Project part 4

didosld

Projectpart1-SecurityGapsandMitigations.pdf

Home >Information Systems homework help >Project part 4

Project part 1- Security Gaps and Mitigations

Doyin Adebowale

Legal Studies in Cyber Security

ITC762-899-FA21

Professor Kenneth Newman

Cyber Incident Report

Weaknesses displayed in the scenario

i. There is no protection of passwords.

ii. There are no encryption methods applied to the hard disk.

iii. On portable systems, there is no remote administration enabled

iv. Data is not kept on the remote programs with the necessary file/share authorizations

v. An incident reaction strategy has not been implemented

vi. No operator is trained for appropriate management of corporate-owned systems

vii. Unfavorable press representation

Risk Mitigations

i. All computer systems should be domain-connected to enhance password/username safety and

Group Policy arrangements to prevent any danger vectors on the system should any hacker get

to the computer utilizing a cracked username/password.

ii. Group Policy settings and physical hard disk encoding with a TPM are not enough to stop a

threat actor from extracting the hard drive from the computer and obtaining the raw data on

the hard drive, sidestepping file/share authorizations. (Böhm et al., 2021)

iii. The software application of endpoint solutions that provide remote access, remote erasure of

the hard disk, or GPS location monitoring for recovery

iv. Data vital to the operation of the institution is always saved on a central server on campus

(with offsite backups) with proper file/share authorizations to avoid unwanted access. A VPN

connection can be utilized to protect remote server access for company processes to continue

operating remotely.

v. Similar to an emergency management plan, a draft and assembled incident response strategy

should be executed. Also, processes and procedures should be included, like but not confined

to: when the IT system experiences catastrophic failure (for example, due to a natural

catastrophe or system hacking), loss (physical or statistics), or cyberattack.

vi. An operator training on the topic of how to manage both on- and off-campus IT systems.

Written policies and statements that are disseminated and accepted by employees. Training

and documentation should be inspected to make sure that all aspects of the IT infrastructure

have been taken into consideration (fresh software, after a cyber incident, new threat vectors,

etc.). (Haber & Rolls, 2020)

vii. Following an event, a report should be prepared with an effective mitigation strategy from the

results of the inquiry. This report should describe remedies that were implemented in advance

and during the occurrence, as well as countermeasures that will be implemented to avoid

future accidents. To minimize confusion when reporting to the media, or other personnel like

board members and directors, the report should describe and explain this information in

layman's terms.

Implementations and Requirements

As per the Gramm-Leach-Bliley Act (GLBA), an Information Security Program will be

executed as per the safeguards established under the 16 CFR Part 314. 3 (Principles for protecting

client data)

a) An information security program A complete information security program developed in

sections that incorporate protections suited to the scale and complexity and the type and

extent of the operations must be established. In order to be adequately secure, the measures

shall incorporate the standards outlined in Section 314.4 and be appropriately tailored to meet

the goals in paragraph (b) of this division. (Groot, 2019)

b) Objectives. The aim of division 501(b) of the act, and this part entails; to safeguard sensitive

client data from hackers, stop unauthorized or malicious actions or processes that might

jeopardize the security or authenticity of the data, and prevent any client from experiencing

considerable loss or inconvenience as a result of unlawful access to or use of information.

As per the Gramm-Leach-Bliley Act (GLBA), the audits will be a necessity to assess the

below as per the safeguards established under the 16 CFR Part 314. 4 (To establish, execute and

maintain the information security policy by making the following commitments); (Groot, 2019)

a) Establish a program coordinator(s) to oversee the data security programs.

b) Define rationally predictable internal and external threats to the security, authenticity, and

quality of client data, as well as any existing protections in place to manage these threats, then

determine if these safeguards are sufficient. A thorough evaluation of the risks in all areas of

the business should involve examination of hazards in all areas of the activities such as;

worker training and handling, the design, implementation, and support of information

systems, such as computer networks and software, as well as data processing, retention,

conveyance, and destruction, and catching, stopping, and combating assaults, attacks, among

other system catastrophes.

c) Design and execute information precautions to control the risk recognized via risk evaluation.

These safeguards should be tested or otherwise monitored on a regular basis to verify that

they are working.

d) Supervising service suppliers through; Leveraging sound recruitment practices to identify and

maintain service providers that can help keep the consumer data secure and necessitating

service givers to execute and maintain the protections identified under contract.

e) Assess and regulate the information security program as per the outcomes of the examination

and monitoring needed by paragraph (c) of this division; any substantial transformation of the

activities or business plans, or other situations that can have or belief can have a substantial

influence on the information security system. (Groot, 2019)

Conclusion

Generally, the above-mentioned publications, risk mitigation measures, and processes have to be

implemented correctly will they be successful. To the extent feasible, and while conserving

resources and business activities, A company should create a cybersecurity team to evaluate, adapt

and execute the mentioned measures from the report as firmly and sensibly as probable with no

serious effect on assets and business functions. The CIO and other governing officials should

convene conferences on a recurring basis to analyze, report, and minimize risks. Without timely

assessments of this information, new dangers may be created and hence uncontrolled, which can

result in cyber-attacks being recurrent or more exploitation.

References.

Böhm, F., Vielberth, M., & Pernul, G. (2021). Bridging knowledge gaps in security

analytics. Proceedings of the 7th International Conference on Information Systems Security

and Privacy. https://doi.org/10.5220/0010225400980108

Groot, J. (2019, July 15). What is GLBA compliance? Understanding the data protection

requirements of the Gramm-Leach-Bliley act in 2019. Digital

Guardian. https://digitalguardian.com/blog/what-glba-compliance-understanding-data-

protection-requirements-gramm-leach-bliley-act

Haber, M. J., & Rolls, D. (2020). Meeting Regulatory Compliance Mandates. In Identity Attack

Vectors (pp. 99-102). Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-5165-2_8

https://doi.org/10.5220/0010225400980108

https://digitalguardian.com/blog/what-glba-compliance-understanding-data-protection-requirements-gramm-leach-bliley-act

https://doi.org/10.1007/978-1-4842-5165-2_8