IT Security Risk

Task

Specific issues that you need to address in the forum discussions are provided within the first 3 topics.

These questions are posed for you to reflect on in the form of written Discussion Board (forum) posts.

As this is a postgraduate course, it is expected that your written responses will provide you an opportunity to express your personal and professional views. There are no correct answers, however the way you justify your answers with validated evidence is key to this activity.

Post your forum entries as you are prompted within the topics. Your Subject Co-Ordinator will respond to your first forum post, and monitor and moderate as required the remaining 2 posts.

You must curate, collect and save your responses in a word document to be submitted on Turnitin. This activity’s final mark will be provided prior to the final assessment item.
Rationale

As this is a graduate course, more is expected from students in the way of participation, and further as a graduate reading course, the opinions of students are actively sought to demonstrate that the reading material has been read, understood and provoked a response. The readings on a given topic will in general not agree on all issues in the topic, such as the role and feasibility of cyber-insurance, and soliciting written responses from students gives an opportunity for expressing opinions from the professional experience of each student. This assignment is for students to meet parts of the following learning outcomes.

• be able to critically analyse the various approaches for mitigating security risk, including when to use insurance to transfer IT risk;
• be able to critically evaluate IT security risks in terms of vulnerabilities targeted by hackers and the benefits of using intrusion detection systems, firewalls and vulnerability scanners to reduce risk.

Marking criteria

The written responses for each topic will be reviewed and assessed by the Subject Coordinator.

Students will be evaluated on:

• Regular participation in forum activities
• Understanding of the topic
• Use of supporting evidence
• Written expression
• Constructive engagement in conversations to build learning community

Table of Contents

Introduction. 2

Critical analysis of approaches for mitigating IT security risk. 2

IT security risks in terms of targeting by hackers. 4

Benefits of using detection system for reducing security risks. 5

Conclusion. 6

Reference. 8

Introduction

In the present scenario of fast paced of the global economy, businesses depend a lot on the data and information system efficiency. A lot has been debated on the various measures that can be taken to ensure the security of the IT assets. Recent researches have revealed that with increasing need for IT security, the threats to the security has also increased. Security concerns have thus become a top concern for the companies for preventing any breach in the data management. Studies also show that companies often feel that they are much secured and that no security breach can take place. This makes the system even more vulnerable to the security risks and activities of the hackers. The hackers find such system to be more vulnerable to hacking. The reason for the security breach system has often been cited as that the system of the companies is not getting updated in the same degree as the progress in technology and this makes the security system open to more risks from the external hackers. Such rising threats, however, have encouraged more organizations to take up precautionary measures and to adopt newer approaches for addressing the security needs in the name of detection systems, firewalls, vulnerability scanner.

Critical analysis of approaches for mitigating IT security risk

As the old saying goes, ‘there is no gain without risk,’ however, if the IT professionals are now asked, they would rather prefer to not have any risk at all. This is because the existence of risks in the system makes the whole system more vulnerable to security threats. The IT team would have to engage into a deluge of the application to ensure that there are no threats to security. Although it is seen that the security information can tackle the overwhelming amount of data yet efforts are still required to mitigate the risks of security attacks as part of the security control system of the organization (Soomro, Shah, and Ahmed, 2016). It is required that such control system is tested regularly so that the network can be free from any external threats and can function as a defensive armor against hackers.

For ensuring a safer network system, certain strategies and approaches may be adopted by the IT system of the companies:

• The companies need to build and maintain a very secure network system by implementing web data security application for protecting data and information (Soomro, Shah, and Ahmed, 2016).
• It is essential to perform the planning for the securities based on two diverse security planning such as organizational planning and contingency planning. This would include external as well as internal security scans for ensuring overall protection (Soomro, Shah, and Ahmed, 2016). Alternate use of the vendors is suggested so that different kinds of methodology and security tools can be used and tested.
• It is required by the companies to ensure compliance with the PCI for ensuring regular penetration and testing of the network system on the basis of verified system and service (Safa, Von Solms, and Furnell, 2016).
• The companies need to adopt a very stable approach towards ensuring the security of the physical infrastructure. The organizational planning would include the physical network applications and wiring system and alarmed access armed along with regular monitoring of the power back up (Shostack, 2014). It is mainly concerned with strategic, tactical and operational planning.
• Device security also needs to be ensured as part of the network security system with the aid of contingency planning. The network devices need to be effectively encrypted, and provisions need to be made so that the data on the drive can be accessed only through entering the passwords for limiting access (Ahmed and Matulevičius, 2014). Thus, the planning is associated with incident response, disaster recovery, and business contingency planning.

IT security risks in terms of targeting by hackers

On the most emerging threats that businesses are facing in the current scenario is the emergence of technical hackers. Cyber attack is one such area against which the network system of even the most secure companies has not been successful in protecting their data and information. It has been observed that in the most usual practice, it is the SMEs that are most vulnerable to the activities of the hackers. SMEs are found to be the easiest victim of virus released by hackers that corrupt their whole system. It becomes impossible to remove such virus from the system and thus the company often has to compromise on various crucial data and thus have to incur huge losses and even bankruptcy in severe cases (Esteves, Ramalho and De Haro, 2017). Such cyber breach can be very threatening as they corrupt the whole system and even by clicking an e mail link great magnitude of cyber attack from the end of the hacker can be initiated (Biener, Eling and Wirfs, 2015). The major target points of the hackers are associated with the access point that opens the path to access the data. The hackers are capable of attacking the identification and authentication of the data access and thus fake the authorization concern to access important information. In most cases, companies are also unable to retrieve the data documents later on as the authorization changed. The SMEs are the most favored targets of the hackers as the SMEs are often woefully unprepared to tackle security breach and do not invest much in making the network system fully secure against any security breach (Damenu and Balakrishna, 2015). This makes the system vulnerable and open to various security risks. Most of the spear phishing attacks that are initiated by the hackers are through fake emails. It has often been seen that this makes the SMEs compromise on their customer data leading to security breaches. Another factor that has been surfaced is that the SMEs often have this assumption that due to the small size of their firm, they cannot be a plausible option for cyber crime by hackers thus they do not pay much attention towards risk management.

Benefits of using detection system for reducing security risks

In order to keep a check on the network system and to take necessary steps for risk management, companies can undertake certain measures so that security breach can be minimized. One such system is the Intrusion detection system (IDS). Though the IDS application, the IT system in the company easily inspect all the network traffic that is there in the network system of the company and it can thus alert the administrator in case there are unauthorized accesses by any external intruder (Kenkre, Pai, and Colaco, 2015). Two methods of DS are anomaly-based and signature-based monitoring. Depending on the application of the IDS, the administrator can either be simply alerted or a system could be automatically set up for blocking the traffic. This system is more effective in detecting threats and making alerts. However, signature based detection compares the traffic with the database that has an account of the signature of the attack methods known regarding the SecSDLC design (Kenkre, Pai, and Colaco, 2015). SecSDLC design is associated with the development of the managerial control, operational control, and the technical control management. The concerned parts of the system are BCP, IRP, DRP, and Contingency Plan.

Another security measure is the installation of the Firewalls in the network system. The Firewalls are software or hardware system between the strain of computer networks for making the system protective of committed attacks (Ibrahim, Hamlyn-Harris and Grundy, 2016). Firewalls isolate the network system through certain policies and authorization system. Broadband internet connections are usually very vulnerable to hackers, and the firewall policy can function as a security arsenal as it stops any unauthorized external host to enter the hardware device. A two-way firewall installation can monitor the entry and exit of traffic from the system and also alerts the computer of potentially harmful contents (Ibrahim, Hamlyn-Harris and Grundy, 2016). They are also very effective against blocking Trojan horses that can do great damage to the server. The firewall security also acts as a protection tool against the entry of hackers in the system.

One such measure that the network system of a company can implement is a regular vulnerability scanning. Through vulnerability scanning, the security consciousness of the system gets increased as the administrator becomes more aware of the traffic that their system receives and also helps them to be more proactive (Heiderich, Heyes and Aranguren-Aznarez, Hoyt Technologies, 2014). This can help them to implement well-built security protocols in time. External vulnerability scanning can reveal the potential threats like cross site scripting and unpatched servers. Internal vulnerability scanning occurs inside the network and can view the attackers after the external breach (Heiderich, Heyes and Aranguren-Aznarez, Hoyt Technologies, 2014).

Conclusion

From the analysis above it is very clear that in recent times, the network system of companies is more vulnerable to security risks and security breach from external hosts. Security risks have become even more dangerous threats due to technological advancements and increasing activities of the hackers. Cyber crime has increased, and thus it has become a bigger concern for the companies to take severe steps for ensuring network security and preventing a security breach. There are different approaches that companies can take in order to ensure network security. Integrated solutions such as better device security and better management of physical infrastructure in the network system are required to be undertaken by the companies. Better risk management against security breach needs to be given priority by the IT system, and various devices and applications such as vulnerability scanning, firewall application, and Intrusion detection system need to be installed.

Reference

Soomro, Z.A., Shah, M.H. and Ahmed, J., 2016. Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36(2), pp.215-225.

Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance model in organizations. computers & security, 56, pp.70-82.

Shostack, A., 2014. Threat modeling: Designing for security. John Wiley & Sons.

Ahmed, N. and Matulevičius, R., 2014. Securing business processes using security risk-oriented patterns. Computer Standards & Interfaces, 36(4), pp.723-733.

Esteves, J., Ramalho, E. and De Haro, G., 2017. To Improve Cybersecurity, Think Like a Hacker. MIT Sloan Management Review, 58(3), p.71.

Biener, C., Eling, M. and Wirfs, J.H., 2015. Insurability of cyber risk: An empirical analysis. The Geneva Papers on Risk and Insurance Issues and Practice, 40(1), pp.131-158.

Damenu, T.K. and Balakrishna, C., 2015, September. Cloud Security Risk Management: A Critical Review. In Next Generation Mobile Applications, Services and Technologies, 2015 9th International Conference on (pp. 370-375). IEEE.

Kenkre, P.S., Pai, A. and Colaco, L., 2015. Real time intrusion detection and prevention system. In Proceedings of the 3rd International Conference on Frontiers of Intelligent Computing: Theory and Applications (FICTA) 2014 (pp. 405-411). Springer, Cham.

Ibrahim, A.S., Hamlyn-Harris, J. and Grundy, J., 2016. Emerging security challenges of cloud virtual infrastructure. arXiv preprint arXiv:1612.09059.

Heiderich, M., Heyes, G. and Aranguren-Aznarez, A., Hoyt Technologies, Inc., 2014. Systems and methods for client-side vulnerability scanning and detection. U.S. Patent 8,752,183.