Ask a question from expert

Ask now

Information Security and Management

13 Pages3312 Words278 Views
   

Added on  2021-04-21

Information Security and Management

   Added on 2021-04-21

BookmarkShareRelated Documents
Running head: INFORMATION SECURITY AND MANAGEMENTInformation security and managementName of the student:Name of the University:Author Note:
Information Security and Management_1
1INFORMATION SECURITY AND MANAGEMENTAbstract A company in New Zealand, which is known by the name of Sermelles Limited,became a victim of cyber attack. The company has more than three thousand employees andin one of largest health insurance providers in New Zealand. This report will study thefollowing situation thoroughly. This report will pinpoint various existing security issues in anorganization and will provide solutions to improve the same. Security management modelswill be discussed briefly. A concluding paragraph will be provided at the end after thoroughanalysis of the report.
Information Security and Management_2
2INFORMATION SECURITY AND MANAGEMENTTable of Contents1. Introduction:...........................................................................................................................32. Literature review:...................................................................................................................32.1 Information security:........................................................................................................32.2 Information security threats:............................................................................................42.3 Types of cyber attacks:.....................................................................................................52.4 Information security policies:..........................................................................................62.5 Information Security Awareness:.....................................................................................63. Scenario:.................................................................................................................................63.1 Security issues in the given scenario:...............................................................................73.2 Possible solutions:............................................................................................................83.3 Security policies:..............................................................................................................94. Conclusion:..........................................................................................................................105. References:...........................................................................................................................11
Information Security and Management_3
3INFORMATION SECURITY AND MANAGEMENT1. Introduction: A company in New Zealand, which is known by the name of Sermelles Limited,became a victim of cyber attack. The company has more than three thousand employees andin one of largest health insurance providers in New Zealand. Large healthcare organizationsin all parts of the world have fallen victims to cyber bullying. Private data of employees weresiphoned off. This report will study the following scenario and based on that will providesome insights. Few security management models will be discussed, existing security issues inhealth care industry will be analyzed and based on the analysis strategy and framework willbe developed. Information security is critical in the modern world since there are various threats inthe cyberspace. There are various threats including virus attacks, malware and phishing.Procedures or set of policies incorporated within an organization to protect sensitive data istermed as Information security management (Disterer 2013). The main goal of informationsecurity management is to enable framework so that risk can be minimized and continuity ofbusiness is ensured. Information security management addresses process, data, technologyand employee behavior. This system is mainly targeted to a specific type of data such asemployee and customer data. Implementation of this system is also an important part becauseif not implemented properly then it would not serve the purpose for which it was made. It iscritical to safeguard data since it is the most important asset of any company, organizationand institutions. Data can be protected in various ways. One such way is data encryption. Inthis technology, data is transformed from one form to the other. A form such as code, so thatthe people having right access key such as passwords or a secret key can decrypt the data.According to statistics, data encryption is the most popular and effective method used by anorganization.
Information Security and Management_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Developing Information Security Policies for Xero
|14
|4396
|167

MGMT6013 Managing Information System | Security Policy
|14
|4311
|36

Cyber Threat Intelligence - CTEC5802
|19
|3969
|436

Cyber Security Assignment | Security Breach
|10
|1891
|117

Computer Security Report 2022
|14
|3515
|48

Developing a Security Policy for Commonwealth Bank: Mitigating Potential Threats and Vulnerabilities
|13
|2983
|97