Tuesday, May 5, 2020

IT Risk Management IT World

Question: Discuss about the Report for IT Risk Management of IT World. Answer: Consideration of Information Security to Make Impactful Decisions With the increasing malicious attacks and hacking incidents in IT world, the time has come to think in a different ways to make effective information security system. Implementation of best information security model does not need monopolized time, resources or money but need to deploy best security practices by running the normal operation of the organization (Peltier, 2013). The major reasons behind the increasing security attacks all over the world are lack of knowledge, information and resources to build proper security system such as firewall, encryption technique and others. The most unfortunate thing is that, hackers with only 1,500million budget can steal all the crucial data and information of organizations who have invested billions in their security system. In addition, negligence of information security manager regarding the security model is another greatest loophole which leads to vulnerable cyber attacks (Taylor et al., 2014). Therefore, information security manager sh ould try to follow the security policies and virtues properly. These security policies should be made in accordance with the server, firewall, encryption, router and proxies configuration and should be distributed throughout the organization in proper format. Internet is too secure already The technological development have gifted internet to the modern world. This technological advancement allows the industry and other individuals to cope with the new evolving trends. There are a range of communication security techniques available, in most of which have their in- built security systems though the attacks are increasing. These threats are increasing as the internet communications are insecure. These threats are affecting the life as these aspects are using wrong threat models. The worries are concentrated within the known threats where the focus should go on the threats evolving from new technologies. These problems can be resolved by utilizing the proper customer and threat models (Jing et al., 2014). The efforts are being misguided by the wrong thoughts. The attackers are considering the modification, control and duplication of the total network or any specific network element. In addition to this, in the category of real attacks there problems related to remote pen etration and malware detection problems. These problems must be detected to be solved (Taylor et al., 2014). The cryptographers and cyber experts are innovating new technologies for finding these issues to make the end users protected. The huge range of internet application is facing trouble and getting unprotected. Risk management terms Risk management is considered as the crucial stage of operation for analyzing the problems with any organization. Management process of risks is generally transformed into the coordinated effort within the organization. The progress is identified by the methodology, terminologies and measures taken about the problems. Most of the organizations can conduct communication meetings for understanding the perspective of their employees and raised problems within the organization (McNeil et al., 2015). These meeting should involve the all discussion about the ongoing transformations within the organization with the new upcoming innovations. The innovative process implementations create so many problems regarding the views of each individual. This aspect mainly introduces so many conflicting situations within the organization, which should be evaluated through the risk assessment techniques. There are several risk assessment process: threat analysis, vulnerability analysis, incident prioriti zation, exception processing, malware detection etc. These above mentioned process helps the organization to find out the problems with their proper solution. According to (Jing et al., 2014) risk assessment process involves the risk assessment techniques to be analyzed. These techniques are: preparation of questionnaire, interviews, active testing process, third party assessment, acceptance of the facts and verification. All of these stages help the organizational heads to analyze the situation properly and they can easily find the solutions. References Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., Qiu, D. (2014). Security of the internet of things: Perspectives and challenges.Wireless Networks,20(8), 2481-2501. McNeil, A. J., Frey, R., Embrechts, P. (2015).Quantitative risk management: Concepts, techniques and tools. Princeton university press. Peltier, T. R. (2013).Information security fundamentals. CRC Press. Taylor, R. W., Fritsch, E. J., Liederbach, J. (2014).Digital crime and digital terrorism. Prentice Hall Press.

No comments:

Post a Comment