High Assurance Computing Report: Security Awareness in Apple's IT

Verified

Added on 2022/08/28

AI Summary

This report provides an analysis of high assurance computing, specifically focusing on security awareness within Apple Inc. The report begins by highlighting the critical role of information technology and the associated security challenges faced by Apple. It emphasizes the need for robust security awareness programs, referencing NIST guidelines and the importance of a decentralized program management model for large organizations like Apple. The report outlines key aspects to consider when developing security awareness and training programs, including leadership understanding, individual awareness of security practices, and the inclusion of technically skilled individuals. The report draws upon key references such as Hennessy & Najjar (2017) and Wilson & Hash (2003) to support its analysis. The assignment also refers to the provided assignment brief, which outlines key information assurance terms, and required readings from Whitman, M., & Mattord, H. (2012) and NIST SP800-50.

Running head: REPORT ON HIGH ASSURANCE COMPUTING
REPORT
ON
HIGH ASSURANCE COMPUTING
Name of the Student
Name of the University
Author Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1HIGH ASSURANCE COMPUTING
Apple lnc. Is such organization whose success is highly depends on the innovation. Thus,
while analyzing the business growth it is identified that apple has successfully incorporated
information technology into their business structure. While analyzing this aspect it is identified
that Apple holds one of the most complex security challenges for information technology and
decision making. Followed by this it is also identified that information security is one of the
major conflict that may impact their business growth (Hennessy & Najjar 2017). Thus, an
extreme necessity of security awareness has been observed for the mentioned organization.
Making allowance to this concern a detail elaboration on security awareness in Apple is
mentioned below:-
According to the NIST security programs Wilson & Hash (2003) an effective security
control model is consist of the development of IT security policy, identification of the roles and
responsibilities of security implementation, deployment of IT security programs as well as a
monitoring process which will review the effectiveness of the implemented security programs
into the organizational infrastructure. Followed by this concern into the nominated organizational
infrastructure a significant necessity to incorporate security awareness program has been
identified. According to NIST SP800-50 IT security awareness and training Wilson & Hash
(2003) it primarily intended on providing a detail monitoring of the IT security and activities
within an organization. Considering these findings in the nominated company it needs three
major steps to deploy the security awareness and training program.
Thus, in this section it is highly recommended to implement fully decentralized program
management as this model has aimed to provide central security awareness and training program
and provides the control authorities of this model to the organizational unit. While analyzing the
operations of this model it is identified that the central authority provides the authorization power

2HIGH ASSURANCE COMPUTING
to the CIO and IT security management, then it will forwarded the instruction to the
organizational units where the awareness programs will be implemented.
As it is identified that Apple is one of the largest organization as well as the
organizational infrastructure of this organization is decentralized in nature hence, the adoption of
the fully decentralized security awareness model will be highly effective. Making allowance to
this concern it can be stated that assigning the security awareness control authorities to the
organizational unit will help to implement the training programs within the organization
effectively.
While developing the security awareness and training programs there is a huge
essentiality to address the below mentioned aspects:-
 It is essential of the leaders present in the organizational structure to have a deep
understanding on the security controls of the organization. And they must use their leadership
qualities to convey the understandings to the unit heads (Wilson & Hash 2003).
 Along with this aspect it is also identified that it is very essential for the individual present
within the organization to understand the necessity of the security law and to adopt the
practices of the security awareness as well.
 Followed by this aspect it is identified that in order to effectively implement the security
awareness into company infrastructure of Apple it is very essential to include high degree
individuals with advance technical knowledge.

3HIGH ASSURANCE COMPUTING
Reference:
Hennessy, J., & Najjar, A. (2017). Apple Computer, Inc.: Think Different, Think Online
Music. Kellogg School of Management Cases.
Wilson, M., & Hash, J. (2003). Building an information technology security awareness and
training program. NIST Special publication, 800(50), 1-39.
Bibliography:
Al-Janabi, S., & Al-Shourbaji, I. (2016). A study of cyber security awareness in educational
environment in the middle east. Journal of Information & Knowledge
Management, 15(01), 1650007.
McIlwraith, A. (2016). Information security and employee behaviour: how to reduce risk
through employee education, training and awareness. Routledge.