cybersecurity management in organizations

Assingment # 1

Identification, authentication, and authorization

Identification of the information security is the analogous to entering a username.

This is meant to identify a person is who he or she claims to be. Authentication is the

procedure through which one proves that they are who they claim to be. The majority of

the systems normally use passwords to prove they are who they claim to be. The other term

used in information system and security is authorization. The process of authorization

usually occurs after the person has been identified and authenticated. The process is usually

used to help determine what the person can do with the system once he or she has accessed

the system.

An access control list regarding computer file system is a list of rules that classify the users

ability on these files (like read, edit, delete). All access control rules in an access control

list normally identifies owner of this file, and this owner identify the access of other like

read, write, modify and also he assign owner. Access control list has many types, however

the most known are; the discretionary access control (DAC), role based access control

(RBAC) and mandatory access control (MAC) (Solomon, M. (2011)).Discretionary access

control normally related to identify the authority level of user on subject then this user

maintains the access type. In case there is no discretionary access control on that file the

system allow everybody to access this file with full authority. On other hand if there is

lacks or conflict on access control list the system denies the access. The access is normally

denied because discretionary access control list normally does not any access rights.

The security system usually overlooks at the access control list till it finds one access

control rules that permit all the requested access privileges or even till one of the requested

access privileges are denied.

The system control usually facilitates administrators to record tries to access a secured

source. The task of the access control list is to classify the kind of access attempts by an

identified user which result to the system generating a record in the system security event

tables. The access control list in the system access control list normally generates audit

record especially when access trial fails, when it succeeds or even both. It is for the above

reasons I would control list as a manager.

Information systems and security controls

There are three major steps to building a comprehensive security that as a manager

I would consider. To start with is completing a security inventory. I will allow data to drive

my security decision just like any other institution out there. It is essential to take a stock

of all the people and programs that require to be accounted for. This can be done through

identification of system one wish to use with Argos that is used to report a wide range of

the system. It can use be done though identification of the real owner of the system. Identify

the real owner of the system that one wish to use to report is significant.

The second step is reviewing security goals and policies. This step helps when one is

reviewing a new software environment since it provides the necessary security policies in

the institution. Based on the review, one can establish various goals that a security set up

to achieve. In the review of the of the security goals and policies, one can review existing

policies and procedures as they relate to the database. This can be attained through tempting

to study the dozens of security features in MAPs and Argos and simply implementing the

most useful ones. A person can also review security goal and policies through clearly

defining specific security goals.

Finally, the third significant step is establishing the security framework. Once all the

broader details have worked out, the building of the security framework can commence.

Various practices for Microsoft Windows and Application Vulnerabilities are normally

used. Among they are developing an active and updated inventory for all systems resource

including the types of operating system, IP address, and locations of assets. The process

can accelerated by using tools like network scanners or automated discovery products. The

other practice that can help is putting plant to standardize operation and productions

systems and assure using of application software that supported by these systems. This step

will make the jobs easier. Last but not the least of the practices is comparing the reported

vulnerabilities against one inventory or the control list. First, using very reliable detection

system that can identify or alert of most vulnerabilities types, second sort and classify

vulnerabilities based on their impact on the systesms.

ASsingment # 2

Introduction

Malware in computers is a common frustration users have had to face somewhere

along their technology journey and the impacts of this intrusion range from mild to

catastrophic depending on the intention of the creator. Computer malware could simply be

defined as mischievous software created with quite an intent and usually destruction. There

are a lot of sensitive content stored and shared around the globe through a network of

computers for security, economy, partnerships, business chains among others. This key

sectors face competition from rival groups and among other rival defeat steps is accessing

the heart of information and using it against their competitors, hacking could allow for

access but so can malware and thus one of the malicious intents. For this reason and more

here is a look at how to determine the type of malware that is present on the computer or

device as well as a rationale for doing so.

Determining malware

Depending on how the malware has been created it could be detected from instant

popups on computer screen, unreadable content, destruction of data held in the PC files

and the extremes just crush the system, this way the user notices an invasion from alien

software. Upon the occurrence the next step is to determine what kind of malware it is and

how to eliminate it, protect the system and restore the damage it has caused.

Cybercrime gets smarter with age and that means more discrete malware activity with

intense damage capabilities. Categorically can be detected according to impact on

i. Programs

Basically every user should be aware of all the programs installed in their computers

and their ultimate performance and this way will be much easier to notice if a program has

been deleted, is not giving appropriate results and has totally failed to work. The malware

in this case will have interfered with the normal running of the program.

ii. Hardware

Computer malware can cause the computer to heat extremely, process so slowly and

have limited space due to seemingly unseen files filling up the available hardware space.

There is always an expected level of performance for any computer hardware like RAM,

battery, CPU and hard disk always indicated by percentages. Depending on the programs

running simultaneously on the computer the performance of those hardware aspects should

be the normal levels and a variation should alarm concern.

iii. Firmware

This is usually hard to detect and even determine, the computer could instantly shut

down and unable to reboot. The user could have the hard drive tried on another PC and if

it works then one knows the firmware has had malware intrusion.

Measures against computer malware

The most advised step toward computer malware prevent computer malware is to

have an up to date strong and viable antivirus, defined network access by limiting foreign

access and scanning devices and content getting into the PC through checking if there are

corrupted files including those downloaded from emails and links on web space.

If the level of malware damage is too intense the whole system is formatted and

more strict protective settings assigned. For bigger firms the administrator limits the degree

of user access to information especially the read and write capabilities. Most important is

always to have a good content backup even after taking all the necessary precautionary

steps.

Future of Malwares vulnerabilities

Mell, Kent and Nusbaum (2005) mention that future of vulnerabilities is unknown

and listed some factors that assure the increase spread of malwares like using phishing,

spread of malwares over other platforms like cell phones. Furthermore antivirus software

provides only detection not prevention. Based on this I think the future of vulnerabilities

will increase.

Conclusion

The impact of Malwares take range from mild to catastrophic. Determine the type

of malware is depending on how you analysis them. It can be from how malware is created,

the damage that malware is cause or the impacted part that malwares aims. Types of

malwares based on the impacted part are malware impact programs, impact hardware and

impact firmware.

Assingment # 3

How to know if the system is meeting the security goals

Systems are created to ensure that they are confidential; they demonstrate integrity

and are availability (Siponen & Willison, 2009). Secure information systems must

demonstrate that they are providing the above Confidentiality, Integrity, and Availability

triad.

Providing confidentiality of information

Confidentiality of information refers to protecting information, whether online or

offline from un authorized parties. The modern society relies on the electronic platform for

nearly all transactions. Businesses complete their transactions online including banking.

Therefore, the online platform handle's valuable information not limited to personal

information but include trade secrets. Valuable information must be protected from leaking

to un authorized parties, and information security must ensure confidentiality (Siponen &

Willison, 2009). A major component of ensuring information confidentiality is encryption.

An organization must always ensure that information must be encrypted using appropriate

and trusted encryption tools. The purpose of encryption is to ensure that information is only

available of the authorized parties. Wide spread encryption and constantly in use

encryption suggest that such an environment ensure confidentiality.

Enhancing information integrity

Environment using information system can be described as having achieved

security goals when such a system ensure that information is not being modified by

unauthorized parties. Therefore, if the organization or the environment is dealing with

correct information within its system, information integrity is enhanced. Otherwise, if the

information is tampered within the information system such that the target audience is

receiving that has been edited by the third party, information integrity is compromised.

Cryptography for information integrity just like encryption for information confidentiality

ensures that the information system is achieving the security goals when in use within the

environment (Siponen & Willison, 2009).

Information availability

The need to secure data or information must not sacrifice the need for information

availability. Authorized parties within the information system environment must be able to

access the information when needed. Availability ensures organization’s efficiency.

Downtowns, especially from cyber attackers are costly to the organization and users. These

attackers aim at denying users the information they need hence creating a situation of panic

within the environment (Siponen & Willison, 2009). Therefore, one of the key goals of

information security is to ensure that information is highly available and especially to the

right users.

Technical ways to know that the system is meeting security goals

The following technical provisions, when present is away to measure, determine or

know whether the information system is meeting the security goal:

Use of access controls: The ISO/IEC 27001:2005 has developed standards that must

be used to in the information systems environment to ensure security (Fenz et al., 2005).

Among several security enhancement strategies, access control is the domain used across

electronic and physical information environment. The ISO/IEC organization suggests that

any platform or machine using a computer processor must be regulated with selective

access control. Organizations are required to have policies that regulate information access

and protocols for access controls must be incorporated in these policies. Restrictive access

to organization information resources must ensure that organizational information is

assimilated, authorized and disseminated in a controlled strategy.

In a typical implementation of access control, there must be registration and de-

registration procedures. Working and effective access controls must be subject to change

from time to time. Just like there are so much information technology innovations coming

up every day and rendering older technology obsolete, access controls must be updated

every often. The organization must have a procedure to establish when these controls are

due for a change or when they are due for updates. For example, passwords change and

removal should be done so frequent and in a way that is anonymized (Mallado et al., 2007).

Since organizations have frequent updates, new and incoming systems must have their

high-level security configurations especially when they are electronic in nature.

The use of access control testing by a third party is also another way of ensuring

that information security is enhanced. Information access control testing ensures that the

main objectives of access control are achieved. The testing brings about determining that

software used for access control has high-security measures, have less leakage and perform

the task they are intended to perform. Information confidentiality, integrity, and availability

among others form the main concept of developing high-security measures. While the

organization might have renowned information security measures and appropriate

technologies in place, part of information security management is hiring a third party

organizations or information security experts to independently test the system for possible

flows. Organizations must ensure that information security meets the ISO/IEC standards

but ensuring so require quality control (Fenz et al., 2005). Enhancing quality control means

that a third party not affiliated with the system’s information vendor must be check, test

and verify that access controls are delivering their claims.

Conclusion

Meeting the security goal measure when the system meet the CIA tents, which

confidentiality, Integrity and Arability. These component of security can be met by many

tools and strategies like access controls. Another way to know whether the information

security system is effective is to document and analyze the number of flow security

incidents (Fenz et al., 2005). Organization’s security management system must have a

record of information security flows such that a good working access control system

improves often. The trends of information security breaches and flaw cases must be

reducing to near elimination from the past to the present. Important to note is that

information security problems become complex due to continuous and fast rate

innovations. Therefore, information security should also be a head or at least keep pace

with complex technology.

Assingme # 4

Introduction

The act of securing data entails prevention from unauthorized access, intentional

destruction, accidental mistakes and unwarranted corruption. Encryption of data is among

the safest ways of securing stored data. However, there are other steps to securing data that

involve a proper understanding of the threats, formulating appropriate defense lawyers and

continuous monitoring of activities. Most importantly one should be keen on the logical as

well as physical security measures when working towards securing the company’s network

security. Several systems work depending on the company’s choice. But ultimately one

should settle for the most effective ones.

Ensuring windows network security

Implementation of tight data protection and security models that include multiple

rings of defense to counteract several threats. These several layers of defense can always

protect data in case one of the defenses is compromised by threats.

The inclusion of both logical and physical security systems. Separating closets in

their office depending on the level of security needed. Encryptions, authentication, and

passwords are highly protected and only accessed by a few relevant individuals (Jones,

2010).

With logical security, networks are secured with running antispyware, firewalls and

virus detection programs. There is the implementation of storage systems based volumes

and logical unit number mapping and masking as their first line of defense (Schulz, 2006).

With physical security, there is a change of security and access controls, change of

door locks often and key codes. Change of default settings at the installation stage and

often restricted access to management tools to those who only need. Keeping records of

those who have access to fixed and removable data storage media and devices. Adoption

of techniques such as virtual private networks, encryption and IPSec protocol to protect

data while in transmission (Jones, 2010).

Most companies have adopted the culture of being transparent with data security

especially with those involved making the users not have evil thoughts of tampering with

the data.

For wireless security, most companies have enabled WPA2 security with AES

encryption and SSID for private use. Such security ensures that no devices that are wireless

get connected to a less secure version of WPA security that has TKIP encryption that is

often at risk of cracking (Geier, 2015).

Industries also ensure any cabling that is network enabled is not easily accessible

to the public but only accessible by authorized personnel. Any open or unused Ethernet

ports in the buildings should be disabled to avoid unauthorized usage (Schulz, 2006).

Keeping track of employees mobile devices, so that in the case of loss malicious

people will not get access to the company's WiFi via the stolen device that had once been

used to log in using the company's passwords.

Most companies have also adopted a virtual private network where employees can

communicate and share ideas even not physically together or exchange notes from afar

without risking the security of the information and data. Employees can securely connect

to the networks in their headquarter offices even on a business trip. The VPN protocol

establishes a channel that is virtual between either two networks or machines. The VPN

can also exchange shared several secrets without access by a malicious third party by

creating encryption keys. Whatever is transported along that established channel is often

in an encrypted package with an address on the cover of the package with the contents

being hidden from any other person's view (Ismail and Zainab, 2010). The wrapper is only

removed once it reaches the destination.

How to connect computers together without risking your organization’s information

to loss, alteration, or disclosure

Use of vulnerability scanning tools such as Microsoft baseline security analyzer to

check the security state of your networks. Such tools are used to check for things such as

unpatched software and open ports (Ismail and Zainab, 2010).

Installation and maintenance of security software such as the installation of

windows defender antivirus suite for Windows eight computers and Microsoft security

essentials for Windows seven users. Installation of personal software inspector that alerts

the user when their current software is running out of date.

One should adopt the least privilege principle i.e. avoid signing into a computer

using administrator rights. This is because if you run a computer signed in as an

administrator, it is prone to exploitation and many security risks (Geier, 2015). Dangers

that come with such include file deletion, hard drive reformatting and the creation of new

user accounts with administrative access without your consent.

Maintenance of current updates and software by using secure and supported

operating systems. Installation of a personal software inspector called Secunia which alerts

you to update software and applications that are running out of date.

Always ensure important documents and files are backed up to your email. Such practice

ensures your data is protected in case of an operating system crash, virus attack or hardware

failure.

Encourage use of strong usernames and passwords that cannot be easily accessed

by any unauthorized person (Geier, 2015). Also, keep changing passwords more often for

the sake of stored information security.

Conclusion

Computers are only effective if used well. One should always be keen on the

security essentials when it comes to computer use so as to ensure the protection of sensitive

information and data from loss or malicious attacks. This can be achieved by installing

security software and ensuring they are always up to date. One should also be keen on the

logical and physical security of their data and other information stored on the computer.

Assingment # 5

Security of the operating system

Operating system software is useful to the enterprise and at the same time adds to

security vulnerability. Thus the software that runs the operating system needs to be

centralized and automated in across the enterprise. Also a formal security policies should

take in place. Then it should include controlling user access to corporate assets such as

servers, directories, and files is a good way to maintain security in the workplace (Plate,

Ponta, & Sabetta, 2015). According to Bishop (2003), the first thing is to ensure that the

software is equipped with servers for the network which should be done in one place and

include only the separate configurations that organizations require. This makes the sets of

image being downloaded across the network to automate the process and eliminate manual

work. The administrators must then verify the compliance of the policy in ensuring that the

users are able to access the data correctly. Secondly, the account management should be

centralized so as to control access to the network in ensuring that the users have the

appropriate access to enterprise resources. Thus the software should be administered in a

manner that allows enterprise policies; rules and intelligence are located in one place and

not in each box. In this manner, an enterprise can have one ID manager who at all times

ensure that the software automate the operating system in reducing manual work (Bishop

2003). Additionally, the software running the software can be configured in ensuring that

the activity to which the data to be used is monitored easily and efficiently. This will make

the administrators to know who is and isn’t making connections. This will also facilitate in

pointing out the potential security issues that are likely to affect the operating system.

Popular Microsoft applications

According to Tech Talk (2012), the most popular Microsoft software application is

Internet Explorer. The software highly competes with Chrome and Firefox due to the

ability of the software being frees and reaching all nations with internet connectivity. The

software is available by default with any version windows operating system. The Internet

explorer software is used in organizations to secure data through the ability of the software

to generate security zones. The security zones are convenient for managing and securing

the environment from which data is being exchanged n an organization. Internet Explorer

defines the local intranet zones which is organizational firewall for computers connected

to a local network. The internet trusted sites such as corporate subsidiary site is then

identified so as to allow restrictions from unidentified sites. The second popular software

is Microsoft Word as according to a survey carried by Tech Talk, Word was opened 26,768

times. The Word offers a variety of processing programs that has led to use of universal

PDF formats in document distributions. The software allows security for the data through

the provision of back-ups. An organization can use wizard mode of data back-up in

simplifying the process of creating and storing backups. Once one creates documents using

the word, the documents can be stored in files and folders. The organization should ensure

that individuals can appropriately share information with permission of the person who

generated the files in across the office. The organization can ensure that the members’ uses

pass word in protecting the organization documents.

Thirdly, strong Office Outlook is software that competes with email client

programs. The software is powerful, flexible and easier to use making a lot of clients use

it freely. The software safeguards organization information through the use of encryption

file system. This is using an inbuilt in certificate-based encryption system in protecting

individual files and folders. The owners are able to access the information by selecting

their information from the check box ensuring that only the concerned employees have an

access to the information (Schneider, 2000). The Microsoft Excel has been used by most

clients as standard software for writing formulas and in the development of pivot tables

ranking the software as fourth in the popularity of Microsoft applications. In an

organization, the users can ensure that the information that is generated in excel and is in

transit is protected through the use of Internet protocol security with the individuals sending

and receiving the data complying with security terms. The generated excel information

may be consisting of formulas that the user only are aware of its meaning making sure that

the hackers will not be able to understand the information, alternatively, the organization

can keep off from hackers by securing their data through the use of wireless transmission

lines. The management can in an organization need to ensure that data accessibility among

the members is controlled effectively. For instances, the use of windows rights

management services provided by Microsoft word in controlling what the recipients are

able to do on the data should be monitored (Schneider, 2000). The management can control

the transmission of data against the unsecured networks which calls for use of software that

allow access to the protected documents either in Word or Excel.

References1

Lye, K. W., & Wing, J. M. (2005). Game strategies in network security. International

Journal of Information Security, 4(1), 71-86.

Solomon, M. (2011). “Security strategies in Windows platforms and applications”

Stoneburner, G., Goguen, A. Y., & Feringa, A. (2002). Sp 800-30. risk management

guide for information technology systems.

Tomar, K., & Tyagi, S. S. ENHANCING NETWORK SECURITY AND

PERFORMANCE USING OPTIMIZED ACLS.

References2

Michael Sikorski and Andrew Honig Practical Malware Analysis: The Hands-On Guide

to Dissecting Malicious Software

Mell, P., Kent, K., Nusbaum, J., ”Guide to malware incident prevention and handling”,

National Institute of Standards and Technology (NIST), 2005.

Richard Bejtlich , The Tao of Network Security Monitoring: Beyond Intrusion Detection


References3

Siponen, M. & Willison, R. (2009), Information security management standards: Problems

and solutions. Information & Management, 46 (5): 267-270.

Fenz, S.; Goluch, G.; Ekelhart, A.; Riedl, B.; Weippl, E., (2007), "Information Security

Fortification by Ontological Mapping of the ISO/IEC 27001 Standard," in

Dependable Computing, 2007. PRDC 2007. 13th Pacific Rim International

Symposium on, vol., no., pp.381-388, 17-19 Dec. 2007

Mallado, D., Fernandez-Medina, E. & Piattini, M. (2007), A common criteria based

security requirements engineering process for the development of secure information

systems. Computer Standards & Interfaces. 29(2): 244-253


References4

Gieger, E. (2015). Best ways to secure your wireless networks. In Windows

networking.com. http://www.windowsnetworking.com/articles-tutorials/wireless-

networking/best-ways- secure-your-wireless-network.html Accessed

9/11/2015.

Ismael, R. and Zainab, A.N. (2010). A framework for assessing information systems

security practices in libraries. Kuala Lumpur: LISU, FCSIT pp 273-287.

Jones, A. (2010).How do you make information security user-friendly? In Edith Cowan

University Research Online. ECU publications.

Schulz, G. (2006). Top 10 ways to secure your stored data. In computer world.

http://www.computerworld.com/article/2546352/data-center/top-10-ways-to-

secure-your- stored-data.html?page=3 Accessed 9/11/2015.


References5

Bishop, M. (2003), What is computer security? Security & Privacy, IEEE. 1(1):67-69.

Plate, H., Ponta, S. E., & Sabetta, A. (2015). Impact assessment for vulnerabilities in open-

source software libraries.

Schneider, F.B. (2000), Enforceable Security Policies. ACM Transactions on Information

and System Security, 3(1):30-50.


Tech Talk, (2012). Microsoft most popular software applications. Retrieved on November

23, 2015, from http://techtalk.pcpitstop.com/2012/05/14/microsofts-most-popular-

software-applications/

cybersecurity management in organizations

Documents