Information Security Management Case Study of Widgets and Gadgets

Verified

Added on 2023/06/14

AI Summary

This case study discusses the importance of information security management for Widgets and Gadgets, and the risks associated with phishing, vishing, physical access breaches, and data breaches. It also outlines steps for implementing a security awareness program.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Project
Management
Case study of
of Widget and Gadgets

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Content
• Introduction
• Phishing
• Vishing
• Physical access breaches
• Data breaches
• Conclusion
• References

Introduction
•Widgets and Gadgets (WaG) company is willing to appoint
an Information security manager for their company to manage
all their information asset professionally.
•The executives of the company failed to adopt all necessary
security approaches and considered security as a secondary
requirement.
•The CCTV installed in the company were also highlighted as
improper .
•The information security policy and social awareness
programs are developed for the company and elaborated here.

Phishing
Phishing is referred to as a process or method that is widely used for
cyber crime by the cyber criminals to gather personnel credentials
through the usage of deceptive websites and email. The technique of
phishing is elaborated below:
• A legitimate website cloning is done to create a false
• Then the login page changes in to credential stealing script
• Phishing kit is created
• Phishing kits uploaded and sent to the targets.
• Once the email or website will be clicked the users became
victim

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

Vishing
Vishing is referred to as an illegal data
access process which is done through
voice over internet protocol.
This is a IP telephonic version of
phishing attack.
Using voice messages the personnel
credentials can be hijacked
Generally the toll free numbers are the
victims for the Vishing attacks.

Physical access breaches
Physical security access breaches is a process of
stealing sensitive computer files and information.
This accidental exposures took place if proper
physical security mechanism are not adopted
There are different physical access breaches
approaches are used by the cyber criminals and
those are as follows:
• Access to server room
• Damaged equipments
• Hardware theft
• Access to password

Data breaches
Data breach is a confirmed design
outline or incident through which
personnel credentials or other
protected data can be accessed by
the data hijackers and cyber
attackers
This may involve the following:
• Information of intellectual property
• Personal identifiable data
• Health information
• Bank details etc

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Steps for security awareness
program
• Analyzing the requirements of Widgets and Gadgets
and developing content according to that
• Scheduling developing training program for the
employees working in Widgets and Gadgets
• Testing the effectiveness of the training
• Identifying and gathering C-level support from the
third party
• Tracking the company needs and acting according to
the requirements

Conclusion
From the overall discussion it can be concluded that,
Information security has become one of the major
components for Widgets and Gadgets to avoid the
security risks. The company did not have any
professional information security manager and the
system administrator itself used to play the activities of
information security manager. Thus, some of the cores
managerial aspects were neglected due to which major
security challenges were faced by Widgets and
Gadgets.

References
• Hoffmann, R., Kiedrowicz, M., & Stanik, J. (2016). Risk management system as the
basic paradigm of the information security management system in an organization.
In MATEC Web of Conferences (Vol. 76, p. 04010). EDP Sciences.
• Narain Singh, A., Gupta, M. P., & Ojha, A. (2014). Identifying factors of
“organizational information security management”. Journal of Enterprise Information
Management, 27(5), 644-667.
• Park, S., & Lee, K. (2014). Advanced approach to information security management
system model for industrial control system. The Scientific World Journal, 2014.
• Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards:
guidelines for effective information security management. CRC Press.
• Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy
compliance model in organizations. Computers & Security, 56, 70-82.
• Tot, L., Grubor, G., & Marta, T. (2015). Introducing the Information Security
Management System in Cloud Computing Environment. Acta Polytechnica
Hungarica, 12(3), 147-166.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

1 out of 11

Information Security Management Case Study of Widgets and Gadgets

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Cyber-Security and Phishing Attacks: Research and Defence Strategies

Cyber Security Awareness Training for Widget Inc Dot Com

Phishing Attacks: Research and Defense Strategies

Assignment on Computer security (pdf)

Cyber security Assignment PDF

Cyber Crime: Types, Impact, and Prevention

+13062052269

info@desklib.com