Case Study 1: The Critical Need for Information Security

Case Study 1

The Critical Need for Information Security

SEC 402 Cyber Security

The Essential Body of Knowledge

Case Study 1: The Critical Need for Information Security

As cyber-crimes are becoming more and more prevalent data breaches are forcing individuals and organizations to redefine and revamp their personal and information security structure. Private and public data breaches have sent several large organizations and federal institutions into overdrive after damaging cyber-attacks. Near devasting loss of critical data slows the progress of many organizations and the operations of public agencies are also impacted. As much as technology is a great benefit to society, the challenges associated with technology are mountainous to organizations and government. Cyber criminals are proving to be extremely smart and a step ahead of the corporations or governments whose operations are now in jeopardy. The implementation of security strategies has seen incidences of cyber-attack reduced dramatically.

In this case study we should identify three benefits or key knowledge points derived from using cyber-attack simulator systems, and research. Analyze and determine which sector, public, or private, has greater insight on potential of cyberattacks providing three examples. Develop four best practices that should be implemented when developing a cybersecurity strategy. Finally, suggest how public-private partnerships can strengthen cybersecurity efforts.

Describe the role of planning when developing a cybersecurity strategy and what key deliverables would ensure an effective implementation and transition. 

• Identify at least three (3) benefits or key knowledge points that could be derived from using cyber-attack simulator systems and research. Suggest how this insight could assist in defining the needs for security within an organization.
• One of the benefits derived from the use of cyber-attack simulator systems is that it equips the managers with quick and effective decision-making tools. Another benefit of cyber-attack simulators would be that it equips individuals with relevant and important information on the cyber threats which require managers to make instant or impromptu decisions. Another benefit would be that it allows the managers to practice in environments that will require them to make high risks decision. The success of cybersecurity strategies is greatly increased when the public and private work together.
• Analyze and determine which sector, public or private, has greater insight on the potential of cyberattacks. Justify your answer by citing at least three (3) example
• The public sector has the greater insight on the chances on being cyber-attacked. When the private sector begins limiting resources on the issues related to research and development which is potentially useful in curbing threats of cyber-attacks on the rise. Well-funded research centers to conduct the research on cyber security related issues established by the government. Policies being formulated that govern and geared towards neutralizing the effects of threats associated with cyber-attacks.
• Suggest at least four (4) best practices that should be implemented when developing a cybersecurity strategy within a security enterprise
• The development and implementation of a cybersecurity strategy usually requires that the, four best practices be invoked. The first best practice being an organization should understand what the cybersecurity threat is relative to its enterprise. Second best practice should be to encourage employees to practice defensive observation to work to decrease opportunities of insider threats to the to an organization. Third best practice is to not follow attacks not aimed at organizations. Finally, recognize that security breaches will happen but being knowledge prepared the damage can be minimized.

The most pivotal role in the development of a strategy for cybersecurity is planning. Planning allows an organization to prepare for both outcomes. Detailed planning would allow organizations to solve identified problems. Early detection minimizes the threats and security lapses which have devasting effects.

a. Corporate environment – At this level there is a coordination between the government & the private sectors as a means to manage risks.

• Suggest how public-private partnerships can strengthen cybersecurity efforts and effectiveness in each of the following :

b. Regional level – At this level the focus is on strengthen the networks security

c. National level – Corporate ventures that provide a basic high-level framework of security from cyber-attacks.