PricingBlogAbout Us

University Security Framework for Business Launching and Expansion

Verified

Added on  2022/09/09

|7
|831
|15
Report
AI Summary
This report examines the implementation of security policy frameworks and high-priority control measures within a business context. It delves into various frameworks, including COBIT, ISO 27000 Series, NIST Special Publication 800-53, NIST Special Publication 800-171, and CIS Controls, outlining their respective roles in maintaining system security and aligning IT goals with business strategies. The report further emphasizes the significance of high-priority controls such as SQL injection prevention, data encryption, and firewall implementation, detailing their functionalities in mitigating risks like database breaches, unauthorized data access, and data breaches. The conclusion stresses the importance of these security protocols in enhancing system robustness and ensuring proper data security management. The report provides a table summarizing the chosen frameworks, the departments to which they apply, and the associated measures.
tabler-icon-diamond-filled.svg

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
0
Running head: BUSINESS LAUNCHING AND EXPANSION
IS SECURITY
Student’s Name
University’s Name
Author note
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
1
BUSINESS LAUNCHING AND EXPANSION
Table of Contents
Introduction......................................................................................................................................2
Framework.......................................................................................................................................2
High priority control........................................................................................................................3
Conclusion.......................................................................................................................................4
References........................................................................................................................................5
Appendix..........................................................................................................................................6
Document Page
2
BUSINESS LAUNCHING AND EXPANSION
Introduction
Maintaining a security policy framework acts important in every high tech companies.
Implementation of high priority control measures have been another aspect that is considered.
This report discusses about the security policy framework as well as the security measures that
are to be implemented.
Framework
The security policy framework that is to be considered for execution of the project are
namely COBIT, ISO 27000 Series, NIST Special Publication 800-53, NIST Special Publication
800-171 and CIS Controls (Fennelly 2016).
COBIT
This framework was initially developed in the mid 1990s by ISACA. ISACA has been
now providing proper assessment of the CISM certification. This framework is basically based
on maintaining the security process of the system that requires proper alignment of IT business
strategy goals.
ISO 27000 Series
The main job role of this security framework is to provide proper robustness to the broad
information security framework. This security framework is concerned with the security
standards of the manufacturing process (Zhang et al.,2015). As per standards BS 7799, these
framework acts pivotal in information security program.
NIST Special Publication 800-53
Document Page
3
BUSINESS LAUNCHING AND EXPANSION
This framework is concerned with providing proper security to the extensive collection of
data. It have been observed that NIST Special Publication 800-53 have complied with the FIPS
200 requirements that act important in the operational processing of network system.
NIST Special Publication 800-171
This security framework is mainly bothered with dealing of the cyber attacks that might
happen via supply chains and other intellectual properties. This security framework is focused on
providing proper protection of CUI residents. Social security data have been focus of social
security data.
CIS Controls
This framework is based on performing of the risks management and perform risk
analysis. It is focused on maintaining the technical infrastructure and hence wise reduce risks and
increase the resiliency.
High priority control
High priority controls that are to be implemented are namely providing SQL injection,
Data encryption and implementing firewall.
The main reason of performing SQL injection is that the attacks exploits weaknesses in
the SQL data bases. This technique provides proper assessment of the malicious codes that might
be entered in the data base which will be affecting the functional process. This technique
provides security against the Spyware, Phishing attacks as well as misconfigured access control.
Spyware is mainly focused on gaining data via computer networks (Ortmeier 2017). Phishing
attacks are mainly focused on the gaining unauthorized access to sensitive information, namely
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
4
BUSINESS LAUNCHING AND EXPANSION
passwords and usernames. Whereas the main issue that is created by the misconfigured access is
that private parts of the website are made public.
Data encryption helps on encrypting the data that are being transferred via network
system. Even if the data that is being transacted is accessed by the imposters, they cannot decrypt
the information until decryption key is provided (Hansen et al., 2015).
Firewall ensures that the data that are stored in the database is well protected from access
of the imposters. This provides an overall protection to the data that are stored in the system.
Conclusion
From the above description, it can be stated that the security protocols that have been
stated will be helping the company in increasing the robustness of the system. The security
policies will also help in performing proper management of data security.
Document Page
5
BUSINESS LAUNCHING AND EXPANSION
References
Fennelly, L., 2016. Effective physical security. Butterworth-Heinemann.
Hansen, M., Jensen, M. and Rost, M., 2015, May. Protection goals for privacy engineering.
In 2015 IEEE Security and Privacy Workshops (pp. 159-166). IEEE.
Ortmeier, P.J., 2017. Introduction to security. Pearson.
Zhang, K., Yang, K., Liang, X., Su, Z., Shen, X. and Luo, H.H., 2015. Security and privacy for
mobile healthcare networks: from a quality of protection perspective. IEEE Wireless
Communications, 22(4), pp.104-112.
Document Page
6
BUSINESS LAUNCHING AND EXPANSION
Appendix
Framework chosen
Framework Department
COBIT Maintaining the security process of the
system
ISO 27000 Series Provide proper robustness to the broad
information security framework
NIST Special Publication 800-53 The risks management and perform risk
analysis
NIST Special Publication 800-171 Cyber-attacks that might happen via supply
chains
CIS Controls The risks management and perform risk
analysis
Priority control Measures
Priority Control Measures Risks
High SQL injection SQL Database breach
High Data encryption Data decryption
without authorization
High Firewall Data breach
chevron_up_icon
1 out of 7
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

© 2024   |   Zucol Services PVT LTD   |   All rights reserved.