The world is quickly evolving and transforming into digitization which has become a very important part of our lives. The average Australian spends over 5 hours online every day and has eight connectible internet devices (Forlani, 2019). Technology, machine learning and artificial intelligence are having a huge impact on all parts of personal and professional lives. As much as the benefits of accessing information and technology are enjoyed by the people, they have not been able to shield themselves against the threats of hacking and cyber-attacks leading to misuse of sensitive data (information leak), software thefts and other fraudulent activities. Australia is prone to thousands of cyber-attacks and digital security breaches. This challenge is faced by both small and large corporations.
In 2020, major companies in the country like Intel, Garmin, Avon Instacart; renowned educational institutes and Australian Universities and many more reported of bearing security breaches and cyber-attacks of critical nature (Webber Insurance Services, 2018). The significant issues identified are lack of awareness in Australian citizens and the inability of individuals and corporations or other institutions to take help of Governing Bodies (Cave, Uren and Kang, 2020). The Australian Cyber Security Centre (hereafter, ACSC) which was founded in 2014, in the wake of the prevailing cyber-attacks has been focusing on improving the state of cyber-security in Australia (ACSC, 2020). The following report seeks to discuss the role of an exclusive Information Security Department employed by VirtualSpace.com in an attempt to safeguard sensitive data from potential breaches. The report will talk about key strategic objectives and key initiatives proposed by the department towards the end.
VirtualSpace.com is an upcoming augmented-reality organization. The company sells and organises virtual tours to the celestial bodies such as Moon, Mars etc over the Internet. The company’s ambitious ten-year plan proposes pioneering virtual space with a strong customer base. However, recently even VirtualSpaceTours.com has been subjected to multiple cyber-security threats from both isolated and rival company hackers. The company’s current technological innovation has brought immense business growth and has been widely reckoned. However, it has also been the target of various rival brands and professional hackers, which is why the company has created an Information Security Office, to handle the critical issue that has the potential to hamper business growth. The following report entails various aspects covered by the Chief Information Security Officer that can be discussed and implemented by the top management.
“The Information Security Office will work with the organization to secure system and network resources, and protect the confidentiality of the company, employees and customers.”
the Information Security Office will execute the mission in the following manner:
In addition to the existing organization structure, the department for Information Security will be blended as follows:
Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO) will be responsible for establishing and coordinating the organization information security strategy. The CISO will be responsible for the development, maintenance, and yearly review of the Information Security Plan and will coordinate with the following entities of the organization to do its job:
Information Security Executive Manager
The Information Security Executive Manager (hereafter ISM) reports to the CISO. The ISM will be responsible for assuring that the information security process across the organization is well-coordinated and overall risk is mitigated. The ISM will additionally be responsible for security planning, analysis, policies, standards and incident handling, as well as establishing and maintaining a framework to assure that information security strategies are aligned with organization objectives and consistent with applicable laws and regulations.
ISM’s responsibilities shall include but not limited to:
Information Security Technical Council
The Information Security Technical Council (hereafter, ISTC) will be responsible for assessing, responding, and resolving information security issues that might arise in any areas of the organization. THE ISTC will coordinate with technical personnel of organization's IT Staff and Tech Support Department to ensure the above.
The role and responsibility of ISTC will include but not limited to:
The proposed member panel may comprise of
The strategic objectives entail to control, transfer, absorb or by-pass information risk related to various stakeholders within the organization.
The Strategic Objectives will incorporate
Following Key Initiatives are proposed towards the management of Information Security Systems at VirtualSpaceTours.com:
The prevalent threats of security breaches and cyber-attacks have made it an absolute necessity for any organization to opt for stronger data security measures. VirtualSpaceTours.com, the well-known augmented reality company in Australia has been no different in bearing the cyber breaches. The company’s decision to incorporate a formal Information Security Department has been made in the wake of the above circumstances. The Information Security System seeks to integrate organization resources with comprehensive tools and processes that will help the company secure its software and technology that contribute towards them gaining a competitive advantage over its rival companies. This is profoundly reflected in the Mission Statement of the department that is well-integrated with company goals. The report also discusses in detail the roles and responsibilities that each department under the Information Security Office will follow.
The strategic objectives aim at stabilizing the security systems of VirtualSpaceTours.com and emphasis strongly on the role of internal stakeholders in enhancing the value of cyber-security. The report also highlights the need for regular training and development for various departments to foster cybersecurity throughout the organization. The department of Information and Security also suggests key initiatives which talk on various aspects, with most important being changing the outlook towards cyber-security and proposed to make changes in the manner that makes the issue of cyber-security sound understandable and user-friendly. The role of Government bodies has also been focused upon. Collaborating with regulating government bodies such as ACSC can help the organization stay up-to-date with new possibilities that can further help improve the process and keep the security strong for VirtualSpaceTours.com and help the company achieve their strategic business goals of being the leader of the Augmented-reality segment and have a strong and loyal customer base of 10-million people in the next 10 years.
ACSC (2020). Home Page | Cyber.gov.au. [online] Cyber.gov.au. Available at: https://www.cyber.gov.au/.
Cave, D., Uren, T. and Kang, J. (2020). What, who and why: explaining the cyberattacks against Australia. [online] The Strategist. Available at: https://www.aspistrategist.org.au/what-who-and-why-explaining-the-cyberattacks-against-australia/.
Department of Industry, Innovation and Science. (2018). What is the Government doing in cybersecurity? [online] Available at: https://www.industry.gov.au/data-and-publications/australias-tech-future/cyber-security/what-is-the-government-doing-in-cyber-security.
Evans, B. (2015). The Importance of Building an Information Security Strategic Plan. [online] Security Intelligence. Available at: https://securityintelligence.com/the-importance-of-building-an-information-security-strategic-plan/.
Forlani, C. (2019). Digital in 2019: Australia social media usage is growing. [online] We Are Social Australia. Available at: https://wearesocial.com/au/blog/2019/02/digital-in-2019-australia-social-media-usage-is-growing.
MC.Kinsey & Company (2019). Perspectives on transforming cybersecurity Digital McKinsey and Global Risk Practice. [online] MC.Kinsey & Company. Available at: https://www.mckinsey.com/~/media/McKinsey/McKinsey%20Solutions/Cyber%20Solutions/Perspectives%20on%20transforming%20cybersecurity/Transforming%20cybersecurity_March2019.ashx.
Meyer, B. (2019). Australia‘s cybersecurity landscape : the reasons to worry. [online] CyberNews. Available at: https://cybernews.com/security/australias-cybersecurity-landscape/ [Accessed 2020].
Tropeano, G. (2018). What is an Air Gap and Why Does It Matter? [online] Actifio. Available at: https://www.actifio.com/company/blog/post/what-is-an-air-gap-and-why-does-it-matter/ [Accessed 2020].
Webber Insurance Services (2018). List of Data Breaches and Cyber Attacks in Australia in 2018, 2019. [online] Webber Insurance Services. Available at: https://www.webberinsurance.com.au/data-breaches-list.
Woolley, S. (2020). Australia targeted in “sophisticated” state-based cyber attack. [online] 7NEWS.com.au. Available at: https://7news.com.au/politics/australian-government-targeted-in-cyber-breach--c-1111238 [Accessed 2020].
Remember, at the center of any academic work, lies clarity and evidence. Should you need further assistance, do look up to our Management Assignment Help
Proofreading and Editing$9.00Per Page
Consultation with Expert$35.00Per Hour
Live Session 1-on-1$40.00Per 30 min.
Doing your Assignment with our resources is simple, take Expert assistance to ensure HD Grades. Here you Go....