Cyber Security Report: IT Risk Management in Organizations
VerifiedAdded on  2020/05/28
|10
|4162
|133
Report
AI Summary
This report delves into the critical aspects of IT risk management and cyber security, emphasizing the importance of safeguarding organizational data in the face of rising threats. It outlines various risk management processes, with a primary focus on cyber security, which encompasses technologies designed to protect vital data and programs. The report identifies and analyzes diverse threats across application, information, network, and operational security, offering practical solutions and real-world scenarios exemplified by Gigantic Corporation. A literary review further explores potential advancements in cyber security. The report concludes by summarizing key threats and their mitigation, along with recommendations for enhancing security measures. The report covers application security through firewalls, information security with CIA approach, network security with firewalls and operational security.
Running head: IT RISK MANAGEMENT- CYBER SECURITY
IT risk management-Cyber Security
Name of Student
Name of University
Author Note
IT risk management-Cyber Security
Name of Student
Name of University
Author Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1IT RISK MANAGEMENT- CYBER SECURITY
Executive Summary :
This report addresses the process of the IT security management. With the rising risk the
management of these risk is of primary importance for the healthy functioning of the
organization. There are various processes that have been developed for handling the risks. The
process that is discussed in this report is cyber security. Cyber security consist of the
technologies that are used or are responsible for the protection of the important data or programs
from attack. The report discusses the various threats that is present in organizations. The
solutions has been given with regards to cyber security and how these threats affect the different
organization. At each point of the report a scenario how the various threats are overcome in
Gigantic Corporations is presented to give a better view about the real time scenario. A literary
review stating what changes can be made in the field of cyber security is also presented to
provide a better security facility. Lastly, the report concludes by stating the various threats and
how they are overcome. Various recommendations are provided to better the security issues in
the field of cyber security.
Executive Summary :
This report addresses the process of the IT security management. With the rising risk the
management of these risk is of primary importance for the healthy functioning of the
organization. There are various processes that have been developed for handling the risks. The
process that is discussed in this report is cyber security. Cyber security consist of the
technologies that are used or are responsible for the protection of the important data or programs
from attack. The report discusses the various threats that is present in organizations. The
solutions has been given with regards to cyber security and how these threats affect the different
organization. At each point of the report a scenario how the various threats are overcome in
Gigantic Corporations is presented to give a better view about the real time scenario. A literary
review stating what changes can be made in the field of cyber security is also presented to
provide a better security facility. Lastly, the report concludes by stating the various threats and
how they are overcome. Various recommendations are provided to better the security issues in
the field of cyber security.
2IT RISK MANAGEMENT- CYBER SECURITY
Table of Contents
Introduction:....................................................................................................................................2
Discussion:.......................................................................................................................................2
Threats And Solutions To The Threats By Use Of Cyber Security:..........................................2
Application Security:...............................................................................................................2
Information Security:...............................................................................................................3
Network Security:....................................................................................................................3
Operation Security:..................................................................................................................4
Literary Review:..........................................................................................................................5
Conclusion:......................................................................................................................................6
Recommendations:..........................................................................................................................6
References:......................................................................................................................................7
Table of Contents
Introduction:....................................................................................................................................2
Discussion:.......................................................................................................................................2
Threats And Solutions To The Threats By Use Of Cyber Security:..........................................2
Application Security:...............................................................................................................2
Information Security:...............................................................................................................3
Network Security:....................................................................................................................3
Operation Security:..................................................................................................................4
Literary Review:..........................................................................................................................5
Conclusion:......................................................................................................................................6
Recommendations:..........................................................................................................................6
References:......................................................................................................................................7
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3IT RISK MANAGEMENT- CYBER SECURITY
Introduction:
There are a number of risk that is associated with the use of the various information
technology software. There should be proper security to the threats posed by the usage of
information technology. There are a number of ways by which the It security risks can be
overcome. The various methods are cyber security, cloud security, internet of things and many
such technologies. With the risks updating with the passage of time, the risk management has to
advance to cope with the risks (Rid & Buchanan, 2015). Maintaining, updating and monitoring
of the risks regularly is of prime importance in order to get rid of the risks. The risks of IT reduce
the productivity of the company and puts on a negative impact. Such risks are responsible for the
destruction of a well-established business. The report discusses about the use of cyber security in
order to protect the data from breach.
Cyber security is one of the advanced technologies that is developed in the recent years to
protect the data of an organization. Cyber security not only puts forward any particular
technology but it is a group of technologies that are brought together to provide a solution
(Genge, Haller & Kiss, 2017). The cyber security is not only responsible for the management of
data risk but also it handles network errors and is also responsible for protection of the hardware.
Cyber security protects the programs that are executed. The software is the integral part of the
work of all the sectors and the chance of threat is the most in this area. There are various forms
of threats that are managed by the help of cyber security. The various risks may arise in the field
of applications, or information. Operation security and network security are the other major
sectors where there is major use of cyber security.
Discussion:
Threats And Solutions To The Threats By Use Of Cyber Security:
Application Security:
The first threat that is present and may be overcome by cyber security is the application
threat. Applications are used more frequently nowadays. Applications are accessed over the
networks and the use of applications have increased in the previous years. Hence, the hackers
look forward to attack the application to get into the host server. This will allow the unauthorized
access to data. The important data may be modified or may be deleted. Often, these data are
important for the organization. It may so happen that the unauthorized user may get access to the
other sensitive files (He, Tian & Shen, 2015). These sensitive files may involve the planning of
the company, the deals it is looking to conduct in the coming years. Often, the rival companies
gets access of the important quotes that the company is looking to set in its next order. Such
continuous attacks may be conducted without even the knowledge of the organization. Such
attacks may result in the closing down of the organization. The threat of application software can
be overcome by the use of cyber security. The primary purpose of the cyber security may be the
use of application firewall (Gol & Shah, 2015). Setting up an application firewall limits the
information or the data that a person can view. The use of an application firewall does not allow
a person to access any of the confidential information by any means (Giffin, 2017). The
application does not show information beyond the allowed limit. For instance, in the website of
Gigantic Corporation or the application only those information of the company is available that
Introduction:
There are a number of risk that is associated with the use of the various information
technology software. There should be proper security to the threats posed by the usage of
information technology. There are a number of ways by which the It security risks can be
overcome. The various methods are cyber security, cloud security, internet of things and many
such technologies. With the risks updating with the passage of time, the risk management has to
advance to cope with the risks (Rid & Buchanan, 2015). Maintaining, updating and monitoring
of the risks regularly is of prime importance in order to get rid of the risks. The risks of IT reduce
the productivity of the company and puts on a negative impact. Such risks are responsible for the
destruction of a well-established business. The report discusses about the use of cyber security in
order to protect the data from breach.
Cyber security is one of the advanced technologies that is developed in the recent years to
protect the data of an organization. Cyber security not only puts forward any particular
technology but it is a group of technologies that are brought together to provide a solution
(Genge, Haller & Kiss, 2017). The cyber security is not only responsible for the management of
data risk but also it handles network errors and is also responsible for protection of the hardware.
Cyber security protects the programs that are executed. The software is the integral part of the
work of all the sectors and the chance of threat is the most in this area. There are various forms
of threats that are managed by the help of cyber security. The various risks may arise in the field
of applications, or information. Operation security and network security are the other major
sectors where there is major use of cyber security.
Discussion:
Threats And Solutions To The Threats By Use Of Cyber Security:
Application Security:
The first threat that is present and may be overcome by cyber security is the application
threat. Applications are used more frequently nowadays. Applications are accessed over the
networks and the use of applications have increased in the previous years. Hence, the hackers
look forward to attack the application to get into the host server. This will allow the unauthorized
access to data. The important data may be modified or may be deleted. Often, these data are
important for the organization. It may so happen that the unauthorized user may get access to the
other sensitive files (He, Tian & Shen, 2015). These sensitive files may involve the planning of
the company, the deals it is looking to conduct in the coming years. Often, the rival companies
gets access of the important quotes that the company is looking to set in its next order. Such
continuous attacks may be conducted without even the knowledge of the organization. Such
attacks may result in the closing down of the organization. The threat of application software can
be overcome by the use of cyber security. The primary purpose of the cyber security may be the
use of application firewall (Gol & Shah, 2015). Setting up an application firewall limits the
information or the data that a person can view. The use of an application firewall does not allow
a person to access any of the confidential information by any means (Giffin, 2017). The
application does not show information beyond the allowed limit. For instance, in the website of
Gigantic Corporation or the application only those information of the company is available that
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4IT RISK MANAGEMENT- CYBER SECURITY
should be available. Many of the business stakeholders before dealing with the organization use
the application as a medium to fetch information about the organization. It is only after
confirmation of the deal that the business firms dealing with Gigantic Corporations are provided
with further information. There should also be an appropriate alert, which would convey a
message if any intruder has tried to access the data. This is also possible with the help of cyber
security technology. The use of various encryption programs and the use of spyware detection
programs may be used to provide the alert. There can be a number of biometric authentication
systems as well to recognize the intruder. The security of applications can be enhanced by
regular monitoring of the application and how these applications affect the enterprise.
Information Security:
The valuable information about the organization should be preserved in a proper manner
and prevented from outside threat. The threat may be digital information or non- digital
information. The unauthorized parties often seek to obtain the information about the organization
to gain profit. The information security process is responsible for the protection of the
information by the help of the various business processes. The information security consist of a
set of approach or tools and policies that are useful in the protection of data or prevent
unauthorized access (Peltier, 2016). The application threat is a way of the information breach.
Direct information breach may also take place in a non digital form by the casual attitude of
employees who fall prey to the unauthorized parties while communicating and give away
important information. At Gigantic Corporation, rigorous training is provided to the
professionals who are responsible for communicating directly with the client. With the help of
cyber security alerts are set for the client dealing with the organization (Karyda & Mitrou, 2016).
Therefore, even if the passwords of the organization portal is passed on to any of the client it
would not be possible for them to access the portal. The Gigantic Corporation follows the CIA
approach to protect the information of the organization. The CIA approach corresponds
Confidentiality, integrity and availability of the IT systems. This approach ensured that the
sensitive information is only accessible by the authorized users and it is prevented from the
unauthorized parties. The threats to the sensitive information comes in various forms which may
include malware attacks and the phishing attacks (Gupta, 2017). The effect of information
security in an organization is that the whole structure of the organization is saved when the
sensitive information is protected. It has been evident from various number of organizations that
the company was forced to shut down because it failed to save its information. Therefore, all the
organizations should look to protect the information for the smooth running of the organization.
Network Security:
The other major issue of risk lies in the manipulation of the network risks. Network
security is the adoption of the various processes and policies that are adopted in order to protect
the misuse of the networks of the computer of the organization (Khan & Hasan, 2017). It may so
happen that the unauthorized parties get access of the organization sensitive information or data
by entering the network system of the organization. All the important data is sent over the
network. There are a number of important business transactions that are made over network.
Many of the unauthorized users as a result chose the network as a medium to carry out illegal
activities. The malicious activity may be carried out by intruding illegally into the network while
the transaction takes place. During the time of transaction intruding into the network would mean
the organizations involved in the transactions would lose not only the money being transacted
but also all the important data of both the organizations. Therefore, network threat is more
should be available. Many of the business stakeholders before dealing with the organization use
the application as a medium to fetch information about the organization. It is only after
confirmation of the deal that the business firms dealing with Gigantic Corporations are provided
with further information. There should also be an appropriate alert, which would convey a
message if any intruder has tried to access the data. This is also possible with the help of cyber
security technology. The use of various encryption programs and the use of spyware detection
programs may be used to provide the alert. There can be a number of biometric authentication
systems as well to recognize the intruder. The security of applications can be enhanced by
regular monitoring of the application and how these applications affect the enterprise.
Information Security:
The valuable information about the organization should be preserved in a proper manner
and prevented from outside threat. The threat may be digital information or non- digital
information. The unauthorized parties often seek to obtain the information about the organization
to gain profit. The information security process is responsible for the protection of the
information by the help of the various business processes. The information security consist of a
set of approach or tools and policies that are useful in the protection of data or prevent
unauthorized access (Peltier, 2016). The application threat is a way of the information breach.
Direct information breach may also take place in a non digital form by the casual attitude of
employees who fall prey to the unauthorized parties while communicating and give away
important information. At Gigantic Corporation, rigorous training is provided to the
professionals who are responsible for communicating directly with the client. With the help of
cyber security alerts are set for the client dealing with the organization (Karyda & Mitrou, 2016).
Therefore, even if the passwords of the organization portal is passed on to any of the client it
would not be possible for them to access the portal. The Gigantic Corporation follows the CIA
approach to protect the information of the organization. The CIA approach corresponds
Confidentiality, integrity and availability of the IT systems. This approach ensured that the
sensitive information is only accessible by the authorized users and it is prevented from the
unauthorized parties. The threats to the sensitive information comes in various forms which may
include malware attacks and the phishing attacks (Gupta, 2017). The effect of information
security in an organization is that the whole structure of the organization is saved when the
sensitive information is protected. It has been evident from various number of organizations that
the company was forced to shut down because it failed to save its information. Therefore, all the
organizations should look to protect the information for the smooth running of the organization.
Network Security:
The other major issue of risk lies in the manipulation of the network risks. Network
security is the adoption of the various processes and policies that are adopted in order to protect
the misuse of the networks of the computer of the organization (Khan & Hasan, 2017). It may so
happen that the unauthorized parties get access of the organization sensitive information or data
by entering the network system of the organization. All the important data is sent over the
network. There are a number of important business transactions that are made over network.
Many of the unauthorized users as a result chose the network as a medium to carry out illegal
activities. The malicious activity may be carried out by intruding illegally into the network while
the transaction takes place. During the time of transaction intruding into the network would mean
the organizations involved in the transactions would lose not only the money being transacted
but also all the important data of both the organizations. Therefore, network threat is more
5IT RISK MANAGEMENT- CYBER SECURITY
dangerous from the point of view that both the organization would lose all the important
information. In all the other cases, only one organization is involved in losing all the information
but in network security both the ends will end up losing the important data. Network attacks can
be of two types- the first being active where the intruder sends commands in order to disrupt the
normal operation of the network. The second type of attack is passive where the intruder gets
hold of the data that is being transferred through the network directly. The Gigantic Corporation
in order to protect its network from being attacked has set up a firewall which only allows the
registered user to join the network while blocking any other user who wish to join (Knapp &
Langill, 2014). A notification has to be approved by the organization if any user wants to join the
network. The firewall is active even when transaction is not taking place over the network. At the
same time Gigantic Corporation installs the same firewall in the network of all its clients, thus
disallowing the entry of any unauthorized user from the other end as well. The use of cyber
security has thus been helpful even in protecting the most dangerous form of cyber security
threat.
Operation Security:
The operational security analyses a particular process and determines the areas which
need to be controlled. The operational security also takes care of the information database. The
management of the information and its protection has become an important aspect for the success
of a private sector organization. Professionals are hired just to handle the security of the
organization(Mancuso et al., 2014). The operation security is a five step process. The first
process is the Identity critical information. The identity critical information is used to determine
the data which would be harmful for the organization. The files which may be harmful for the
organization has to be avoided. The data which may harm the organization include the personal
files uploaded by the employees or the customers. The financial statements uploaded by the
various partner organizations may affect the company.
The next step to ensure proper operation security is to identify the sources, which have a
possibility to harm the organization. The determination of these threats is the most important
process in order to protect the same. Gigantic Corporation considers its rivals and the most
common hackers are also taken into consideration and special protection is taken against these
most probable attackers. The next step involves the analysis of the weak point of the security of
the organization and improving it. The analysis of the areas which is open to attack. The
organization ranks the risk of the various tasks and assess them accordingly. The more critical
the threat the more important for the organization to assess it and provide some preventive
measure as soon as possible. After identification of the risks and all the related information the
appropriate measures need to be taken to safeguard the valuable information of the company.
With the help of cyber security, the tasks of operation security can be carried out with ease. The
operation security needs trained professionals for the purpose of handling operation security. In
case an unsuitable person is allotted the job then the organization may face major drawbacks.
The Gigantic Corporation makes the use of all the above strategies in order to get rid of
the security issues. Only trained personnel are hired by the organization for the position of
monitoring of the security issues. The organization spend ample amount of time to analyze any
particular issue and follows all the five steps that are involved in the operational security. The
Gigantic Corporation uses Cyber security as the tool to avoid the IT risk issues. Till date the
dangerous from the point of view that both the organization would lose all the important
information. In all the other cases, only one organization is involved in losing all the information
but in network security both the ends will end up losing the important data. Network attacks can
be of two types- the first being active where the intruder sends commands in order to disrupt the
normal operation of the network. The second type of attack is passive where the intruder gets
hold of the data that is being transferred through the network directly. The Gigantic Corporation
in order to protect its network from being attacked has set up a firewall which only allows the
registered user to join the network while blocking any other user who wish to join (Knapp &
Langill, 2014). A notification has to be approved by the organization if any user wants to join the
network. The firewall is active even when transaction is not taking place over the network. At the
same time Gigantic Corporation installs the same firewall in the network of all its clients, thus
disallowing the entry of any unauthorized user from the other end as well. The use of cyber
security has thus been helpful even in protecting the most dangerous form of cyber security
threat.
Operation Security:
The operational security analyses a particular process and determines the areas which
need to be controlled. The operational security also takes care of the information database. The
management of the information and its protection has become an important aspect for the success
of a private sector organization. Professionals are hired just to handle the security of the
organization(Mancuso et al., 2014). The operation security is a five step process. The first
process is the Identity critical information. The identity critical information is used to determine
the data which would be harmful for the organization. The files which may be harmful for the
organization has to be avoided. The data which may harm the organization include the personal
files uploaded by the employees or the customers. The financial statements uploaded by the
various partner organizations may affect the company.
The next step to ensure proper operation security is to identify the sources, which have a
possibility to harm the organization. The determination of these threats is the most important
process in order to protect the same. Gigantic Corporation considers its rivals and the most
common hackers are also taken into consideration and special protection is taken against these
most probable attackers. The next step involves the analysis of the weak point of the security of
the organization and improving it. The analysis of the areas which is open to attack. The
organization ranks the risk of the various tasks and assess them accordingly. The more critical
the threat the more important for the organization to assess it and provide some preventive
measure as soon as possible. After identification of the risks and all the related information the
appropriate measures need to be taken to safeguard the valuable information of the company.
With the help of cyber security, the tasks of operation security can be carried out with ease. The
operation security needs trained professionals for the purpose of handling operation security. In
case an unsuitable person is allotted the job then the organization may face major drawbacks.
The Gigantic Corporation makes the use of all the above strategies in order to get rid of
the security issues. Only trained personnel are hired by the organization for the position of
monitoring of the security issues. The organization spend ample amount of time to analyze any
particular issue and follows all the five steps that are involved in the operational security. The
Gigantic Corporation uses Cyber security as the tool to avoid the IT risk issues. Till date the
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6IT RISK MANAGEMENT- CYBER SECURITY
organization has not faced any major issues with regards to security. All necessary firewalls and
network systems have been set up by the organization.
Literature Review:
The report reviews the risk management is important in three sectors namely in the DNS
servers, in the edge servers and the overlay networks. To protect the DNS it is most important
first of all to deploy a huge number of name servers in a particular location. Otherwise the most
common attack that takes place is the Denial of server attack(Dos attack)( Adi, Baig & Hingston,
2017). In Dos the hacker floods the server with a number of request as a result of which the
network cannot handle such a huge number of requests. As a result the new request from
authorized users cannot be accessed. The unauthorized party may get hold of the network in such
a case and the organizations may end up losing valuable information to the intruder (Gillman et
al., 2015). The installation of large number of name servers will get rid of this issue. Not only
there should be a good number of name servers available but also the processing speed should be
quite high so that the processing of multiple request is possible. The numerous number of
switches available due to the installation of the large number of ports balance the huge traffic by
hashing source port. There should be firewalls present in the confidential applications of each
organization in order to protect the DNS request of unauthorized users. The firewalls help to
identify the unauthorized users and block the requests of these parties.
The common strategy followed by the users is that the attackers keep coming back a
number of times to attack. The attackers look for an idle time, when there is no watch on the
particular website to carry out the attack. The attackers follow different strategies each time for
carrying out the attack. The organizations should set up a proper system to identify the attackers.
This can be done by keeping a track of the clients and only give access to its client. The other
strategy is that the company can keep track of the previous visitors. The IP address can be
checked and based on the behavior on the behavior in the past visits the user is either enabled
access or denied. For instance, the CAPTCHA ensures that a person trying to access the data is
not a robot (Gafni & Nagar, 2016). Hence, it is sure that no program is being run to get hold of
the access of the data or information.
The organization should keep a secondary network that is the trusted network system
through which a request should be passed. The origin server or the original server only interacts
with the users which pass through the previous network system. The origin server may deny the
users which are directly trying to communicate with it without passing the request through the
primary network system. The primary servers act as an defense mechanism to protect the actual
source from attack. The primary network system only allows those IP addresses to access the
actual source which had no malicious activity in the past or are registered as legal.
The advancement of cyber security technology is also necessary to tackle the new
advancement in the threats. If update is not implemented on the previous technology then the
hackers will easily be able to find a solution to attack the data of the organization.
Implementation of cloud computing can be helpful in advancing the cyber security technology.
The cloud computing technology provides a much more secure method for the prevention of data
organization has not faced any major issues with regards to security. All necessary firewalls and
network systems have been set up by the organization.
Literature Review:
The report reviews the risk management is important in three sectors namely in the DNS
servers, in the edge servers and the overlay networks. To protect the DNS it is most important
first of all to deploy a huge number of name servers in a particular location. Otherwise the most
common attack that takes place is the Denial of server attack(Dos attack)( Adi, Baig & Hingston,
2017). In Dos the hacker floods the server with a number of request as a result of which the
network cannot handle such a huge number of requests. As a result the new request from
authorized users cannot be accessed. The unauthorized party may get hold of the network in such
a case and the organizations may end up losing valuable information to the intruder (Gillman et
al., 2015). The installation of large number of name servers will get rid of this issue. Not only
there should be a good number of name servers available but also the processing speed should be
quite high so that the processing of multiple request is possible. The numerous number of
switches available due to the installation of the large number of ports balance the huge traffic by
hashing source port. There should be firewalls present in the confidential applications of each
organization in order to protect the DNS request of unauthorized users. The firewalls help to
identify the unauthorized users and block the requests of these parties.
The common strategy followed by the users is that the attackers keep coming back a
number of times to attack. The attackers look for an idle time, when there is no watch on the
particular website to carry out the attack. The attackers follow different strategies each time for
carrying out the attack. The organizations should set up a proper system to identify the attackers.
This can be done by keeping a track of the clients and only give access to its client. The other
strategy is that the company can keep track of the previous visitors. The IP address can be
checked and based on the behavior on the behavior in the past visits the user is either enabled
access or denied. For instance, the CAPTCHA ensures that a person trying to access the data is
not a robot (Gafni & Nagar, 2016). Hence, it is sure that no program is being run to get hold of
the access of the data or information.
The organization should keep a secondary network that is the trusted network system
through which a request should be passed. The origin server or the original server only interacts
with the users which pass through the previous network system. The origin server may deny the
users which are directly trying to communicate with it without passing the request through the
primary network system. The primary servers act as an defense mechanism to protect the actual
source from attack. The primary network system only allows those IP addresses to access the
actual source which had no malicious activity in the past or are registered as legal.
The advancement of cyber security technology is also necessary to tackle the new
advancement in the threats. If update is not implemented on the previous technology then the
hackers will easily be able to find a solution to attack the data of the organization.
Implementation of cloud computing can be helpful in advancing the cyber security technology.
The cloud computing technology provides a much more secure method for the prevention of data
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7IT RISK MANAGEMENT- CYBER SECURITY
and information breach (Xu et al., 2015). Artificial intelligence is another method, which will
make the securities stronger (Kasprick et al., 2016).
Conclusion:
Thus from the above report it can be concluded that there are various IT risks that is
faced by the various organizations. There are various kinds of security management processes
such as network management, operation management, information management. Out of these the
network security is most important. The solutions of handling these risks is provided by cyber
security. The various approaches of avoiding the risk of cyber security is provided in the report.
The article that is referred to, shows the ways in which cyber security can be overcome. The
various scenario of how Gigantic Corporation overcome the risk of data and information breach
by the use of cyber security is also given.
Recommendations:
The number of IT threats can be reduced if not completely eliminated. The fight has been
unending and the risks continue to advance with the passage of time. As a result the
advancement of the technologies is also necessary. The advancement of the cyber security
technology can be done. The Gigantic Corporation has planned to make use of the cloud services
for the process of cyber security. With the help of cloud services and providing the private keys
to the authorized customers the cyber security can reach a new level. The creation of snapshots,
which also falls under the strategy of Gigantic Corporation is also very helpful in cyber security.
The basic processes of cyber security involve the usage of trained personnel to handle the
database of the company efficiently. Besides that, the organization can make proper use of the
cyber security technology in identification of the possible sources of threats and rectifying them.
Cyber security brings together a number of processes that may be used to block the potential
threats and safeguard the hardware and the software components of the systems of the
organization. The introduction of the firewalls of all the application of the system through which
the attack may take place is a preventive measure. Another firewall should be introduced on both
ends of in case a business transaction is conducted over a network.
Artificial intelligence is another emerging area and introduction of the same in the field
of cyber security can give a new perspective to the security field. It may post a blow to the
hackers. The use of artificial intelligence will present an advantage of carrying out the security
task faster as compared to when it is conducted manually. The same kind of threat may not
require to perform the same rigorous task for numerous times. The same set of security program
can be executed automatically to counter the attack. The automation security will not require
someone to be present in person for monitoring the applications or the system for the occurrence
of threat. The threat can be overcome as soon as the threat occurs. The Gigantic Corporation is
eyeing the use of artificial intelligence to provide security to the applications that occur at
frequent intervals.
and information breach (Xu et al., 2015). Artificial intelligence is another method, which will
make the securities stronger (Kasprick et al., 2016).
Conclusion:
Thus from the above report it can be concluded that there are various IT risks that is
faced by the various organizations. There are various kinds of security management processes
such as network management, operation management, information management. Out of these the
network security is most important. The solutions of handling these risks is provided by cyber
security. The various approaches of avoiding the risk of cyber security is provided in the report.
The article that is referred to, shows the ways in which cyber security can be overcome. The
various scenario of how Gigantic Corporation overcome the risk of data and information breach
by the use of cyber security is also given.
Recommendations:
The number of IT threats can be reduced if not completely eliminated. The fight has been
unending and the risks continue to advance with the passage of time. As a result the
advancement of the technologies is also necessary. The advancement of the cyber security
technology can be done. The Gigantic Corporation has planned to make use of the cloud services
for the process of cyber security. With the help of cloud services and providing the private keys
to the authorized customers the cyber security can reach a new level. The creation of snapshots,
which also falls under the strategy of Gigantic Corporation is also very helpful in cyber security.
The basic processes of cyber security involve the usage of trained personnel to handle the
database of the company efficiently. Besides that, the organization can make proper use of the
cyber security technology in identification of the possible sources of threats and rectifying them.
Cyber security brings together a number of processes that may be used to block the potential
threats and safeguard the hardware and the software components of the systems of the
organization. The introduction of the firewalls of all the application of the system through which
the attack may take place is a preventive measure. Another firewall should be introduced on both
ends of in case a business transaction is conducted over a network.
Artificial intelligence is another emerging area and introduction of the same in the field
of cyber security can give a new perspective to the security field. It may post a blow to the
hackers. The use of artificial intelligence will present an advantage of carrying out the security
task faster as compared to when it is conducted manually. The same kind of threat may not
require to perform the same rigorous task for numerous times. The same set of security program
can be executed automatically to counter the attack. The automation security will not require
someone to be present in person for monitoring the applications or the system for the occurrence
of threat. The threat can be overcome as soon as the threat occurs. The Gigantic Corporation is
eyeing the use of artificial intelligence to provide security to the applications that occur at
frequent intervals.
8IT RISK MANAGEMENT- CYBER SECURITY
References:
Adi, E., Baig, Z., & Hingston, P. (2017). Stealthy Denial of Service (DoS) attack modelling and
detection for HTTP/2 services. Journal of Network and Computer Applications, 91, 1-13.
Gafni, R., & Nagar, I. (2016). CAPTCHA–Security affecting User Experience. Issues in
Informing Science and Information Technology, 13.
Genge, B., Haller, P., & Kiss, I. (2017). Cyber-security-aware network design of industrial
control systems. IEEE Systems Journal, 11(3), 1373-1384.
Giffin, D., Levy, A., Stefan, D., Terei, D., Mazières, D., Mitchell, J., & Russo, A. (2017). Hails:
Protecting data privacy in untrusted web applications. Journal of Computer
Security, 25(4-5), 427-461.
Gillman, D., Lin, Y., Maggs, B., & Sitaraman, R. K. (2015). Protecting websites from attack
with secure delivery networks. Computer, 48(4), 26-34.
Gol, D., & Shah, N. (2015). Web Application security tool to identify the different
Vulnerabilities using RUP model. International Journal of Emerging Trends in Electrical
and Electronics (IJETEE), 11(2).
Gupta, B. B., Tewari, A., Jain, A. K., & Agrawal, D. P. (2017). Fighting against phishing
attacks: state of the art and future challenges. Neural Computing and
Applications, 28(12), 3629-3654.
He, W., Tian, X., & Shen, J. (2015). Examining Security Risks of Mobile Banking Applications
through Blog Mining. In MAICS(pp. 103-108).
Karyda, M., & Mitrou, L. (2016). Data Breach Notification: Issues and Challenges for Security
Management. In MCIS (p. 60).
Kasprick, R., Hoffman, J., Straub, J., & Kim, E. (2016). Cyber Security Artificial Intelligence
Expert System.
Khan, R., & Hasan, M. (2017). Network threats, attacks and security measures: a
review. International Journal, 8(8).
References:
Adi, E., Baig, Z., & Hingston, P. (2017). Stealthy Denial of Service (DoS) attack modelling and
detection for HTTP/2 services. Journal of Network and Computer Applications, 91, 1-13.
Gafni, R., & Nagar, I. (2016). CAPTCHA–Security affecting User Experience. Issues in
Informing Science and Information Technology, 13.
Genge, B., Haller, P., & Kiss, I. (2017). Cyber-security-aware network design of industrial
control systems. IEEE Systems Journal, 11(3), 1373-1384.
Giffin, D., Levy, A., Stefan, D., Terei, D., Mazières, D., Mitchell, J., & Russo, A. (2017). Hails:
Protecting data privacy in untrusted web applications. Journal of Computer
Security, 25(4-5), 427-461.
Gillman, D., Lin, Y., Maggs, B., & Sitaraman, R. K. (2015). Protecting websites from attack
with secure delivery networks. Computer, 48(4), 26-34.
Gol, D., & Shah, N. (2015). Web Application security tool to identify the different
Vulnerabilities using RUP model. International Journal of Emerging Trends in Electrical
and Electronics (IJETEE), 11(2).
Gupta, B. B., Tewari, A., Jain, A. K., & Agrawal, D. P. (2017). Fighting against phishing
attacks: state of the art and future challenges. Neural Computing and
Applications, 28(12), 3629-3654.
He, W., Tian, X., & Shen, J. (2015). Examining Security Risks of Mobile Banking Applications
through Blog Mining. In MAICS(pp. 103-108).
Karyda, M., & Mitrou, L. (2016). Data Breach Notification: Issues and Challenges for Security
Management. In MCIS (p. 60).
Kasprick, R., Hoffman, J., Straub, J., & Kim, E. (2016). Cyber Security Artificial Intelligence
Expert System.
Khan, R., & Hasan, M. (2017). Network threats, attacks and security measures: a
review. International Journal, 8(8).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9IT RISK MANAGEMENT- CYBER SECURITY
Knapp, E. D., & Langill, J. T. (2014). Industrial Network Security: Securing critical
infrastructure networks for smart grid, SCADA, and other Industrial Control Systems.
Syngress.
Mancuso, V. F., Strang, A. J., Funke, G. J., & Finomore, V. S. (2014, September). Human
factors of cyber attacks: a framework for human-centered research. In Proceedings of the
Human Factors and Ergonomics Society Annual Meeting(Vol. 58, No. 1, pp. 437-441).
Sage CA: Los Angeles, CA: SAGE Publications.
Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. CRC Press.
Rid, T., & Buchanan, B. (2015). Attributing cyber attacks. Journal of Strategic Studies, 38(1-2),
4-37.
Xu, G., Yu, W., Chen, Z., Zhang, H., Moulema, P., Fu, X., & Lu, C. (2015). A cloud computing
based system for cyber security management. International Journal of Parallel,
Emergent and Distributed Systems, 30(1), 29-45.
Knapp, E. D., & Langill, J. T. (2014). Industrial Network Security: Securing critical
infrastructure networks for smart grid, SCADA, and other Industrial Control Systems.
Syngress.
Mancuso, V. F., Strang, A. J., Funke, G. J., & Finomore, V. S. (2014, September). Human
factors of cyber attacks: a framework for human-centered research. In Proceedings of the
Human Factors and Ergonomics Society Annual Meeting(Vol. 58, No. 1, pp. 437-441).
Sage CA: Los Angeles, CA: SAGE Publications.
Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. CRC Press.
Rid, T., & Buchanan, B. (2015). Attributing cyber attacks. Journal of Strategic Studies, 38(1-2),
4-37.
Xu, G., Yu, W., Chen, Z., Zhang, H., Moulema, P., Fu, X., & Lu, C. (2015). A cloud computing
based system for cyber security management. International Journal of Parallel,
Emergent and Distributed Systems, 30(1), 29-45.
1 out of 10
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.