More and more hiring actions start with a written essay from job candidates foll

Question

More and more hiring actions start with a written essay from job candidates followed by a telephone "screening" interview. For this week's discussion topic, you will take on the role of "job candidate" for an entry level position in a CISO organization. You are at the first stage in the hiring process -- writing the essay. Your assigned topic is:

Why should a large company (>1000 employees) invest in new or upgraded IT security products and services?

Your audience is a group of managers (both technical and non-technical) who depend upon IT security to protect their business operations (including intellectual property, company strategic and financial information, and customer data).

Write a 3 to 5 paragraph essay that addresses the points listed below and which responds fully to the required topic. Your essay should not exceed 500 words so be concise, accurate, and clear in your essay.

Your essay should include:

1. Definitions and discussions of threats which could impact confidentiality, integrity, and availability of information, information systems, and networks.

2. Three examples of IT security products or services (by class, e.g. firewall, intrusion detection, encryption, etc.) and what is protected (info, systems, networks) by each.

3. An explanation of why last year's IT security technologies may not be sufficient to protect against today's threats.

4. A brief strategy for buying the "best of the best" when it comes to IT security technologies (think back to CSIA 310's case studies).

Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your article.

Explanation / Answer

Why companies investing on new security updates?

Threat in computer security is a danger that will breach the security which covers the Buisness data, that are confidential one for the organization. Since safe guarding the information system from security breach is the key element for the success of a software system, companies are investing huge sum in security policies. Since hackers are getting pro, its much needed for the security systems too, to be updated and ready to face the attack.

Day by day human life more attached to digital world, so the need of security is vital for the users to beleive the products which is going to use thier confidential information. Even though large companies are investing lot in security, the breach is still unavoidable, its because of increase number of cyber attackers and users who are unaware of the importance of the confidentiality of the data.

Examples of IT security products- There are lot of IT security products available in the market, and each has special focus on the field where it was needs

Network Securtiy : It has a set of defined protocols and policies which will eliminate the unauthorized access, monitors, denying access and various features to safeguard from network breach.

End point security[1]: It is a technology which is leading solution to protect networks that are remotely bridged to the user's devices.

Extrusion Prevention[2]: It is an technique of preventing data leakage by controlling the network traffic. It protects the sensitive digital assets from unauthorized transfer by controlling movements of packets across the network.

why last year's IT security technologies may not be sufficient to protect against today's threats.

                                           Even on the huge spending on the security systems some of the world leading companies got attacked by cyber criminals. Since the companies are not considering them as target for the cyber attacks, whether the company is large and wide or small, cyber criminals have no differentiation, every industry are vulnerable for cyber attack. Taking the cyber attack seriously will be the possible solution to prevent the attack, than correcting the mistake after got breached.

                                         Neglecting to update network products and failing to understand the basic structure to their network will open the door for the attackers to breach without any hassle. IT industry should have a protocol to ensure the update of products and good knowledge about the sector where the confidential data are enclosed.

Strategy for buying the "best of the best" when it comes to IT security technologies[3]

                                                                      Finding the right it security solution was tedious task, as the increase in number of threats and solutions for those threats are massive in numer. Company can't risk on trying various securtiy for a solutions. Selecting the best solution are based on the following parameters

            1. size of the client system

            2. Positive review about the security system used by different organizatio of same industry.

            3. Detailed analysis on the product and security solution.

To compete and success in the market one should have to adopt to better securtiy technique.

[1] https://digitalguardian.com/blog/what-endpoint-security-data-protection-101

[2] http://searchsecurity.techtarget.com/definition/extrusion-prevention

[3] http://www.structuresecurity.com/five-things-we-learned-planning-structure-security-2016/

Related Questions

Navigate

• Browse (All)
• Browse M
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.