Q1W1

Q1 200-250 words.

Review the 12 categories of threats represented in the textbook. Compromises of intellectual property are perhaps the most damaging to an organization. Of the remaining threats, choose two and describe security solutions that could prevent, deter, or manage the threat while protecting the intellectual property of an organization. How would you prioritize these solutions?

Reply to responses. 75-100 words

A Shauna

Hello Class,

The other two that would I would prioritize would be human error and espionage or trespass. When it comes to human error we need to make sure that we know what we are doing or from a business aspect we need to make sure the employees are trained correctly to prevent any type of error from happening. Human error also happens when one is being lazy and just simply not paying attention to what they are doing which can cause a company's property a lot of damage.

Espionage or trespass can happen to anyone whether it is a business or a personal device. Although most of the time hacking can be unauthorized we need to make sure to always protect our devices and have our software and security updated to prevent any type of hacking or unauthorized access.

Whitman, M., & Mattord, H. (2018). Management of information security. Cengage. Retrieved March 9, 2022. https://bibliu.com/app/#/view/books/9781337671545/pdf2htmlex/index.html#page_1

Reply to responses

B Cody.

Hello Class,

    Compromises of Intellectual Property are the most damaging because of how valuable Intellectual Property may be to a company. Intellectual Property could be the sole source of a business’ revenue or even the sole source of it’s operating techniques. Something of this value could hold a price tag of being priceless and if compromised, could destroy a business completely. 

    In order to further protect a companies Intellectual Property, security solutions for Software Attacks and Theft must first be implemented. Software Attacks consist of viruses, worms, macros, and denial of service attacks. These may all be leveraged to ultimately dig deeper into a company’s network and to steal their Intellectual Property. To protect and mitigate against scenarios such as this, antivirus software, a sandbox system that can run files and see if they are malicious, and an machine learning type of software must be implemented to catch any malicious activity that was sent through viruses, worms, or macros.

    To protect against theft, physical security constraints should be installed so that intruders can not get inside of a company and steal the storage or computer device that contains Intellectual Property. These type of protective measures include heavy duty door locks, computer locks, to access control systems, such as biometric and ID card entry. You may also include well trained security personnel that is able to have eyes on the areas of interest since technology can be manipulated or may be faulty on occasion. Implementing Software Attack and Theft mitigation techniques are must haves to protect a company’s intellectual property.

C Jacob

Good evening Professor Ligon and class,

Two threats that I believe would be important to understand would be espionage or trespass and human error or failure. These would be at the top of my list along with compromises of intellectual property because there can be many factors that play into them. Also, I do not feel that there are a lot of preventative measures in place to always protect from these threats. For human error or failure, this threat can be more of laziness and falls directly onto the user. Improper training and inexperience are the main direct causes for the threats and could cause major damage if not taken seriously. (Whitman & Mattord, 2018) Different ways that we can combat this threat are for continuous training, situational awareness, and different controls such as verifying commands by a second set of eyes. Continuous training and situational awareness are key in managing the threat by giving the users every tool for their toolbox in identifying possible phishing, social engineering, and pretexting attacks.

Espionage or trespass can become tricky just because attackers have many avenues of approach at their disposal to carry out an attack, especially some that are considered legal but maybe not ethical. Also, hackers would fit into this threat where they can be a threat all by themselves. Ways to prevent these attacks would be utilizing an authorization and authentication method that employs multiple layers to protect unauthorized users. The use of pen testers would also be a viable solution to manage possible holes within your network and get them corrected before any damage is done.

Whitman, M., & Mattord, H. (2018). Management of Information Security. BibliU. Retrieved March 8, 2022, from https://bibliu.com/app/#/view/books/9781337671545/pdf2htmlex/index.html#page_18