Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

In a managers’ meeting between the information technology administrator, the lea

ID: 3856214 • Letter: I

Question

In a managers’ meeting between the information technology administrator, the lead for the consultant group, and the dean of information technology, it is apparent that a review of the computer and network infrastructure has not been done for a year concerning the use of cryptography and distributed system authentication. The dean of IT has asked for a checklist provided to the university recommending the security hardware and software needed to secure organizational computer systems. The recommendation should include the correct cryptographic algorithms and devices that must be deployed to secure the organizational network.

The checklist should address the following:

-Hardware and software

-Skill sets needed for the implementation of security and authentication mechanisms

-Policies needed relative to encryption and decryption

Explanation / Answer

SKILLS SETS THAT ARE NEEDED FOR THE IMPLEMENTATION OF SECURITY AND AUTHENTICATION MECHANISM :

Mobile security

Whether it’s through bring-your-own-device (BYOD) or company-provisioned products, businesses are increasingly relying on mobile workforces. Mobile computing and communications have introduced new vulnerabilities and threats, and finding people with the know-how to address these will become increasingly important.

          “The higher you go up the mobility stack—network up to operating system and finally up to application security—the harder the security skills and technologies are to understand,” says Tyler Shields, senior analyst at Forrester Research Inc.

          “The lower layers of the stack are a bit more commoditized and have tools that can help automate some of the security controls and auditing,” Shields says. “Application security flaws are generally one-off type flaws that require significant reverse engineering and coding skills to successfully discover and exploit. In general the application security arena is one of the most difficult to find subject matter experts. Mobile security is also in short supply due to the young age of the technology.”

Data analytics

Big data and data science skills such as advanced analytics are in demand in a number of specialty areas, and security is not exception. People who can make sense of security-related data that’s being gathered from multiple sources will likely be in demand for some time.

          “We look beyond traditional IT and security skills. For example, it’s really important to have a good view on data analytics and privacy,” says Siobhan MacDermott, Utilidata’s CISO at Utilidata, a company that provides software specifically for the utilities industry.

Security analysts

The security skill set most in demand is the security analyst, who conducts the integration and testing, operation and maintenance of systems security, says Hord Tipton, executive director of the International Information Systems Security Certification Consortium Inc., (ISC)², a global, not-for-profit organization that provides education and certification for information security professionals.

          “In addition, a security analyst possesses significant, higher-order skills and has a deep understanding of all business systems, knowing what information an organization cannot afford to lose,” Tipton says. “They are proficient in cyber threat analysis and in identifying and assessing the capabilities and activities of cyber criminals or foreign intelligence entities.”

They may also analyze threat information from multiple sources and disciplines, Tipton says, synthesizing it and placing it into context while drawing insights about the possible implications.

Application security

As organizations move more traditional back-end applications to the Web, the demand has grown for individuals with application security skills, says Jay McLaughlin, CSO of Q2, a provider of software for the financial services industry.

“These individuals have strong security and development knowledge and can bridge the growing gaps in the [systems development lifecycle] process,” McLaughlin says. “From a CSO perspective, most are concerned about improved intelligence— specifically around potential threats and incident detection.”

Security architects and investigators

Security architects define how security strategies, solutions and practices need to evolve to keep up with both the changing threat landscape as well the changing business environment, with the adoption of bring-your-own-device/mobility, cloud, big data, and other emerging areas, says Sujata Ramamoorthy, director of Global Information Security at Cisco Systems.

“Understanding threats and risks in this complex environment that spans multiple products, providers and users and then determining solutions to appropriately manage the risks with investment protection is very challenging,” Ramamoorthy says.

Point-of-sale systems

Point-of-sale security is a hot area for employment, Shields says. “The need for these skills is being driven by the transition of cyber criminals from traditional PC attacks to mobile and point-of-sale system attacks,” he says.

          Many of the recent high-profile security compromises have been in the point-of-sale space, Shields notes. “Securing these hardware devices and the software that runs on them takes additional security skills that most general network security engineers do not yet possess,” he says.

Hacking experts/penetration testers

          The idea of hiring hackers might generate controversy in certain quarters, but people with such knowledge can be valuable to some organizations.

“We’re seeing two trends when it comes to new security skills emerging,” says John Reed, senior executive director of Robert Half Technology, a provider of professional staffing services. “The first is the demand for ethical hacking. Basically, this is just hiring hackers to do penetration testing on your network to uncover vulnerabilities and then advising organizations on how to correct the issue.”

Related Questions

In a location in outer space far from all other objects, a nucleus whose mass is
Question #3280750
In a location where the speed of sound is 337 m/s, a 2000 Hz sound wave impinges
Question #1673671
In a location where the speed of sound is 337 m/s, a 2000 Hz sound wave impinges
Question #1673763
In a location where the speed of sound is 337 m/s, a 2000 Hz sound wave impinges
Question #1673933
In a location where the speed of sound is 344 m/s, a 2000 Hz sound wave impinges
Question #1676419
In a location where the speed of sound is 353 m/s, a 2 000-Hz sound wave impinge
Question #3163952
In a location where the speed of sound is 354 m/s, a 2000 Hz sound wave impinges
Question #1674273
In a location where the speed of sound is 355 m/s, a 2000 Hz sound wave impinges
Question #1983145
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
In a managers’ meeting between the information technology administrator, the lea
Next
In a manual on how to have a number one song, it is stated that a song must be n

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.