Risk Assessment based on Cloud Security
Added on 2023-06-03
13 Pages4730 Words351 Views
Running head: RISK ASSESSMENT BASED ON CLOUD SECURITY
Risk Assessment based on Cloud Security
Name of the Student
Name of the University
Author’s note
Risk Assessment based on Cloud Security
Name of the Student
Name of the University
Author’s note
1RISK ASSESSMENT BASED ON CLOUD SECURITY
Table of Contents
1. Executive Summary.....................................................................................................................2
1.1 Statement of Intrusion Detection System within Gigantic Corporation................................2
1.1.1 Company Outline............................................................................................................2
1.1.2 Outline of Roles and Responsibilities of the Lead Consultant of IT Risk Assessment..2
1.1.3 Outline of New Technology...........................................................................................3
1.2 Overview of Technical Recommendations............................................................................4
1.2.1 Security Architecture of IDS Technology......................................................................4
1.2.2 Strategic, Tactical and Contingency Planning................................................................4
1.2.3 Financial Aspects of the Project.....................................................................................5
2. Risk Assessment based on Threats, Vulnerabilities and Consequences......................................6
2.1 Existing IT Control Framework.............................................................................................6
2.1.1 Policy and Procedures.....................................................................................................6
2.1.2 Best Recommended Practices.........................................................................................6
2.1.3 Current Evidences...........................................................................................................6
2.2 Identification and Discussion about the Major Threat Agents..............................................7
2.2.1 List of Agents of Threats................................................................................................7
2.2.2 Issues...............................................................................................................................7
2.2.3 Consequences.................................................................................................................8
2.3 Mitigation of Risks and Impacts on System..........................................................................9
2.3.1 Impact.............................................................................................................................9
2.3.2 Mitigation.......................................................................................................................9
3. Literature Review........................................................................................................................9
3.1 Protection Mechanisms for Employing Security...................................................................9
3.1.1 Safe Guards.....................................................................................................................9
3.1.2 Security Mechanisms......................................................................................................9
3.1.3 Key Principle of Information Security.........................................................................10
4. Conclusion.................................................................................................................................10
5. References..................................................................................................................................11
Table of Contents
1. Executive Summary.....................................................................................................................2
1.1 Statement of Intrusion Detection System within Gigantic Corporation................................2
1.1.1 Company Outline............................................................................................................2
1.1.2 Outline of Roles and Responsibilities of the Lead Consultant of IT Risk Assessment..2
1.1.3 Outline of New Technology...........................................................................................3
1.2 Overview of Technical Recommendations............................................................................4
1.2.1 Security Architecture of IDS Technology......................................................................4
1.2.2 Strategic, Tactical and Contingency Planning................................................................4
1.2.3 Financial Aspects of the Project.....................................................................................5
2. Risk Assessment based on Threats, Vulnerabilities and Consequences......................................6
2.1 Existing IT Control Framework.............................................................................................6
2.1.1 Policy and Procedures.....................................................................................................6
2.1.2 Best Recommended Practices.........................................................................................6
2.1.3 Current Evidences...........................................................................................................6
2.2 Identification and Discussion about the Major Threat Agents..............................................7
2.2.1 List of Agents of Threats................................................................................................7
2.2.2 Issues...............................................................................................................................7
2.2.3 Consequences.................................................................................................................8
2.3 Mitigation of Risks and Impacts on System..........................................................................9
2.3.1 Impact.............................................................................................................................9
2.3.2 Mitigation.......................................................................................................................9
3. Literature Review........................................................................................................................9
3.1 Protection Mechanisms for Employing Security...................................................................9
3.1.1 Safe Guards.....................................................................................................................9
3.1.2 Security Mechanisms......................................................................................................9
3.1.3 Key Principle of Information Security.........................................................................10
4. Conclusion.................................................................................................................................10
5. References..................................................................................................................................11
2RISK ASSESSMENT BASED ON CLOUD SECURITY
1. Executive Summary
The report is based in the severe forms of impact that have been felt with the impact of
the security platforms within the cloud computing environment. This report assesses all the
necessary areas based on the different forms of risks, which might affect the Gigantic
Corporation. The IT organization is facing some tremendous challenges with the implementation
of cloud security platforms and tools. They are trying to implement to a project based on the
cloud security platforms. The project is based on Intrusion Detection System (IDS), which is
purely designed for fitting into the needs of the organizational sector (Snapp et al., 2017). The
major need for the design of this project is purely based on building an interface and bridging the
gap between stakeholders and technologists within the project. The IDS technology would
majorly help in translating the major difficulties into successful endeavors. It would also help the
major stakeholders within the project to take various kinds of smart decisions (Ashfaq et al.,
2017). This report would help in assessing the IDS technology and provide valuable insights for
the implementation of the project within Gigantic Corporation. The thorough assessment of the
project would also help in understanding the business needs of implementing the project.
1.1 Statement of Intrusion Detection System within Gigantic Corporation
1.1.1 Company Outline
Gigantic Corporation is an IT organization that is primarily based in Australia. The
organization provides various kinds of IT solutions and services. They offer end-to-end services
to their customers a business clients who are based in several other countries. The organizations
helps in providing hardware and software based solutions to other companies. Gigantic
Corporation also holds the responsibility for establishing strong business relations, maintain high
form of services and thus monitor control over the various applications that are being developed
within the information technological systems.
The company helps in driving the business needs of the organisation. As Gigantic
Corporation holds a huge reputation in providing various kinds of solution to their clients
therefore they help in maintaining these services. They are also responsible for solving any kind
of unwanted situations that might occur within the systems. They also support their business
clients with all kinds of needs, which might be needed at any point of time. The company also
has a tilt towards the use of cloud computing platforms within the module of their business. This
is meant for bring efficiency within the processes of work in the sector.
1.1.2 Outline of Roles and Responsibilities of the Lead Consultant of IT Risk Assessment
The primary role of the Lead Consultant is to understand the current situations of work
within the sector of Gigantic Corporation. The consultant has to look into the details of the
organisation, understand them and thus be able to plan some form of strategies that would be
helpful for mitigating the concerns that might raise within the systems. They should conduct an
assessment over the security prospects of the systems and thus be able to develop solutions by
gaining vast insights (Peltier, 2016). Based on the current scenarios, it has been understood that
Gigantic Corporation is facing some major form of issues in relation with the aspects of security.
Therefore the organisation is focusing on the needs of development of a cloud based platform.
1. Executive Summary
The report is based in the severe forms of impact that have been felt with the impact of
the security platforms within the cloud computing environment. This report assesses all the
necessary areas based on the different forms of risks, which might affect the Gigantic
Corporation. The IT organization is facing some tremendous challenges with the implementation
of cloud security platforms and tools. They are trying to implement to a project based on the
cloud security platforms. The project is based on Intrusion Detection System (IDS), which is
purely designed for fitting into the needs of the organizational sector (Snapp et al., 2017). The
major need for the design of this project is purely based on building an interface and bridging the
gap between stakeholders and technologists within the project. The IDS technology would
majorly help in translating the major difficulties into successful endeavors. It would also help the
major stakeholders within the project to take various kinds of smart decisions (Ashfaq et al.,
2017). This report would help in assessing the IDS technology and provide valuable insights for
the implementation of the project within Gigantic Corporation. The thorough assessment of the
project would also help in understanding the business needs of implementing the project.
1.1 Statement of Intrusion Detection System within Gigantic Corporation
1.1.1 Company Outline
Gigantic Corporation is an IT organization that is primarily based in Australia. The
organization provides various kinds of IT solutions and services. They offer end-to-end services
to their customers a business clients who are based in several other countries. The organizations
helps in providing hardware and software based solutions to other companies. Gigantic
Corporation also holds the responsibility for establishing strong business relations, maintain high
form of services and thus monitor control over the various applications that are being developed
within the information technological systems.
The company helps in driving the business needs of the organisation. As Gigantic
Corporation holds a huge reputation in providing various kinds of solution to their clients
therefore they help in maintaining these services. They are also responsible for solving any kind
of unwanted situations that might occur within the systems. They also support their business
clients with all kinds of needs, which might be needed at any point of time. The company also
has a tilt towards the use of cloud computing platforms within the module of their business. This
is meant for bring efficiency within the processes of work in the sector.
1.1.2 Outline of Roles and Responsibilities of the Lead Consultant of IT Risk Assessment
The primary role of the Lead Consultant is to understand the current situations of work
within the sector of Gigantic Corporation. The consultant has to look into the details of the
organisation, understand them and thus be able to plan some form of strategies that would be
helpful for mitigating the concerns that might raise within the systems. They should conduct an
assessment over the security prospects of the systems and thus be able to develop solutions by
gaining vast insights (Peltier, 2016). Based on the current scenarios, it has been understood that
Gigantic Corporation is facing some major form of issues in relation with the aspects of security.
Therefore the organisation is focusing on the needs of development of a cloud based platform.
3RISK ASSESSMENT BASED ON CLOUD SECURITY
These would be meant for measuring the security prospects of the organisation. Hence the Lead
Consultant has been hired by Gigantic Corporation for helping in the implementation of an
Intrusion Detection System (IDS) technology (Liao et al., 2013). This technological system
would be meant for protecting the features of security and thus implement better forms of
processes within the existing business systems.
The basic responsibilities of the Lead Consultant is:
To work with the higher executives for understanding the challenges faced by the
business, identify and assess the risks and thus enable better form of performance within
the business. These are meant for removal of operational risks faced by the organization.
Establish proper form of communication and thus perform better coordination levels with
different stakeholders, technical experts. This also includes the ecosystem of the business
of the client.
Identify the potential risks and the issues, which might arise within the development of a
project.
Developing and implementing software solutions for the client business, which would fit
within the culture of the organization. This would also help in improving the business
performance of the concerned organization and thus provide immense benefits for the
client.
1.1.3 Outline of New Technology
The new form of technical system, which might be implemented within the organization
is Intrusion Detection System with the effect based on Cloud Security. The impact of IDS and
the included tools meant for the analysis would be helpful for securing the network environment
of the concerned organization. The impact of IDS technology would be purely meant for
providing effective forms of solutions meant for the purposes of the organisation. It would also
prove to be a useful factor for detecting several forms of unauthorized access within the
computing systems. These IDS systems would completely track the various movements within
the network and would also monitor the entire track records of the organisation (Patel et al.,
2013). The IDS systems have a high form of sensor that detects the various kinds of intrusions
within the computing systems. It would then send an alert message to the security team who
would then be able to monitor the systems and thus provide solutions accordingly.
In the age of technology, it has been majorly observed that there could be a vast range of
attacks on the computing systems. These attacks would be mostly meant for gaining a wide
access over the internal assets and data of the organization. Hence a proper mechanism of
detection of the attacks and securing the computing systems is highly necessary. The impact of
IDS technologies would majorly be helpful for ensuring the security of the data of the
organization and maintain a proper business procedure.
The report helps in assessing the different definitions of IDS and their vast level of
properties based on the aspect of cloud computing. The reports supports the discussion on the
cloud computing paradigms and the detection of intrusion by the IDS technology. It also provide
recommendations based on the prevention of such kinds of attacks (Modi et al., 2013).
These would be meant for measuring the security prospects of the organisation. Hence the Lead
Consultant has been hired by Gigantic Corporation for helping in the implementation of an
Intrusion Detection System (IDS) technology (Liao et al., 2013). This technological system
would be meant for protecting the features of security and thus implement better forms of
processes within the existing business systems.
The basic responsibilities of the Lead Consultant is:
To work with the higher executives for understanding the challenges faced by the
business, identify and assess the risks and thus enable better form of performance within
the business. These are meant for removal of operational risks faced by the organization.
Establish proper form of communication and thus perform better coordination levels with
different stakeholders, technical experts. This also includes the ecosystem of the business
of the client.
Identify the potential risks and the issues, which might arise within the development of a
project.
Developing and implementing software solutions for the client business, which would fit
within the culture of the organization. This would also help in improving the business
performance of the concerned organization and thus provide immense benefits for the
client.
1.1.3 Outline of New Technology
The new form of technical system, which might be implemented within the organization
is Intrusion Detection System with the effect based on Cloud Security. The impact of IDS and
the included tools meant for the analysis would be helpful for securing the network environment
of the concerned organization. The impact of IDS technology would be purely meant for
providing effective forms of solutions meant for the purposes of the organisation. It would also
prove to be a useful factor for detecting several forms of unauthorized access within the
computing systems. These IDS systems would completely track the various movements within
the network and would also monitor the entire track records of the organisation (Patel et al.,
2013). The IDS systems have a high form of sensor that detects the various kinds of intrusions
within the computing systems. It would then send an alert message to the security team who
would then be able to monitor the systems and thus provide solutions accordingly.
In the age of technology, it has been majorly observed that there could be a vast range of
attacks on the computing systems. These attacks would be mostly meant for gaining a wide
access over the internal assets and data of the organization. Hence a proper mechanism of
detection of the attacks and securing the computing systems is highly necessary. The impact of
IDS technologies would majorly be helpful for ensuring the security of the data of the
organization and maintain a proper business procedure.
The report helps in assessing the different definitions of IDS and their vast level of
properties based on the aspect of cloud computing. The reports supports the discussion on the
cloud computing paradigms and the detection of intrusion by the IDS technology. It also provide
recommendations based on the prevention of such kinds of attacks (Modi et al., 2013).
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Risk Assessment based on Cloud Securitylg...
|11
|4088
|214
IT Risk Assessment and Cyber Security Lead Consultant for Gigantic Corporationlg...
|10
|3551
|91
Cyber Security Assignment - Gigantic Corporationlg...
|13
|5221
|102
IT Risk Management: Threats, Vulnerabilities and Prevention Methodslg...
|21
|4785
|434
IT Risk Management: Cloud Securitylg...
|17
|3863
|237
IT Risk Management: Cloud Securitylg...
|16
|3858
|422