Information Governance and Cyber Security: Risks and Mitigation Strategies
Added on 2023-06-18
13 Pages3198 Words416 Views
INFORMATION
GOVERNANCE AND CYBER
SECURITY
GOVERNANCE AND CYBER
SECURITY
TABLE OF CONTENTS
INTRODUCTION...........................................................................................................................3
TASK 1............................................................................................................................................3
TASK 2............................................................................................................................................6
TASK 3............................................................................................................................................8
CONCLUSION..............................................................................................................................11
REFERENCES..............................................................................................................................12
2
INTRODUCTION...........................................................................................................................3
TASK 1............................................................................................................................................3
TASK 2............................................................................................................................................6
TASK 3............................................................................................................................................8
CONCLUSION..............................................................................................................................11
REFERENCES..............................................................................................................................12
2
INTRODUCTION
Information governance refers to the technologies adopted by the establishments with
certain policies, procedures, control and strategies working in order to optimize information in
order to meet its business requirements along with legal and industry regulations while
minimising risks (Alhassan and Adjei-Quaye, 2017). This report will highlight the development
of information governance policy for UEH along with risk assessment methodologies and
strategy in order to implement strong information governance for Blackbaud.
TASK 1
Cyber security threats and steps to evade them by Information Governance
The cyber security threats latest are:
a) Ransomware: It is a malware form which attempt for encrypting data and extorting a
ransom for releasing a code for unlocking. The ransomware gets delivered through emails
which are malicious (Humayun and et.al., 2020). The key steps for protecting the
company by information system governance are:
o Awareness in staff, the staff has to be aware of emails which are unsolicited, in
particular those that need a quick response.
o Protection of malware, installing and maintaining an anti-virus which is good and
protection software from malware.
o Software update, keeping application up to date.
o Data backup, series of data back ups which is well managed and allow for
recovering from version unencrypted of file.
b) Phishing: It is an attempt for gaining information that is sensitive of posing a contact like
a trustworthy one, for example online or bank service. A form known as spear phishing is
a targeted attempt to gain information about individuals. Phishing mails may appear to be
true, with no mistakes and errors and using genuine logos. This form is of spear phishing,
3
Information governance refers to the technologies adopted by the establishments with
certain policies, procedures, control and strategies working in order to optimize information in
order to meet its business requirements along with legal and industry regulations while
minimising risks (Alhassan and Adjei-Quaye, 2017). This report will highlight the development
of information governance policy for UEH along with risk assessment methodologies and
strategy in order to implement strong information governance for Blackbaud.
TASK 1
Cyber security threats and steps to evade them by Information Governance
The cyber security threats latest are:
a) Ransomware: It is a malware form which attempt for encrypting data and extorting a
ransom for releasing a code for unlocking. The ransomware gets delivered through emails
which are malicious (Humayun and et.al., 2020). The key steps for protecting the
company by information system governance are:
o Awareness in staff, the staff has to be aware of emails which are unsolicited, in
particular those that need a quick response.
o Protection of malware, installing and maintaining an anti-virus which is good and
protection software from malware.
o Software update, keeping application up to date.
o Data backup, series of data back ups which is well managed and allow for
recovering from version unencrypted of file.
b) Phishing: It is an attempt for gaining information that is sensitive of posing a contact like
a trustworthy one, for example online or bank service. A form known as spear phishing is
a targeted attempt to gain information about individuals. Phishing mails may appear to be
true, with no mistakes and errors and using genuine logos. This form is of spear phishing,
3
where a fake mail of a top management executive may pressurise another one down the
hierarchy to give information about some relevant financials which is kept confidential
otherwise (Gunduz and Das, 2020). They are worth considering ways for adding
safeguards that are additional for protection identity of top management executives for
preventing impersonation. Information assets governance have to follow these measures
for protection:
Creating awareness among people that companies do not ask information which is
confidential.
Making use of software of anti-malware.
Issuing guidelines for being suspicious of mails that are unexpected.
Making sure that filters of spam are kept on in systems. Checking regularly in
case any e-mail has been trapped in it.
Data leakage
As cyber security seems tough in office, it has to be noted that security extension is
beyond office also. Usage of tablets and smartphones has been widely spread. Through
storage devices which are portable they can be made useful for transportation and data
backup (Humayun and et.al., 2020). These features can be stolen and thus information
assets have to follow steps for preventing data leakage of the organisation like:
A) It has to be made sure that mobiles used in offices have password locks.
B) GPS tracker and option of removing data has to be present if the device is lost.
C) Use of software for encryption is recommended highly while using storage devices
that are portable.
D) Keeping a watch over mobile and manual paper work. This is a way of monitoring to
avoid crimes that are opportunistic.
Hacking
For gaining access to IT from organisation’s outside has been attempted to gain financial
information. Intellectual property is a value source. Through tricks, information can be
gained of passwords and username. Information assets governance has to use primary
methods of awareness of user and training, installing of network firewalls and data access
4
hierarchy to give information about some relevant financials which is kept confidential
otherwise (Gunduz and Das, 2020). They are worth considering ways for adding
safeguards that are additional for protection identity of top management executives for
preventing impersonation. Information assets governance have to follow these measures
for protection:
Creating awareness among people that companies do not ask information which is
confidential.
Making use of software of anti-malware.
Issuing guidelines for being suspicious of mails that are unexpected.
Making sure that filters of spam are kept on in systems. Checking regularly in
case any e-mail has been trapped in it.
Data leakage
As cyber security seems tough in office, it has to be noted that security extension is
beyond office also. Usage of tablets and smartphones has been widely spread. Through
storage devices which are portable they can be made useful for transportation and data
backup (Humayun and et.al., 2020). These features can be stolen and thus information
assets have to follow steps for preventing data leakage of the organisation like:
A) It has to be made sure that mobiles used in offices have password locks.
B) GPS tracker and option of removing data has to be present if the device is lost.
C) Use of software for encryption is recommended highly while using storage devices
that are portable.
D) Keeping a watch over mobile and manual paper work. This is a way of monitoring to
avoid crimes that are opportunistic.
Hacking
For gaining access to IT from organisation’s outside has been attempted to gain financial
information. Intellectual property is a value source. Through tricks, information can be
gained of passwords and username. Information assets governance has to use primary
methods of awareness of user and training, installing of network firewalls and data access
4
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Information Governance And Cyber Securitylg...
|11
|3243
|86
Cybersecurity Threat Name of the Studentlg...
|11
|2321
|49
Cyber-Security: Phishing, Spear Phishing, Ransomware, Scareware and Enterprise Information Securitylg...
|11
|1381
|117
Analysis of It Security And Managementlg...
|8
|832
|14
Network Security and Types of Security Threats and Attacks in Information Technologylg...
|8
|2577
|274
Cyber Security Assessment 2022lg...
|12
|2742
|20