ProductsLogo
LogoStudy Documents
LogoAI Grader
LogoAI Answer
LogoAI Code Checker
LogoPlagiarism Checker
LogoAI Paraphraser
LogoAI Quiz
LogoAI Detector
PricingBlogAbout Us
logo

Information Security Management Case Study of Widgets and Gadgets

Verified

Added on  2023/06/14

|11
|732
|331
AI Summary
This case study discusses the importance of information security management for Widgets and Gadgets, and the risks associated with phishing, vishing, physical access breaches, and data breaches. It also outlines steps for implementing a security awareness program.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Project
Management
Case study of
of Widget and Gadgets

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Content
Introduction
Phishing
Vishing
Physical access breaches
Data breaches
Conclusion
References
Document Page
Introduction
Widgets and Gadgets (WaG) company is willing to appoint
an Information security manager for their company to manage
all their information asset professionally.
The executives of the company failed to adopt all necessary
security approaches and considered security as a secondary
requirement.
The CCTV installed in the company were also highlighted as
improper .
The information security policy and social awareness
programs are developed for the company and elaborated here.
Document Page
Phishing
Phishing is referred to as a process or method that is widely used for
cyber crime by the cyber criminals to gather personnel credentials
through the usage of deceptive websites and email. The technique of
phishing is elaborated below:
A legitimate website cloning is done to create a false
Then the login page changes in to credential stealing script
Phishing kit is created
Phishing kits uploaded and sent to the targets.
Once the email or website will be clicked the users became
victim

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Vishing
Vishing is referred to as an illegal data
access process which is done through
voice over internet protocol.
This is a IP telephonic version of
phishing attack.
Using voice messages the personnel
credentials can be hijacked
Generally the toll free numbers are the
victims for the Vishing attacks.
Document Page
Physical access breaches
Physical security access breaches is a process of
stealing sensitive computer files and information.
This accidental exposures took place if proper
physical security mechanism are not adopted
There are different physical access breaches
approaches are used by the cyber criminals and
those are as follows:
Access to server room
Damaged equipments
Hardware theft
Access to password
Document Page
Data breaches
Data breach is a confirmed design
outline or incident through which
personnel credentials or other
protected data can be accessed by
the data hijackers and cyber
attackers
This may involve the following:
Information of intellectual property
Personal identifiable data
Health information
Bank details etc

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Steps for security awareness
program
Analyzing the requirements of Widgets and Gadgets
and developing content according to that
Scheduling developing training program for the
employees working in Widgets and Gadgets
Testing the effectiveness of the training
Identifying and gathering C-level support from the
third party
Tracking the company needs and acting according to
the requirements
Document Page
Conclusion
From the overall discussion it can be concluded that,
Information security has become one of the major
components for Widgets and Gadgets to avoid the
security risks. The company did not have any
professional information security manager and the
system administrator itself used to play the activities of
information security manager. Thus, some of the cores
managerial aspects were neglected due to which major
security challenges were faced by Widgets and
Gadgets.
Document Page
References
Hoffmann, R., Kiedrowicz, M., & Stanik, J. (2016). Risk management system as the
basic paradigm of the information security management system in an organization.
In MATEC Web of Conferences (Vol. 76, p. 04010). EDP Sciences.
Narain Singh, A., Gupta, M. P., & Ojha, A. (2014). Identifying factors of
“organizational information security management”. Journal of Enterprise Information
Management, 27(5), 644-667.
Park, S., & Lee, K. (2014). Advanced approach to information security management
system model for industrial control system. The Scientific World Journal, 2014.
Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards:
guidelines for effective information security management. CRC Press.
Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy
compliance model in organizations. Computers & Security, 56, 70-82.
Tot, L., Grubor, G., & Marta, T. (2015). Introducing the Information Security
Management System in Cloud Computing Environment. Acta Polytechnica
Hungarica, 12(3), 147-166.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
1 out of 11
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]