ICT205 Cyber Security

Introduction:

The present digital era presents high connectivity and opportunity to bring exposure to various activities of cybercriminals. The businesses of Australia need assistance and advices for making the nation most secured place to get connected over the Internet. The ACSC or Australian Cyber Security Centre under ASD has resulted in the government’s effort on Australian cyber security. Together that brings abilities of cyber security from around Australian Government for developing cyber resilience of the nation’s community and then make the country the most protected one. The Internet has turned to be critical part of their business. Digital information and electronic systems are important for businesses. It helps in minimizing downtime. This also diminishes harm of reducing access of hackers and repair systems fast (Martellini et al. 2017). Besides, it also protects reputation of the company and integrity of personnel and customers. The chosen security company is hired from the end of government for undertaking security review. This is in relation to SMEs or Small and Medium Sized Enterprises. The consultancy report is to be made on cyber security risks. The report analyses common cyber security vulnerabilities, threats and risks as faced by SMEs. Further, solutions are proposed for the present scenario. The study examines common vulnerabilities, threats, risks on security to SME and apply suitable protection mechanisms of information security through evaluating IT security policies, plans and requirements.

Risk Identification:

Here, the way the company should be attaining cyber security is explained. Firstly, they should be encrypting their data. The data encryption is the method of transforming sensitive information within complex code. Thus, the attackers seals data, they cannot be using that. This is good practice to encrypt every data leaving or entering the organization. Next, they should provide back up to their data. Here, one of the proactive steps that might consider is backing up data and then store that at any other place (Tuna et al. 2017).  Thus as their systems are taken offline or the data is stolen by hackers and hold that for ransom, they should have access to all the things required for keeping the company operational. After that, the workforce is to be workforce. The negligence or errors of team members are important reasons in maximum data breaches. This is particularly when phishing attacks are considered (Deshpande, Nair and Shah 2017). Considering time for educating workforce on best practices the companies should know how they must determine probable breaches, what they must do as they make errors and the whom they must contract in the case of urgency is an important measure for securing business environment. Further, they should be securing their hardware systems. All the systems on network from IoT devices, to mobiles, printers to computers indicates other endpoint that could get exploited through the hands of cybercriminals. This is the reason why that is vital to secure systems having access to sensitive data having multi-factor authentication. Moreover, the companies should be creating and deploying incident management, table-top exercises and threat audit analysis. Besides, they look for vulnerabilities emphasizing on what is valuable and available to hackers. They should be running regular penetration tests and scanning on networks. Social engineering practices are to be reviewed and practiced. They should be aware of which branch of law enforcement must they contact as any issues is suspected (Allodi and Massacci 2017). Furthermore, they should be strengthening cyber security. They should ensure that the basics are covered with zero balance, anti-virus, VPN, intrusion protection or detection, dual authentication access control and password hygiene. Again, there are other tools and technologies present for supporting efforts under the area of cyber defence like connecting to security operation centre, threat intelligence and predictive analysis (Sadeghi et al. 2017). Also they must avoid expensive technical investigation along with image of their brand that might be likely brought by data breach in learning how they can secure ad detect potential risks quickly.

Cyber Security Strategy:

Regarding technical strategies, the company must have experts that can maintain and update information security systems, troubleshooting, implementing constant network monitoring and delivering solutions of real-time security. Further, they must have ideas of security around different platforms.  The experts require to stay comfortable working with various computer systems, operating systems, cloud networks, mobile devices and wireless networks. This is for keeping updated on various advances in the field for every one of them. Regarding policy. The cybersecurity policy that is well planned must determine systems of business uses for securing customer and critical data. The company must be working with their IT team for understanding ability of the business. As the threats are determined, likelihood must be really happening should be found out. Further, the company should be determining the way of preventing the risks (Alassafi et al. 2017). Instituting specific employee policies and strong network and physical security are some preventive measures. No necessity is there for planning for what is to be done while the risks really materializes. Here, the security policy must get circulated to everybody and process to secure data is to be reviewed on regular basis. Further, this must be updated as new ones visit the board. Regarding human concerns, staff training is important to raise awareness among personnel and then motivating them for paying focus towards countermeasures and cyber threats. This occurs though they are never part of particular job responsibilities (Baskerville, Rowe and Wolff 2018).  The installation of updates assuring that anti-malware security protection is common and controlling personal passwords. This must not be every time at the bottom of to-do list of employee. The security measures that are employee focussed like employee engagement along with training are leading ways used through business. This is through securing against further threats. Furthermore, there must be good governance. It is for clearly linking security tasks to the priorities and goals of the company (Webb and Dayal 2017). They must identify individuals at every levels regarding who are liable to make security decisions and support them in doing that. Moreover, they should assure accountability for decisions and feedback is given to decision makers on effect of their choices.

Conclusion:

The securing of business has considered entirely on overall new meaning having distinct scopes that cyber security thieves have. This occurs as technology and internet continues to evolve. Further, the cyber threats are real as the organizations are unaware of cyber hacking’s financial impact. The aforementioned transformation in IT is for securing business to consider time and work. However, the transformation is essential. The companies must be creating security system, enhance employee skillset, must place the cloud to work, backup of data, constantly investing on IT infrastructure. As they work for evolving and improving their IT security systems, they must do their best for protecting data of the organization.

References:

Alassafi, M.O., Hussain, R.K., Ghashgari, G., Walters, R.J. and Wills, G.B., 2017. Security in organisations: governance, risks and vulnerabilities in moving to the cloud. In Enterprise Security (pp. 241-258). Springer, Cham.

Allodi, L. and Massacci, F., 2017. Security Events and Vulnerability Data for Cybersecurity Risk Estimation. Risk Analysis, 37(8), pp.1606-1627.

Baskerville, R., Rowe, F. and Wolff, F.C., 2018. Integration of information systems and cybersecurity countermeasures: An exposure to risk perspective. ACM SIGMIS Database: the DATABASEfor Advances in Information Systems, 49(1), pp.33-52.

Deshpande, V.M., Nair, D.M.K. and Shah, D., 2017. Major Web Application Threats for Data Privacy & Security–Detection, Analysis and Mitigation Strategies. under review in International Journal of Scientific Research in Science and Technology PRINT ISSN, pp.2395-6011.

Martellini, M., Abaimov, S., Gaycken, S. and Wilson, C., 2017. Vulnerabilities and Security Issues. In Information Security of Highly Critical Wireless Networks (pp. 11-15). Springer, Cham.

Sadeghi, A., Jabbari, M., Alidoosti, A. and Rezaeian, M., 2017. Vulnerability and Security Risk Assessment of a Thermal Power Plant Using SVA Technique. Journal of Integrated Security Science, 1(1).

Tuna, G., Kogias, D.G., Gungor, V.C., Gezer,C., Ta?k?n, E. and Ayday, E., 2017. A survey on information security threats and solutions for machine to machine (M2M) communications. Journal of Parallel and Distributed Computing, 109, pp.142-154.

Webb, T. and Dayal, S., 2017. Building the wall: Addressing cybersecurity risks in medical devices in the USA and Australia. Computer Law & Security Review, 33(4), pp.559-563.

Have you reached your limit trying to find dependable assignment help in London, Glasgow, Nottingham, Bristol, and Cardiff? Now, unlock top-quality dissertation help in the UK only on Myassignmenthelp.co.uk.

For over a decade, we have been resolving assignment problems for millions of students wondering, “Who can provide me with quality homework help?” Our priority is to maintain top-notch standards in every assignment we deliver.

As a result, when you look for law assignment help on our website, you can hire professional lawyers for a consultation. So, don't let your academic worries fester. Instead, hire our professional paper writers and increase your chances of securing an A+.