IT Security Management for Precedent Communication PTY Ltd, Australian Red Cross Blood Service, Telstra Foundation
VerifiedAdded on 2023/06/13
|10
|2379
|296
AI Summary
This report covers IT Security Management for Precedent Communication PTY Ltd, Australian Red Cross Blood Service, Telstra Foundation. It includes security risk assessment, business requirements analysis, and summary of findings.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: IT SECURITY MANAGEMENT
IT SECURITY MANAGEMENT
(Precedent Communication PTY Ltd , Australian Red Cross Blood Service, Telstra
Foundation)
Name of the student:
Name of the university:
Author Note
IT SECURITY MANAGEMENT
(Precedent Communication PTY Ltd , Australian Red Cross Blood Service, Telstra
Foundation)
Name of the student:
Name of the university:
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1IT SECURITY MANAGEMENT
Executive summary
IT Security Management or ITSM has been used for assuring various services like information,
availability of IT, integrity and confidentiality. ITSM helps in designing controls of security,
managing security incidents and reviewing safety. Precedent Communication PTY Ltd operates the
website of Australian Red Cross Blood Service whose security analysis is needed to be done along
with risks and government inquiry. This risk analysis has included various vulnerabilities and threats
and an investigation are done on business requirement covering the main business necessities for
Telstra. This Telstra Corporation Ltd is another media and telecommunication company situated in
Australia building and operating telecommunication networks, market voices, internet and mobile
access, paying television along with entertainment services and products. People of Telstra are active
blood donors along with Australian Red Cross Blood Service and it is made simpler to their paid
donor leave. Hence, Telstra is ideal whose essential business requirements are summarized in the
following report relating to the case study of Australian Red Cross.
Executive summary
IT Security Management or ITSM has been used for assuring various services like information,
availability of IT, integrity and confidentiality. ITSM helps in designing controls of security,
managing security incidents and reviewing safety. Precedent Communication PTY Ltd operates the
website of Australian Red Cross Blood Service whose security analysis is needed to be done along
with risks and government inquiry. This risk analysis has included various vulnerabilities and threats
and an investigation are done on business requirement covering the main business necessities for
Telstra. This Telstra Corporation Ltd is another media and telecommunication company situated in
Australia building and operating telecommunication networks, market voices, internet and mobile
access, paying television along with entertainment services and products. People of Telstra are active
blood donors along with Australian Red Cross Blood Service and it is made simpler to their paid
donor leave. Hence, Telstra is ideal whose essential business requirements are summarized in the
following report relating to the case study of Australian Red Cross.
2IT SECURITY MANAGEMENT
Table of Contents
1. Introduction:......................................................................................................................................3
2. Security risk assessment:...................................................................................................................3
2.1. Security risks:.............................................................................................................................4
2.2. Threats:.......................................................................................................................................4
2.3. Vulnerabilities:...........................................................................................................................5
3. Business Requirements Analysis:......................................................................................................5
4. Summary of the findings:..................................................................................................................6
5. Conclusion:........................................................................................................................................7
6. References:........................................................................................................................................8
Table of Contents
1. Introduction:......................................................................................................................................3
2. Security risk assessment:...................................................................................................................3
2.1. Security risks:.............................................................................................................................4
2.2. Threats:.......................................................................................................................................4
2.3. Vulnerabilities:...........................................................................................................................5
3. Business Requirements Analysis:......................................................................................................5
4. Summary of the findings:..................................................................................................................6
5. Conclusion:........................................................................................................................................7
6. References:........................................................................................................................................8
3IT SECURITY MANAGEMENT
1. Introduction:
ITSM or IT security management is used to ensure confidentiality, integrity and availability
of IT and information services. It is intended to design security controls, security testing, controlling
security incidents and security review.
Precedent Communications Pty Ltd has been engaged in managing the official site for a
popular blood service at Australia, named Australian Red Cross Blood Service (Precedent.com,
2018). A security company has been hired for security analysis regarding cybersecurity risk,
following a government enquiry.
In the following report, a security risk analysis is made including various threats and
vulnerabilities related to the case of Australian Red Cross. Next, an analysis of business requirement
is made outlining about primary business perquisites for Telstra.
2. Security risk assessment:
IT enterprise security risk analysis for Australian Red Cross is needed to be performed for
helping Precedent Communications Pty Ltd to modify, identify and analyze overall security posture
(Donateblood.com.au, 2018). It is also useful for organizational, operational and security
management apart from various other personnel collaborating and viewing the entire company from
the perspective of attackers. Here, the process is needed to gain the commitment to organizational
management to allocate various resources and then impose the proper security solutions. For
assessing risks accurately, Precedent Communications Pty Ltd should recognize data that are most
costly to Australian Red Cross, storage mechanisms of this data and variously related vulnerabilities.
1. Introduction:
ITSM or IT security management is used to ensure confidentiality, integrity and availability
of IT and information services. It is intended to design security controls, security testing, controlling
security incidents and security review.
Precedent Communications Pty Ltd has been engaged in managing the official site for a
popular blood service at Australia, named Australian Red Cross Blood Service (Precedent.com,
2018). A security company has been hired for security analysis regarding cybersecurity risk,
following a government enquiry.
In the following report, a security risk analysis is made including various threats and
vulnerabilities related to the case of Australian Red Cross. Next, an analysis of business requirement
is made outlining about primary business perquisites for Telstra.
2. Security risk assessment:
IT enterprise security risk analysis for Australian Red Cross is needed to be performed for
helping Precedent Communications Pty Ltd to modify, identify and analyze overall security posture
(Donateblood.com.au, 2018). It is also useful for organizational, operational and security
management apart from various other personnel collaborating and viewing the entire company from
the perspective of attackers. Here, the process is needed to gain the commitment to organizational
management to allocate various resources and then impose the proper security solutions. For
assessing risks accurately, Precedent Communications Pty Ltd should recognize data that are most
costly to Australian Red Cross, storage mechanisms of this data and variously related vulnerabilities.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4IT SECURITY MANAGEMENT
2.1. Security risks:
The information system of Australian Red Cross’s website can be penetrated by various
deliberate attacks. Very often these kinds of penetrations take place because of hackers particularly
looking for data to get stolen. Employee fraud, theft and impersonation are deliberate means for
accessing data (Oaic.gov.au, 2018). As per the “Privacy Rights Clearing House”, most of the
external attacks are because of malware infection. The websites of Red Cross comprises of
thousands of records with sensitive data like medical centre, financial administration area, human
resource department, bursar or alumni office has been the target by attackers than smaller systems
having fewer records. Red Cross’s system owners have been regularly monitoring access logs along
with upgrading access authorizations as their staffs come and go. It has been putting other
protections in place for restricting access to those systems for staffs with business needs
(Cherdantseva et al. 2016).
2.2. Threats:
Malicious codes get transmitted to computers via browser web pages that have never
undergone through various security updates. Thus, visiting the unsecured and compromised website
of Australian Red Cross results in various threats. This includes malicious software to be
downloaded to Red Cross’ network and computers. It must be reminded that Precedent
Communications Pty Ltd must know where the data of Australian Red Cross has been under their
networks (De Gramatica et al. 2015). Further, there has been so much interconnected system for Red
Cross that there have been various numbers of connected devices presents carrying secured health
information. And, here lies the real problem of Red Cross regarding threats of a data breach from
their website.
2.1. Security risks:
The information system of Australian Red Cross’s website can be penetrated by various
deliberate attacks. Very often these kinds of penetrations take place because of hackers particularly
looking for data to get stolen. Employee fraud, theft and impersonation are deliberate means for
accessing data (Oaic.gov.au, 2018). As per the “Privacy Rights Clearing House”, most of the
external attacks are because of malware infection. The websites of Red Cross comprises of
thousands of records with sensitive data like medical centre, financial administration area, human
resource department, bursar or alumni office has been the target by attackers than smaller systems
having fewer records. Red Cross’s system owners have been regularly monitoring access logs along
with upgrading access authorizations as their staffs come and go. It has been putting other
protections in place for restricting access to those systems for staffs with business needs
(Cherdantseva et al. 2016).
2.2. Threats:
Malicious codes get transmitted to computers via browser web pages that have never
undergone through various security updates. Thus, visiting the unsecured and compromised website
of Australian Red Cross results in various threats. This includes malicious software to be
downloaded to Red Cross’ network and computers. It must be reminded that Precedent
Communications Pty Ltd must know where the data of Australian Red Cross has been under their
networks (De Gramatica et al. 2015). Further, there has been so much interconnected system for Red
Cross that there have been various numbers of connected devices presents carrying secured health
information. And, here lies the real problem of Red Cross regarding threats of a data breach from
their website.
5IT SECURITY MANAGEMENT
2.3. Vulnerabilities:
There have been various vulnerabilities faced by Red Cross’ website. The first one is
exploitability. Here the exploitability takes place when the attacks require web browsers only and the
least are the various advanced tools and programming. The next one is detectability. It must be
determined, how must simple the threats have been regarding detection. Here the highest is the
information displayed in URL, Form and Error message and the minimum is the source code. The
next one is the damage or impact. Here, it is needed to be determined the amount of damage that has
taken place as the vulnerability of security gets attacked or exposed (Labunets et al. 2017). For Red
Cross, the highest has been the entire system crash and the minimum has been nothing at all.
3. Business Requirements Analysis:
Telstra has urged Australian Red Cross through many business requirements. First of all, it
has helped in rethinking HR for various Digital Workplaces. Mobility and new technologies have
been changing the way in which businesses can operate and the role gets transformed as per the role
of HR (Telstra.com.au, 2018). Moreover, Telstra has been helped in workplace transformation to
drive change and engagement. It has been getting various supports from management which is
important to create employee buy-in and engagement within workplace transformation. Seamless
transitions taking place between Red Cross IT environments have been important (Ermakov et al.
2014). Further, employee engagement has been driving outcomes for Red Cross’s bottom line. They
are needed to discover the way in which future-focused agencies using employee engagement along
with workplace mobility for improving the bottom line. Further, the HR of Telstra has always been
engaged in managing cybersecurity. While people are most important to Red Cross, they can turn
out to be the most important threat and the highest point of vulnerability as it comes to the matter of
information security (Sallam 2015).
2.3. Vulnerabilities:
There have been various vulnerabilities faced by Red Cross’ website. The first one is
exploitability. Here the exploitability takes place when the attacks require web browsers only and the
least are the various advanced tools and programming. The next one is detectability. It must be
determined, how must simple the threats have been regarding detection. Here the highest is the
information displayed in URL, Form and Error message and the minimum is the source code. The
next one is the damage or impact. Here, it is needed to be determined the amount of damage that has
taken place as the vulnerability of security gets attacked or exposed (Labunets et al. 2017). For Red
Cross, the highest has been the entire system crash and the minimum has been nothing at all.
3. Business Requirements Analysis:
Telstra has urged Australian Red Cross through many business requirements. First of all, it
has helped in rethinking HR for various Digital Workplaces. Mobility and new technologies have
been changing the way in which businesses can operate and the role gets transformed as per the role
of HR (Telstra.com.au, 2018). Moreover, Telstra has been helped in workplace transformation to
drive change and engagement. It has been getting various supports from management which is
important to create employee buy-in and engagement within workplace transformation. Seamless
transitions taking place between Red Cross IT environments have been important (Ermakov et al.
2014). Further, employee engagement has been driving outcomes for Red Cross’s bottom line. They
are needed to discover the way in which future-focused agencies using employee engagement along
with workplace mobility for improving the bottom line. Further, the HR of Telstra has always been
engaged in managing cybersecurity. While people are most important to Red Cross, they can turn
out to be the most important threat and the highest point of vulnerability as it comes to the matter of
information security (Sallam 2015).
6IT SECURITY MANAGEMENT
Further, Telstra provides social collaboration platforms which can provide potential for Res
Cross to radically modify conventional communications by developing their capability to find and
promote their content and knowledge. The HR professionals of Telstra are important regarding
transformation in the workplace. Shortage or various skilled labour along with speed to change
business, expectations of various multi-generational workforce along with urbanization possess
wide-teaching implications for those HR professionals (Reniers, Van Lerberghe and Van Gulijk
2015). Telstra also provides the way to leverage SoCoMo for enabling future workforce. Red Cross
can thus gain more engaged workforce and satisfied customers through leveraging “Social,
Collaborative, Mobile” or SoCoMo technologies. Despite this, a major change in workplace culture
is also needed. Next, Telstra has been engaged in capitalizing big data. As Red Cross has been the
proper employee, their challenge is to keep them; They can currently implement big data for talent
management. However, the barriers for HR leaders of Telstra are to access and make use of that
information.
Telstra’s human resource is involved in a quest for cultural change under digital workplace.
This can drive a widespread transformation of workplace culture at Red Cross. In the current world,
where diverse workforces have been mobile and office-based, HR of the company needs proper
investment, technical and data transformation enabling Red to cross to drive them forward (Henshel
et al. 2015). Further, AI infused chatbots can humanize HRs through understating, putting into
context and making inferences and then proposing successful outcomes.
4. Summary of the findings:
In this way data of Telstra has been enterprises in automating and electronically make
information change with their trading partners Red Cross. It has been supporting every essential
standard, protocols and format are helpful. They have been translating and mapping business
Further, Telstra provides social collaboration platforms which can provide potential for Res
Cross to radically modify conventional communications by developing their capability to find and
promote their content and knowledge. The HR professionals of Telstra are important regarding
transformation in the workplace. Shortage or various skilled labour along with speed to change
business, expectations of various multi-generational workforce along with urbanization possess
wide-teaching implications for those HR professionals (Reniers, Van Lerberghe and Van Gulijk
2015). Telstra also provides the way to leverage SoCoMo for enabling future workforce. Red Cross
can thus gain more engaged workforce and satisfied customers through leveraging “Social,
Collaborative, Mobile” or SoCoMo technologies. Despite this, a major change in workplace culture
is also needed. Next, Telstra has been engaged in capitalizing big data. As Red Cross has been the
proper employee, their challenge is to keep them; They can currently implement big data for talent
management. However, the barriers for HR leaders of Telstra are to access and make use of that
information.
Telstra’s human resource is involved in a quest for cultural change under digital workplace.
This can drive a widespread transformation of workplace culture at Red Cross. In the current world,
where diverse workforces have been mobile and office-based, HR of the company needs proper
investment, technical and data transformation enabling Red to cross to drive them forward (Henshel
et al. 2015). Further, AI infused chatbots can humanize HRs through understating, putting into
context and making inferences and then proposing successful outcomes.
4. Summary of the findings:
In this way data of Telstra has been enterprises in automating and electronically make
information change with their trading partners Red Cross. It has been supporting every essential
standard, protocols and format are helpful. They have been translating and mapping business
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7IT SECURITY MANAGEMENT
documents to and from significant computers languages. It has been validating document source,
destination, and facilitating secure. Telstra has also been involved in data transmission, designing,
testing, web interface and configuration. It has included comprehensive online help system that has
been context sensitive. It has helped enterprises to efficiently manage and monitor their business
data. Further, Telstra has been delivering real-time visibility of information with customizable
reporting. Moreover, the real-time visibility of data with customizable reporting has been adequate.
Here, data can be accessed, audited and tracked easily and information can be audited, tracked and
accessed. Moreover, search facility of Telstra helps in quickly locating business information that is
helpful for Red Cross.
5. Conclusion:
The report helps in an analysis that comprehensive enterprise security risk analysis is also
helpful in determining a value of different kinds of information created and then stored around
Australian Red Cross. Instead of valuing different types of data in companies, it has been quite
impossible to allocate and prioritize resources of technology that is needed most. Telstra has been
being used for Red Cross to trade electronically. The manual and fax communication processes are
required in order to be eliminated and Telstra provides simple to use, outbox and inbox web system.
Moreover, the company delivers the abilities to automate and design business processes and
dynamically monitors and controls business information under workflow process. Lastly, as per as
flexibility is concerned, the study shows that Telstra smartly alters workflow processes made with
easy to drag and drop design method. This is highly beneficial for Red Cross.
documents to and from significant computers languages. It has been validating document source,
destination, and facilitating secure. Telstra has also been involved in data transmission, designing,
testing, web interface and configuration. It has included comprehensive online help system that has
been context sensitive. It has helped enterprises to efficiently manage and monitor their business
data. Further, Telstra has been delivering real-time visibility of information with customizable
reporting. Moreover, the real-time visibility of data with customizable reporting has been adequate.
Here, data can be accessed, audited and tracked easily and information can be audited, tracked and
accessed. Moreover, search facility of Telstra helps in quickly locating business information that is
helpful for Red Cross.
5. Conclusion:
The report helps in an analysis that comprehensive enterprise security risk analysis is also
helpful in determining a value of different kinds of information created and then stored around
Australian Red Cross. Instead of valuing different types of data in companies, it has been quite
impossible to allocate and prioritize resources of technology that is needed most. Telstra has been
being used for Red Cross to trade electronically. The manual and fax communication processes are
required in order to be eliminated and Telstra provides simple to use, outbox and inbox web system.
Moreover, the company delivers the abilities to automate and design business processes and
dynamically monitors and controls business information under workflow process. Lastly, as per as
flexibility is concerned, the study shows that Telstra smartly alters workflow processes made with
easy to drag and drop design method. This is highly beneficial for Red Cross.
8IT SECURITY MANAGEMENT
6. References:
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H. and Stoddart, K., 2016. A
review of cyber security risk assessment methods for SCADA systems. Computers & security, 56,
pp.1-27.
De Gramatica, M., Labunets, K., Massacci, F., Paci, F. and Tedeschi, A., 2015, March. The role of
catalogues of threats and security controls in security risk assessment: an empirical study with ATM
professionals. In International Working Conference on Requirements Engineering: Foundation for
Software Quality (pp. 98-114). Springer, Cham.
Donateblood.com.au. (2018). Home | Australian Red Cross Blood Service. [online] Available at:
http://www.donateblood.com.au/ [Accessed 12 Apr. 2018].
Ermakov, S.A., Zavorykin, A.S., Kolenbet, N.S., Ostapenko, A.G. and Kalashnikov, A.O., 2014.
Optimization of expert methods used to analyze information security risk in modern wireless
networks. Life Science Journal, 11(10), p.511.
Henshel, D., Cains, M.G., Hoffman, B. and Kelley, T., 2015. Trust as a human factor in holistic
cyber security risk assessment. Procedia Manufacturing, 3, pp.1117-1124.
Labunets, K., Massacci, F., Paci, F., Marczak, S. and de Oliveira, F.M., 2017. Model comprehension
for security risk assessment: an empirical comparison of tabular vs. graphical
representations. Empirical Software Engineering, 22(6), pp.3017-3056.
Oaic.gov.au. (2018). DonateBlood.com.au data breach (Precedent Communications Pty Ltd)| Office
of the Australian Information Commissioner - OAIC. [online] Available at:
6. References:
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H. and Stoddart, K., 2016. A
review of cyber security risk assessment methods for SCADA systems. Computers & security, 56,
pp.1-27.
De Gramatica, M., Labunets, K., Massacci, F., Paci, F. and Tedeschi, A., 2015, March. The role of
catalogues of threats and security controls in security risk assessment: an empirical study with ATM
professionals. In International Working Conference on Requirements Engineering: Foundation for
Software Quality (pp. 98-114). Springer, Cham.
Donateblood.com.au. (2018). Home | Australian Red Cross Blood Service. [online] Available at:
http://www.donateblood.com.au/ [Accessed 12 Apr. 2018].
Ermakov, S.A., Zavorykin, A.S., Kolenbet, N.S., Ostapenko, A.G. and Kalashnikov, A.O., 2014.
Optimization of expert methods used to analyze information security risk in modern wireless
networks. Life Science Journal, 11(10), p.511.
Henshel, D., Cains, M.G., Hoffman, B. and Kelley, T., 2015. Trust as a human factor in holistic
cyber security risk assessment. Procedia Manufacturing, 3, pp.1117-1124.
Labunets, K., Massacci, F., Paci, F., Marczak, S. and de Oliveira, F.M., 2017. Model comprehension
for security risk assessment: an empirical comparison of tabular vs. graphical
representations. Empirical Software Engineering, 22(6), pp.3017-3056.
Oaic.gov.au. (2018). DonateBlood.com.au data breach (Precedent Communications Pty Ltd)| Office
of the Australian Information Commissioner - OAIC. [online] Available at:
9IT SECURITY MANAGEMENT
https://www.oaic.gov.au/privacy-law/commissioner-initiated-investigation-reports/donateblood-
com-au-data-breach-precedent-communications-pty-ltd [Accessed 12 Apr. 2018].
Oaic.gov.au. (2018). DonateBlood.com.au data breach (Australian Red Cross Blood Service)| Office
of the Australian Information Commissioner - OAIC. [online] Available at:
https://www.oaic.gov.au/privacy-law/commissioner-initiated-investigation-reports/donateblood-
com-au-data-breach-australian-red-cross-blood-service [Accessed 12 Apr. 2018].
Precedent.com. (2018). Home | Precedent. [online] Available at: https://www.precedent.com/
[Accessed 12 Apr. 2018].
Reniers, G., Van Lerberghe, P. and Van Gulijk, C., 2015. Security risk assessment and protection in
the chemical and process industry. Process safety progress, 34(1), pp.72-83.
Sallam, H., 2015. Cyber security risk assessment using multi fuzzy inference system. IJEIT, 4(8),
pp.13-19.
Telstra.com.au. (2018). Telstra - mobile phones, prepaid phones, broadband, internet, home phones,
business phones. [online] Available at: https://www.telstra.com.au/ [Accessed 12 Apr. 2018].
https://www.oaic.gov.au/privacy-law/commissioner-initiated-investigation-reports/donateblood-
com-au-data-breach-precedent-communications-pty-ltd [Accessed 12 Apr. 2018].
Oaic.gov.au. (2018). DonateBlood.com.au data breach (Australian Red Cross Blood Service)| Office
of the Australian Information Commissioner - OAIC. [online] Available at:
https://www.oaic.gov.au/privacy-law/commissioner-initiated-investigation-reports/donateblood-
com-au-data-breach-australian-red-cross-blood-service [Accessed 12 Apr. 2018].
Precedent.com. (2018). Home | Precedent. [online] Available at: https://www.precedent.com/
[Accessed 12 Apr. 2018].
Reniers, G., Van Lerberghe, P. and Van Gulijk, C., 2015. Security risk assessment and protection in
the chemical and process industry. Process safety progress, 34(1), pp.72-83.
Sallam, H., 2015. Cyber security risk assessment using multi fuzzy inference system. IJEIT, 4(8),
pp.13-19.
Telstra.com.au. (2018). Telstra - mobile phones, prepaid phones, broadband, internet, home phones,
business phones. [online] Available at: https://www.telstra.com.au/ [Accessed 12 Apr. 2018].
1 out of 10
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.