6Q

Mitigation Strategy (Phase 2 of Final Project)

Abstract

Data is unquestionably becoming an organization's most important asset in the modern internet era. As a result, the data is recorded and saved in the cloud for later processing and decision-making. To accomplish this, data warehousing, in conjunction with machine learning strategies, enables enterprises to make use of their data and forecast the future of their businesses. However, the internet has also resulted in data breaches and security attacks, resulting in business losses (Conklin et al., 2018). In this context, businesses should implement mitigation strategies that will aid in the avoidance of such hazards and, more crucially, the reduction of their effects.

Breach Handling Procedure

It is critical to develop a breach handling procedure before an organization implements mitigation methods for potential risks. Breach handling procedure is a series of measures for ensuring that any suspected breach is detected, and the appropriate course of action is done before the cyber criminals carry out the breach.

Breach Detection

According to the flowchart above, a breach sensor data is installed in the organization's network system to identify any data breach incidents. If a breach is discovered, the owner is alerted so that a corrective action can be taken. If there is a reason to whitelist, the owner can do so. It is quarantined if there is no whitelisting. If a whitelist exists, confinement should be implemented, and data should be given the option of being restricted or not. The restriction will necessitate the use of Critical Incident Response (CIR) (Thomas & Galligher, 2018). Critical Incident Response is also established if the breach is critical. Otherwise, it is restored and recovered.

Breach Handling Procedure

The CIR is triggered if the data breach is determined to be critical or if restricted data has been compromised, as shown in the diagram above. The information provided by the first respondent aids in determining whether the impacted hardware should be confiscated or not, preventing further access to the system. The inquiry has been launched in order to determine what may have caused the data breach, so that when it comes to devising mitigation methods, the business would consider all variables (Thomas & Galligher, 2018). It's worth emphasizing that the management team should be informed of all of this, and a report of each step should be created to ensure that the correct procedures are documented for future use and advancement.

Security Mitigation Strategy

American International Group can adopt a variety of mitigation techniques, including always keeping software up to current. To accomplish this, the company must verify that their systems have the most recent security and operational patches from reputable providers. As a result, the susceptibility of systems will be reduced (Cormier & Ng, 2020). The current software includes built-in security detection technologies that aid in the detection of any types of ransomwares commonly utilized by cybercriminals. Additionally, an organization should verify that anti-virus software is installed on all its computer systems. Anti-virus software that was kept up to date provided excellent protection for the computer systems while also ensuring that any security flaws in the organization's system were addressed. Most importantly, using antivirus will ensure that your machine is safe from any virus breakouts (Cormier & Ng, 2020). This is because any virus signature discovered will be intercepted and quarantined, stopping it from propagating to other computers.

Consequently, businesses should make sure that any data they consider vital is backed up. It is vital to highlight that there is a broader flexibility for the business in terms of mitigation procedures that should be put in place to help mitigate cybersecurity risk and secure the most sensitive and secret information (Dooley & Rooney, 2017). Putting these safeguards in place aids in the creation of backup data, which allows a company to continue operations even if its computer systems are disrupted by a disaster. Investing in security through employee training is another excellent way for a firm to mitigate security threats. Since the staff is the one that always has significant amount of time to the access to data, instructing them on safety precautions is critical. Employees should be taught on information ethics and what to do in computer systems to keep the systems safe from hackers. Employees, for example, should be taught about various forms of attacks, such as phishing, spyware, and others, to ensure that they are not targeted.

Most significantly, multi-factor authentication is the greatest mitigating mechanism that should be deployed. These include adopting two-factor authentication or multiple authentication factors, which is a very powerful tool for mitigating cyber dangers. Personal access to the system is granted after using the password and any other form of authentication accessible with two-factor authentication. In this sense, no one will be able to access the system without successful authentication (Dooley & Rooney, 2017). This deters potential hackers because the process is difficult and ensures the security of the organization's data.

Conclusion

It may be inferred that one of American International Group's multiple mitigation techniques is to always maintain its software up to current. To accomplish this, the company must verify that their systems have the most recent security and operational patches from reputable providers. As a result, the susceptibility of systems will be reduced. Additionally, an organization should verify that anti-virus software is installed on all its computer systems. Anti-virus software that was kept up to date provided excellent protection for the computer systems while also ensuring that any security flaws in the organization's system were addressed. As a result, businesses should make sure that any data they consider vital is backed up. It is vital to highlight that there is a broader flexibility for the business in terms of mitigation procedures that should be put in place to help mitigate cybersecurity risk and secure the most sensitive and secret information.

References

Conklin, W. A., White, G., Cothren, C., Davis, R. L., & Williams, D. (2018). Principles of computer security: CompTIA Security+ and beyond (5th ed.). McGraw Hill Professional.

Cormier, A., & Ng, C. (2020). Integrating cybersecurity in hazard and risk analyses. Journal of Loss Prevention in the Process Industries, 64, 104044.

Dooley, M., & Rooney, T. (2017). DNS Security Management. John Wiley & Sons.

Thomas, J., & Galligher, G. (2018). Improving backup system evaluations in information security risk assessments to combat ransomware. Computer and Information Science, 11(1).