Just as quickly as new technology is develope
Week 4 Discussion
Just as quickly as new technology is developed, hackers find new ways to disrupt operations. As a result, security is an ongoing endeavor in all organizations. Strategic planning can help organizations be prepared to address new daily threats to information security. Moreover, many of today's organizations are adopting virtualization as a way to reduce their footprint in hardware costs and to improve their backup system capabilities at the client and server levels. At the same time, virtualization poses security risks that organizations need to consider as part of their strategic planning process.
Go to Basic Search: Strayer University Online Library to locate and integrate at least two quality, academic resources (in addition to your textbook) on the role of strategic planning in mitigating information security threats, including those associated with virtualization. You may also use government websites, such as Cybersecurity from the National Institute of Standards and Technology.
As you write this post, keep in mind your current organization's or a previous organization's strategic planning for information security, its infrastructure, and its training.
Please respond to the following in a post of at least 200 words:
- Justify the importance of strategic planning to an organization's information security.
- Identify and describe the topics to be included in strategic planning for information security.
- Specifically describe the security threats associated with virtualization.
- Explain how strategic planning can help to mitigate the security threats associated with virtualization.
- Provide full citations and references, formatted according to Strayer Writing Standards.
- For assistance and information, please refer to the Strayer Writing Standards link in the left-hand menu of your course. Check with your professor for any additional instructions.
In 60 to 75 words, please respond to at least one other post. Choose to respond to those who have few or no responses.
Note: You will find the information from this post and the feedback you receive on it useful as you work on your Virtualization assignment due this week.
4 days ago
Scott Coleman
RE: Week 4 Discussion
Top of Form
A. Justify the importance of strategic planning to an organization's information security.
Strategic Security Planning is critical to any organization. It typically starts with the CISO. The CISO should be strategically placed within the organization to ensure proper visibility of security issues and manage risk in a way that aligns with business objectives.
A strategic plan is a document used to communicate the organizations goals, tasks needing to be completed to achieve these goals and any other items identified in the assessment.
B. Identify and describe the topics to be included in strategic planning for information security.
The topics that should be included in a strategic security plan are below.
· Defining consistent and integrated methodologies for design, development and implementation;
· Detecting and resolving problems;
· Reducing time to delivery from solution concept through implementation;
· Provisioning flexible and adaptable architectures;
· Proactively making decisions to more efficiently deliver results;
· Eliminating redundancy to better support achievement of objectives;
· Planning and managing human resources, relying on external expertise when required to augment internal staff;
· Evolving into an organization where security is integrated as seamlessly as possible with applications, data, processes and workflows into a unified environment.
C. Specifically describe the security threats associated with virtualization.
To better answer this question, let me first define the 2 virtualization types.
· Type 1 virtual environments are considered “full virtualization” environments and have VMs running on a hypervisor that interacts with the hardware. Examples are VMware ESXi, Citrix/Xen Server and Microsoft Kyper-V.
· Type 2 virtual environments are also considered “full virtualization” but work with a host OS instead of a hypervisor. With this type of hypervisor, the guest host is installed on top of an underlying OS such as Windows 10, Linux, etc.
The threats associated with virtualization can be different depending on the type of hypervisor used. Some examples are: Shared clipboard, keystock logging, VM monitoring from the host, VM monitoring from another VM, and VM backdoors
D. Explain how strategic planning can help to mitigate the security threats associated with virtualization.
A good strategic security plan can have a tremendous impact on the organization’s security posture. It defines the areas needing to be secured and the tools/processes required to secure them. For example, is the organization using a Next Gen firewall to protect them from the internet or are they still using an old packet filtering firewall.
1. Brian Evans, July 8, 2015, The Importance of Building an Information Security Strategic Plan (securityintelligence.com), https://securityintelligence.com/the-importance-of-building-an-information-security-strategic-plan/
1. William Stallings. 2019. Effective Cybersecurity: A Guide to Using Best Practices and Standards.
1. Dave Shackleford. Virtualization Security : Protecting Virtualized Environments. Sybex; 2012. Accessed April 25, 2022. https://search.ebscohost.com/login.aspx?direct=true&db=nlebk&AN=500245&site=eds-live&scope=site
Bottom of Form
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.
