ISE 510: Security Risk Analysis & Plan
Limetree Inc. is a research and development firm that engages in multiple research projects with the federal government and private corporations in the areas of healthcare, biotechnology, and other cutting-edge industries. It has been experiencing major growth in recent years, but there is also a concern that information security lapses are becoming rampant as the company grows. Limetree Inc. is working to establish a strong reputation in the industry, and it views a robust information security program as part of the means to achieving its goal. The company looks to monitor and remain compliant with any regulation impacting its operations.
This paper will be broken up into five sections and a conclusion. The first part will discuss the security breach and review the situation. The next section will purpose an incident response plan to mitigate future incidents. The third section will review the impact of the breach on Limetree. The next section will purpose a security test plan that will allow for mitigation of risk. The last part will consist of suggested mitigation controls that should be in place to mitigate risks. Suggestions and advice will conclude the paper.
IT 549: Foundation in Information Assurance
The goal of every business dealing with confidential information is to ensure that unauthorized people do not gain access to confidential information. These goals are not different when dealing with the Printing Industry. Printing companies deal with a lot of different types of confidential information. Some are simply company secretes that they do not want their competitors to know others are customer’s personal information that should not be known to the public. The biggest section of the Printing Industry that deals with confidential information is companies that are involved with database publishing.
IT 552: Human Factors in Security
Cyber-attacks are a common occurrence in today’s technology-driven age. To stay ahead of these attacks, security must be a shared responsibility. Everyone must do their part in the plan since security is no longer set it and forget it. Not only must a plan be in place, but it must also be constantly updated and reviewed.
To create a security awareness program that will train every employee to be more security-minded in the workplace. To mitigate security threats as much as possible through a shared security plan. To create a plan that will patch the security holes that are present in the company.
IT 640: Network Security
Network Security is one of the most important topics in networking. Every day people send packets of information over networks in both insecure and insecure ways. As the integration of the internet in our everyday lives increases; so does the rise in cybercrimes. Hackers are finding more and more ways to steal personal information as it is being transmitted over a network. This information may include private emails, banking information, credit card numbers, social security numbers, and private documents. If the network is not properly secured, then the hacker can access the information freely. However, if the user uses one or more methods of security the likelihood of the information getting stolen is greatly decreased. Some of these methods include End-Point Authentication, Secure TCP protocols (like SSL), and Encryption of data packets. Even though there is no 100% guaranteed way to secure a network to prevent attacks, some security is better than nothing. However, in most cases, modern use of network security is enough to stop a majority of cyber-attacks.