April 8, 2021

Develop a strategic cybersecurity improvement plan (Hayslip G., 2017)

Discussion

Respond to two colleagues (BELOW): (Half a page each and provide each reference separately)

Discussion Topic

Identify the components of the cybersecurity lifecycle and strategies that small and medium-sized businesses can use to be proactive versus reactive in their execution.

Post from colleague 1

With the rate of increase in technology and computer sciences has provided organizations with high increase in cyber attacks and the exploring of cyber security vulnerabilities, small and medium size enterprises (SMEs) are not left out. According to reports in 2014, victims of cyber attacks reported an estimate annual loss in the tune of 4400 billion a year (Arief, Bin Adzmi & Gross, 2015). SME owners usually do not have the necessary information technology or capabilities needed to implement a robust and comprehensive security in information technology so any breach in private information of theft can result in loss of customers, income, expensive litigations and public confidence. According to the Kimberly Diane Cook, titled “Effective Cyber Security Strategies for Small Businesses” she emphasized that for SMEs to managing cyber risks, SME owners will have to implement a robust multi-tired security strategy that would focus primarily on mitigation and reaction while also putting interest in people, processes and systems.

She also wrote that SME owners should take a proactive approach in protecting their data by

1. Establishing cybersecurity policies and

2. Implementing security procedures to protect, defend and react to cyber attacks.

3. Create a cyber security strategy to prepare, respond and recover from cyber attacks

Furthermore, it was also discovered according to a research she made that with the assumption that SME business owner do not have the required and established security policies, she later found out that there were still preventive means whereby business owner used or implemented to protect their businesses from cyber-attacks, the strategic security plan included;

1. Password protection methods were used to limited system access

2. Establishment of a cyber security plan

3. Ensuring cyber security awareness

4. Trainings and workshops

5. Security procedures implementation

In contrast to K.D. Cook preventive and proactive approach, Gary Hayslip had this to say “cybersecurity is a lifecycle that doesn’t provide value in a vacuum. For the SMB to be effective, it must approach cybersecurity as a critical business function and not be afraid to ask for assistance from the vibrant security community”.

He also listed a few means by which SME can approach cybersecurity which are:

1. Understanding the drivers behind cybersecurity investments

2. Review your IT portfolio

3. Conduct a risk assessment and finally

4. Develop a strategic cybersecurity improvement plan (Hayslip G., 2017)

References:

Arief, B., Bin Adzmi, M. A., & Gross, T. (2015). Understanding cybercrime from its stakeholders’ perspectives: Part 1 – attackers. IEEE Security & Privacy, 13(1), 71- 76. doi:10.1109/MSP.2015.19

Cook. K.D., (2017). Effective Cyber Security Strategies for Small Businesses. Walden University. Retrieved from https://scholarworks.waldenu.edu/cgi/viewcontent.cgi?referer=https://www.bing.com/&httpsredir=1&article=4974&context=dissertations

Hayslip. G., (2017). Approaching Cybersecurity as a critical business function. Taking the right security steps for small and medium-sized businesses (SMBs). CSO. Retrieved from https://www.csoonline.com/article/3243573/approaching-cybersecurity-as-a-critical-business-function.html

Post from colleague 2

Identify the components of the cybersecurity lifecycle and strategies that small and medium-sized businesses can use to be proactive versus reactive in their execution.

Raising awareness

information

management

prevention

detection

correction

The first phase of that cycle is awareness, that is, recognizing that there may be a problem and that it cannot be overlooked. For this, the National Cybersecurity Institute (INCIBE) proposes an Awareness KIT that incorporates multiple graphic resources, interactive elements and detailed programming that can be very useful to understand this first concept.

Secondly, it is necessary to collect information from the environment in which we move and then be able to manage it correctly in order to prevent the spread of a cyber attack that can lead to many others. Incidents must be analyzed and then given answers.

Another phase of Cybersecurity is prevention. It is important to take measures that prevent incidents from occurring frequently. The most important are access control, backup, firewall, updates and the use of a powerful antivirus.

Another strategy for businesses is opting for cloud or managed security service provider (MSSP) models, in which organizations don’t need to maintain technology on their own servers and can outsource the responsibility. According to Moscaritolo (2011), such options could save businesses money and provide a high level of security.

If the problem is already inside, the only thing we can do is go to the detection, to give a useful answer so that it does not recur.

References

Moscaritolo, A. (2011). Scaled down, armored up. SC Magazine: For IT Security Professionals (15476693), 22(4), 26-28).

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.

Develop a strategic cybersecurity improvement plan (Hayslip G., 2017)

Related Posts

War is a state of armed conflict between nations, states, or groups that involves the use of weapons and violence. It is a destructive force that has many repercussions, both immediate and l

List the claim(s) the author is making: List the evidence used to support the claim? What assumptions is the author making with respect to the claims? Is the use of statistics or other numer

Describe the four values promoted by the field of physical activity and their implications for designing physical activity programs. 2-3 pages in length, double-spaced, Times New Roman 12-po