Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Pretend you are the Chief Information Security Officer (CISO) of a large company

ID: 3812127 • Letter: P

Question

Pretend you are the Chief Information Security Officer (CISO) of a large company in the financial services sector (a bank or investment firm). Using the material learned in this course, from the textbook or articles, write a minimum 2 page paper answering the following questions:

1) List and describe 3 cybersecurity challenges your company might face over the next 5-10 years. How might your company combat these challenges? Support your answers with references from the text or course articles.

2) Have cybersecurity challenges changed over the past ten years? In what ways have they changed? Support your answers with references from the text or course articles.

Submit your paper as a MS Word document. No cover page or abstract is required. A reference list IS required, but does not count toward the minimum length.

Explanation / Answer

As a CISO, main responsibilities include ensuring proper protection for all physical and technical aspects of the organization. Technical aspects include securing communications, applications, and business systems to perform risk assessments of IT assets exposed to outsiders on the Internet. Physical aspects including non-electronic factors such as physical site access as well as drafting policies and procedures for secure daily operations. CISO’s are also responsible for security management activities which include training others for security awareness, purchasing security products, planning for and managing disaster recovery, developing secure business and communication practices, and ensuring all policies are followed. Also, a CISO must ensure that security breaches are not a result from any of the changes made in order to protect the organization.

3 Cyber security challenges:

Insider Threat

While many organizations focus their security efforts on their network border, it is the insider that probably poses the most risk to cyber-security. Right from executives to IT administrators to partners, many people have access to sensitive data that if publicly exposed. People have a tendency to trust people they know, leading them to share passwords or other information that they shouldn’t. Trust is an essential element to operating any type of organization. People need access to sensitive information and critical systems for many reasons and a level of trust has to be associated with that access. Understanding and managing that trust is the most critical—and difficult—challenge of dealing with insider threats.

Cyber-security is usually thought of as a technical field, with highly-skilled defenders seeking to outwit attackers in a contest of intellect and will. While there is some truth to this characterization, it misses what is perhaps the most important aspect of security: the human element.

Insiders can maliciously or unwittingly steal, erase, or expose sensitive data for a variety of reasons. At the same time, insiders must be given a certain level of access in order for a business to function or an organization to operate. It is critical to understand insider threats at multiple levels, from motivations to damaging examples to how the threat has evolved, in order to intelligently approach risk mitigation strategies. There are different categories of Insider threats such as Malicious Insiders, Exploited Insiders and Careless Insiders.

Confidential Data (Customer Data)

Customer data is said to be very confidential which has to be protected and not to be obtained without your permission. This may include

Vulnerabilities

Vulnerability is a weakness which allows an attacker to reduce a system's information assurance. A security risk may be classified as a vulnerability.

When trying to gain unauthorized access to a system, an intruder usually first conducts a routine scan (or investigation) of the target, collects any ‘exposed’ data, and then exploits security policy weaknesses or vulnerabilities. Vulnerabilities and exposures are therefore both important points to check when securing a system against unauthorized access.

Cybersecurity Challenges over past 10 years:

Below are the list of categories which falls under the Cybersecurity Challenges:

Related Questions

Presumably you have learned to diagnose the state of an economy and to explain h
Question #1202029
Presumably you have learned to diagnose the state of an economy and to explain h
Question #1204686
Presumably, since the United States is a large country in many of its internatio
Question #1113850
Presume the field water content is 0.20. a. Calculate the field dry density pres
Question #2312826
Pret Calculator Periodic Table stion 12 of 12 Sapling Learning In a recently stu
Question #225812
Pret a Manger (French for ‘ready to eat’) is a chain of coffee shops that sells
Question #386949
Pretaining to C language: 1. True or False. A FILE pointer is required to read a
Question #3838625
Pretax Income (loss) Tax Rate Date Account Titles and Explanation Debit Credit 2
Question #2416988
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Pretend you are the CFO of a company that has paid a steady dividend for the pas
Next
Pretend you are the Chief Information Security Officer (CISO) of a large company

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.