Sign In
Not register? Register Now!
Essay Available:
Pages:
7 pages/β‰ˆ1925 words
Sources:
4 Sources
Style:
APA
Subject:
IT & Computer Science
Type:
Research Paper
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 51.03
Topic:

Information System Vulnerabilities And Risk In Cybertech - SAR

Research Paper Instructions:

You are an Information Assurance Management Officer, IAMO, at an organization of your choosing. One morning, as you're getting ready for work, you see an email from Karen, your manager. She asks you to come to her office as soon as you get in.
When you arrive to your work, you head straight to Karen's office. “Sorry for the impromptu meeting,” she says, “but we have a bit of an emergency. There's been a security breach at the Office of Personnel Management.”
We don't know how this happened, but we need to make sure it doesn't happen again, says Karen. You'll be receiving an email with more information on the security breach. Use this info to assess the information system vulnerabilities of the Office of Personnel Management.
At your desk, you open Karen's email. She's given you an OPM report from the Office of the Inspector General, or OIG. You have studied the OPM OIG report and found that the hackers were able to gain access through compromised credentials. The security breach could have been prevented, if the Office of Personnel Management, or OPM, had abided by previous auditing reports and security findings. In addition, access to the databases could have been prevented by implementing various encryption schemas and could have been identified after running regularly scheduled scans of the systems.
Karen and the rest of the leadership team want you to compile your findings into a Security Assessment Report or SAR. You will also create a Risk Assessment Report, or RAR, in which you identify threats, vulnerabilities, risks, and the likelihood of exploitation and suggested remediation.
You will now research and learn about types of networks and their secure constructs that may be used in organizations to accomplish the functions of the organization’s mission. You will propose a local area network (LAN) and a wide area network (WAN) for the organization, define the systems environment, and incorporate this information in a network diagram. Discuss the security benefits of your chosen network design.
Read about the following computing platforms available for networks and discuss how these platforms could be implemented in your organization. Include the rationale for all the platforms you choose to include in your network design.
Review the OIG report on the OPM breach that you were asked to research and read about at the beginning of the project. The OIG report included numerous security deficiencies that likely left OPM networks vulnerable to being breached. In addition to those external threats, the report also describes the ways OPM was vulnerable to insider threats. The information about the breach could be classified as threat intelligence. Define threat intelligence and explain what kind of threat intelligence is known about the OPM breach.
You just provided detailed background information on your organization. Next, you’ll describe threats to your organization’s system. Before you get started, select and explore the contents of the following link: insider threats (also known as internal threats). As you’re reading, take note of which insider threats are a risk to your organization.
Now, differentiate between the external threats to the system and insider threats. Identify where these threats can occur in the previously created diagrams. Relate the OPM threat intelligence to your organization. How likely is it that a similar attack will occur at your organization?
You have a suite of security tools, techniques, and procedures that can be used to assess the security posture of your organization's network in a SAR.
Next, examine these resources on firewalls and auditing–RDBMS related to the use of the Relational Database Management System (i.e., the database system and data) RDBMS. Also review these resources related to access control.
Determine the role of firewalls and encryption, and auditing – RDBMS that could assist in protecting information and monitoring the confidentiality, integrity, and availability of the information in the information systems.

Research Paper Sample Content Preview:

Assessing information system vulnerabilities and risk in Cybertech- SAR
Name
Course
Date
Purpose
Protecting the organizations information assets is prioritized to ensure that there the proper functioning of the organization and the achievement of the planned objectives. Information assets may be subject to both internal and external threats. These risks can affect one or more of the three fundamental attributes of an asset: availability, confidentiality and integrity.
Threats are the events that can trigger an incident in the organization, producing damage or material or immaterial losses in its assets. Confidentiality is reliability and the ability to protect the data against those who are not authorized to access them. Availability ensures that there is to access information assets at the time they are needed and to be able to use them by those duly authorized
Organization
“Sentara Healthcare is a not-for-profit health system serving Virginia and North Carolina, with 12 hospitals, outpatient care centers, imaging centers and more” (Sentara Healthcare, 2019).
Scope
The improvement of networks and information security is essential for the proper functioning of the information system. Some of the security failures compromise the critical computer security. The organization’s data needs to be protected from further intrusions compromising the information system increases the risk of unauthorized people will access the system later on if the problem is not detected early. The data and information system covers the different departments and risk management measures that the threats and vulnerabilities are detected.
Organization Network Overview
The networks to be covered are the local area network (LAN), the wide area network (WAN) for the organization, and the overall functioning of the network. The remote area networks cover the areas that are farther away for the hospitals, and a multi-protocol system in place to improve the security of the network. Patients, and staff log into the system and the wireless network can be accessed by the guest when authorized to do so with the institution’s premises.
Organization’s Mission
Sentara Healthcare seeks to improve health every day, and the organization seeks to be the preferred healthcare of choice in the community where Sentara Healthcare serves (Sentara Healthcare, 2019). Patient safety and affordable quality of services are prioritized.
Organizational Structure
Sentara Healthcare provides healthcare to residents in North Virginia and the surrounding areas, with the medical department made up of various divisions to improve health outcomes, diagnose and ailments, air ambulance, cancer, heart care ambulatory services, imaging, neuroscience, orthopedic, physical therapy and rehabilitation, transplantation, urology, vascular and women's health services (Sentara Healthcare, 2019). Besides the health units there is an information system department, HR, accounting, finance and billing.
Network System Description
The departments are connected to a central server based on a star network then network is distributed to different floors to form the ring network. Information is the most valuable assets for the organizati...
Updated on
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:
Order

πŸ‘€ Other Visitors are Viewing These APA Research Paper Samples:

HIRE A WRITER FROM $11.95 / PAGE
ORDER WITH 15% DISCOUNT!
Order Now