Information Management Report: Active Defense in Two Industries

Verified

Added on 2022/09/15

AI Summary

This report provides an overview of active defense strategies in the oil and gas and healthcare industries. It explores the unique cybersecurity challenges faced by each sector, including the use of Operational Technology (OT) in oil and gas and the increasing reliance on interconnected devices in healthcare. The report examines the implementation of active defense frameworks, such as the Cybersecurity Framework (CSF), and discusses how these strategies help to mitigate cyber threats by blocking infected networks and shutting down botnets. It highlights the importance of data access and security in both sectors, emphasizing the need for proactive measures to protect sensitive information and critical infrastructure. The report also references relevant literature on cybersecurity in both industries, providing a comprehensive analysis of the current threat landscape and potential solutions.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: INFORMATION MANAGEMENT
INFORMATION MANAGEMENT
Name of the Student:
Name of the University:
Author Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1INFORMATION MANAGEMENT
Framework in oil and gas industry
There is cybersecurity’s few direct regulations in gas and oil industry, however there is
best practices as well as body for standards from both government and industry for helping the
organizations ensure that the status and policies meet the requirements to secure their own data
as well as infrastructure. Active defense strategy is proactive measure to detect or obtain
information of cyber cyberattack, cyber operation or cyber intrusion or to determine origin of
operation which involves launching preventive or preemptive counter operation against source.
(Leal-Arcas et al. 173). While the guidelines are voluntary however not mandatory, organization
which adopting strategies of Active Defense are recognized as the best practices within industry
for detecting cyber threats as well as the risks of ecosystem which is operated by it.. Oil and gas
industry is unique as well as faces unique challenges. Strategies of active defense could be
applied to framework of oil and gas sector for mitigating the cyber threats which could be faced
in this sector by blocking connections of network from source as well as alert system
administrator.
Technologies used in oil and gas industry
Systems of Operational Technology is used in oil and gas industries which oversee
location, velocity, volume as well as other crucial activities in production as well as distribution
of gas and oil sector produce wealth of proprietary and sensitive information, which are crucial
to economic health as well as physical safety of organization, facilities along with its employees.
By using strategies of active defense within this sector, the security threats would be blocked by
shutting down botnet that is used for conducting attacks of denial of service (DDoS) as well as
blocking connections of network from source. Strategy of active defense could also attack back
the system of the attacker and destroying ability of hacker to attack (Lamba and Anil 76870).
Unlike IT software and equipment that could be deployed for performing several tasks and could
be upgraded and updated frequently, OT system is intended in performing only one task, safety
and reliability are the primary attributes of OT technology. Data access is essential in oil and gas
sector. With IP networking’s integration as well as adoption of several other standardized
protocols within OT, cybersecurity in oil and gas sector is becoming crucial to safety having
chances of cyberattacks.
Solutions against threats in oil and gas industry
While oil and gas industries continue in prioritizing cybersecurity and there is good
progress to identify as well as resolve the vulnerabilities of cyber threats within oil and gas
sector. There is increase in cyber risks for the limited visibility of network communications for
the huge, complicated infrastructure of oil and gas industry, which might be financial loss,
environmental damage and employee injury if operational or cyber incident occurs (Wagner and
Daniel 430). For mitigating the cyberattacks in oil and gas sector, strategy of active defense
could be implemented in the system of oil and gas industry for blocking the infected network or
by shutting down botnets used for the attack. Active defense strategy is proactive measure to
detect or obtain information of cyber cyberattack, cyber operation or cyber intrusion or to
determine origin of operation which involves launching preventive or preemptive counter
operation against source (Sandoval and Catherine JK 91). Defending the system against

2INFORMATION MANAGEMENT
cyberattacks is a major element for cybersecurity resilience, which could be done by
implementing the strategies of active defense for protecting the systems of oil and gas industry.
Framework in healthcare industry
Cybersecurity framework (CSF) within healthcare is guide which is based on existing
practices and guidelines. This helps healthcare sector to reduce risks of cybersecurity with
maintaining process of management. Approach of active defense framework helps the
administrators to protecting the systems of the healthcare sector as well as mitigate the threats of
cybersecurity by blocking the infected networks (Abraham et al. 542). CSF are roadmaps to
secure IT systems within healthcare sector. Strategy of active defense provides common methods
and languages to fight cyber threats as well as secure the sensitive information of healthcare
sector. Main objectives of active defense within healthcare sector are blocking connections of
infected network as well as shutting down the botnets used for the security breach. Three basis
components are available within strategies of CSF within healthcare sector: core, profiles and
implementation tiers. Core is arrangement of the cybersecurity references and activities within
healthcare sector, organized for reaching specific outcome (Smith and Carla 39). Profiles are
arrangements of goals, assets and premises of healthcare sector against core results.
Implementation tiers provide help to healthcare sector by defining the cybersecurity
management.
Technologies used in healthcare industry
Cybersecurity in healthcare is growing issue. Last couple of years saw hacking and
incidents of IT security rise steadily and several healthcare organizations struggled in defending
their network system and reduce the cyber threats. Providers of healthcare sector need to secure
now more connected devices and there are proliferation of devices of IoT within healthcare
industry. There is growth in attack surface and more sophisticated techniques and tools are
developed by the cybercriminals for attacking the healthcare sector, gain access into their data as
well as hold network and sensitive data to ransom (Coventry et al. 51). Strategies of active
defense are used within healthcare organizations for protecting systems of the organizations by
blocking the infected networks. There are private laws for healthcare sector in handling records
of patients and EHR solutions’ leading providers clarify about how they provide help to health
professionals and brands. Strategies of active defense could be used within healthcare sector.
Healthcare sector is excited particularly about potential of the strategies of active defense for
their systems.
Solutions against threats in healthcare sector
Due to significant impact of the data breaches within healthcare sector, health informatics
as well as other professionals are trying to play as essential role to ensure that healthcare
organizations are secured from the threats of cybersecurity. Healthcare organizations could
secure their systems form the cyber threats through implementing strategies of active defense.
Active defense strategy could be implemented within system of healthcare organizations to block
the connections of infected networks or shutting down the botnets used for the attack or to
determine origin of operation which involves launching preventive or preemptive counter
operation against source (Kruse et al. 8). This strategy of active defense could be taken for

3INFORMATION MANAGEMENT
protecting systems of healthcare sector. This strategies should be implemented within systems of
healthcare organizations for securing the systems from any kind of threats.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4INFORMATION MANAGEMENT
References
Abraham, Chon, Dave Chatterjee, and Ronald R. Sims. "Muddling through cybersecurity:
Insights from the US healthcare industry." Business horizons 62.4 (2019): 539-548.
Coventry, Lynne, and Dawn Branley. "Cybersecurity in healthcare: a narrative review of trends,
threats and ways forward." Maturitas 113 (2018): 48-52.
Kruse, Clemens Scott, et al. "Cybersecurity in healthcare: A systematic review of modern threats
and trends." Technology and Health Care 25.1 (2017): 1-10.
Lamba, Anil. "Protecting'Cybersecurity & Resiliency'of Nation’s Critical Infrastructure-Energy,
Oil & Gas." International Journal of Current Research 10 (2018): 76865-76876.
Leal-Arcas, Rafael, et al. "Decarbonizing the energy sector." J. Animal & Nat. Resource L. 15
(2019): 173.
Sandoval, Catherine JK. "Cybersecurity Paradigm Shift: The Risks of Net Neutrality Repeal to
Energy Reliability, Public Safety, and Climate Change Solutions." San Diego J. Climate
& Energy L. 10 (2018): 91.
Smith, Carla. "Cybersecurity implications in an interconnected healthcare system." Frontiers of
health services management 35.1 (2018): 37-40.
Wagner, Daniel. "Building More Resilient Cybersecurity Solutions for Infrastructure
Systems." Systems Engineering in the Fourth Industrial Revolution (2019): 415-443.