1
1-4 Draft of Training Manual: Introduction and Purpose
2
Executive Summary and Purpose
In the technology-driven times, all the business undertakings have to be on
their toes at all times. This is because online threats and cyber attacks can arise from
anywhere without prior warning. The lack of preparedness by an organization in the
cyber setting can have a detrimental impact on the very existence and sustainability
of the business. The research fundamentally captures North Star Software Developers’
cyber incident. The severity of the cyber attack is high as it has led to the probable
loss of confidential information such as personal information as well as credit card
numbers of the purchasers of the firm’s software products. This incident is one of the
many cyber attack occurrences that are happening in the dynamic and uncertain
business setting.
In the present times, cyber criminals and online hackers use a wide range of
sophisticated techniques so that they can gain unauthorized access into the computer
systems and networks of business entities and individuals. On most of the occasions,
they have malicious intent. The training manual that primarily focuses on North Star
Software Developers’ captures various vital cyber security components such as the
need to conduct proper online traffic analysis. It can help to identify any kind of
abnormal behavior in computer networks. ‘Firewalls’ which act as vital security
components have been highlighted. The IT professionals need to get a thorough
insight into firewalls so that they can be used to keep unauthorized users and online
criminals at a distance. In addition to this, the organization also has the scope to
employ Intrusion Detection and Prevention Systems. It can strengthen the security
model of its IT ecosystem. The IT professionals also need to make sure that they
carry out frequent Vulnerability assessments. Such an approach will enable them to
identify security weaknesses that can be compromised by cyber hackers. Such
3
assessments must be supported by Network Scanning and Assessment to capture the
presence of an uninvited user. The professionals working in the IT department of
NSSD also gain knowledge on having a tab on online activities. In order to do so
there is the need to carry out proper auditing and collection of logs. A number of
network security tools have been recommended that can be used by North Star
Software Developers to prevent similar attacks from taking place.
The main issue that has been discussed in the training manual relates to
NSSD firm’s network servers that have been compromised. Due to this, unauthorized
individuals or groups might have got access into the firm’s computer systems and
stolen confidential data and information. As the cyber incident has taken place, the
business faces a major IT risk that might not just impact its work processes but also
its brand reputation in the competitive business. The cyber attack that has crippled
the business has basically led to the most likely loss of confidential and sensitive
data and information. Unauthorized used have got access to various kinds of
information such as personal information and credit card numbers of buyers of
NSSD’s software products. It has not been disclosed whether this cyber attack took
place from inside or outside of the organization. Suitable recommendations have been
made so that NSSD can employ suitable cyber security tools which can strengthen
the level of security of its IT ecosystem. In addition to the recommendations, a
number of vital security concepts have been captured in the training manual so that
the Information Technology professionals can be empowered to prevent or mitigate
online threats that could cripple their IT infrastructure.
The report basically acts as a training manual for the employees of North Star
Software Developers. It captures some of the vital cyber security elements that the
Information Technology professionals of the organization need to be aware of the
4
latest network security tools that can safeguard the Information security system of the
organization. The fundamental purpose of the training manual is to help the IT
professionals of the organization so that they can be well prepared to defend their IT
infrastructure against such attacks and threats in the near future. The purpose of the
training manual is to help NSSD IT professionals to employ necessary and updated
network security tools and techniques so that similar cyber attacks will not take
place.
