Rply for inital post
user504
NewMicrosoftWordDocument.docxDiscussion 1
Hello Everyone,
As a part of this week, I focused on analyzing the assets required for building an effective risk management frame work. Before setting up a cybersecurity risk management system, the enterprise needs to determine what assets it needs to protect and place a priority on. As the National Institute of Standards and Technology (NIST) points out in its Framework for Improving Critical Infrastructure Cybersecurity, there is no one-size-fits all solution. Different organizations have different technology infrastructures and different potential risks. Some organizations such as financial services firms and healthcare organizations have regulatory concerns in addition to business concerns that need to be addressed in a cybersecurity risk management system (Ogut, Raghunathan & Menon, 2011).
In this paper I briefly described the layered approach followed by the cyber security, with additional protections for the most important assets, such as corporate and customer data. Remember that reputational harm from a breach can do more damage than the breach itself. Guidance Software recommends using new technologies that can find and map data across the enterprise. Once data is mapped, organizations make better decisions on how that data is governed and reduce their risk footprint. For example, even with training and a strong security culture, sensitive information can leave an organization simply by accident, such as data stored in hidden rows in spreadsheets or included in notes within employee presentations or long email threads. Scanning the enterprise for sensitive data at rest and then removing any data stored where it does not belong greatly reduces the risk of an accidental loss of sensitive data. I also summarized the Capability Maturity Model approach with five levels recommended by Deloitte for effective risk management (Ogut, Raghunathan & Menon, 2011).
References
Ogut, H., Raghunathan, S., & Menon, N. (2011). Cyber security risk management: Public policy implications of correlated risk, imperfect ability to prove loss, and observability of self‐protection. Risk Analysis: An International Journal, 31(3), 497-512.
Discussion 2
This week I have researched on cyber threats and its impacts. Cyber security threats mainly come under three categories such as financial gain, disruption and espionage. There are lot of choices in terms of attack approaches to malignant actors. Cyber threats are elaborated as follows, malwares which are malignant works on a network or destined devices were performed by some software for example hacking the data or system (Ghosh, Chakraborty, & Law, 2018). Phishing mostly called as email-borne attack in which emails are sent with malicious hyperlink which discloses the confidential information. Also, Man in the middle attack is threat where an attacker intercepts between sender and recipient to gather all the information. Ransomware is another virus which encrypts the complete data from the device and demands the monetary benefits for decrypting the data. Lot of organizations faced this issue in the recent years right from small scale organizations to large scale organizations (Brown, 2019).
IoT devices are prime target for malicious attacks and vulnerable to the cyber threats. Also, Data breaches such as identity theft, personal information, credit card information could happen if organizations don’t take proper counter measures. Mobile applications and devices are also vulnerable to all the malware attacks which could impact heavily on person information. Impacts of these threats could be physical/Digital, Economic, Social, psychological etc. IoT devices are greatly improved. It mainly cut the expenses and future projects in every department (Ghosh et al., 2018).
In this research of the Internet of Things on automation and security, the concept has expanded the horizons of the Internet of Things. This implementation has a framework with Network Virtual Environment. This has a special place in the gaming environment. Augmented reality and with this NEV has created a virtual space, where users can create themselves one more character. The real threat of this being, that when a person has successfully designed and developed a fully functional human character with emotional intelligence and this virtual human has access to all the ports that are communicating on the world wide web. Such threats are not completely recorded but, have been expecting in the near future (Ghosh et al., 2018).
Internet of things has as well advanced to Virtual Environment of Things, with this kind of the virtual environment of monitoring things, it might be possible to find some breathing room for the security teams to set up perimeters and to monitor the advancement of any intrusions. Artificial Intelligence is raising up its wings with the high-performance computers, supercomputers, and the new quantum computer on the verge of production to open users (Brown, 2019).
References
Brown, A. (2019). Industry 4.0: The Ways in Which Technology is Transforming Industry. Interesting Engineering
