SBM4304: IS Security and Risk Management Report - Telstra

Verified

Added on 2023/06/10

AI Summary

This report investigates the information system (IS) security and risk management practices of Telstra, a major telecommunications company. It identifies various vulnerabilities within Telstra's IS, including unauthorized data access, technical risks like improper system operation, and accidental data disclosure. The report further analyzes how these vulnerabilities can be destructive, potentially disrupting operations and leading to significant data loss, drawing parallels to real-world cyberattacks like the WannaCry ransomware. The conclusion emphasizes the critical need for robust IS security to protect Telstra's business continuity and prevent potential disruptions. This report provides valuable insights into the importance of proactive security measures within organizations heavily reliant on information systems.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: IS SECURITY AND RISK MANAGEMENT
IS Security and Risk Management
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1
IS SECURITY AND RISK MANAGEMENT
Table of Contents
Introduction..........................................................................................................................2
1. Vulnerabilities of Information system in Telstra.............................................................2
2. The reason why the identified vulnerabilities can be destructive....................................3
Conclusion...........................................................................................................................4
References............................................................................................................................5

2
IS SECURITY AND RISK MANAGEMENT
Introduction
An information system can be described as an organized system that is used for
collection, organization and communication of information. It is software that helps in
organizing and analyzing a data (Jouini, Rabai & Aissa, 2014). The use of information system in
organizations becomes a mandatory as it helps in managing the business processes in an efficient
manner. Telstra is a leading telecommunication and technology company in Australia that is
offering a range of communication services in all the telecommunication markets. This company
provides a truly integrated telecommunication experience to the customers and therefore the use
of information system in day to day business operations becomes mandatory. This report will be
evaluating the vulnerability of the information system related to Telstra and how the
vulnerabilities can be destructive as well.
1. Vulnerabilities of Information system in Telstra
Identification and the fixation of the vulnerabilities associated with the information
system are essential in order to eliminate the possibilities of facing any serious risk in the
business continuity process. An information system becomes increasingly important to the
functions of organizations, security and the reliable operations within the organization. There is a
number of information systems that Telstra make use of. These include transaction processing
system, management information system, decision support system and other necessary
information systems that help the organization in performing day to day business activities. The
vulnerabilities that the information systems of Telstra might face are discussed below-
The significant threat that the information systems of an organization might face include
unauthorized data access leading to the loss of data (Fichman, Dos Santos & Zheng, 2014). This

3
IS SECURITY AND RISK MANAGEMENT
risk is true for Telstra as well and can be categorized as physical risks. This might result in
sabotaging of the data and threat of data loss. There are certain technical risks associated with the
information system of Telstra. Improper operation of the information system or unauthorized
modification of the system might result in loss of data (Solomon, 2016). Improper software
configuration and creating illegal copies without any valid license counts in to the vulnerabilities
associated with the information system of the Telstra.
Apart from this, the information system of Telstra might face the risk of accidental data
disclosure resulting in the loss of confidential data (Von Solms & Van Niekerk, 2013). The
identified vulnerabilities are needed to be addressed in order to ensure smooth information flow
within the organization. Even a small vulnerability can be destructive for an organization and
therefore, it is needed to ensure proper security of the information system within the organization
which Telstra follows.
2. The reason why the identified vulnerabilities can be destructive
There are a number of reasons why the vulnerabilities associated with the information
system can be destructive for the organization. The vulnerability in the information system can
interrupt the normal operations of the organization or might result in loss of the data in the
organization (Cherdantseva & Hilton, 2013). Therefore it is mandatory to address the security
risks and vulnerabilities associated with the information system of Telstra. The vulnerabilities in
the information system can be destructive mainly because a security risk or cyber security attack
in the information system of the organization is capable of interrupting the normal operations of
the organization leading to a huge loss (Kalloniatis et al., 2014). For example, the Wanna cry
ransomware attack that spread worldwide in the year 2017 by making use of a vulnerability of

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4
IS SECURITY AND RISK MANAGEMENT
the windows operating system was enough to interrupt the normal business operations of many
organizations across the world. In order to prevent the occurrence of any such information
security attack in Telstra, it is essential to eliminate the security vulnerabilities of the information
systems associated with the organization. Although, in present the information system of Telstra
is not exposed to any serious security vulnerability, it might be exposed to same in future and
therefore proper monitoring of the information system us essential.
Conclusion
The report gives an idea of the security issues and the vulnerabilities associated with the
information system of Telstra. The security vulnerabilities are identified and the reasons why the
vulnerabilities can be destructive are evaluated as well. It is mandatory for any organization to
ensure proper security of their information system in order to eliminate the risks of data loss and
interruption of the normal business operation of the organization.

5
IS SECURITY AND RISK MANAGEMENT
References
Cherdantseva, Y., & Hilton, J. (2013, September). A reference model of information assurance &
security. In 2013 International Conference on Availability, Reliability and Security (pp.
546-555). IEEE.
Fichman, R. G., Dos Santos, B. L., & Zheng, Z. E. (2014). Digital innovation as a fundamental
and powerful concept in the information systems curriculum. MIS quarterly, 38(2).
Jouini, M., Rabai, L. B. A., & Aissa, A. B. (2014). Classification of security threats in
information systems. Procedia Computer Science, 32, 489-496.
Kalloniatis, C., Mouratidis, H., Vassilis, M., Islam, S., Gritzalis, S., & Kavakli, E. (2014).
Towards the design of secure and privacy-oriented information systems in the cloud:
Identifying the major concepts. Computer Standards & Interfaces, 36(4), 759-775.
Solomon, M. G. (2016). Fundamentals of information systems security. Jones & Bartlett
Publishers.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber
security. computers & security, 38, 97-102.