VU21990 Service Proposal Report Sample

• Subject Code : VU21990
• University : Victoria University My Assignment Services is not sponsored or endorsed by this college or university.
• Subject Name : Cyber Security

Recognise the Need for Cyber Security in An Organisation 

Introduction to Service Proposal Report

1. Definition: Information security is known to be a series of functions that has been created to manage the security of the private information of an individual from any kind of an illegal permission to view or even use it or even to make changes in it. Such kind of an illegal activity mostly takes place when the data is being stored or in its course of being moved from one location to another location (Safa et al., 2016) Moreover, the concept of information security has been created as well as executed to offer security to safeguard printed, electronic, private or other vital source of information from illegal activities.
2. Protecting identity and data- It is considered very much important for an individual to ensure the security of their identification related information in the course of sending a loan application or even in terms of creating an application for a passport. Thus, if the identification related data of an individual is stolen then the day to day functioning of that particular individual would be compromised and his or her image would be at stake both in terms of their personal as well as official life. Hence, it is essential to secure certain privacy related data both virtually as well as non-virtually (Thomas, 2018).
3. Protecting organizational data- The key reason to manage the security of the data is to make sure that all the information that is being stored by the organization has been stored in a secured manner. Moreover, as far as the customers are concerned it is vital for an organization to ensure the security of the data of these customers. This is the most basic thing the customers can expect from an organization because they have made their investment in that particular organization. It the data of an organization is not secured then it is more likely to fall in the trap of the hackers and other external sources of its commercial activities (Tayan, 2017). Hence, if an organization wants to enhance its image then it is vital on their part to maintain the security of the data of their customers as well as their employees.
4. Cyber Security Professionals- The cyber-security professionals plays a significant part in the modern world of business. They assist in the process of creating new techniques to fight against dangers in relation with cyber security and their key objective is to provide protection against any kind of a spam, phishing, virus, malware along with other cyber security related dangers (Jones et al., 2018).

Threats

A cyber-security threat is known to be a malevolent process that makes attempt to ruin the data of an organization or an individual or even contribute towards disrupting their digitalized phase of life. Moreover, it is a kind of attack, wherein the hackers achieve an illegal permission to access the data of an organization, resulting them in stealing the data of that particular organization or even manipulating with the same (Abomhara, 2015).

Organizational Threats

1. Phishing- It is known to be a type of cyber security threat wherein those individuals executing cybercrimes obtains permission to view certain data or information with multiple names (Alsharnouby et al., 2015).
2. Ransomware- It is a type of malware that encodes the documents of an organization or even an individual and the individual committing this crime demands a big amount from the victim to bring back the lost documents after the demanded amount has been given (Richardson et al., 2017).
3. Hacking- It is known to be a process of determining as well as misusing the poor aspects of a computer system or even of a particular network to obtain permission to view or even make amendment on it ( Head et al., 2017)

Relationships, risks, and strategies

• In this context, a network enables an organization to share their documents, information and particulars, wherein the users are provided with a legal permission to view the information saved in the computer system of that particular organization or even on specific network of that particular organization.
• The term risk is known to be a kind of vulnerability of getting harmed or loosing access to something as a result of any kind of attack or invasion on the data system of a particular organization. Moreover, the term risk mitigation is known to be a series of procedures or protocols that is executed by an organization to avoid any scope of security related attacks or even the breaching of the data of an organization (Radanliev et al., 2019). Furthermore, the process of risk mitigation concentrates towards reducing the extent of damages that can be caused by a security in case any such incidents takes place.

Physical Security

• Here are few threats that can experienced by the physical infrastructure of an organization:

1. Computer virus can be a major threat on the computer system of an organization, which is a part of the physical infrastructure of that particular organization. It is a kind of program that is developed for the purpose of changing the way in which a computer system is working without obtaining an approval from its users.
2. Spyware threat is a critical type of risk that can be experienced by an organization. It is kind of a program that is developed for the purpose of keeping a track on the various online functions of an organization with gaining an approval for the purpose of making profit or access private information (Al et al., 2018).

• Both computer virus as well as spyware can be mitigated by making use of a good quality anti-virus software or even by implementing a live anti-spyware security software on the computer system of an organization.

Identity & Access Management

• IAM ( Identity & Access Management) system are created with the motive of executing three essential functions, that identifying, validating and also the task of giving an approval. This clearly implies that only an appropriate person will have the permission to access the data, software, hardware and other IT components of an organization to execute their functions.
• IAM will enable an individual to create a group of users and ensure its management by giving them permission in terms of accepting as well as rejecting the request to view something. For example, two-factor method of authenticating an access can be implemented to ensure the same (Indu et al., 2018).
• It is significant for an organization to have an IAM system in place so that it is able to fulfill certain strict as well as complicated protocols according to which the information system of that particular organization is regulated.

References for Service Proposal Report

Safa, N. S., & Von Solms, R. (2016). An information security knowledge sharing model in organizations. Computers in Human Behavior, 57, 442-451. Retrieved from ttps://www.sciencedirect.com/science/article/abs/pii/S0747563215303083

Thomas, J. (2018). Individual cyber security: Empowering employees to resist spear phishing to prevent identity theft and ransomware attacks. Thomas, JE (2018). Individual cyber security: Empowering employees to resist spear phishing to prevent identity theft and ransomware attacks. International Journal of Business Management, 12(3), 1-23. Retrieved from https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3171727

Tayan, O. (2017). Concepts and tools for protecting sensitive data in the it industry: a review of trends, challenges and mechanisms for data-protection. International Journal of Advanced Computer Science and Applications, 8(2), 46-52. Retrieved from https://www.researchgate.net/profile/Omar_Tayan/publication/314141283_Concepts_and_Tools_for_Protecting_Sensitive_Data_in_the_IT_Industry_A_Review_of_Trends_Challenges_and_Mechanisms_for_Data-Protection/links/58b6e7ebaca27261e51a286a/Concepts-and-Tools-for-Protecting-Sensitive-Data-in-the-IT-Industry-A-Review-of-Trends-Challenges-and-Mechanisms-for-Data-Protection.pdf

Jones, K. S., Namin, A. S., & Armstrong, M. E. (2018). The core cyber-defense knowledge, skills, and abilities that cybersecurity students should learn in school: Results from interviews with cybersecurity professionals. ACM Transactions on Computing Education (TOCE), 18(3), 1-12. Retrieved from https://dl.acm.org/doi/abs/10.1145/3152893

Abomhara, M. (2015). Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. Journal of Cyber Security and Mobility, 4(1), 65-88. Retrieved from https://www.riverpublishers.com/journal_read_html_article.php?j=JCSM/4/1/4

Alsharnouby, M., Alaca, F., & Chiasson, S. (2015). Why phishing still works: User strategies for combating phishing attacks. International Journal of Human-Computer Studies, 82, 69-82. Retrieved from https://www.sciencedirect.com/science/article/abs/pii/S1071581915000993

Richardson, R., & North, M. M. (2017). Ransomware: Evolution, mitigation and prevention. International Management Review, 13(1), 10. Retrieved from https://digitalcommons.kennesaw.edu/facpubs/4276/

Head, M. L., Holman, L., Lanfear, R., Kahn, A. T., & Jennions, M. D. (2015). The extent and consequences of p-hacking in science. PLoS Biol, 13(3), e1002106. Retrieved from https://journals.plos.org/plosbiology/article?id=10.1371/journal.pbio.1002106

Radanliev, P., De Roure, D. C., Nurse, J. R., Burnap, P., Anthi, E., Ani, U., ... & Montalvo, R. M. (2019). Definition of cyber strategy transformation roadmap for standardisation of IoT risk impact assessment with a goal-oriented approach and the internet of things micro Mart. University of Oxford. Retrieved from https://www.researchgate.net/profile/Petar_Radanliev2/publication/331684145_Definition_of_Cyber_Strategy_Transformation_Roadmap_for_Standardisation_of_IoT_Risk_Impact_Assessment_with_a_Goal-Oriented_Approach_and_the_Internet_of_Things_Micro_Mart/links/5c87cfab299bf1e02e29c385/Definition-of-Cyber-Strategy-Transformation-Roadmap-for-Standardisation-of-IoT-Risk-Impact-Assessment-with-a-Goal-Oriented-Approach-and-the-Internet-of-Things-Micro-Mart.pdf

Al-Mhiqani, M. N., Ahmad, R., Yassin, W., Hassan, A., Abidin, Z. Z., Ali, N. S., & Abdulkareem, K. H. (2018). Cyber-security incidents: a review cases in cyber-physical systems. International Journal of Advanced Computer Science and Applications, 9(1), 499-508. Retrieved from http://13.233.42.234/Downloads/Volume9No1/Paper_69-Cyber_Security_Incidents.pdf

Indu, I., Anand, P. R., & Bhaskar, V. (2018). Identity and access management in cloud environment: Mechanisms and challenges. Engineering science and technology, an international journal, 21(4), 574-588. Retrieved from https://www.sciencedirect.com/science/article/pii/S2215098617316750

Remember, at the center of any academic work, lies clarity and evidence. Should you need further assistance, do look up to our Cyber Security Assignment Help