Conducting a Security Analysis Baseline for Organizational Protection
Added on 2023-07-24
17 Pages4323 Words178 Views
Running Head: RISK MANAGEMENT PLAN 1
Risk Management Plan
Student's Name
Institutional Affiliation
Date of Submission
Risk Management Plan
Student's Name
Institutional Affiliation
Date of Submission
RISK MANAGEMENT PLAN 2
Risk Management
Conducting A Security Analysis Baseline
Security Requirements and Goals
Baseline security is the bare minimum of what an organization needs to safeguard itself
from threats and vulnerabilities while performing effectively sufficiently. Adequate network
security demands a comprehensive approach and hence the need to understand the company's
security posture. The primary requirements for preliminary security baseline activity are its
ability to establish an appropriate level of security for all systems in the organization. Other
conditions that should be considered include device access, routing infrastructure, network
Telemetry, Network policy enforcement, and switching infrastructure. Unless these fundamental
security elements are addressed, additional security controls and features are useless. The goal
for preliminary security baseline activity includes promoting and strengthening the security of
the whole organization computing assets (Chaturvedi, 2020).
Types of Attacks
Organizations rely on the internet for communication, making them vulnerable to various
network attacks such as worms, viruses, Trojans, denial of service attacks, social engineering,
and session hijacking. Denial of service attack involves flooding the network, servers, or system
with traffic to bombard and overwhelm the system, network or server, denying a legitimate user
the right to access the web due to delays or crashes. Social engineering comprises elaborate
methods in deception and trickery approaches that win the user's trust through their inherent
curiosity to gain access to private and confidential information. Some of the impacts these
network attacks have on the system and organization, in general, comprise financial loss, evident
Risk Management
Conducting A Security Analysis Baseline
Security Requirements and Goals
Baseline security is the bare minimum of what an organization needs to safeguard itself
from threats and vulnerabilities while performing effectively sufficiently. Adequate network
security demands a comprehensive approach and hence the need to understand the company's
security posture. The primary requirements for preliminary security baseline activity are its
ability to establish an appropriate level of security for all systems in the organization. Other
conditions that should be considered include device access, routing infrastructure, network
Telemetry, Network policy enforcement, and switching infrastructure. Unless these fundamental
security elements are addressed, additional security controls and features are useless. The goal
for preliminary security baseline activity includes promoting and strengthening the security of
the whole organization computing assets (Chaturvedi, 2020).
Types of Attacks
Organizations rely on the internet for communication, making them vulnerable to various
network attacks such as worms, viruses, Trojans, denial of service attacks, social engineering,
and session hijacking. Denial of service attack involves flooding the network, servers, or system
with traffic to bombard and overwhelm the system, network or server, denying a legitimate user
the right to access the web due to delays or crashes. Social engineering comprises elaborate
methods in deception and trickery approaches that win the user's trust through their inherent
curiosity to gain access to private and confidential information. Some of the impacts these
network attacks have on the system and organization, in general, comprise financial loss, evident
RISK MANAGEMENT PLAN 3
in the cost of response and recovery, cost of investigation, lost revenue, legal and PR costs, and
reduced company valuation. Other impacts are attributed to loss of productivity, staff time lost
during the incident, and halting routine IT work. The organization suffers reputational damage as
stakeholders, and the public loses trust in the company (CISCO, 2021).
The Security Infrastructure and Posture
The security infrastructure posture constitutes components such as local area network,
metropolitan area network and vast area network. Such networks can have loopholes or
vulnerabilities that allow cybercriminals to attack the system or network. Some of the security
concerns in the current networks include physical networking issues such as outdated security
patches, failing to physically secure locking server in a rack closet, or securing entry point with a
turnstile. Misconfigured firewalls or operating systems is also a concern that allows default
policy to enable creating an attack point. Other issues include hidden backdoor programs,
automated scripts without virus checks, and unknown security bugs in software or programming
interfaces. The IT team can get a real-time understanding of its security posture by getting an
accurate IT asset inventory, mapping its attack surface and points, and understanding its cyber
risks effectively. Regular enterprise testing should conduce at least once every year to ensure
more consistent IT and network security management by discovering new threats and how
potential vulnerabilities can be exploited. Some techniques to test enterprise networks include
documentation, log, system configuration review, and network sniffing to discover
vulnerabilities. Target identification and analysis techniques identify systems, services, ports,
and potential loopholes and can be performed manually or using automated tools. Target
vulnerability validation techniques such as password cracking, penetration testing, social
in the cost of response and recovery, cost of investigation, lost revenue, legal and PR costs, and
reduced company valuation. Other impacts are attributed to loss of productivity, staff time lost
during the incident, and halting routine IT work. The organization suffers reputational damage as
stakeholders, and the public loses trust in the company (CISCO, 2021).
The Security Infrastructure and Posture
The security infrastructure posture constitutes components such as local area network,
metropolitan area network and vast area network. Such networks can have loopholes or
vulnerabilities that allow cybercriminals to attack the system or network. Some of the security
concerns in the current networks include physical networking issues such as outdated security
patches, failing to physically secure locking server in a rack closet, or securing entry point with a
turnstile. Misconfigured firewalls or operating systems is also a concern that allows default
policy to enable creating an attack point. Other issues include hidden backdoor programs,
automated scripts without virus checks, and unknown security bugs in software or programming
interfaces. The IT team can get a real-time understanding of its security posture by getting an
accurate IT asset inventory, mapping its attack surface and points, and understanding its cyber
risks effectively. Regular enterprise testing should conduce at least once every year to ensure
more consistent IT and network security management by discovering new threats and how
potential vulnerabilities can be exploited. Some techniques to test enterprise networks include
documentation, log, system configuration review, and network sniffing to discover
vulnerabilities. Target identification and analysis techniques identify systems, services, ports,
and potential loopholes and can be performed manually or using automated tools. Target
vulnerability validation techniques such as password cracking, penetration testing, social
RISK MANAGEMENT PLAN 4
engineering, and application security testing corroborate the existence of vulnerabilities (Lumen
Learning, 2021).
With the advance in attack techniques used by cybercriminals, the current workforce
lacks prerequisite skills to address such adversities and hence the need to increase awareness on
cybersecurity and the possibility of attacks. There is no evident professional development
framework to update employees with the required skills to keep abreast with the changing needs
of cybersecurity and sophisticated attack methods used by cybercriminals. The company can use
various ways to detect malicious codes, such as signature-based, which scans and assesses feeds
of suspicious files. Check-summing is a modification of signature analysis based on calculating
Cyclic Redundancy Check (CRC). Other techniques encompass statistical analysis, know
plaintext cryptanalysis, and reduced masks. However, bad actors use advanced methods such as
obfuscation which involves concealing information such as files to be downloaded and sites
visited. Analyzing the security infrastructure as evidenced will allow the company to understand
its current security posture and the risks of cyber threats and vulnerabilities (Lumen Learning,
2021).
There is also a need to examine the private and public access areas and web access points
to ascertain the possibility of network weaknesses and threats. The sites can be vulnerable to
system weaknesses such as user administrator loopholes, including insider threats, social
engineering, easily compromised passwords, the careless or uninformed users. Physical hazards
in such access points include eavesdropping using cameras and critical loggers and destruction of
property. At the network points, vulnerabilities comprise DNS redirects, authentication hotspots,
and sniffers. Misconfigurations on hardware components such as routers and switches include
attack surfaces such as HTTPTS and SNMP exposure, allowing attackers to launch password-
engineering, and application security testing corroborate the existence of vulnerabilities (Lumen
Learning, 2021).
With the advance in attack techniques used by cybercriminals, the current workforce
lacks prerequisite skills to address such adversities and hence the need to increase awareness on
cybersecurity and the possibility of attacks. There is no evident professional development
framework to update employees with the required skills to keep abreast with the changing needs
of cybersecurity and sophisticated attack methods used by cybercriminals. The company can use
various ways to detect malicious codes, such as signature-based, which scans and assesses feeds
of suspicious files. Check-summing is a modification of signature analysis based on calculating
Cyclic Redundancy Check (CRC). Other techniques encompass statistical analysis, know
plaintext cryptanalysis, and reduced masks. However, bad actors use advanced methods such as
obfuscation which involves concealing information such as files to be downloaded and sites
visited. Analyzing the security infrastructure as evidenced will allow the company to understand
its current security posture and the risks of cyber threats and vulnerabilities (Lumen Learning,
2021).
There is also a need to examine the private and public access areas and web access points
to ascertain the possibility of network weaknesses and threats. The sites can be vulnerable to
system weaknesses such as user administrator loopholes, including insider threats, social
engineering, easily compromised passwords, the careless or uninformed users. Physical hazards
in such access points include eavesdropping using cameras and critical loggers and destruction of
property. At the network points, vulnerabilities comprise DNS redirects, authentication hotspots,
and sniffers. Misconfigurations on hardware components such as routers and switches include
attack surfaces such as HTTPTS and SNMP exposure, allowing attackers to launch password-
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
COMPUTER. INFORMATION SYSTEM. Security Analysis Baselinlg...
|9
|193
|39
Vulnerability Assessment and Risk Management for Business Continuitylg...
|7
|2478
|153
IT INFRASTRUCTURE COMPONENTS OF IT INFRASTRUCTURE .lg...
|1
|384
|84
Network Analysis and Design for Financial Firm Soylentlg...
|5
|1359
|220
Components for Building IT Infrastructurelg...
|1
|646
|51
Risk Managementlg...
|9
|2006
|299