Cyber Security Risk Management Plan for Emirates Future Investment

Verified

Added on 2023/04/07

AI Summary

This paper presents a risk management plan for Emirates Future Investment Bank (EFIB), a UAE-based banking organization, addressing the growing need for enhanced security measures due to its expanding business reach and the associated security threats. The plan focuses on mitigating risks from social engineering attacks and ensuring compliance with UAE financial regulations. The report outlines the aims and objectives of the proposed risk management plan, emphasizing the importance of understanding risks in detail and developing effective mitigation strategies. The key roles and tasks of the dedicated risk management team are defined, including the creation and implementation of risk management strategies, examination of internal control systems, and internal capacity adequacy assessment regarding financial regulations. The plan aims to safeguard the organization's intranet and extranet facilities, ensuring the security of employee, management, and customer data within the new website modules. This will involve addressing vulnerabilities and implementing robust security protocols to protect against potential breaches and maintain the integrity of the bank's operations.

Running head: CYBER SECURITY RISK MANAGEMENT
Cyber Security Risk Management
Name of the Student
Name of the University
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1CYBER SECURITY RISK MANAGEMENT
Table of Contents
1. Introduction..................................................................................................................................2
2. Summary of the organization.......................................................................................................2
3. Need for Risk management plan..................................................................................................2
4. Aims and the objectives of the proposed risk management plan.................................................3
5. Role of the team and the expected tasks......................................................................................3
6. Conclusion...................................................................................................................................3

2CYBER SECURITY RISK MANAGEMENT
1. Introduction
The notable significance of this paper is to focus on the risk management plan for
Emirates Future Investment Bank (EFIB) as an IT security consultant. The details of this
organization along with the need for the need risk management plan will be evaluated in this
paper considering the security threats faced by this business organization and also from the
financial regulations (Sadgrove, 2016). The objectives of the risk management plan and the role
of the team which will be working dedicatedly to mitigate the risks will be also be presented in
this paper.
2. Summary of the organization
The selected organization for this paper is EFIB which is a banking organization based in
UAE having branches in Dubai, Abu Dhabi and Sharjah. There are about 100 employees
working in this organization with 5000 customers. The business reach of this organization is
improving each day as a result the existing security plan has to be revised with a new one. This
banking organization is looking forward to having a new full-fledged website hosted on UAE
only. The banking management system considering the employees and the customers of this
organization has to deal with the intranet and the extranet facility of the organization (Bromiley
et al., 2015). All the stakeholders of this organization have to consider all the security measures
so that the desired results are obtained from the new website as it will have three different
modules to deal with the employees, management and customers.
3. Need for Risk management plan for the Problems faced by EFIB
The exposure of the details can lead to numerous threats such as the threat coming from
the social engineering attacks and the threat coming from the UAE financial regulations which

3CYBER SECURITY RISK MANAGEMENT
have to be maintained by most of the UAE based business organizations (Ibrahim & Al Haron
2018). Thus the risk management plan can be very much important for the growth and progress
of this organization.
4. Aims and the objectives of the proposed risk management plan
The risk management plan will aim to deal with all the probable social engineering risks
associated with this banking organization along with that the financial regulations followed in
UAE will be also considered in the risks management plan.
5. Role of the team and the expected tasks
The primary role of the team dedicatedly working for the risk management plan for this
organization will be to understand the risks in a detailed manner and form a risk management to
deal with the discussed risks of this organization.
The tasks which are expected to be done by the team are as followings:
 Creation and implementation of the risk management strategies after a thorough
examination of the organizational structure (Hassan, 2014).
 The internal control systems have to be examined thoroughly so that there are no
compatibility issues with the new risk management plan.
 Internal capacity adequacy assessment has to be also done regarding the financial
regulations started from the governing bodies before the implementation of the
plan.
6. Conclusion

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4CYBER SECURITY RISK MANAGEMENT
The paper concludes the need for the risk management plan for EFIB in order to deal
with the social engineering attacks such as the phishing emails as well as from the financial
regulations followed in UAE. The aims and objectives of the plan can be determined from this
paper, which is to deal with the issues faced by this organization such as the engineering attacks.
The role of the team and the expected task can be also understood from this paper such as the
examination of the control systems and internal capacity adequacy.

5CYBER SECURITY RISK MANAGEMENT
7. Reference
Bromiley, P., McShane, M., Nair, A., & Rustambekov, E. (2015). Enterprise risk management:
Review, critique, and research directions. Long range planning, 48(4), 265-276.
Hassan, M. K. (2014). Risk narrative disclosure strategies to enhance organizational legitimacy:
Evidence from UAE financial institutions. International Journal of disclosure and
Governance, 11(1), 1-17.
Ibrahim, M. E., & Al Haron, E. O. (2018). Accounting and financial literacy o Participants in
UAE Financial Markets. Archives of Business Research, 6(6).
Sadgrove, K. (2016). The complete guide to business risk management. Routledge.