ERM

Answer the Below Question. APA format. 300 words. Textbook : Information Governance: Concepts, Strategies and Best Practices; John R.S. Fraser, Betty J. Simkins, Kristina Narvaez; Copyright © 2015 by John R.S. Fraser, Betty J. Simkins, Kristina Narvaez (ISBN 978-1-118-69196-0) Beasley, M. S. (2016). What is Enterprise Risk Management? Retrieved from https://erm.ncsu.edu/az/erm/i/chan/library/What_is_Enterprise_Risk_Management.pdf Question 1: Discuss example of Cyber security threats or crimes introduced by IoT in the health care domain, then explain how digital forensics approach can tackle such threats. Write Response to below two Discussions seperately.APA format. 100 words each. DISCUSSION 1: Here, I would like to take and explain on the DDoS attack. Distributed Denial of Service (DDOS) is type of attack that targets the network structure by disabling the server and inhibiting it access to its clients. This can happen in any form such as sending many requests to the server resulting in crashing or slowing down of its activity, flooding the server with large amounts of invalid data with tampered IP addresses, etc. It damages the servers of the healthcare system and not allowing its patient to access it. As tracking the patients’ data and chronic disease management is very essential for health care sector, this type of attack can disturb its whole functioning. (Chacko, 2018). Privacy concern can be one other problem faced due to IOT in healthcare. The medical systems that used to maintain the patient’s details and health records are said to be exposed in the year 2015, which made it clear that privacy to the data will raise a concern. They have been hacked using brute force algorithms and hard-coded logins. The devices operated using IOT such as anesthesia equipment’s, cardiology devices, etc., are observed having fake medical records being managed by the attackers which could manipulate the original data and this impact is observed on the decision making as they get deviated from the actual fact. (Chacko, 2018). IoT frameworks can meet the two prerequisites of digital flexibility and digital security, these frameworks will arrive at the most significant level of reliability giving clients sure human services administrations, and acknowledgment of IoT innovation. In this way, Safavi et al. have portrayed six critical highlights of digital security necessities for IoT based human services like the classification, verification, approval and accessibility. And, MacDermott et al. have examined that honesty and the accessibility are the essential security prerequisites for IoT. Most explicitly, they examined the job of trust all among the IoT hubs which ought to guarantee to recognize the precious hubs in the system. Finally, the researcher has alluded to IoT security concerns including protection, verification, get to control and to trust the executives. References Someyeh Nasiri., F. S. (2019). Security Requirements of Internet of Things-Based Healthcare System a Survey Study. National Institute of Health Chacko, A. (2018). Security and Privacy Issue with IoT in Healthcare. Retrieved from https://www.researchgate.net/publication/326568227_Security_and_Privacy_Issues_with_IoT_in_Healthcare DISCUSSION 2: Cyber security threats in the internet of things are a very risky factor in the health care data. Many of the health care industries are losing their patients data and at the same time losing around billions of money every year. Minimum one data breach per day is happening and attacks that are exaggerated numerous patient records. These cyber threats are becoming extensively complex to recognize, mitigate and prevent. The best suitable and explanatory example for this could be when a patient visits the doctor for any kind of reason and the doctor prescribes to go for ECG and other medical check-ups where the smart healthcare devices are associated with cloud. The patient will visit the health care analyst for the check-ups and ECG. The personal information and healthcare information will be stored in the cloud application where it might become the source for the intruders to gain access of the information of patients. (Abouelmehdi, Beni-Hessane&Khaloufi, 2018) When the data breaches from the cloud services, investigation will be conducted to know what might be the reasons for the breach of the patient information. In this process, digital forensic will be very support to investigate the reasons behind the scenario. In the first step, digital evidence will be collected from the remote server and forensic analyst will be trying to address the problems which are come across in the cloud forensics and will be identified in every stage of typical case. Initially, the strength of character that cloud forensics is mandatory could only be conceivable after obtaining hidden or cached data and saved login credentials from smartphone or laptop. The forensic analyst will not take back any proof and in the gathering of cloud evidence, frequent problems will be found like the group of metadata will not be possible and in the cloud computing, there will be no possibility of physically seizing every server.(Metcalf, Milliard, Gomez & Schwartz, 2016) References Metcalf, D., Milliard, S., Gomez, M., & Schwartz, M. (2016). Wearables and the Internet of Things for Health: Wearable, Interconnected Devices Promise More Efficient and Comprehensive Health Care. IEEE Pulse, 7(5), 35-39. Abouelmehdi, K., Beni-Hessane, A., &Khaloufi, H. (2018). Big healthcare data: preserving security and privacy. Journal Of Big Data, 5(1).