• Home Page
  • Information Security Management Essay

Information Security Management Essay

Improved Essays
Show More
Introduction
During the last SLP report on information security management the concerns of the organization VPN were discussed. However, in this module we would like to use a big brush and with the use of wide strokes examine the impact of continuous monitoring pertaining to information security systems. While the VPN issues are important it actually points to a bigger concern for the organization. This article will focus on two areas of information security system which are “continuous monitoring” and “security awareness”. It is widely accepted that in order to fix a problem there first must be acknowledgement that a problem exist. This is certainly not the case with this organization in which we speak of. It could be seen as the blind leading the blind when it comes to various areas of information security. So, then the question is how can one address the challenges and still build a proper information security program considering the concepts of continuous monitoring and security awareness.
The Issue
Looking …show more content…
The solution of the problem of lacking security awareness is contained in employing a sound continuous monitoring program which is the second problem. Therefore, in one process both security system problems are solved. One of the many benefits found in the concept of continuous monitoring is that an organization must ensure that security measures meet the regulatory requirements. The reporting procedure also points to ensuring the information security system is covered on the enterprising level. This means that each entity of the organization has a role in the information security system program. The bottom line is that having a system that is unchecked is just as bad as having one that does not work properly. The key solution for the organization is to ensure that through the system of continuous monitoring that the organization spreads security

Related Documents

  • Improved Essays

    Nt1330 Unit 2
    • 369 Words
    • 2 Pages

    Nt1330 Unit 2

    Based on the findings obtained from the analysis of security information then compiled recommendations for improvement of the condition of the company. Some recommendations are: 1. Describe in detail the confidentiality agreement and specifically including maintaining the confidentiality of the password 2. Reexamination of the access rights of each and updating access rights in case of transfer of part or advancement in accordance with their respective access rights. 3.…

    • 369 Words
    • 2 Pages
    Improved Essays
    Read More
  • Improved Essays

    Nt1330 Unit 6 Part 1 Assignment
    • 730 Words
    • 3 Pages

    Nt1330 Unit 6 Part 1 Assignment

    The vulnerabilities identified in part 1 assignment was mitigated by recommending the right solutions. In part2, the network security analyst identified and proposed solutions for the right network devices to protect the accounting firm's network from intruders and external cyber threats. In this final assignment section, the network security analyst of the accounting firm will propose the application/end-user security recommendation to protect the company’s sensitive information. The analyst will also ensure that the proper procedure and policies are in place to take care of network security and employees should be trained and aware of those policies from possible threats including cyber-attacks.…

    • 730 Words
    • 3 Pages
    Improved Essays
    Read More
  • Improved Essays

    Ba501 Week 1 Assignment
    • 740 Words
    • 3 Pages

    Ba501 Week 1 Assignment

    II Abstract Security is a need that is increasing at a rapid rate especially with a large organization and constant changes seem to be the norm.…

    • 740 Words
    • 3 Pages
    Improved Essays
    Read More
  • Decent Essays

    Nt2580 Unit 7
    • 395 Words
    • 2 Pages

    Nt2580 Unit 7

    There is panel control where a unit/equip is available in front of their cameras and other apparels to diagnose and give disposable information about the concern. Most often, this kind of security is to ensure that sensitive areas can only be accessed by authorized persons only, they control the equipment, data, electronic information of the organization from breaching or any other violence. D.B Parker proposed three additional elements for Information Security: Firstly, we have authenticity which accounts on the veracity of the information stored by the control or the website manager. It ensure that the members registered in the organization are who they state to be. We have possession and control, this is the control of the documents and all information saved in a computer or on a chip with encrypted code or information.…

    • 395 Words
    • 2 Pages
    Decent Essays
    Read More
  • Improved Essays

    HGC Case Study
    • 1025 Words
    • 4 Pages

    HGC Case Study

    The security systems will be focused on management security, operational security and technical security controls. Management Security: These are management controls that will focus on the management of the IT security system and the management of risk for interconnected systems in HBWC environment, and includes techniques and concerns usually addressed by IT management. Operational Security: The operational controls address security methods focusing on mechanisms primarily implemented and executed by people (as opposed to systems). These controls are put in place to improve the security of a particular system (or group of systems). Often, they require technical or specialized expertise and rely upon management activities as well as technical controls.…

    • 1025 Words
    • 4 Pages
    Improved Essays
    Read More
  • Superior Essays

    Types Of Security Events And Baseline Anomalies That Might Indicate Suspicious Activity
    • 1084 Words
    • 5 Pages

    Types Of Security Events And Baseline Anomalies That Might Indicate Suspicious Activity

    Identify strategies to control and monitor each event to mitigate risk and minimize exposure Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. One type of a security event that might indicate supicious activity is an authentication failures found in audit logs. Audit logs contain a high volume of events so particular attention on which events that should be specifically tracked and managed require consideration. An audit log can identify patterns of activity that can signal a security a potential breach. Whether the attack was successfull or not the audit information should be stored in a central respository for future forensic refernce if ever needed.…

    • 1084 Words
    • 5 Pages
    Superior Essays
    Read More
  • Improved Essays

    Robert Hanssen Failure
    • 1219 Words
    • 5 Pages

    Robert Hanssen Failure

    Creating and designing policies and procedures geared towards being able to document and look back on security violations that have been reported is going to be a crucial step in this process (Office of the Inspector General Oversight and Review Division, 2007). Until filing this report, there was not a concrete way of doing it. Some tools that are in use today started from this report. An example of such tools is a financial disclosure program where annually FBI employees must disclose their finance records for review. This will give the FBI the opportunity to look for any discrepancies or sudden influxes of…

    • 1219 Words
    • 5 Pages
    Improved Essays
    Read More
  • Improved Essays

    Summary: IT Security Threats
    • 1332 Words
    • 6 Pages

    Summary: IT Security Threats

    IT security threats and cryptography 7/A. P1: Explain the different security threats that can affect the IT systems of originations. 7/A.M1: Assess the impact that IT security threats can have on organization's IT systems and business whilst taking account of the principles of information security and legal requirements In today's society data is a very valuable thing companies have to take in to account how to protect that data from the threats, Threats is a way in which the data is vulnerable and therefore rules and regulations have been put in place to stop these potential threats for example all will have adhere to the principles of information security this is a way in which data is protected, I have been working for a start-up company…

    • 1332 Words
    • 6 Pages
    Improved Essays
    Read More
  • Improved Essays

    Teabella Company, LLC: Executive Summary
    • 650 Words
    • 3 Pages

    Teabella Company, LLC: Executive Summary

    With the current knowledge and insight on the major threats and vulnerabilities the company faced with daily being dependent on the operating…

    • 650 Words
    • 3 Pages
    Improved Essays
    Read More
  • Decent Essays

    Nist Security Control Case Summary
    • 252 Words
    • 2 Pages

    Nist Security Control Case Summary

    First, it is important to understand that through the application of some of the NIST security control mechanisms, the threat in the case can be substantially minimized. Some of the main approaches and methods that may be used towards minimizing the threat described include enhanced security awareness and training of the users of the system, access control into the system under consideration, frequent system maintenance and upgrades, occasional audits into the system, protection of the system from non-secured program codes, application of intrusion detection systems to detect any form of intrusions into the system and the protection of the system from spywares and spam. 14.5 The first and perhaps the most important value of the threat is that…

    • 252 Words
    • 2 Pages
    Decent Essays
    Read More
  • Great Essays

    Costco Internal Audit Report
    • 1445 Words
    • 6 Pages

    Costco Internal Audit Report

    Also management must ensure appropriate access to accounting system to prevent unauthorized changes to system and…

    • 1445 Words
    • 6 Pages
    Great Essays
    Read More
  • Decent Essays

    Nt1310 Unit 3 Information Security Policy
    • 342 Words
    • 2 Pages

    Nt1310 Unit 3 Information Security Policy

    The basic protection of data depends on update the anti-malware protection, firewall, and encryption. Creating some security awareness programs. All the people should maintain the data confidentiality and data integrity. In each organization…

    • 342 Words
    • 2 Pages
    Decent Essays
    Read More
  • Great Essays

    Safeguarding Case Study Essay
    • 1736 Words
    • 7 Pages

    Safeguarding Case Study Essay

    With the severity of the maltreatment, there is little doubt the case study would meet the ‘significant harm’ criteria, and warrant Child Protection intervention. Resting on a judgment decision, however, there is always scope for Dave’s case to not be considered ‘extreme’ enough to qualify for the high statutory threshold, imposed by budget cuts (Stevenson, 2015). Part of the reason cases ‘slip through the net’ is practitioners, consistently working amongst issues of neglect, routinely become ‘blinded’ and underestimate its impact (Ofsted, 2014). Despite receiving training in the subject of neglect, practitioners can lack confidence ascertaining the point where ‘it becomes unacceptable and…will have long-term consequences’ for children’s wellbeing…

    • 1736 Words
    • 7 Pages
    Great Essays
    Read More
  • Decent Essays

    M1 Unit 3 Risk Analysis
    • 1198 Words
    • 5 Pages

    M1 Unit 3 Risk Analysis

    The requirements will give the businesses what they want to uphold their security. The controls in the security process are measures that are taken in advance to defend a computer system from any encounter with threats or risks. R8: The relationship between assets and boundaries in a business is that the assets are secured by the boundaries. When these boundaries have open spots to expose they are called vulnerabilities.…

    • 1198 Words
    • 5 Pages
    Decent Essays
    Read More
  • Great Essays

    The Importance Of Cyber Security
    • 2302 Words
    • 10 Pages

    The Importance Of Cyber Security

    At the user level cyber-attacks begin according to Eddolls (2016) Therefore, it stands to reason why cyber security awareness is the front line defense in any security infrastructure. What the literature review here does is demonstrates that while security infrastructures exist, it is that there are serious problems that only heightened awareness mitigates. Qualitative case studies on the topic of cyber security highlight the need for further research in the area of cyber security awareness as attacks occur more frequently in our world. Case studies reviewed demonstrate how widespread the problem is, and the impact cyber attacks bring to businesses across the globe.…

    • 2302 Words
    • 10 Pages
    Great Essays
    Read More

Related Topics

Ready To Get Started?
Discover
Company
Follow
©2024 Cram.com
Privacy Policy |  About Ads |  Site Map |  Advertise  | 
  • Cookie Settings