Security Awareness Program Report for INFS 5114 Course
VerifiedAdded on 2022/11/15
|15
|3996
|171
Report
AI Summary
This report, prepared for the INFS 5114 Security Operations course, presents a comprehensive security awareness program designed for an organization facing cyber threats. The report begins with an executive summary outlining the objectives to enhance employee behavior and mitigate cyber risks. It then details a security awareness needs assessment, identifying risks such as phishing, ransomware, and data breaches, and emphasizes the importance of a risk appetite framework. A security awareness strategy and plan are developed, incorporating ISO 27005 risk management methodologies and considering the business context of the 'All in one Medical center,' a healthcare organization. The report explores various methods for delivering security awareness, including training, awareness tools, and communication strategies. It includes a threat discussion focusing on ransomware and malicious emails. Finally, it outlines security awareness measures and metrics to evaluate program effectiveness. The report aims to guide the development of a robust security awareness program, contributing to a more secure organizational environment.
Running head: SECURITY OPERATIONS
SECURITY OPERATIONS
Name of student
Name of university
Author’s note:
SECURITY OPERATIONS
Name of student
Name of university
Author’s note:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1
SECURITY OPERATIONS
Table of Contents
Security awareness needs assessment............................................................................2
Security Awareness Strategy and Plan...........................................................................3
Methods for Delivery of Security Awareness................................................................5
Threat discussion............................................................................................................8
Security Awareness Measures and Metrics..................................................................11
References....................................................................................................................12
SECURITY OPERATIONS
Table of Contents
Security awareness needs assessment............................................................................2
Security Awareness Strategy and Plan...........................................................................3
Methods for Delivery of Security Awareness................................................................5
Threat discussion............................................................................................................8
Security Awareness Measures and Metrics..................................................................11
References....................................................................................................................12
2
SECURITY OPERATIONS
Executive summary
The meaning of the report is to identify the cyber attacks that are likely to impact the
performance of the organisation. The mean objective is to develop a behavioural change
within the employees for creating better I want is against the cyber threats. This will ensure
that proper steps are taken for the purpose of protecting, detecting and towards the security
incidents. Recently it has been identified that due to error in human activities several data got
breached via emails. This led to impacting the sensitive details that were stored in the system.
The data Got theft by phishing and with the use of ransomware infection. Thus in order to
overcome this situation the organisation have planned a future investment on cyber security
so that the data stored within the system can be maintained effectively.The organisation that
is considered in the report is all in one medical centre that is a private owned organisation in
the healthcare industry. There are basically for branches associated with this organisation that
serves towards the community in a particular rural area. The report will focus on describing
the effective measures that are needed for creating security and one is among the employs. In
addition to these districts that are identified within the organisation are also going to be
discussed in the report. Lastly the report will include a security awareness measures along
with the metrics for understanding this security factors effectively.
Security awareness needs assessment
The organisation has faced several risks associated with the credential data. Thus it
become Essential to implement proper policies that will protect the customers data from
further attacks. In order to avoid the attacks it is important to implement successful risk
appetite framework. Risk appetite helps in providing a clear picture about the risks that are
likely to impact the organisation. Please don’t tease it becomes easy to prepare strategic
objectives that will protect the organisation from for the damages. The major steps that are
SECURITY OPERATIONS
Executive summary
The meaning of the report is to identify the cyber attacks that are likely to impact the
performance of the organisation. The mean objective is to develop a behavioural change
within the employees for creating better I want is against the cyber threats. This will ensure
that proper steps are taken for the purpose of protecting, detecting and towards the security
incidents. Recently it has been identified that due to error in human activities several data got
breached via emails. This led to impacting the sensitive details that were stored in the system.
The data Got theft by phishing and with the use of ransomware infection. Thus in order to
overcome this situation the organisation have planned a future investment on cyber security
so that the data stored within the system can be maintained effectively.The organisation that
is considered in the report is all in one medical centre that is a private owned organisation in
the healthcare industry. There are basically for branches associated with this organisation that
serves towards the community in a particular rural area. The report will focus on describing
the effective measures that are needed for creating security and one is among the employs. In
addition to these districts that are identified within the organisation are also going to be
discussed in the report. Lastly the report will include a security awareness measures along
with the metrics for understanding this security factors effectively.
Security awareness needs assessment
The organisation has faced several risks associated with the credential data. Thus it
become Essential to implement proper policies that will protect the customers data from
further attacks. In order to avoid the attacks it is important to implement successful risk
appetite framework. Risk appetite helps in providing a clear picture about the risks that are
likely to impact the organisation. Please don’t tease it becomes easy to prepare strategic
objectives that will protect the organisation from for the damages. The major steps that are
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3
SECURITY OPERATIONS
associated with security awareness program at testing, training, engaging the employees,
tracking the activities of each employee and measuring the impacts of activity performed by
the employees. The major threats that were faced by the organisation were fishing email that
resulted to loss of credential data from the system. This data contained crucial details
regarding the patients. The second security event that occurred was the ransomware
infectionThat resulted the business disruption and lastly due to data breach the personal
information regarding individuals got impacted. Thus with the help of proper security
awareness programme it will become easy to manage their employees so that they does not
allow any unwanted user to get into the system.The main reason behind implementing a
proper security awareness programme between the organisation is to award each and every
employee within the organisation about the recent threats. This will aware the employee
about the consequences of these threats. In order to conduct a proper security awareness
programme within the organisation it is important to provide training to words the employees
with with the help of seminars so that they can learn about the recent traits that are taking
place on cyber.
Security Awareness Strategy and Plan
There are three noteworthy strides in the improvement of an IT security mindfulness
and preparing program – planning the program (counting the advancement of the IT security
mindfulness and preparing program plan), building up the mindfulness and preparing
material, and executing the program. Indeed, even a little measure of IT security mindfulness
and preparing can go far toward improving the IT security stance of, and cautiousness inside,
an association (Bada, Sasse and Nurse 2019). This segment depicts the initial phase in the
advancement of a mindfulness and preparing program: planning the program.
SECURITY OPERATIONS
associated with security awareness program at testing, training, engaging the employees,
tracking the activities of each employee and measuring the impacts of activity performed by
the employees. The major threats that were faced by the organisation were fishing email that
resulted to loss of credential data from the system. This data contained crucial details
regarding the patients. The second security event that occurred was the ransomware
infectionThat resulted the business disruption and lastly due to data breach the personal
information regarding individuals got impacted. Thus with the help of proper security
awareness programme it will become easy to manage their employees so that they does not
allow any unwanted user to get into the system.The main reason behind implementing a
proper security awareness programme between the organisation is to award each and every
employee within the organisation about the recent threats. This will aware the employee
about the consequences of these threats. In order to conduct a proper security awareness
programme within the organisation it is important to provide training to words the employees
with with the help of seminars so that they can learn about the recent traits that are taking
place on cyber.
Security Awareness Strategy and Plan
There are three noteworthy strides in the improvement of an IT security mindfulness
and preparing program – planning the program (counting the advancement of the IT security
mindfulness and preparing program plan), building up the mindfulness and preparing
material, and executing the program. Indeed, even a little measure of IT security mindfulness
and preparing can go far toward improving the IT security stance of, and cautiousness inside,
an association (Bada, Sasse and Nurse 2019). This segment depicts the initial phase in the
advancement of a mindfulness and preparing program: planning the program.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4
SECURITY OPERATIONS
Mindfulness and preparing programs must be planned in view of the association
mission. It is significant that the mindfulness and preparing program underpins the business
needs of the association and be pertinent to the association's way of life and IT design. The
best projects are those that clients feel are applicable to the topic and issues displayed (Peltier
2016).
Structuring an IT security mindfulness and preparing program addresses the inquiry
"What is our arrangement for creating and executing mindfulness and preparing openings that
are agreeable with existing directives?"8 In the structure venture of the program, the office's
mindfulness and preparing needs are recognized, a successful office wide mindfulness and
preparing plan is created, hierarchical purchase in is looked for and verified, and priorities are
built up (Tsohou, Karyda and Kokolakis 2015).
The association are resolved to survey hazard to their data. ISO 27k are benchmarks
that empower the association to keep up worthy guidelines and helps in managing the most
huge data dangers. These measures bode well from the commonsense usage and the board
viewpoints (Bauer, Bernroider and Chudzikowski 2017). ISO 27005 is only a considerable
standard (ISO,2011). In this paper, ISO 27005 hazard the board approach will be connected
to a speculative association in one of the businesses in particular account, human services,
retail and advanced education. In setting of this paper, medicinal services businesses will be
picked. This paper will likewise talk about the outline of the chose speculative association
that conceptualize its key qualities. This paper is additionally expected to decide potential
effect rating in the zones of client experience, notoriety, business disturbance, wellbeing and
security consistence and cost to the association by utilizing the nonexclusive result table
(Tsohou et al. 2015).
SECURITY OPERATIONS
Mindfulness and preparing programs must be planned in view of the association
mission. It is significant that the mindfulness and preparing program underpins the business
needs of the association and be pertinent to the association's way of life and IT design. The
best projects are those that clients feel are applicable to the topic and issues displayed (Peltier
2016).
Structuring an IT security mindfulness and preparing program addresses the inquiry
"What is our arrangement for creating and executing mindfulness and preparing openings that
are agreeable with existing directives?"8 In the structure venture of the program, the office's
mindfulness and preparing needs are recognized, a successful office wide mindfulness and
preparing plan is created, hierarchical purchase in is looked for and verified, and priorities are
built up (Tsohou, Karyda and Kokolakis 2015).
The association are resolved to survey hazard to their data. ISO 27k are benchmarks
that empower the association to keep up worthy guidelines and helps in managing the most
huge data dangers. These measures bode well from the commonsense usage and the board
viewpoints (Bauer, Bernroider and Chudzikowski 2017). ISO 27005 is only a considerable
standard (ISO,2011). In this paper, ISO 27005 hazard the board approach will be connected
to a speculative association in one of the businesses in particular account, human services,
retail and advanced education. In setting of this paper, medicinal services businesses will be
picked. This paper will likewise talk about the outline of the chose speculative association
that conceptualize its key qualities. This paper is additionally expected to decide potential
effect rating in the zones of client experience, notoriety, business disturbance, wellbeing and
security consistence and cost to the association by utilizing the nonexclusive result table
(Tsohou et al. 2015).
5
SECURITY OPERATIONS
The speculative association that is talked about in this paper is "Across the board
Medical focus". This is a private possessed association in medicinal services industry. This
association has four branches in four distinctive provincial networks. These branches serve
the networks in their individual specific rustic region. Each part of restorative focus has a bed
limit of 50 which is separated by patient inflow in that specific office.
Vision of across the board restorative focus is to have great therapeutic consideration
for networks in rustic locale and remote territories in Australia. Mission of "Across the board
restorative focus " association is to go about as an advertiser to improve the all-encompassing
strength of provincial networks under one rooftop (Ahlan, Lubis and Lubis 2015).
"Across the board therapeutic focus" association pursues the Australian government's
national vital system for rustic and remote wellbeing. This national vital system directs the
administration to make approach, arranging plan and conveyance of wellbeing
administrations in rustic and remote networks.
So as to accomplish effective structure chance hunger assumes an indispensable job.
A hazard craving gives an unmistakable picture and decide measure of hazard association is
happy to look for as indicated by its vital goals. This association has created chance hunger
which is preservationist (Aldawood and Skinner 2019).
In perspective on deciding the genuine potential effect on association, it is imperative
to think about the idea of business of picked association.
Methods for Delivery of Security Awareness
Numerous procedures exist to get an IT security mindfulness message, or a
progression of messages, spread all through an organization. The technique(s) picked rely on
assets and the unpredictability of the message(s).
SECURITY OPERATIONS
The speculative association that is talked about in this paper is "Across the board
Medical focus". This is a private possessed association in medicinal services industry. This
association has four branches in four distinctive provincial networks. These branches serve
the networks in their individual specific rustic region. Each part of restorative focus has a bed
limit of 50 which is separated by patient inflow in that specific office.
Vision of across the board restorative focus is to have great therapeutic consideration
for networks in rustic locale and remote territories in Australia. Mission of "Across the board
restorative focus " association is to go about as an advertiser to improve the all-encompassing
strength of provincial networks under one rooftop (Ahlan, Lubis and Lubis 2015).
"Across the board therapeutic focus" association pursues the Australian government's
national vital system for rustic and remote wellbeing. This national vital system directs the
administration to make approach, arranging plan and conveyance of wellbeing
administrations in rustic and remote networks.
So as to accomplish effective structure chance hunger assumes an indispensable job.
A hazard craving gives an unmistakable picture and decide measure of hazard association is
happy to look for as indicated by its vital goals. This association has created chance hunger
which is preservationist (Aldawood and Skinner 2019).
In perspective on deciding the genuine potential effect on association, it is imperative
to think about the idea of business of picked association.
Methods for Delivery of Security Awareness
Numerous procedures exist to get an IT security mindfulness message, or a
progression of messages, spread all through an organization. The technique(s) picked rely on
assets and the unpredictability of the message(s).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6
SECURITY OPERATIONS
Procedures an office may consider incorporate, yet are not restricted to:
Messages on mindfulness devices (e.g., pens, key dandies, post-it notes, notebooks,
emergency treatment units, tidy up packs, diskettes with a message, bookmarks, Frisbees,
tickers, "gotcha" cards)
Posters, "do and don't records," or agendas
Screensavers and cautioning standards/messages
Newsletters
Desk-to-work area cautions (e.g., a printed copy, brilliant hued, one-page notice it is
possible that one for each work area or steered through an office – that is disseminated
through the association's mail framework)
Agency wide email messages
Videotapes
Web-based sessions
Computer-based sessions
Teleconferencing sessions
face to face, teacher drove sessions
IT security days or comparative occasions
"Darker sack" workshops
Pop-up date-book with security contact data, month to month security tips, and so on.
Mascots
Crossword confuses
SECURITY OPERATIONS
Procedures an office may consider incorporate, yet are not restricted to:
Messages on mindfulness devices (e.g., pens, key dandies, post-it notes, notebooks,
emergency treatment units, tidy up packs, diskettes with a message, bookmarks, Frisbees,
tickers, "gotcha" cards)
Posters, "do and don't records," or agendas
Screensavers and cautioning standards/messages
Newsletters
Desk-to-work area cautions (e.g., a printed copy, brilliant hued, one-page notice it is
possible that one for each work area or steered through an office – that is disseminated
through the association's mail framework)
Agency wide email messages
Videotapes
Web-based sessions
Computer-based sessions
Teleconferencing sessions
face to face, teacher drove sessions
IT security days or comparative occasions
"Darker sack" workshops
Pop-up date-book with security contact data, month to month security tips, and so on.
Mascots
Crossword confuses
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
SECURITY OPERATIONS
Awards program (e.g., plaques, mugs, letters of appreciation)
A few strategies that loan themselves to spread of a solitary message are the
utilization of mindfulness instruments, blurbs, get to records, screensavers and cautioning
standards, work area to-work area alarms, organization wide email messages, dark colored
sack workshops, and grants programs (Karavaras, Magkos and Tsohou 2016).
Strategies that can all the more effectively incorporate various messages incorporate
"do and don't records," bulletins, tapes, electronic sessions, PC based sessions, remotely
coordinating sessions, in-person teacher drove sessions, and dark colored pack workshops.
Procedures that can be genuinely reasonable to actualize incorporate messages on
mindfulness devices, blurbs, get to records, "do and don't records," agendas, screensavers and
cautioning pennants, work area to-work area alarms, organization wide email messages, face
to face educator drove sessions, dark colored pack courses, and rewards programs
(Haeussinger and Kranz 2017).
Systems that can require more assets incorporate bulletins, tapes, electronic sessions,
PC based sessions, and video chatting sessions.
However making mindfulness material fascinating and current, rehashing a
mindfulness message and utilizing an assortment of methods for showing that message can
enormously build clients' maintenance of mindfulness exercises or issues (Bullée et al. 2015).
For instance, dialog in a teacher drove session about abstaining from being a casualty of a
social designing assault can be fortified with publications, occasional office wide email
messages, and messages on mindfulness devices that are circulated to clients.
SECURITY OPERATIONS
Awards program (e.g., plaques, mugs, letters of appreciation)
A few strategies that loan themselves to spread of a solitary message are the
utilization of mindfulness instruments, blurbs, get to records, screensavers and cautioning
standards, work area to-work area alarms, organization wide email messages, dark colored
sack workshops, and grants programs (Karavaras, Magkos and Tsohou 2016).
Strategies that can all the more effectively incorporate various messages incorporate
"do and don't records," bulletins, tapes, electronic sessions, PC based sessions, remotely
coordinating sessions, in-person teacher drove sessions, and dark colored pack workshops.
Procedures that can be genuinely reasonable to actualize incorporate messages on
mindfulness devices, blurbs, get to records, "do and don't records," agendas, screensavers and
cautioning pennants, work area to-work area alarms, organization wide email messages, face
to face educator drove sessions, dark colored pack courses, and rewards programs
(Haeussinger and Kranz 2017).
Systems that can require more assets incorporate bulletins, tapes, electronic sessions,
PC based sessions, and video chatting sessions.
However making mindfulness material fascinating and current, rehashing a
mindfulness message and utilizing an assortment of methods for showing that message can
enormously build clients' maintenance of mindfulness exercises or issues (Bullée et al. 2015).
For instance, dialog in a teacher drove session about abstaining from being a casualty of a
social designing assault can be fortified with publications, occasional office wide email
messages, and messages on mindfulness devices that are circulated to clients.
8
SECURITY OPERATIONS
Threat discussion
The “All in one Medical center” faced the ransomware issue that led to the business
disruption to the key business unit. The malware that is associated with the ransomware could
be defined as the kind of the malware that prevents the users from any kind of access of their
system or the personal files and it demands the ransom payment for regaining access. It has
been observed that the ransomware could infect the system of the organization several ways.
The ransomware could perform the effective encryption of the files and the data on the
system of the users and block the complete access inside the system (Kharraz et al. 2015).
This could also be executed on the network of any organization where the data could be
seized and equivalent amount of money is asked to pay for releasing the data (Scaife et al.
2016). The ransomware attacks are commonly executed using the Trojan which is made to be
disguised as the legitimate file that is made to be downloaded by the user and then it gains the
complete access of the system of the user (Kharaz et al. 2016). When the ransomware were
introduced in the modern technologies, the initial victims were the individual systems of the
people. Moreover, the cybercriminals initiated to comprehend the complete potential when
the ransomware were introduced in the businesses (Andronio, Zanero and Maggi 2015).
There has been the significant success of the ransomware against the businesses, as the
ransomware attacks significantly halts the productivity and it leads to the loss of the data and
the revenue, and it made the authors turned majority of the attacks towards them (Continella
et al. 2016).
The most common method that is being deployed in the present times is the malicious
spam or the malspam that is the unsolicited email that could be utilized for the delivering of
the malware. This email might include the secured compromising attachments like the PDF
or Word documents. It could also comprise of the links to some malicious websites
(Kolodenker et al. 2017). The malspam utilizes the social engineering for tricking the people
SECURITY OPERATIONS
Threat discussion
The “All in one Medical center” faced the ransomware issue that led to the business
disruption to the key business unit. The malware that is associated with the ransomware could
be defined as the kind of the malware that prevents the users from any kind of access of their
system or the personal files and it demands the ransom payment for regaining access. It has
been observed that the ransomware could infect the system of the organization several ways.
The ransomware could perform the effective encryption of the files and the data on the
system of the users and block the complete access inside the system (Kharraz et al. 2015).
This could also be executed on the network of any organization where the data could be
seized and equivalent amount of money is asked to pay for releasing the data (Scaife et al.
2016). The ransomware attacks are commonly executed using the Trojan which is made to be
disguised as the legitimate file that is made to be downloaded by the user and then it gains the
complete access of the system of the user (Kharaz et al. 2016). When the ransomware were
introduced in the modern technologies, the initial victims were the individual systems of the
people. Moreover, the cybercriminals initiated to comprehend the complete potential when
the ransomware were introduced in the businesses (Andronio, Zanero and Maggi 2015).
There has been the significant success of the ransomware against the businesses, as the
ransomware attacks significantly halts the productivity and it leads to the loss of the data and
the revenue, and it made the authors turned majority of the attacks towards them (Continella
et al. 2016).
The most common method that is being deployed in the present times is the malicious
spam or the malspam that is the unsolicited email that could be utilized for the delivering of
the malware. This email might include the secured compromising attachments like the PDF
or Word documents. It could also comprise of the links to some malicious websites
(Kolodenker et al. 2017). The malspam utilizes the social engineering for tricking the people
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9
SECURITY OPERATIONS
of any organization into opening the attachments or clicking on the links by seeming as the
appropriate person or the legitimate persons. The cybercriminals utilizes the social
engineering in some of the kinds of the ransomware attacks (Brewer 2016). One more
popular infection procedure that is being used is the maladvertising. The maladvertising or
the malicious advertising could be defined as the use of the online advertising for the
distribution of the malware with the little to no user interaction needed (Moore 2016). While
the users are browsing on the web, even though the websites are the legitimate websites, the
users could be easily direction to the criminal servers without any clicking on any kind of ad
(Mercaldo et al. 2016). These particular servers then catalog the details regarding the victim
computers and the locations of the computers and then choose the malware that is best suited
to the delivery into the targeted systems. The maladvertising frequently utilizes the infected
iFrame or the invisible webpage element for gaining the access into the target computer and
gain the easy access inside the network where the computer has been placed. The iFrame then
redirects to the exploit landing pages where the malicious code perform the attacking on the
system from that landing page using the kit of exploit (Richardson and North 2017). There
are several kinds of ransomware that are required to be properly analyzed by the
organization. Some of the common ransomware that are required to be analysed by the
organization are:
Scareware: the Scareware includes the rogue software of security and the scams of the
tech support. The employees of the organization might gain the popup message that claims
that the malware has been discovered along with the claim that the sole method by which the
malware could be eradicated from the system is by paying. This method keeps on providing
the messages but the main thing is that the files on the system are significantly secure and it
does not face any threat due to these kind of malware. The main idea is that if the software of
that company is not installed on the systems of the network then there is no requirement of
SECURITY OPERATIONS
of any organization into opening the attachments or clicking on the links by seeming as the
appropriate person or the legitimate persons. The cybercriminals utilizes the social
engineering in some of the kinds of the ransomware attacks (Brewer 2016). One more
popular infection procedure that is being used is the maladvertising. The maladvertising or
the malicious advertising could be defined as the use of the online advertising for the
distribution of the malware with the little to no user interaction needed (Moore 2016). While
the users are browsing on the web, even though the websites are the legitimate websites, the
users could be easily direction to the criminal servers without any clicking on any kind of ad
(Mercaldo et al. 2016). These particular servers then catalog the details regarding the victim
computers and the locations of the computers and then choose the malware that is best suited
to the delivery into the targeted systems. The maladvertising frequently utilizes the infected
iFrame or the invisible webpage element for gaining the access into the target computer and
gain the easy access inside the network where the computer has been placed. The iFrame then
redirects to the exploit landing pages where the malicious code perform the attacking on the
system from that landing page using the kit of exploit (Richardson and North 2017). There
are several kinds of ransomware that are required to be properly analyzed by the
organization. Some of the common ransomware that are required to be analysed by the
organization are:
Scareware: the Scareware includes the rogue software of security and the scams of the
tech support. The employees of the organization might gain the popup message that claims
that the malware has been discovered along with the claim that the sole method by which the
malware could be eradicated from the system is by paying. This method keeps on providing
the messages but the main thing is that the files on the system are significantly secure and it
does not face any threat due to these kind of malware. The main idea is that if the software of
that company is not installed on the systems of the network then there is no requirement of
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10
SECURITY OPERATIONS
paying the additional money for securing the network but if the software has been installed
then there is the requirement of paying the persons who are claiming about this threat.
Screen lockers: This kind of the ransomware could significantly block the users from
the computer making them significantly difficult to access the files and the data on the
system. When the lock-screen ransomware gains the access into the computers of the
organization then it completely blocks the users from the system. As soon as the users restarts
the computer,t eh complete size window appears on the desktop page of the computer and it
claims that there has some claims that the system is illegal and there is a requirement of
paying significant capital for unblocking the computer.
Some of the mitigation methods that could be implemented by the organization for
mitigation of this threat are never paying the ransoms. As with the other kinds of the
malware, the security software may not be able to detect the ransomware payload or
specifically in situation of the encryption of the payloads only afterwards the encryption has
been complete, specifically if any new version that is unknown to that protective software has
been distributed. If any attack has been suspected or detected in the early stages, it takes
significant time for the encryption to be implemented completely, the immediate removal of
the malware could not be executed prior that malware has been successful in inflicting the
complete damage to the system and the data of the organization. The security experts have
provided the recommendation that the precautionary measures for the dealing with the
ransomware attacks are the security policies and the software programs for blocking the
unknown payloads from being launched would significantly help in preventing the infection
but it might not be able to protect against all kinds of the attacks. Maintaining the offline
backup system could also be significantly helpful for the organization to store and manage all
the data of the organization and this offline backup system could not be affected from the
infected computers. The organization could practice the installation of the security updates
SECURITY OPERATIONS
paying the additional money for securing the network but if the software has been installed
then there is the requirement of paying the persons who are claiming about this threat.
Screen lockers: This kind of the ransomware could significantly block the users from
the computer making them significantly difficult to access the files and the data on the
system. When the lock-screen ransomware gains the access into the computers of the
organization then it completely blocks the users from the system. As soon as the users restarts
the computer,t eh complete size window appears on the desktop page of the computer and it
claims that there has some claims that the system is illegal and there is a requirement of
paying significant capital for unblocking the computer.
Some of the mitigation methods that could be implemented by the organization for
mitigation of this threat are never paying the ransoms. As with the other kinds of the
malware, the security software may not be able to detect the ransomware payload or
specifically in situation of the encryption of the payloads only afterwards the encryption has
been complete, specifically if any new version that is unknown to that protective software has
been distributed. If any attack has been suspected or detected in the early stages, it takes
significant time for the encryption to be implemented completely, the immediate removal of
the malware could not be executed prior that malware has been successful in inflicting the
complete damage to the system and the data of the organization. The security experts have
provided the recommendation that the precautionary measures for the dealing with the
ransomware attacks are the security policies and the software programs for blocking the
unknown payloads from being launched would significantly help in preventing the infection
but it might not be able to protect against all kinds of the attacks. Maintaining the offline
backup system could also be significantly helpful for the organization to store and manage all
the data of the organization and this offline backup system could not be affected from the
infected computers. The organization could practice the installation of the security updates
11
SECURITY OPERATIONS
that are issued by the software vendors could also help in the mitigation of the vulnerabilities
that are leveraged by the specific strains for propagation inside the system. Some of the other
measures includes the cyber hygiene, the practicing of the caution while any email
attachments are being opened and the links are being opened, the segmentation of the
network is significantly helpful for protecting the data from the infected sectors of the
network.
Security Awareness Measures and Metrics
It is significantly important to implement the metrics for any security program as it is
to posses such a program initially. The suggested measures that could be used by the
organisation for measuring the effectiveness of the security program that has been
implemented by the organisation. The initial stage includes the measurement of the
capabilities and the maturity, then the measurement of the return on investment is required
for gaining the complete understanding of the working of the security program and the last
stage includes the measurement of the readiness of the responding to any kind of security
threats and any kind of attacks.
SECURITY OPERATIONS
that are issued by the software vendors could also help in the mitigation of the vulnerabilities
that are leveraged by the specific strains for propagation inside the system. Some of the other
measures includes the cyber hygiene, the practicing of the caution while any email
attachments are being opened and the links are being opened, the segmentation of the
network is significantly helpful for protecting the data from the infected sectors of the
network.
Security Awareness Measures and Metrics
It is significantly important to implement the metrics for any security program as it is
to posses such a program initially. The suggested measures that could be used by the
organisation for measuring the effectiveness of the security program that has been
implemented by the organisation. The initial stage includes the measurement of the
capabilities and the maturity, then the measurement of the return on investment is required
for gaining the complete understanding of the working of the security program and the last
stage includes the measurement of the readiness of the responding to any kind of security
threats and any kind of attacks.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 15
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.