a large financial services firm. Recently, its information security team has been working in an elevated status to protect BMF from a recent increase in network intrusions suffered by other financial services firms. Unfortunately, even though senior management recognizes the threats posed by cyber incidents, they have not provided the senior security analyst with a high enough budget to retain experienced information security technicians; as a result, the current security team is inexperienced. Additionally, an incident response plan has not been implemented, but is currently being developed.

Day in day out, security threat is on the increase, and the need to provide adequate security for every organizations becomes more important than ever before. Of course, no one expects security attacks, but due to the way things are happening in today’s world, having a qualified team of incident handling would be of great importance. Typically, incident handling process can mean the difference between total disaster and complete recovery. For easy understanding and to avoid complications, we have simplified this article to the extent that everyone can read and understand the content.

The security incident management policy of Blyth’s Books is quite comprehensive in the aspect of the detection and reporting of information security events. Detection and reporting of a security incident is vital for an organisation’s survival. If an organisation’s stakeholders and employees cannot detect when an incident has occurred or have detected one but cannot report owing to the fact that how and whom to report to is unknown, the remainder of the incident management procedure which is aimed at getting the organisation back on its feet information security wise cannot be put into process. No one can handle or respond to an incident they have no knowledge of. The security incident management policy of Blyth’s Books was pretty comprehensive in outlining what security incidents are and how they could be identified by those covered in the scope of the policy. A review of Norwegian organisations and institutions performed in 2005 where strategies for data security incidents were analysed demonstrated that statistics

Safety of information is the most valuable asset in any organization particular those who provide financial service to others. Threats can come from a variety of sources such as human threats, natural disasters and technical threats. By identifying the potential threats to the network, security measure can be taken to combat these threats, eliminate them or reduce the likelihood and impact if they should occur.