unit 3 implementing and managing cyber security Assignment Sample

Task 1: unit 3 implementing and managing cyber security Assignment

Types of Cyber-Attacks

Cyber-attacks are diverse in nature, and the different categories of crimes exist because of the differences in effects. There is the Denial of Service (DoS) attack that floods networks hence making them inaccessible (Cheema et al. 2022). Phishing tricks people into providing information through the use of fake messages. Virus is a type of malware that infects and destroys systems and files, while worm targets multiple areas and overtakes systems; ransomware is a type of malware that encrypts the data and demands a certain sum of money; spyware is a type of malware that spies on users and steals information. Malware infiltrates networks, and corrupts the computer files demanding money to restore the files. The difference between a social engineering attack and a technical attack is that social engineering will trick people into revealing secure data. Brute force attacks work on the probability of guessing the passwords in a technique that involves the use of a systematic procedure (Wanjau et al. 2021) Man-in-the-Middle attacks are those attacks in which the attackers get in between the two parties that are communicating with each other with the intention of intercepting and changing the communication. SQL injection is a method that injects bad code into programs to get information.

Need expert guidance? New Assignment Help delivers trusted Assignment Help to help you achieve higher grades with ease.

Implications of a Cyber-Attack

Cyber-attacks have severe implications. More tangible damages are measures for financial losses, checks, wallet, securities, and cash ransom payments, while intangible measurable damages are monetary penalty, lawyer fees, and fines. Reputational damage leads to customers’ distrust and loss of position in the market. Disruptions in operations lead to suspension of business processes and thus lower efficiency of generated outputs (Hammi et al. 2023). There are legal repercussions for not following the laid-down rules; this results in massive penalties. Data loss is a severe impact, which affects a company's intellectual property and customer records.

Organisational Policies and Procedures

To prevent cyber-attacks, organisations need well developed measures and/or policies. An Acceptable Use Policy contains rules and regulations concerning the utilisation of resources. The Information Security Policy defines the security of information as its business assets (Paananen et al. 2020). An Incident Response Plan outlines the manner of identification, handling and management of incidents. A Data Protection Policy means that one has to follow the laws put in place with regard to personal data (Paananen et al. 2020). System and data access control policies, like the access control policies provide information on who should be allowed to access an organisation’s information, based on the concept of least privileged access. Awareness Programs and Training involves informing the employees on threats and how they can be avoided (Khando et al. 2021). Contrary to organisation’s risk exposure, Regular Audits and Assessments helps in discovering gaps.

Advantages of auditing user’s, devices, and networks.

Furthermore, surveillance increases safety by identifying any suspicious activity and risks to people and assets while they are happening to facilitate an immediate response. Compliance is ensured through the recording of logs that give detailed results and reports from the auditing. The management of incidents reported is made possible by the assurance of clear visibility over the network activities (Patwary et al. 2021). Performance optimisation enables the management of network efficiency as well as the identification of various problems that would have gone unnoticed. Confidentiality is enhanced, which means only those who are allowed to can touch data.

Building a cyber security culture

Given different challenges in cyber security, the key factors include leadership commitment in making security as a value proposition. Education through daily training ensures that the employees are updating and aware of the threats present as well as recommended practices (He et al. 2020). Reporting of any suspicious activities is done and there is no restraint on communication in regard to this aspect. Reinforcing good practice identifies compliance with security policies. Applying security requirements in the processes implies that it is an integral element in every business decision hence enhancing the protective security solution.

Risks of Home Working

The following are the reasons why home working raises the cyber security threats: Organisations with home-based networks often do not incorporate stringent security into the internal network. Organisational owned devices may be ill protected thus making the likelihood of being attacked by malware or suffering from data loss significantly high (Wolff, 2022). No protection at home for files implies that sensitive documents are easily vulnerable to people who are unauthorised to access them. This means that any organisation seeking to implement remote access solutions has got other additional access points that attackers can use if not properly secured. It may be a bit difficult for employees to adhere to the laid down security measures especially when they are not in the workplace proper.

Task 2

Importance of employee training on Cyber Security

It is essential to train all the employees in the organisation on matters concerning cyber security as it improves organisational security. The company’s staff might sometimes be the initial responders to cyber threats, and with more awareness among the employees, the threat of a breach is diminished considerably (Silic. and Lowry, 2020). Employees need to be well trained so that they can be in a position to recognise and avoid incidences of fake emails, phishing scams and other unproductive acts. Moreover, training enables the workforce to be on the lookout for the current security threats and synchronise with the current security procedures.

Evaluation of effective methods and contents for cyber security training

This finding indicates that teaching methods used in cyber awareness staff training should include different aspects and materials. These should include participative workshop sessions, e-learning, simulated phishing emails and simple informative updates via news-letters and webinars (Nifakos et al. 2021). Practical assignments – For example, such activity as incident response drill, allows to strengthen what has been learned. The content should include general awareness about cyber security such as how to detect and prevent phishing, an insight into malware and ransomware, ways to use the internet securely, and the value of password use and two-factor authentication. It also means that training should include the details of organisational policies and procedure, for example, data protection and acceptable use policies.

Method for keeping updated about trending cyber security process

Awareness of new trends in the cybercrime field depends on several processes to help an organisation stay alert to changes. The Internet and newspapers are excellent sources of information as newsletters, blogs, and white papers by key players and specialised publications are available on a regular basis (da Silva et al. 2020). Participation in professionals association and attending the conferences and or webinars assists in getting direct experience from the experts and other practitioners. Thus, the administration of the team must provide constant knowledge improvement and training courses for additional certification of IT staff. Threat intelligence is shared with other organisations more frequently and threat intelligence platforms help to get updates on potential threats.

Task 3

Necessity to Implement the Measures of Cyber Security

Applying cyberspace security measures in an organisation plays important functions. First of all, it ensures that confidential information is safeguarded against people who wish to gain access to it, steal or corrupt it. This is vital to meet the objectives of protecting confidentiality, integrity, and availability of information which are the core principles of information security. Measures in cyber security also include; the organisation adheres to legal and regulatory rules hence prevent necessary fines and legal ramifications. Besides, a strong cyber security minimises risk exposure thus building clients’ confidence when conducting businesses with organisations that demonstrate security measures of their information (Ghadge et al. 2020). Also, protection from cyber threats prevents the disruption of the organisation’s operations by countering cyber threats and resulting in business continuity and sustainability.

Deploying Security Protection Methods

Security protection methods require be managing and implementing through a certain process and a particular course of action. The process to begin with is a risk assessment to look for openness that can be exploited. Installing firewalls and Intrusion Detection System for the monitoring of traffics in the networks can be effective for organisation (Ogogo, 2021). On the other hand, the company can implement the endpoint protection software including antivirus and anti-malware on all the devices. Additionally, the company can adopt Security Information and Event Management (SIEM) technologies for event and incident analysis. Moreover, constant checkups and updates can be effective to take care of the discovered weaknesses. Hence, pursuing the culture of cyber security awareness training sessions regularly to help the employees to be aware of the threats and handle them in the right manner can be effective deployment methods.

Configuring systems

When setting up system parameters in order to enhance security, there are several critical ways. The organisation can use unique passwords and remove/ disable default user accounts and services. The possible attacks should be restricted from spreading by the use of network segmentation. Employing the usage of Multiple-factor authentication for authentication processes can be effective configuring systems. Establishing Access Control Lists (ACLs) to regulate user rights and allowing for precise logging and frequent reviews of the levels of access and of the alterations can enhance the configuring systems of the organisation (Omotunde and Ahmed, 2023). Ensuring that there is compliance with the recommended secure configuration standards in operating systems, databases as well as applications might be effective in this process. It is necessary to update regular systems, especially in critical areas of business, and concretely patch any vulnerability found.

Recommendation for cyber security protection methods

In the case of suggesting the major types of cyber security protection methods, there are several features that should be regarded to evaluate them and consider as the proper requirements for the organisation. Availability is a factor as the solutions must be affordable and should not have an unfavourable impact on the organisation’s budget (Bergmann et al. 2020). It needs to be scalable, thus meeting the organisation’s growth and its changing demands on the system. It is very important that changes respect as much as possible the existing systems to prevent interference with operations. There is a need to take into account the effect brought about on the users’ productivity since the measures instituted ought not to greatly affect the efficiency of the business entities.

In order to maintain efficient security operations, these methods’ performance should be assessed constantly. Recurring penetration tests are done to discover the weaknesses and help with their removal. Perpetual scanning identifies the risks associated with the applications. Periodically security audits are done to check on how confirmative organisations are to the policies put in place as well as the efficiency of the controls instituted. Simulations help to train the organisation for real life attacks and enhance the response plan (Chowdhury and Gkioulos, 2021). Collecting users’ feedback is also a good practice to understand the problems in terms of usability that have to be solved. Anyone on the organisation’s management team cares deeply about security needs metrics that enable the evaluation of threat detection rates and incident response time. These evaluations ensure long-term security of the organisation from cyber threats.

Task 4

Effectiveness of completing vulnerability testing on a network

It is important to conduct cyber vulnerability tests on a network for the protection of the network. Vulnerability testing helps in the identification of gaps in an organisational security mechanism that could be exploited by an attacker and deals with them in advance (Abushark et al.2022). This course is crucial in safeguarding data from hackers, malicious attacks, and other security risks that pose a threat to the organisation’s critical data and workflow. Propper vulnerability testing also assists in maintaining the standards and regulations set hence protecting the organisation from legal consequences and fines. Therefore after eliminating the vulnerabilities on Cyber Attacks, the organisation will be safe from attacks, and its reputation as well as the trust from customers will be maintained.

Effects of Simulated attacks on network

Co-coordinating practice raids on a network is one of the key components of cyber security testing, as such offering substantial evaluation into the organisation’s security posture. Such attacks, also referred to as targeted or practice ones, check how responsive the organisation is to certain threats or dangers, such as penetration tests or red teaming (Rehberger, 2020). This is proactive because it assists in explaining how an actual attack might take place hence getting the impression of what it would look like and its impact on the networks and systems. Threat simulations put to real-life tests the current security preparations and the preparedness of the incident response team to neutralise real threats as fast as possible.

Application and network security configuration, as well as the security assessment, therefore form part of cyber security testing. To configure security, begin by ensuring that all software’s and systems are updated with the latest patching as a method of removing risk. For the incoming and outgoing traffic, firewalls should be established to ensure that the traffic is going through appropriate channels while monitoring activities (Farooq et al. 2023). Encryption should be implemented to keep data secure while they are stored and while they are being transmitted and segmentation should be done in the networks to avoid the spread of such threats. The essence of testing these configurations includes the following procedures.

Task 5

The specific steps to be followed when signs of a cyber-attack show up are likely to depend on the context of the malicious attack. The containment process is crucial to cease the attack from proliferation; this involves quarantine of associated systems and denying access to hostile IP addresses (Alawida et al. 2022). Thirdly, it is a crucial step of estimating the number of systems attacked and the type of attack after evaluating the entry point, logs, and forensic information.

This entails eradicating viruses and malicious software and rebuilding systems and data from a clean backup and continuously monitoring for the threats. It requires immediate attention since various stakeholders such as the management and employees operating in the area must be notified of the incident and subsequent response measures. Lastly, an analysis by the organisation’s IT specialists who identified the cause and looked into the effectiveness of this response, as well as modification of security mechanisms and policies to improve the organisation’s security and response to future attacks.

Importance of communication

Other kinds of announcements that correlate with the means of communication include the continuous and precise dissemination of information during and in the face of the cyber attack. It also has alert emails that are detailed and contain guidelines or procedures to be followed by the concerned personnel. Publicising on the intranet may involve current information and news which is readily seen by the employees (Pentikäinen, 2021). There could be polite and first meetings which are done physically or virtually using readily available technology devices like laptops, tablets or mobiles to talk to the official management on a regular and sustainable basis in relation to the transfer of information. On the other hand, telephonic communication or sending Short Messaging Service, abbreviated as SMS is employed for passing urgent messages (). Moreover, i8t can be said that messaging programs will ensure confidentiality and will also move the information fast. In aggregate, these methods ensure that all the required information is propagated concurrently and as soon as possible for the improvement of quick and coordinated handling of the occurrence.

Root cause analysis

The following is a guide on how to conduct a root cause analysis whilst addressing a cyber security issue, beginning with the statement of the problem that should include; the description of the cyber security incident and its extent. Gathering as much information as possible from all the systems that are involved to be able to know what happened. Reviewing this information might be effective with an aim of finding possible causes of the problem (Perwej et al. 2021). This may be after considering different variables that may have led to the problem, or characteristics that go in contrary with the normal or expected trend. In this case, apply methods such as the “5 Whys interrogation” or a fishbone chart to drill down to the root of the problem

Results of changes cyber security practises

The outcomes of evaluating findings from cyber security incidents reveal the following critical alterations to working practices. Thus, the policies are revised through time to include ways of responding to the new threats as well as enhancing the system security measures. Such training programs are bolstered so that the employees can be knowledgeable of the emerging threats and practices. Additional measures are then taken by upgrading firewalls, intrusion detection mechanisms, as well as the endpoint protection systems. Specifically, incident response plans are updated in order to increase the organisations’ reaction rates and efficiency at mitigating further attacks. Furthermore, there is an increase in the routine so that auditing and vulnerability assessment tests are more recurrent in order to avoid or minimise threats. Altogether, such changes enhance the security of the organisation as a whole.

Task 6

Cyber Security Measures on Client Inception

With the approach of a new client, as the cooperation is being started, various measures should be taken concerning cyber security in order to minimise the possible risks. This entails putting up protection in endpoint products, organising group policies in software, and also in the putting up of checkpoints in networks. In the following part of the paper, I explain the stages of the process under discussion.

The protection methods which need to be installed on endpoint devices are:

The first step is to choose reliable endpoint protection software which can be either Symantec, McAfee, or Bitdefender. This software plays an important role in offering protection to an organisation and its computer systems against malware, viruses, hackers and other security threats that may be present on the internet (Alenezi et al. 2020). After selection of the software, it is required to install it on all the endpoint systems, such as desktops, notebooks, and mobile gadgets utilised in the client company. The user sets the parameter settings in order to have the best protection. These consist of the ability to scan in real time to help reduce and prevent threats as they occur, the automatic update to the latest threat definitions and a full system scan from time to time to check for any issues. Also, launching and customising the firewall options in the endpoint protection application effectively prevents unauthorised access to the devices.

Subsequently, the process of deployment and optimisation of group policies is essential for adhering to security assessments and compliance within the client’s organisations. To reach the GPMC on the server, a user will need to follow the steps described below. Here, a new Group Policy Object (GPO) can be created or an existing GPO can be modified depending on the requirements of the client firm’s security (Breivik, 2021). Inside the GPO there is a need to set both the user and computer parameters. Another area involves the user setting where the password policy with the complexity and expiration time is to be regulated and the lockout policy for prevention of the brute force attack. Furthermore, only specific personnel can access configurations and other administrative controls through limiting access to system settings and important programs.

Preparing the System for Network Monitoring Application and Configuration

Last but not the least, choosing and implementing tools for network monitoring is critical if the organisation is to get an overview of the health and security state of the network. For this purpose, there are reliable tools like SolarWinds, Nagios, or PRTG Network Monitor that can be used for this purpose (Dondo et al. 2021). It is installed on a separate server hence is set to probe the vital components of the network which includes routers, switches, firewalls and servers. The use of alarms for any activities, which are deemed illegitimate, including attempts to login into the system, or high traffic levels, are useful in implying threats at an early stage. Programs that Modified the use of monitoring dashboards to show desired metrics and security status give real-time information while the report that is put forward on a specific time helps stakeholders to get updates on the network health or security.

Screencast Demonstration

Considering all the aspects of implementation clearly, a screencast demonstration should be made. The process of installing endpoint protection software, manipulating with the group policies, setup of network monitoring software etc can be recorded using tools that are OBS Studio or Camtasia. This enables each step to be captured and described well, maintaining checklists of all the measures to be performed and their implementation checked with the client’s IT team. Summing up, the use of all the enumerated complex cyber security measures give satisfactory protection for a new client against a comprehensive threat posed by cyber threats. Therefore, by following these specific bullet-pointed procedures, the organisation can secure their IT facilities and make them more resistant to catastrophes.

References

• Abushark, Y.B., Khan, A.I., Alsolami, F., Almalawi, A., Alam, M.M., Agrawal, A., Kumar, R. and Khan, R.A., (2022). Cyber security analysis and evaluation for intrusion detection systems. Comput. Mater. Contin, 72, pp.1765-1783.
• Alawida, M., Omolara, A.E., Abiodun, O.I. and Al-Rajab, M., (2022). A deeper look into cybersecurity issues in the wake of Covid-19: A survey. Journal of King Saud University-Computer and Information Sciences, 34(10), pp.8176-8206.
• Alenezi, M.N., Alabdulrazzaq, H., Alshaher, A.A. and Alkharang, M.M., (2020). Evolution of malware threats and techniques: A review. International journal of communication networks and information security, 12(3), pp.326-337.
• Bergmann, M., Brück, C., Knauer, T. and Schwering, A., (2020). Digitization of the budgeting process: determinants of the use of business analytics and its effect on satisfaction with the budgeting process. Journal of Management Control, 31(1), pp.25-54.
• Breivik, S., Dvergsdal, G.K. and Sørli, E.Ø., (2021). Centralizing security and operations of Windows clients in an emergency care IT infrastructure (Bachelor's thesis, NTNU).
• Cheema, A., Tariq, M., Hafiz, A., Khan, M.M., Ahmad, F. and Anwar, M., (2022). [Retracted] Prevention Techniques against Distributed Denial of Service Attacks in Heterogeneous Networks: A Systematic Review. Security and Communication Networks, 2022(1), p.8379532.
• Chowdhury, N. and Gkioulos, V., (2021). Cyber security training for critical infrastructure protection: A literature review. Computer Science Review, 40, p.100361.
• da Silva, G.C. and Sanseverino, G.G., (2020). Business model innovation in news media. Media and Communication, 8(2), pp.28-39.
• Dondo, M., Sultana, M. and Vandenberghe, G., (2021). Malicious activity detection.
• Farooq, M., Khan, R. and Khan, M.H., (2023). Stout Implementation of Firewall and Network Segmentation for Securing IoT Devices. Indian Journal of Science and Technology, 16(33), pp.2609-2621.
• Ghadge, A., Weiß, M., Caldwell, N.D. and Wilding, R., (2020). Managing cyber risk in supply chains: A review and research agenda. Supply Chain Management: An International Journal, 25(2), pp.223-240.
• Hammi, B., Zeadally, S. and Nebhen, J., (2023). Security threats, countermeasures, and challenges of digital supply chains. ACM Computing Surveys, 55(14s), pp.1-40.
• He, W., Ash, I., Anwar, M., Li, L., Yuan, X., Xu, L. and Tian, X., (2020). Improving employees’ intellectual capacity for cybersecurity through evidence-based malware training. Journal of intellectual capital, 21(2), pp.203-213.
• Khando, K., Gao, S., Islam, S.M. and Salman, A., (2021). Enhancing employees information security awareness in private and public organisations: A systematic literature review. Computers & security, 106, p.102267.
• Nifakos, S., Chandramouli, K., Nikolaou, C.K., Papachristou, P., Koch, S., Panaousis, E. and Bonacina, S.,(2021). Influence of human factors on cyber security within healthcare organisations: A systematic review. Sensors, 21(15), p.5119.
• Ogogo, W.L., (2021). Real-Time Monitoring of Network Devices: Its Effectiveness in Enhancing Network Security. East African Journal of Information Technology, 3(1), pp.1-6.
• Omotunde, H. and Ahmed, M., (2023). A comprehensive review of security measures in database systems: Assessing authentication, access control, and beyond. Mesopotamian Journal of CyberSecurity, 2023, pp.115-133.
• Paananen, H., Lapke, M. and Siponen, M., (2020). State of the art in information security policy development. Computers & Security, 88, p.101608.
• Patwary, A.A.N., Naha, R.K., Garg, S., Battula, S.K., Patwary, M.A.K., Aghasian, E., Amin, M.B., Mahanti, A. and Gong, M., (2021). Towards secure fog computing: A survey on trust management, privacy, authentication, threats and access control. Electronics, 10(10), p.1171.
• Pentikäinen, I., (2021). Implementation of the Intranet from a Knowledge Management Perspective-A Case Study.
• Perwej, Y., Abbas, S.Q., Dixit, J.P., Akhtar, N. and Jaiswal, A.K., (2021). A systematic literature review on the cyber security. International Journal of scientific research and management, 9(12), pp.669-710.
• Rehberger, J., (2020). Cybersecurity Attacks–Red Team Strategies: A practical guide to building a penetration testing program having homefield advantage. Packt Publishing Ltd.
• Silic, M. and Lowry, P.B., (2020). Using design-science based gamification to improve organizational security training and compliance. Journal of management information systems, 37(1), pp.129-161.
• Wanjau, S.K., Wambugu, G.M. and Kamau, G.N., (2021). SSH-brute force attack detection model based on deep learning.
• Wolff, J., (2022). Cyberinsurance policy: Rethinking risk in an Age of ransomware, computer fraud, data breaches, and cyberattacks. MIT Press.

Author Bio

Mira Shaw   5 years | PhD

Hello programmers. If you are looking for a mentor who can help you understand the basics of programming and how to write assignments that will get good grades, then I am the writer for you. I have PhD in programming. I excel in many programming languages so I can help you with any programming subject you are struggling with.