Information Security Strategies and Countermeasures
VerifiedAdded on 2020/02/19
|8
|1781
|39
AI Summary
This assignment explores information security strategies and countermeasures within organizations. It delves into a qualitative study on the implementation of security strategies to protect information systems from attacks. The analysis focuses on different security strategies deployed, optimized, and collectively applied in response to evolving security environments. The paper examines both insider and outsider threats, aiming to identify effective technical security risk mitigation strategies. The assignment also includes case studies of Korean organizations to illustrate the practical application and benefits of various security strategies.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: ANNOTATED BIBLIOGRAPHY
Annotated Bibliography on Network and information security technologies
Name of the Student:
Name of the University:
Annotated Bibliography on Network and information security technologies
Name of the Student:
Name of the University:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1ANNOTATED BIBLIOGRAPHY
Annotation 1:
“Ab Rahman, N. H., & Choo, K. K. R. (2015). A survey of information security incident
handling in the cloud. Computers & Security, 49, 45-69.”
In this article, Ab Rahman and Choo (2015) discussed the information security incident
handling strategies in order to mitigate the risks regarding availability, confidentiality as well as
integrity of the organizational assets. The aim of this article is to contribute to knowledge gaps to
handle of incidents within cloud environment. The standards and guidelines are used to review
existing academic incident handling model. Four phases are discussed to handle the information
security incidents handling such as preparation phase, in which the organizations are minimizing
impacts of security incidents. Detection and analysis phase detects the unusual events and
reports. After the incidents are detected, an efficient response is undertaken. Proactive degree is
so little that immediate activities are taken position. Suppression as well as recovery is the
required actions to be taken as incident responses. Post incident is a phase that contributes to
final phase after the incidents are resolving. The information and internet users are facing one
and more security breaches. The breaches are unauthorized access to the information of
customers such as stealing of personal details and financial records of online login details. Using
the triple R framework, the selected article is reviewed based on its relevance, reliability and
reputable. The main limitation of this article is that a collaborative cloud incident management
platform is not discussed to share information among various stakeholders, make easy real-time
incident handling as well as replies to the malicious cyber actions within synchronized time.
Annotation 1:
“Ab Rahman, N. H., & Choo, K. K. R. (2015). A survey of information security incident
handling in the cloud. Computers & Security, 49, 45-69.”
In this article, Ab Rahman and Choo (2015) discussed the information security incident
handling strategies in order to mitigate the risks regarding availability, confidentiality as well as
integrity of the organizational assets. The aim of this article is to contribute to knowledge gaps to
handle of incidents within cloud environment. The standards and guidelines are used to review
existing academic incident handling model. Four phases are discussed to handle the information
security incidents handling such as preparation phase, in which the organizations are minimizing
impacts of security incidents. Detection and analysis phase detects the unusual events and
reports. After the incidents are detected, an efficient response is undertaken. Proactive degree is
so little that immediate activities are taken position. Suppression as well as recovery is the
required actions to be taken as incident responses. Post incident is a phase that contributes to
final phase after the incidents are resolving. The information and internet users are facing one
and more security breaches. The breaches are unauthorized access to the information of
customers such as stealing of personal details and financial records of online login details. Using
the triple R framework, the selected article is reviewed based on its relevance, reliability and
reputable. The main limitation of this article is that a collaborative cloud incident management
platform is not discussed to share information among various stakeholders, make easy real-time
incident handling as well as replies to the malicious cyber actions within synchronized time.
2ANNOTATED BIBLIOGRAPHY
Annotation 2:
“Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., & Qiu, D. (2014). Security of the internet of things:
Perspectives and challenges. Wireless Networks, 20(8), 2481-2501.”
In this article, Jing et al., (2014) analyzed that internet of things (IoT) plays a key
significant role and its security is important. IoT is to be building on basis of internet, and
therefore the security problems are also show up into IoT. This particular article provides
relevant information on security harms of each layer and tries to locate out innovative problems
as well as results. It was found that at last this paper investigates the security issues among IoT
as well as traditional network, and discussed of opening security issues among IoT.
Standardization of the awareness of data processing for potential IoT is greatly preferred.
Hackers, malicious software and also viruses into communiqué channel can disturb the data and
information truthfulness. Expansion of IoT technology can directly threat the overall IoT system.
Protection over data and security is one of the key applications challenges for the IoT. Three of
the IoT layers are analyzed with its key security problems of each layer. The future direction of
this paper is to revise lightweight solutions for IoT system such as access confirmation and
direct. The limitation is lot of discussion is not there on network control technologies.
Annotation 2:
“Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., & Qiu, D. (2014). Security of the internet of things:
Perspectives and challenges. Wireless Networks, 20(8), 2481-2501.”
In this article, Jing et al., (2014) analyzed that internet of things (IoT) plays a key
significant role and its security is important. IoT is to be building on basis of internet, and
therefore the security problems are also show up into IoT. This particular article provides
relevant information on security harms of each layer and tries to locate out innovative problems
as well as results. It was found that at last this paper investigates the security issues among IoT
as well as traditional network, and discussed of opening security issues among IoT.
Standardization of the awareness of data processing for potential IoT is greatly preferred.
Hackers, malicious software and also viruses into communiqué channel can disturb the data and
information truthfulness. Expansion of IoT technology can directly threat the overall IoT system.
Protection over data and security is one of the key applications challenges for the IoT. Three of
the IoT layers are analyzed with its key security problems of each layer. The future direction of
this paper is to revise lightweight solutions for IoT system such as access confirmation and
direct. The limitation is lot of discussion is not there on network control technologies.
3ANNOTATED BIBLIOGRAPHY
Annotation 3:
“Alavi, R., Islam, S., & Mouratidis, H. (2014, June). A conceptual framework to analyze human
factors of information security management system (ISMS) in organizations.
In International Conference on Human Aspects of Information Security, Privacy, and
Trust (pp. 297-305). Springer, Cham.”
In this particular article, Alavi, Islam and Mouratidis (2014) discussed on the conceptual
framework of securing information assets which is challenging for the organization to use of
information system for supporting business processes. The paper reviews on information security
management system (ISMS) to set up security structure as well as regulate of proper way to
secure information system. It is relevant to get knowledge on solid security framework ensures
for confidentiality, accessibility, legitimacy as well as adaptability of significant information
assets. This paper analyzes the importance to understand main human factors within efficiency of
ISMS. Goal modeling structure is discussed to provide an understanding of forces that are used
to promote of security postures. The future work is based on evaluation of proposed framework
to make sure that goal modeling framework is generalized into organizational context into real
world. The support is favorable for better considerate of the human factors into procedure of
ISMS that leads to underlying principle change into organizational contexts. It provides of
rational metrics for the security. The information security systems are rule bound as well as
exclusive. It provides of a comprehensive environment that are more efficient.
Annotation 3:
“Alavi, R., Islam, S., & Mouratidis, H. (2014, June). A conceptual framework to analyze human
factors of information security management system (ISMS) in organizations.
In International Conference on Human Aspects of Information Security, Privacy, and
Trust (pp. 297-305). Springer, Cham.”
In this particular article, Alavi, Islam and Mouratidis (2014) discussed on the conceptual
framework of securing information assets which is challenging for the organization to use of
information system for supporting business processes. The paper reviews on information security
management system (ISMS) to set up security structure as well as regulate of proper way to
secure information system. It is relevant to get knowledge on solid security framework ensures
for confidentiality, accessibility, legitimacy as well as adaptability of significant information
assets. This paper analyzes the importance to understand main human factors within efficiency of
ISMS. Goal modeling structure is discussed to provide an understanding of forces that are used
to promote of security postures. The future work is based on evaluation of proposed framework
to make sure that goal modeling framework is generalized into organizational context into real
world. The support is favorable for better considerate of the human factors into procedure of
ISMS that leads to underlying principle change into organizational contexts. It provides of
rational metrics for the security. The information security systems are rule bound as well as
exclusive. It provides of a comprehensive environment that are more efficient.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4ANNOTATED BIBLIOGRAPHY
Annotation 4:
“AlHogail, A. (2015). Design and validation of information security culture
framework. Computers in human behavior, 49, 567-575.”
In this article, AlHogail (2015) discussed an establishment of information security culture
(ISC) within the organization that influences employee’s perceptions as well as security behavior
that can protector against the security threats. This particular paper also concerns on developing
an inclusive information security cultural framework for the business. “STOPE (Strategy,
technology, organization, people and environment)” is used as a framework where different
information security issues are being integrated. ISC framework consists of change management
principles to grow the culture of information security. It assists to develop of an effective
informational security culture which protects against the information assets. With use of STOPE
scope, the issues are covered and mitigated. The limitation of this article is that framework
dimensions are not properly discussed which help to achieve objectives and reduce economic
cost due to security threats. In the future, the research is expanded to look on more frameworks
using case study analysis in order to produce an evidence of theoretical framework. An
assessment tool is used to measure information security cultural levels. The article is relevant as
it designs of information security culture framework for the security issues due to use of internet.
The information provided into the paper is reputable for validating the security framework.
Annotation 4:
“AlHogail, A. (2015). Design and validation of information security culture
framework. Computers in human behavior, 49, 567-575.”
In this article, AlHogail (2015) discussed an establishment of information security culture
(ISC) within the organization that influences employee’s perceptions as well as security behavior
that can protector against the security threats. This particular paper also concerns on developing
an inclusive information security cultural framework for the business. “STOPE (Strategy,
technology, organization, people and environment)” is used as a framework where different
information security issues are being integrated. ISC framework consists of change management
principles to grow the culture of information security. It assists to develop of an effective
informational security culture which protects against the information assets. With use of STOPE
scope, the issues are covered and mitigated. The limitation of this article is that framework
dimensions are not properly discussed which help to achieve objectives and reduce economic
cost due to security threats. In the future, the research is expanded to look on more frameworks
using case study analysis in order to produce an evidence of theoretical framework. An
assessment tool is used to measure information security cultural levels. The article is relevant as
it designs of information security culture framework for the security issues due to use of internet.
The information provided into the paper is reputable for validating the security framework.
5ANNOTATED BIBLIOGRAPHY
Annotation 5:
“Ahmad, A., Maynard, S. B., & Park, S. (2014). Information security strategies: towards an
organizational multi-strategy perspective. Journal of Intelligent Manufacturing, 25(2),
357-370.”
In this article, Ahmad, Maynard and Park (2014) discussed on prevention of security
attacks with use of technical countermeasures. Qualitative study is discussed to implement of
security strategies in order to protect information system. Prevention is aimed to protect of
informational assets proceeding to protect of attacks by prohibition of unauthorized access. The
identified countermeasures are deployed to outlook block of the attacks into the organization.
The main focus of this context is to examine extent to different security strategies that are
deployed, optimized as well as collective in reaction to the security environment. The strategies
are identified based on time and space. The strategies address insider as well as outsider threats
to prevent the technical security risks. The limitation of this study is that it conducted into
Korean organizations. There are issues of generalizability into the organization. This study is
relevant and reputable as it develops a security architecture which enables the organization to
address the technological challenges into security situation. The final project phase is analyzing
in-depth study on Korean organization’s case studies to examine relationship that the
organization gains from various strategies. The challenge for the researcher is to select the
strategies as it impacts the information environment.
Annotation 5:
“Ahmad, A., Maynard, S. B., & Park, S. (2014). Information security strategies: towards an
organizational multi-strategy perspective. Journal of Intelligent Manufacturing, 25(2),
357-370.”
In this article, Ahmad, Maynard and Park (2014) discussed on prevention of security
attacks with use of technical countermeasures. Qualitative study is discussed to implement of
security strategies in order to protect information system. Prevention is aimed to protect of
informational assets proceeding to protect of attacks by prohibition of unauthorized access. The
identified countermeasures are deployed to outlook block of the attacks into the organization.
The main focus of this context is to examine extent to different security strategies that are
deployed, optimized as well as collective in reaction to the security environment. The strategies
are identified based on time and space. The strategies address insider as well as outsider threats
to prevent the technical security risks. The limitation of this study is that it conducted into
Korean organizations. There are issues of generalizability into the organization. This study is
relevant and reputable as it develops a security architecture which enables the organization to
address the technological challenges into security situation. The final project phase is analyzing
in-depth study on Korean organization’s case studies to examine relationship that the
organization gains from various strategies. The challenge for the researcher is to select the
strategies as it impacts the information environment.
6ANNOTATED BIBLIOGRAPHY
References
Ab Rahman, N. H., & Choo, K. K. R. (2015). A survey of information security incident handling
in the cloud. Computers & Security, 49, 45-69.
Ahmad, A., Maynard, S. B., & Park, S. (2014). Information security strategies: towards an
organizational multi-strategy perspective. Journal of Intelligent Manufacturing, 25(2),
357-370.
Alavi, R., Islam, S., & Mouratidis, H. (2014, June). A conceptual framework to analyze human
factors of information security management system (ISMS) in organizations.
In International Conference on Human Aspects of Information Security, Privacy, and
Trust (pp. 297-305). Springer, Cham.
AlHogail, A. (2015). Design and validation of information security culture
framework. Computers in human behavior, 49, 567-575.
Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., & Qiu, D. (2014). Security of the internet of things:
Perspectives and challenges. Wireless Networks, 20(8), 2481-2501.
References
Ab Rahman, N. H., & Choo, K. K. R. (2015). A survey of information security incident handling
in the cloud. Computers & Security, 49, 45-69.
Ahmad, A., Maynard, S. B., & Park, S. (2014). Information security strategies: towards an
organizational multi-strategy perspective. Journal of Intelligent Manufacturing, 25(2),
357-370.
Alavi, R., Islam, S., & Mouratidis, H. (2014, June). A conceptual framework to analyze human
factors of information security management system (ISMS) in organizations.
In International Conference on Human Aspects of Information Security, Privacy, and
Trust (pp. 297-305). Springer, Cham.
AlHogail, A. (2015). Design and validation of information security culture
framework. Computers in human behavior, 49, 567-575.
Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., & Qiu, D. (2014). Security of the internet of things:
Perspectives and challenges. Wireless Networks, 20(8), 2481-2501.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7ANNOTATED BIBLIOGRAPHY
Bibliography
Acharya, K., Sajwan, M., & Bhargava, S. (2014). Analysis of Cryptographic Algorithms for
Network Security. International Journal of Computer Applications Technology and
Research, 3(2), 130-135.
Er, M. K., & Er, J. K. (2017). Data Encryption Using Different Techniques: A
Review. International Journal of Advanced Research in Computer Science, 8(4).
Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. CRC Press.
Rao, J. D. P., Rai, M. S., & Narain, B. (2017). A study of Network Attacks and Features of
Secure Protocols. Research Journal of Engineering and Technology, 8(1), 04-08.
Stallings, W., & Tahiliani, M. P. (2014). Cryptography and network security: principles and
practice (Vol. 6). London: Pearson.
Bibliography
Acharya, K., Sajwan, M., & Bhargava, S. (2014). Analysis of Cryptographic Algorithms for
Network Security. International Journal of Computer Applications Technology and
Research, 3(2), 130-135.
Er, M. K., & Er, J. K. (2017). Data Encryption Using Different Techniques: A
Review. International Journal of Advanced Research in Computer Science, 8(4).
Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. CRC Press.
Rao, J. D. P., Rai, M. S., & Narain, B. (2017). A study of Network Attacks and Features of
Secure Protocols. Research Journal of Engineering and Technology, 8(1), 04-08.
Stallings, W., & Tahiliani, M. P. (2014). Cryptography and network security: principles and
practice (Vol. 6). London: Pearson.
1 out of 8
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.