Information Security Management Report: Beyond Health - INFS 3070

Verified

Added on 2023/06/10

AI Summary

This report focuses on the restructuring of the Information Security team for the Australian company, "Beyond Health," addressing the increasing threats of cybersecurity. It emphasizes the importance of a well-trained and comprehensive healthcare information security group, outlining the need for strong leadership from the Chief Information Officer (CIO) or Chief Information Security Officer (CISO) to understand current threats and implement data security measures. The report discusses the process of finding suitable talent for the security team, the structure and focus areas of the information security team, including identity and activity management, security operations, security architectures, and risk control. It also highlights the importance of investment in information security, the need for employee awareness and training, and the significance of understanding the evolving threat landscape, including the management of third parties. The report concludes by demonstrating how CISOs and CIOs can find effective strategies to deal with dynamic cyber risks, highlighting the need for a broad range of functions to manage and govern the overall system.

Running head: SECURITY MANAGEMENT
Security Management
(Beyond Health)
Name of the student:
Name of the university:
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1SECURITY MANAGEMENT
Restructuring the Information Security team of Beyond Health:
The “Beyond Health” is a proposed Australian Company. With the rise in threats of cyber-
security the business is unable to afford the incomplete approach of data security. Possessing a well-
trained and comprehensive healthcare information security group is a primary aspect to this.
The organization’s information security team is restructured in the following study. An
overall justification of the proposal is also demonstrated here.
The leadership is very vital in this case. The healthcare “Chief Information Officer” or CIO
or “Chief Information Security Officer” positions are required to have a firm grasp on the current
potential threats. Here the needed measures are implemented to keep the data of patent secured. The
CIOs are liable to direct every IT strategically. The CISO has been focusing on the leading and
developing information security program and strategy (Wager, Lee and Glaser 2017).
Finding decent talent for the proper job:
It is crucial for CISO to see the candidates within the healthcare industry and outside to that.
To create security team, people having a diverse set of talents and skills is highly significant. There
is a lot of staffs in information security by senior manager’s role of having people in proper place.
They have notable experience in IT and healthcare (Paré et al. 2015). However, at Beyond Health,
they are not so experienced or having in-depth knowledge of data security.
A needed process of information security team:
Information security team has been depending on every structure of Beyond Health.
However, there are particular sectors that those entities must concentrate on. There are also identities
and activity management, general security operations, security architectures and risks control is also

2SECURITY MANAGEMENT
included (Dwivedi et al. 2015). Here, the reporting, outreach and education, incident response and
vulnerability management is also an important sector to develop the information security group. This
is also helpful to built information security culture and creative team to support the information
security officer. This would also build education and awareness around Beyond Health.
Making investment in information security:
It could be at many times complex for Beyond Health. However, there has been huge
demand and supply that has not been kept up. This is the reason why one must look at the investment
instead of business cost. Here, the issues of information security has been not just been the problems
of IT (Li, Da Xu and Zhao 2015). Individuals within Beyond Health, has needed to be aware of
information security. This requires to be trained and has been knowledgeable as per the governance
and policies and risks are present. For instance, the phishing attacks have been often successful and
have been taking employees to click over malicious email or links. Here, various security events
have been often preventable. Beyond Health also requires people to look for present experiences and
individuals in ever-changing information security scenario (Pearlson, Saunders and Galletta 2016).
Thus becoming knowledgeable over the problems at the national level, and being more localized has
been also vital. Therefore there has been so much that is learnt from others that are needed to be
focused on Beyond Health. However, they have continuously been limiting the understandings and
knowledge from there. Hence it has been crucial for CISCOs to represent their information security
internally and externally to be active over the national and regional level.
Moreover, the CISOs have also needed to sell their security to their and have been
challenging to explain various C-level positions regarding why so much money is required to put the
data secured. Furthermore, CISOs requires assuring that they need to approach the case through
working towards seeking resolutions and try to put themselves to become overwhelmed (Lee 2014).

3SECURITY MANAGEMENT
Besides, it is also vital to make sense about the landscape of the threat that has been evolving.
Lastly, it is worth mentioning that previously it has been more along the lines of network security
from different DDoS attacks. This has been a distinct nature of maliciousness. Thus, as far the role is
concerned, the managing of third parties has comprised of indirect network access. This the entire
threat landscape of controlled.
Thus the above study has shown how the CISOs and CIOs can find the tried-and-true,
common strategies of information security and activities that are no longer sufficient to deal worth
the current dynamic and expanding cyber risk scenarios. Various analysis and demonstrations from
the above discussions have expressed a broad range of functions that must be undertaken by Beyond
Health. This is helpful to perform, manage and govern the overall system.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4SECURITY MANAGEMENT
References:
Dwivedi, Y.K., Wastell, D., Laumer, S., Henriksen, H.Z., Myers, M.D., Bunker, D., Elbanna, A.,
Ravishankar, M.N. and Srivastava, S.C., 2015. Research on information systems failures and
successes: Status update and future directions. Information Systems Frontiers, 17(1), pp.143-157.
Lee, S.S., 2014. Management information systems. Management, 166137(01), p.02.
Li, S., Da Xu, L. and Zhao, S., 2015. The internet of things: a survey. Information Systems
Frontiers, 17(2), pp.243-259.
Paré, G., Trudel, M.C., Jaana, M. and Kitsiou, S., 2015. Synthesizing information systems
knowledge: A typology of literature reviews. Information & Management, 52(2), pp.183-199.
Pearlson, K.E., Saunders, C.S. and Galletta, D.F., 2016. Managing and Using Information Systems,
Binder Ready Version: A Strategic Approach. John Wiley & Sons.
Wager, K.A., Lee, F.W. and Glaser, J.P., 2017. Health care information systems: a practical
approach for health care management. John Wiley & Sons.