Saturday, February 15, 2020

IT 4076 Evaluation and Risk Assessment Research Paper

IT 4076 Evaluation and Risk Assessment - Research Paper Example All organizations are exposed to threats and vulnerabilities that have adversarial impacts on the companies’ operations. Information security professionals have the responsibility of helping the organizations’ management boards to comprehend and control these uncertainties. Threats Threats are the sources and means of particular types of attacks. Threat analysis enables information security experts to determine the most appropriate approaches of securing systems against systems attacks. Security professionals perform penetration-testing exercises to identify threat profiles, develop effective countermeasures against threats and mitigate all earlier signs of threats (Kaiya, Sakai, Ogata & Kaijiri, 2013). The primary focus of threat analysis should be on analyzing the resources of the attackers. It is crucial for all organizations to analyze threats to help them develop specific security policies, which they can implement together with policy priorities and comprehend imp lementation needs for securing organizational resources. Information security threats include accidental disclosure, alteration of software, electrical disruption, acts of nature, and telecommunication malfunction. Vulnerabilities Vulnerabilities are the security flaws that allow a threat attack to be successful in a system. Corporate organizations and private businesses should do vulnerability testing to resolve the vulnerabilities and provide data required to identify unexpected perils to information security. The management boards should realize that such vulnerabilities do not particularly belong to technology class, but also apply to social factors, for example, personal authentication and authorization policies. Vulnerability testing is of paramount importance in maintaining ongoing security and allows the professional responsible for security of the company’s resources to respond to new dangers as they arise (Kevin, Hackney & Edgar, 2010). Testing for vulnerabilities i s also invaluable in developing policy and technology and as part of the technology selection process. It is crucial for buyers to do effective vulnerability tests in order to select the right technology that can save time, money and other costs of business operations. My Encounter with an Information Security Threat I am the Managing Director a telecommunication company that offers postpaid communication services to the residents of Silicon Valley. Recently, I have realized that the costs of making calls were increasing abnormally among the callers. I communicated to my customers and requested from them some information concerning their communication expenditures. I found out that my customers were not really consuming these huge amounts of airtime to make calls. The information security professional made a follow-up and found out that there was massive phreaking and eavesdropping. Hackers were stealing services and using them while passing the costs of making calls to my customers . It was also found that these hackers had stolen credentials and contact information of my customers, which allowed them to control their voice calls, calling plans, billing information and call forwarding. Information is the cornerstone of the company, and its security is of paramount i

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.