Analysis of IT Security Risks, Solutions, and the CIA Model

Verified

Added on 2019/09/30

AI Summary

This report provides an analysis of IT security in the digital era, emphasizing its crucial role in business transformation and risk management. It explores the significance of information security in making businesses more digital, addressing operational risks, and protecting against theft and damage. The report delves into the CIA model (Confidentiality, Integrity, and Availability) as a guide for information security, highlighting measures to protect valuable data. It then examines the risks faced by a company, Code Galore, due to changes in its IT processes, including data security breaches, confidentiality issues, and data availability problems. Worst-case scenarios, such as virus attacks and data leaks, are discussed, along with the role of the CSO in resolving these issues by documenting risks, hiring experts, and implementing security measures like firewalls and password systems. References to relevant research papers are also included.

Running Head: Accounting / IT
Accounting/IT

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Accounting/IT 1
6. In this digital era, information security plays a crucial role in business. Information security
has a key role in making transformation processes digitally. It helps the business to determine the
risk and taking corrective measures for risk residual. Information security acts as an aid in
making the business more digital by nature. This information security helps in dealing with the
operational risk. Thus it also protects the business from theft and physical damage. Information
system helps in solving the problems more quickly. Information security also gives the basic idea
to the business that how to design things, how to do the testing. It also tells that how the
production of products or services can be done. It also allows the employees in an organization
to follow good security measures (Chen et al., 2016).The information security also helps in
analyzing the operational risk. It also helps in completing a day-to-day task.
Analyzing: Information security helps to determine the things better. This also provides the great
picture that what all is going in the organization. It helps in analyzing the basic areas which are
needed to be changed for the betterment of the organization.
Overcoming Old system: Information Security helps to replace the old system with the new
system. New system helps in reducing the cost.
The information security helps the business to accomplish the goals in an effective and efficient
manner. Information security helps in increasing the productivity. Information security helps in
reducing the time taken to perform the task.
7. CIA stands for Confidentiality, Integrity, and Availability. These are the optimal guide for
information security. It helps to analyze that how information technologies are widely used in an
organization. There are few measures which must be taken in order to protect the valuable

Accounting/IT 2
information. This model helps in providing the organization to achieve its information security.
There are three major areas that are as follows
 Confidentiality
 Integrity
 Availability
The above three are the core objectives of the information security.
Confidentiality
Confidentiality is one of the critical issues as there is a huge protection of information from
unauthorized access. This is one of the complex activities as it requires the control on the access
to the protected information. In this only authorized users are permitted to have access to it while
the unauthorized person is blocked from accessing it. The basic goal of confidentiality is to
protect the information of an organization.
Integrity
The goal of integrity is that in which the information needed to be kept accurate and clear unless
authorized changes are made. It also measures to monitor and control authorized access, use, and
transmission of the information. It refers to the information that remained unchanged during the
storage and there is no modification in information.
Availability
It refers to that information should be available when and where rightly needed. In short, the
information must be needed when the authorized person wants. This particular topic helps in

Accounting/IT 3
ensuring that information is available every time. Availability is maintained when all
components of the information system are working properly.
7. The company Code galore has changed the whole IT process. Now, these changes lead to huge
risk in the company. The area of great risk is as follows:
Data Security: When there was the major change in the IT this lead to huge risk. The risk is
associated with the data security. This might be possible that the data can be stolen or leaked. So
data security is the major area which we need to take care. The company also needs to look
forward that how all have the access to the data. There should be authorized person who should
access the data.
Confidentiality of the Data: Due to the major changes in the IT there might be the possibility that
data can be hacked by anyone or there can misuse it. There should be authorized person who
should have the access to it. There might be a possibility that the information is used by some
other people and they make use of the information that is available there. There is a huge risk of
confidentiality of the data.
Availability of Data: Because the major changes have come across the various sections of IT.
There might be the possibility that the data availability is reduced. Availability of data refers to
the data that is available whenever the person required. There is the huge chance of data to be
damaged. So the availability of data is also a major loss to the company.
These three are the major areas that involve huge risk or if there is any change in company
policies or norms related to information security (Mueller et al., 2015).These areas will be
adversely affected.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Accounting/IT 4
9. The worst-case scenarios that the company faces are as follows:
The computer of code Glare which was connected to those of Sky Haven. It was found that it got
attacked by malicious viruses and software. This wholly destroys the software as well as the
business of the company. Because of this, the company has to face so many financial losses.This
would really jeopardize the business. This was one of the worst scenarios that company faces due
to major change.
In the code galore, it was found that the security was weak and this caused the problem as the
sensitive data was leaked outside the company. This was the major issue that company faces
because of the major change (Rousmaniere et al., 2016).This risk was associated with the
confidentiality of the data.
The company also faces the major issue when there was the change that has occurred because of
the change in the procedure of IT. This made the software crash of Code galore company. The
company has to face so many problems in recovering the data. Not only the data was the problem
but also the infrastructure and network was damaged wholly. So the company needs to call so
many experts to recover the data. It also creates hurdle in doing day-to-day operations. This was
the worst case which taught the company to take major steps that help in operating really well.
10. The CSO of every company plays a major role in resolving so many cases. The CSO is the
head of Code Glare .He can resolve major issues of the company. So the CSO needs to be active
in finding solutions to so many problems. The CSO can document what all are the risk that is
involved in both the cases. He can also discuss various problems that the employees are facing.
He can also hire the experts for resolving major issues. He can also give his suggestions in
resolving any new risk that can come in future (Bradshaw et al., 2015). He should also arrange

Accounting/IT 5
the meetings with senior management and in this, we can highlight the areas where there are
huge chances of risk. He should take opinions from various employees in his company. The CSO
also try to bring the high – level of technology in the company. So that there is less chance of
risk .Using high-level technology also helps in enhancing the productivity. It also helps in
improving the quality and quantity of work. The CSO should also make use of firewalls so that
there is more security and the system can be become secure (Farrell et al., 2015).The company
should also use that policy so that strategies and policies of the company are not leaked outside
the company. The company should also make use password system. So that unauthorized person
can make use of company’s information. The company should focus on CIA model (Amoroso et
al., 2014).

Accounting/IT 6
References
Chen, Y., & Zahedi, F. M. (2016). INDIVIDUALS’INTERNET SECURITY PERCEPTIONS
AND BEHAVIORS: POLYCONTEXTUAL CONTRASTS BETWEEN THE UNITED
STATES AND CHINA. Mis Quarterly, 40(1).
Mueller, M., Schmidt, A., & Kuerbis, B. (2013). Internet security and networked governance in
international relations. International Studies Review, 15(1), 86-104.
Bradshaw, S., & DeNardis, L. (2016). The politicization of the Internet’s Domain Name System:
Implications for Internet security, universality, and freedom. new media & society,
1461444816662932.
Farrell, S., & Tschofenig, H. (2014). Pervasive monitoring is an attack.
Amoroso, E., Gibbon, D., Jana, R., Laing, B., Liu, H., & Rubin, D. (2014). U.S. Patent No.
8,755,826. Washington, DC: U.S. Patent and Trademark Office.
Rousmaniere, T., & Kuhn, N. (2016). Internet security for clinical supervisors. Using
Technology to Enhance Clinical Supervision, 103.