Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

IS Security & Risk Management: Threats, Mitigation Techniques and Improvements

Verified

Added on 2023/06/07

AI Summary

This report discusses the security of information systems and risk management methods for ensuring the security of an organisation. It covers threats against information systems, working mechanism of ransomware, reliability and availability of web service, confidentiality and integrity of staff email, malware threats and security issues related to web mail and web server, approaches to improve email server availability, impact of human factors and organisational issues.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: IS SECURITY & RISK MANAGEMENT
IS SECURITY & RISK MANAGEMENT
Name of the student:
Name of university:
Author’s note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1IS SECURITY & RISK MANAGEMENT
Table of Contents
Introduction....................................................................................................................2
Discussion......................................................................................................................3
Working principle of ransomware.............................................................................3
Threats against the routers and switches of a network...............................................4
Reliability and availability of the web service of an organisation.............................4
Ensuring the confidentiality and integrity of the staff email......................................5
Threats to malware and security issues related to web mail and webserver..............6
Approaches to improve the availability of email servers...........................................8
Impact of human factors and organisational issues....................................................9
Use of log records for analysis of web server and email server...............................11
Use of audit log reports for performing auditing analysis.......................................11
Network devices for mitigating security problems..................................................12
Recommendations........................................................................................................13
Conclusion....................................................................................................................13
References....................................................................................................................15

2IS SECURITY & RISK MANAGEMENT
Introduction
This report aims to discuss the security of information systems and risk management
methods for ensuring the security of an organisation. The selected organisation for this report
is CISRA. The threats against the information systems of the organisation is provided along
with the working mechanism of ransomware and three tools that can be used to tackle
ransomware attack. The threats against the routers and switches of the network is discussed
and how these routers and switches can be vulnerable to destruction and abuse are stated. A
detailed discussion of how the organisation can ensure reliability and availability of the web
service is discussed. The methods of ensuring confidentiality and integrity of the staff email
is discussed. A brief discussion of the prioritisation of the threats and the security and
malware issues that are related to the webmail and web server is discussed. An appropriate
solution is proposed in this report for the improvement of availability of email servers. The
impact of human factors and the issue related to organisation on IS-based security and risk
management is provided. The use of log records that includes security, access event in
monitoring and analysis of the web server and email server problems is stated. The use of
audit log reports for performing auditing analysis is stated. Five new network devices are
proposed in this report to mitigate the security risks. Lastly, this report concludes with an
appropriate conclusion of this report.
IS security being the most crucial aspect in an organisation to ensure proper
functioning of the organisation. There are several threats against the information system that
can cripple an organisation and effect the working of that organisation at the fundamental
level. Organisations use several mitigation techniques to ensure the safety and security of the
network of the organisation.

3IS SECURITY & RISK MANAGEMENT
Discussion
Working principle of ransomware
Ransomware are the type of malware that is used to block and restrict the access of
the files in a system and ransom is demanded for those files to be released. The hacker
senders a suspicious email or some file on the internet and when a user downloads the file or
visits the website then the malware is downloaded in the system of the user and blocks the
access of the user on the files in the system. The computers that are infected displays several
messages that notifies the user to pay the ransom for unblocking the files and even after
paying the ransom, there is no guarantee that the user will be able to retrieve all the files
(Cabaj & Mazurczyk, 2016).
The tools that can be used for protecting the system against the ransomware attacks
are as follows:
Avast anti-ransomware tools: Avast provides an anti-ransomware tool that can be
used to tackle the threat of ransomware. This tool provides a decryption and installation
wizard. In this tool, the software will ask for two copies of all the files in the system, one of
them needs to be encrypted and the other one is open. This method is used for comparing and
determining the password.
BitDefender Anti-ransomware: This tool is majorly used for protecting the systems
from ransomware viruses like Locy, CTB-Locker, Petya, and TeslaCrypt ransomware. Once
this software is loaded, the program detects an infection in the system and stops the complete
execution of the program to prevent all the files from being encrypted. This program offers
the option of retrieving the files back if they are taken hostage.
Kaspersky anti-ransomware tool: The tool of Kaspersky has been designed for the
medium or small businesses for protection of the system from ransomware viruses. This

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4IS SECURITY & RISK MANAGEMENT
tools works constantly in the background and provides protection to the files in the system by
monitoring the system activities.
Threats against the routers and switches of a network
Some of the common threats to the network devices of the organisation are as follows:
DoS/ DDoS attacks: These attacks are commonly used to cripple the network of an
organisation or take control of the network of the organisation. Network devices are
specifically targeted to hijack and take control of the complete network of the organisation.
Huge amount of traffic is sent to the devices of the network that hampers the proper working
of the network devices and the devices are destroyed. With the help of DDoS attacks, the
attackers take control of the systems of the organisation (Mousavi & St-Hilaire, 2015).
Malware threats: The use of malware by any unauthorised user or hacker can cause
damages to the network of the system and destroy the network devices. The most common
types of malwares that are used to attack the network of an organisation are Trojan, worms,
viruses and spam. Any unauthorised user with the help of malware can misuse the network
devices (Antikainen, Aura & Särelä, 2014).
Rootkits: This collection of tool is specifically designed for gaining access to a
network at the administrator level. The rootkits are commonly placed in a network via any
security hole that is identified in the network. These holes are generally located in the
legitimate applications of a business network.
Reliability and availability of the web service of an organisation
Reliability offers the facility of the stack of Web service for exchanging SOAP
(Simple Object Access Protocol) messages without any redundancies and guaranteed delivery
along with message ordering. Headers of SOAP message contains the information that
permits the proper delivery of the messages in a reliable order (Madsen et al., 2013).

5IS SECURITY & RISK MANAGEMENT
Some methods to provide reliable web service to the staffs of the organisation are:
 Providing running database
 Installing SQL tables for the client and the server
Availability of the web service is an essential feature of the performance of an
organisation. The organisation can face serious problems if there is an unavailability of web
service (Ahmed & Wu, 2013). Effective strategy for increasing the availability of the web
service are:
 Proper planning for restructuring
 Optimising the existing code
 Enhancing the design architecture
 Categorising and analysing the points of failure on the basis of severity
 Designing an appropriate solution on the basis of the analysis for ensuring
high availability
Ensuring the confidentiality and integrity of the staff email
Some methods to ensure the confidentiality and integrity of the staff of CISRA are as
follows:
 Confidential information are identified: The information of the customers,
matters related to the personnel, contracts, product related information and
business strategies are included in confidential information.
 The availability of necessary tools and information are ensured: When there is
a requirement of sending information quickly, often the bans and prohibitions
are not followed. The tools that are required to send email quickly and
securely are installed for the staffs (Tuli & Sahu, 2013).

6IS SECURITY & RISK MANAGEMENT
 Usability: Usability plays a major factor when there is a search for solutions
for sending secure e-mail. The appropriate solutions are implemented to send
secure emails.
 Checking of the instructions and common procedures of information security:
the security of email communication is secured when the solution of secured
email is properly used.
 Traffic control of the email service is implemented: The organisation
communicate numerous times a day through the email service. The traffic of
the email service is monitored and controlled to ensure the integrity of the
email service (Kim & Solomon, 2016).
Threats to malware and security issues related to web mail and webserver
Threats to web mail are as follows:
 Malware threats: The web mail of an organisation faces the threat of malware
in the system of the organisation. A hacker can place any malware in the
webmail of the organisation and gain access to the web mail service of the
organisation.
 Phishing and spam: the commercial emails that are unsolicited is referred as
spam. This is the method of transmitting spontaneous bulk commercial
messages via email. These messages can hamper the productivity of the user,
use the resources of IT excessively, and distribute the malware mechanism in
the system (Farrokhi et al., 2013).
 Bots: these are the kind of malware that are designed for automatically execute
specific operations. Bots are used in botnets to take down servers and network
of a company. Spambots are commonly used in the email to generate
advertisements that can infect the webmail servers.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7IS SECURITY & RISK MANAGEMENT
 Ransomware: Ransomware is a common malware that is used to seize the
information placed in a network and demand ransom for exchange of this
information.
 Rootkit: This kind of malicious software is specifically designed for gaining
control or remote access to a computer without getting detected by the users or
any security programs.
Some of the threats to the web server are as follows:
 Misconfiguration of security: the infrastructure makes the web server efficient
and reliable to use. Any misconfiguration of the web server can lead to serious
problems for the organisation and reduce the productivity of the organisation.
 Injection attacks: These variety of attacks comes in the form of injection and
they are primarily used to attack the web servers as they need data to function.
Some of the injection attacks are SQL injection and code injection (Frotzscher
et al., 2014).
 Unauthorised access of data: This is the type of attack that is carried out to
bypass the procedure of authentication for gaining access of data.
 DoS attacks: These types of attacks are specifically executed to cripple the
servers of a company. The services of the company can be damaged if the
systems of the company have suffered DoS attacks.
 Stability and server performance: The web servers are essential part of an
organisation to provide the staffs and employees with information. When the
staffs of an organisation is accessing the internet service at high rate, there is a
creation of threat of stability of the web server. The performance of the web
server can be damaged if the servers are not properly configured.

8IS SECURITY & RISK MANAGEMENT
Approaches to improve the availability of email servers
Figure 1: “Use of firewall to secure the email and webs server”
Source: (Sood & Enbody, 2013)
One approach of improving the availability of email servers is with the
implementation of firewall in the servers of the system. The servers should be divided into
segments so that in the cases of any fault in the servers, the other servers will not be affected
and the work of the organisation will not be harmed. Firewall is important for the servers
because it will help in protecting the servers from any unauthorised access. The employees
with proper access the email facility and the monitoring of the email communication can be
carried out easily.

9IS SECURITY & RISK MANAGEMENT
Figure 2: “Use of cloud computing to secure the email server”
Source: (Jang-Jaccard & Nepal, 2014)
Another approach of improving the availability of email servers can be with the help
of cloud computing. All the communication records can be preserved in the cloud storage and
proper authorised users can easily access the emails. The facility of cloud anti-spam will help
the organisation to prevent any spamming attacks from the incoming spams in the emails of
the staffs. The facility is essential for the organisation, CISRA as the major form of
communication among the employees is with email and the threat of spamming has affected
the email servers. The antivirus of cloud protects the data and the emails that are stored in the
cloud storage of the organisation and prevent the access of any unauthorised users. The threat
of virus attacks on the email servers can be mitigated with the help of this method. The staffs
of the organisation will have a better availability of email services.
Impact of human factors and organisational issues
The impact of human factor and organisational issues on IS related security are as
follows:
Errors: This is the human factor that impacts the issues of IS-related security in an
organisation. The main issue of the security in an organisation by a human can be error.
Error is defined as divergence in an efficiently working system. Human errors can be careless
and deliberate. The source of errors by humans are considered to be the forces of security
culture and communication (Von Solms & Van Niekerk, 2013). The information system of an
organisation can be affected severely even though it is built with enormously great technical
backbone. The security policies of the CISRA organisation is designed for restraining
behaviour for eliminating errors.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

10IS SECURITY & RISK MANAGEMENT
Awareness of information security: This factor is grouped in the organisational factor
of IS related security. The programme of awareness is required to make the employees of the
organisation understand their responsibilities and the duties towards the security of the
information system. There is a probability that the security policies of the organisation can be
misinterpreted and misunderstood by the employees, and therefore it is very important to
conduct the awareness programmes. Organisations are extremely hesitant towards their
employees to follow the rules and regulations of the information system such as security
policies (Metalidou et al., 2014).
Risk management recommendations are:
Risk management in a specific tool must be carried out in four steps:
Qualitative assessment: the information tool of risk management must record the
assessment of any risk in all possible ways that helps in monitoring and documentation of
risk priorities. The documentation of risk management must be carried out in a method,
which keeps a records these phases of processing.
Prioritisation
Risk measurement
Monitoring risk treatment actions: the responsible members of the organisation must
carry out a constant reporting of the implementation actions within the tools.

11IS SECURITY & RISK MANAGEMENT
Use of log records for analysis of web server and email server
Figure 3: “Log records”
Source: (Gul, Wu & Yang, 2013)
Log records are the record sets that an organisation maintains to administrator the important
events. The types of logs that are monitored are application logs, event logs, service logs, ad
system logs. The management of log records is an important integral part of the
responsibilities of any administrator of the server. With the help of proper monitoring of the
log files, the organisation can have a detailed insight on the performance of the servers,
security, and the issues that are underlying in the web server and the email server and error
messages (Jans, Alles & Vasarhelyi, 2013).
Use of audit log reports for performing auditing analysis
The trails of audit are the electronic or manual records of any procedure or event that
are maintained to provide support history and documentation, which can be used for
authenticating operational actions and maintain security, or eliminate the challenges (Scott-
Hayward, O'Callaghan & Sezer, 2013). The audit records contains elements that are defined

12IS SECURITY & RISK MANAGEMENT
by an organisation commonly includes the description of the event, the record of the system,
user and the applications that were launched at the event, and the time and data of the event.
Maintenance of long-term audit records can be difficult for any organisation as the log
records occupies huge storage space that might not be readily available. The benefits of audit
trailing are:
 User accountability
 Event reconstruction
 Detection of any unauthorised users
 Problem identification
Network devices for mitigating security problems
Some of the network devices that can be used by the CISRA organisation to mitigate
the security threats of the email server and the web server are as follows:
Firewalls: This is a device that is implemented in the network of an organisation for
monitoring the outgoing and incoming network traffics and decide whether any specific
traffic must be blocked based on a pre-defined set of security rules.
Content filtering devices: The devices that are used to perform the task of filtering
content from the internet are the content filtering devices. Content filtering is basically the
used of devices or programs that has the ability of screening and excluding the access of
suspicious web pages and email from the internet (Zhao & Ge, 2013).
Web caching: web caching is the method of storing responses that can be reused for
making subsequent easier requests. The use of web caching can be helpful for securing the
web server and the email servers. This function is the core design feature of HTTP protocol
that is meant for minimising the traffic of the network and improve the alleged receptiveness
of the whole system (Perlman, Kaufman & Speciner, 2016).

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

13IS SECURITY & RISK MANAGEMENT
Crypto-Capable Routers: This feature is built in the routers to provide the router an
ability of using session encryption amongst indicated routers. The organisation can utilise this
ability of the routers to provide better security to the web server and the email server
(Zaalouk et al., 2014).
Virtual Private Network Gateways: organisation use VPNs to gain the ability of
connecting to any remote private network via the internet. VPNs span the internet as the users
connect through the internet to a remote VPN server.
Recommendations
Therefore it is recommended to the organisation CISRA to implement better security
measures to provide seamless access to the staffs and increase their productivity. Firewalls
must be implemented in the server of the organisation to prevent the access of any suspicious
email or web content. Content filtering devices, crypto-capable routers, VPN gateways and
web caching must be used by the organisation to provide better security to the network of the
organisation.
Conclusion
Therefore it can be concluded that, the organisation CISRA uses information system
to provide better access of information to the staffs of the organisation. The threats of
ransomware can hinder the growth of the organisation. The ransomware attacks are meant to
seize all the data from the system of a user and demand ransom for that data to be released.
Some of the threats against the routers and switches of a network are malware threats and
DoS/DDoS attacks that are designed to cripple the network of the organisation and procure
all the data that are available on the network of the organisation. One approach of improving
the availability of email servers is with the implementation of firewall in the servers of the

14IS SECURITY & RISK MANAGEMENT
system. Another approach of improving the availability of email servers can be with the help
of cloud computing.

15IS SECURITY & RISK MANAGEMENT
References
Ahmed, W., & Wu, Y. W. (2013). A survey on reliability in distributed systems. Journal
of Computer and System Sciences, 79(8), 1243-1255.
Antikainen, M., Aura, T., & Särelä, M. (2014, October). Spook in your network:
Attacking an sdn with a compromised openflow switch. In Nordic Conference on
Secure IT Systems(pp. 229-244). Springer, Cham.
Cabaj, K., & Mazurczyk, W. (2016). Using software-defined networking for ransomware
mitigation: the case of cryptowall. IEEE Network, 30(6), 14-20.
Farrokhi, F. R., Gunther, M., Williams, B., & Blackmore, C. C. (2013). Application of
lean methodology for improved quality and efficiency in operating room
instrument availability. Journal for Healthcare Quality.
Frotzscher, A., Wetzker, U., Bauer, M., Rentschler, M., Beyer, M., Elspass, S., &
Klessig, H. (2014, June). Requirements and current solutions of wireless
communication in industrial automation. In Communications workshops (ICC),
2014 IEEE international conference on (pp. 67-72). IEEE.
Gul, F. A., Wu, D., & Yang, Z. (2013). Do individual auditors affect audit quality?
Evidence from archival data. The Accounting Review, 88(6), 1993-2023.
Hampton, N., & Baig, Z. A. (2015). Ransomware: Emergence of the cyber-extortion
menace.
Jang-Jaccard, J., & Nepal, S. (2014). A survey of emerging threats in
cybersecurity. Journal of Computer and System Sciences, 80(5), 973-993.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

16IS SECURITY & RISK MANAGEMENT
Jans, M., Alles, M., & Vasarhelyi, M. (2013). The case for process mining in auditing:
Sources of value added and areas of application. International Journal of
Accounting Information Systems, 14(1), 1-20.
Kim, D., & Solomon, M. G. (2016). Fundamentals of information systems security.
Jones & Bartlett Publishers.
Madsen, H., Burtschy, B., Albeanu, G., & Popentiu-Vladicescu, F. L. (2013, July).
Reliability in the utility computing era: Towards reliable fog computing.
In Systems, Signals and Image Processing (IWSSIP), 2013 20th International
Conference on (pp. 43-46). IEEE.
Metalidou, E., Marinagi, C., Trivellas, P., Eberhagen, N., Skourlas, C., &
Giannakopoulos, G. (2014). The human factor of information security:
Unintentional damage perspective. Procedia-Social and Behavioral
Sciences, 147, 424-428.
Mousavi, S. M., & St-Hilaire, M. (2015, February). Early detection of DDoS attacks
against SDN controllers. In Computing, Networking and Communications
(ICNC), 2015 International Conference on (pp. 77-81). IEEE.
Perlman, R., Kaufman, C., & Speciner, M. (2016). Network security: private
communication in a public world. Pearson Education India.
Scott-Hayward, S., O'Callaghan, G., & Sezer, S. (2013, November). SDN security: A
survey. In Future Networks and Services (SDN4FNS), 2013 IEEE SDN For (pp.
1-7). IEEE.
Sood, A. K., & Enbody, R. J. (2013). Targeted cyberattacks: a superset of advanced
persistent threats. IEEE security & privacy, 11(1), 54-61.

17IS SECURITY & RISK MANAGEMENT
Tuli, P., & Sahu, P. (2013). System monitoring and security using
keylogger. International Journal of Computer Science and Mobile
Computing, 2(3), 106-111.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber
security. computers & security, 38, 97-102.
Zaalouk, A., Khondoker, R., Marx, R., & Bayarou, K. (2014, May). Orchsec: An
orchestrator-based architecture for enhancing network-security using network
monitoring and sdn control functions. In Network Operations and Management
Symposium (NOMS), 2014 IEEE (pp. 1-9). IEEE.
Zhao, K., & Ge, L. (2013, December). A survey on the internet of things security.
In Computational Intelligence and Security (CIS), 2013 9th International
Conference on (pp. 663-667). IEEE.