Technology advancements have brought about enormous benefits to the organizations. However, the developments of the technology have also brought about some challenges to the organizations. Cyber-attacks is a serious concern for organizations as it exposes the networks systems to attacks that can have adverse effect to the organization data, reputation and can also lead financial losses. An organization is exposed to various forms of cyber-attacks which may include phishing, malware attacks, man in the middle attacks, denial of service attacks and SQL injections.

The risk analysis and management plan recommended by the team offered good strategies that could help guard the organization’s network systems against cyber-attacks and unauthorized access. However, with the advancements in the technology, the proposed measures could with time be exposure to the risk, allowing the cyber attackers to bypass the security measures proposed by the team and get an access into the organization’s network systems. Therefore, it is for this reason that a company must keep its security measures updated and occasionally reviewed so as to check for any security gaps in the network system that may require filling. The proposed risk management plan had various weaknesses that could expose the organization’s network systems into cyber-attacks. However, these weaknesses can be mitigated thus leading to the effectiveness of the proposed measures.

For instance, to ensure that encryption is effective in guarding the organization’s computer software, the organization would have to encrypt in layers, exercise proper implementation of encryption, secure encryption keys and use new encryption ciphers. Moreover, data backup can be enhanced by using different backup locations, limit access to back up data and protecting back up media devices. In addition, educating the employees on cyber-attacks regularly will help to keep them up to date with the latest measures and techniques that cyber attackers may try to use in conducting cyber-attacks and this will help the organization to guard itself against the risk of unauthorized access.

Also, regular system audits will help to deter cyber attackers. To enhance the effectiveness of regular system audits, experienced personnel should be tasked with system audits so as to help discover emerging security gaps in the system and recommend their filling to the organization’s management so as not to exposure the organization systems to the cyber-attacks. Restricting the rights of admin will also be of beneficial in reducing the risks to the cyber-attacks. This can be done by ensuring default setting in the organization’s systems that automatically removes the admin rights. Another important measure that will ensure the security of the organization’s systems is limiting the access rights of the staff so as to ensure that employees only access the information that is necessary. Finally, acquiring an advanced technology will promote the security of the organization’s computer systems. Keeping the technology of the organization updated reduces the security gaps in the organization’s systems, thus ensuring the security of the organization’s systems is effective.

There are a number of solutions that can be implemented to overcome the weaknesses highlighted in the proposed security measures.

The weaknesses in the encryption and data backup strategies can be improved through the following measures:

· Encrypt in layers

· Exercise proper implementation of encryption

· Secure encryption keys

· Ensure use of new encryption ciphers

· Use different backup locations

· Limit access to back up data

· Protect back up media devices

The weakness of employee education is that the threats are always evolving and attackers will always device new methods, tools and techniques for use in their attempts to get past an organization’s security measures. However, this weakness can be mitigated by regularly training and educating the employees on the advancement in cyber-attacks and how to overcome new threats (Conteh & Schmick, 2016).

System audits should be done on regular basis. A complete system audit by experienced and knowledgeable experts will help unearth any security gaps in the organization’s systems that may arise as a result of sophistication and evolvement of cyber-attackers’ strategies.

Unrestricted admin rights can increase the risks of unauthorized access. It is therefore important to control the rights of the admin by ensuring the system is set to default setting so as to automatically remove the rights of the admin. Limiting admin rights can lead to low morale. However, educating the admin on the benefit of limiting their rights can help to overcome the risk of low morale and mistrust by letting them understand that the measure is aimed at the best interest of the organization (Ahanger & Aljumah, 2018).

Employees need only to access the information they require. Access to a lot of information that is not necessary to the employees may increase the chances of unauthorized access and data leaks. Letting the employees know the limit of the data they can access in advance will help reduce the risk of developing a sense of mistrust within the organization.

An advanced technology reduces the security gaps in the organization’s network systems. The management of the organization should ensure that their organizations have the latest technologies to promote the security of their network systems.

The above proposed solutions are aimed at promoting the security of the organization’s network systems. The implementation of the above proposals will reduce the chances of cyber-attacks thus ensuring the effectiveness of the organization’s computer systems for an effective and efficient running of the organization’s processes.

The following actions can be implemented to promote the effective implementation of the above proposals:

· Conduct workshops for employee trainings on cyber security

· Hiring experienced and knowledgeable experts for conducting system audits

· Replacing admin rights with the principle of at least privilege

· Require authorization for employee to access various categories of information

· Allocate funds for acquiring and updating the organization’s computer technology

The following network security protocols can be used to promote the security of an organization’s computer systems:

· IPsec and VPNs

· SSL and TLS

· Application Transparent Transport Layer Security

· Kerberos

· OSPF authentication

· SNMPv3.

To ensure there is security of the organization’s system, the following resources are necessary:

· Trained staff

· Advanced computer technology

· Installed firewall performance

· Advanced end point detection

· Updated passwords

· Virtual private networks

References Ahanger, T. A., & Aljumah, A. (2018, 11 01). Internet of Things: A Comprehensive Study of Security Issues and Defense Mechanisms. Retrieved 04 09, 2022, from IEEE Xplore: https://doi.org/10.1109/ACCESS.2018.2876939 Conteh, N. Y., & Schmick, P. J. (2016). Cybersecurity:risks, vulnerabilities and countermeasures to prevent social. International Journal of Advanced Computer Research, 31-36.