Information Security Report: Digital Security Landscape Analysis

Verified

Added on 2022/12/26

AI Summary

This report provides a comprehensive overview of information security, addressing fundamental concepts within the digital security landscape. It explores risks, threats, attacks, and adversaries, while also examining security requirements in relation to the confidentiality-integrity-availability (CIA) triangle. The report delves into different technologies that constitute security mechanisms at various levels in a digitally networked environment, including encipherment, access control, and digital signatures. Furthermore, it discusses the process of performing penetration tests to expose system vulnerabilities, providing a practical application of the theoretical concepts. The report concludes with a summary of findings and references supporting literature.

Information
Security

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Table of Contents
INTRODUCTION ..........................................................................................................................3
TASK ..............................................................................................................................................3
Fundamental concepts associated with the digital security landscape including risks, threats,
attacks, adversaries and security requirements, and in relation to the confidentiality-integrity-
availability (CIA) triangle...........................................................................................................3
Different technologies that constitute the security mechanisms at various levels in a digitally
networked environment...............................................................................................................4
Perform penetration tests to expose the vulnerabilities of a system...........................................5
CONCLUSION ...............................................................................................................................5
REFERENCES................................................................................................................................6

INTRODUCTION
Information security can be defined as the practice that is generally termed as to forbid
the unauthorized access, revealing, interruption, modification, scrutinize, recording or
termination of source of information. It helps to determine the information and assets with their
potential vulnerabilities and impact(Alzahrani, Johnson, Altamimi, 2018). The management
consider in this report is The Mary Seacole Hospital. It involves as the part of information risk
management to decrease the risk probability. It concentrates on efficient policies in the
organisation for its productivity and profitability.
TASK
Fundamental concepts associated with the digital security landscape including risks, threats,
attacks, adversaries and security requirements, and in relation to the confidentiality-
integrity-availability (CIA) triangle
Digital risk are harmful for the digital investment as it focus on the structure of security.
The digital risk of security is an action or event that can loss the casualty of computer software,
hardware and data or content. As most of the details of an individual or the organisation saved as
digitally on computer to coordinate the plan of action and offers the targets of the organisation.
Digital security are the corporate term that describes the resources to protect the
information, data and other valid details. It involves the web services, anti virus software
program, mobile SIM card, biometrics and secured personalized devices.
Cyber security involves the source of protecting integral system, computer system
software and digital division to cover the information and stores as the unauthorized manner of
risk(Bharathi, 2017). As the Mary Seacole Hospital concentrates on the digital modification and
IT adaptation that are the basic emplacement to adapt the remote area of work, work force
capabilities, security and cooperation.
 Confidentiality : It evaluates the confidential information that offers the values and
system that involves the set of agreements that restrict the definite sort of information. It
required by law to keep the information private and not to shared by the anyone to
someone. As it is the key element to create the trust between individual and leaders in the
management. The individual in the management will feel reassured as knowing their

personal section of data is secured. As the every section holds the specialized factor to
maintain the uninterrupted access of the system.
 Integrity : It evaluates the information to get protect the source of data from the
unauthorized faculty. It includes both the segments to protect the data that are having the
terms as that relates to the user error or data loss that is the result of the system failure.
Access control and validation can also help to protect the authority and power that relates
to the digital division( Burns, 2017). As it is important protect the source of data and its
integrity and the administrative control to maintain the duty and security of data.
 Availability : The Mary Seacole Hospital measures to protect the information system and
the availability and responsiveness of the website with high priorities in the business of
management. As the availability evaluates to protect the system accessibility that mention
the range as to threats and its availability. The data can be revealed is termed that private
information might get public as it can be intentionally or accidentally.
Different technologies that constitute the security mechanisms at various levels in a digitally
networked environment
Network security is the field in the computer technology that deals with the
segmentations in the cyber security. It can also termed as the set of procedures to recover the sort
of various risk and issues in the cyber security. As there are various security mechanisms that are
as follows :
 Encipherment : It deals with the concealing and covering of information that assist to turn
it as more classified. It can be accommodate by the sources that is dependent.
 Access control : It used to stop the unsupervised way of information that can be achieved
by the sort of methods.
 Notarization : It involves the manner of trusted third party in phrase of communication. It
might be mediator between the sender and receiver to manage and control the issues and
problems in the business(Feng, Wang, 2019).
 Data integrity : It used to creates the situation as per the similarity of information on the
basis of sending and receiving the data that are to be received to maintain the integrity.
 Authentication exchange : It deals with the identity to be known as per the
communication and to be achieved the mechanisms to enhance the communication.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

 Digital signature : It ensures the mechanisms that to be achieved in the form of electronic
signature that will be added by the sender and will check by sender as to get identify.
Perform penetration tests to expose the vulnerabilities of a system
A penetration test protect the cyber attack as against from the computer system to check
the work exposure as in The Mary Seacole Hospital. It involves the number of application
system to cover the manner of vulnerabilities that creates the input in manner to formulates the
various sort of techniques(Vance, Siponen, Straub, 2020). The aim of this test is to secured the
essential information from the external source and manage the unauthorized access to the system.
Penetration testing stages
 Planning and reconnaissance : It ensures the range and objectives to address the testing
method and enhance the work and targets and its potential vulnerabilities.
 Scanning : It ensures the application of targets that responds to the various encroachment
to scan the accessibility of code in system.
 Gaining access : It ensures the sections in the web to maintain the damage in the
computer system.
 Maintaining process : The goal and objectives can be achieve by the advance persistent
threat that will frequently settled in the manner of organisation( Volkova, Chernyi,
2018).
 Analysis : It analyse the specialized vulnerabilities task and the data that will stay in the
system.
CONCLUSION
From the above report it has been concluded that, information security is configured to
protect the confidentiality, integrity and availability of system. The information can be in any
form to maintain the risk, issues and problems in an orientated manner. As it also involves the
management security, operational security and physical security.

REFERENCES
Books and Journals
Alzahrani, A., Johnson, C. and Altamimi, S., 2018, May. Information security policy
compliance: Investigating the role of intrinsic motivation towards policy compliance in
the organisation. In 2018 4th International Conference on Information Management
(ICIM) (pp. 125-132). IEEE.
Bharathi, S.V., 2017. Prioritizing and ranking the big data information security risk
spectrum. Global Journal of Flexible Systems Management. 18(3). pp.183-201.
Burns, A.J., and et.al., 2017. Organizational information security as a complex adaptive system:
insights from three agent-based models. Information Systems Frontiers. 19(3). pp.509-
524.
Feng, C.Q. and Wang, T., 2019. Does CIO risk appetite matter? Evidence from information
security breach incidents. International Journal of Accounting Information Systems, 32,
pp.59-75.
Vance, A., Siponen, M.T. and Straub, D.W., 2020. Effects of sanctions, moral beliefs, and
neutralization on information security policy violations across cultures. Information &
Management. 57(4). p.103212.
Volkova, V.N. and Chernyi, Y.Y., 2018. Application of systems theory laws for investigating
information security problems. Automatic Control and Computer Sciences. 52(8).
pp.1164-1170.
(Alzahrani, Johnson, Altamimi, 2018)(Bharathi, 2017)( Burns, 2017)(Feng, Wang, 2019)
(Vance, Siponen, Straub, 2020)( Volkova, Chernyi, 2018)