Describe and explain information security threats, vulnerabilities, and attack types.•Identify information security requirements for organizations and systems.
please find attached pdf for assinment work
Requirements:
Assignment #1 – Securing your CompanyRecent attacks of Twilio and Cloudflare are interesting comparisons in that the phishing scheme appeared to work well against one company, but failed against another! In large part, this was due to the policies and procedures required of their employees – even though both companies had account passwords stolen.https://www.itnews.com.au/news/twilio-phishers-went-after-cloudflare-but-failed-583775https://www.cpomagazine.com/cyber-security/twilio-hackers-behind-okta-phishing-campaign-that-breached-over-130-organizations/You are taking on the role of a Chief Information Security Officer (CISO) at a high profile technology company that deals with sensitive HIPAA (Healthcare), FERPA (Education), and other Personally Identifiable Information for local governments. Before you came in, the information security policies and procedures became very relaxed and were no enforced at all. As part of your new role, you’ve been asked to come up with new policies and procedures for authentication and access control to prevent information leakage. What will we do?Write a 2 page document highlighting the policies and procedures you’d like to implement in the company. You can also propose the purchase of new equipment or software for employees, if it supports one of the update policies and procedures (e.g. Hardware tokens, Password Managers, etc.). Along with the policy and procedure, write a summary of what this policy will do to prevent unauthorized users from authenticating on the systems, how it balances the desire of employees to havea simple system while maintaining important security policies (for example, if you proposed a 20-factor authentication… is it really necessary and if so, why?)Please consider both the Authentication methods and Access Control policies from each user’s computer system. (You should NOT consider physical security at this time).Why are we doing this?The role of a CISO is meant to protect the information systems and data within an organization. But recent attacks have shown that many companies have weak policies and procedures that lead to compromised systems. Using the recent news of attacks allows you to understand what succeeded and what failed. This also takes the concepts from last class to critically think about the security policies implemented in both your company and your personal life.Learning ObjectivesThis assignment makes use of multiple course objectives•Describe and explain information security threats, vulnerabilities, and attack types.•Identify information security requirements for organizations and systems.•Explain Integral parts of best practices in information security.•Indentify and discuss issues related to access control.
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.
