assgn22

Running Head: CYBER-SECURITY IMPROVEMENT PLAN 1

PureLand Water Waste Status

According to Wang and Lu (2013), the development and communication of cyber-security improvement plans is usually done to conduct a gap analysis or an overall risk assessment of all the activities of the organization. This also comes hand in hand with recommending that something needs to be done to improve the general compliance score as per the results of the analysis. It is also usually meant to ensure both the integrity and confidentiality of the information available regarding cyber security. This, therefore, is a process that involves the changing of the risk mitigations efforts into real actions which will directly regulate the risk observed. Hence, it can be deducted that, cyber-security improvement plans are meant to guide the team through the actions that will bring tangible solutions to the problems seen (Cherdantseva, et al, 2016). I this paper, the company’s current status in terms of strengths, weaknesses, opportunities and threats is analyzed.

Strengths

These are the features that the company has that currently make it stand out in as far as cyber security is concerned. As it stands, the company’s control structure is stable, thereby capable of defending itself against cyber-attacks. It also has a well-equipped framework that ensures efficient interconnections as far as data progression systems are concerned. This also means that operations, specifically those involving authentication, are effective.

Weaknesses

While the company boasts of the above mentioned strengths, it still experiences some weaknesses. For starters, the company does not have an efficient digital security system. Their current system cannot guarantee ultimate security from data breaches or chemical used at the water treatment plant. This means that aggressors can easily take advantage of the ICS and control the water system for whatever harmful reasons they may have in mind. This poses great danger to not only the users but also the overall management of the treatment plant. Failure to deal with this weakness may mean several losses to the company as far as confidential information is concerned. Given the fact that a breach could potentially ruin the company, ultimate digital security should be a priority.

Opportunities

Despite the above mentioned weaknesses, the company has the opportunity to redeem itself. Fist, advancement in technology means that the weakness in digital security can be turned into a strength by implementing the right infrastructure. This will also include having the right organizational security approaches and techniques that are up to date. It should also be noted that effective cyber-security involves having constant communication with the Department of Homeland Security as it provides the necessary and up to date guidelines. It also ensures that compliance remains a priority for all operations at the company.

Threats

Finally, a threat assessment provides an overview of the threats the company faces reveals the relationship the company’s operations holds with the environment. A chemical spillage for example could be hazardous. This is what can happen in the event of a breach in security, which keeps on getting more sophisticated as time goes by. Investing in ultimate firewalls that keep on being updated would therefore be prudent in this case.

References

Adler, R. M. (2013, November). A dynamic capability maturity model for improving cyber security. In Technologies for Homeland Security (HST), 2013 IEEE International Conference on (pp. 230-235). IEEE.

Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., & Stoddart, K. (2016). A review of cyber security risk assessment methods for SCADA systems. Computers & security, 56, 1-27.