Main Menu

My Account
Online Free Samples
   Free sample   Data security assignment information security roadmap for evolvenet

Data Security Assignment: Information Security Roadmap for EvolveNet

Question

Task:

Data Security Assignment Task:

Using the Threat and Risk Assessment Report from the previous initiative, devise an Information Security Roadmap that selects and articulates the business benefit for 5 individual information security initiatives for EvolveNet. The Information security initiatives must involve the implementation of controls that provide the most benefit to the organisation. Controls can be in the form of administrative, technical or physical. Technical controls can include off-the-shelf products or bespoke solutions.

The Information Security Roadmap consists of two deliverables: 

  1. An Information Security Roadmap Charter Document 
  2. An Information Security Roadmap Executive Presentation

Answer

Introduction

EvolveNet, undertaken in this data security assignment, is a Voice over Internet Protocol (VOIP) firm based in Australia. There are numerous security issues and threats that are determined for the organization that needs to be controlled and effectively managed. The information security controls and initiatives will enable the organization to properly deal with the security issues

Information Security Initiatives

Security Initiative 1 – Intrusion Detection Systems (IDS)

Introduction

EvolveNet currently does not include the effective technical controls that may lead to the occurrence of the security threats, such as eavesdropping or flooding attacks. The availability and confidentiality of the information can get negatively impacted as an occurrence (Gordon, 2016). 

Scope

The scope of the security initiative will be on the internal networks and systems associated with EvolveNet. 

Business benefits

The security initiative will determine the malicious security attempts by the malevolent entities. It will generate alerts that will assist the organization in controlling and putting a check on the security issues. It will lead to the benefits as uninterrupted services to the customers along with the protection of the networks and the data sets. 

Functional business requirements

  • To configure the EvolveNet networks to be synced with the automated IDS
  • To implement a front-end to monitor the network activities and determine the logs and alerts issued

Key success indicators

  • Immediate alerts in the case of malicious attempts by the intruders 
  • Zero cases of information security attacks
  • 100% protection of the information sets and assets 

Required resources

  • Network Specialist 

Indicative budget

The budget that will be associated with the security initiative will be $15,000 (Leming, 2015). 

Two possible products and technical solutions

  • Cisco Secure IDS ($8000)
  • Internet Security Systems Inc. ($9000)

Estimated delivery time frame

30 days

Security Initiative 2 – Anti-malware Tools

Introduction

There are malware attacks that may occur on the EvolveNet systems and networks. These could be in the form of viruses, spyware, etc. The lack of antivirus is also a major risk as the malicious entities can easily impact the systems and networks. 

Scope

The scope of the security initiative will be on the internal networks and systems associated with EvolveNet. 

Business benefits

The malware attacks will be avoided and controlled with the installation of the anti-malware tools and software on all the devices and systems (O’hanley& Tiller, 2015). 

This will provide the benefits as enhanced information security and privacy. The customer trust will improve in the organization and the stakeholder satisfaction levels will also improve. This in turn will provide the organization with an edge in the market. 

Functional business requirements

  • To configure the EvolveNet systems to be synced with the automated anti-malware tools
  • To integrate the anti-malware tool with the other security controls being used

Key success indicators

  • Immediate alerts in the case of malicious attempts by the intruders 
  • Zero cases of information security attacks
  • 100% protection of the information sets and assets 

Required resources

  • Information Security Analyst 

Indicative budget

The budget that will be associated with the security initiative will be $5,000. 

Two possible products and technical solutions

  • Norton 360 Anti-virus protection (USD 44.99 for 3 devices)
  • McAfee Anti-virus ($14.99 per device) 

Estimated delivery time frame

20 days

Security Initiative 3 – Anti-Denial Tools

Introduction

There are network channels that are used by EvolveNet that are exposed to information security risks and attacks. The availability of these network channels and services is crucial so that the services can be continually provided. The disruption in the services can lead to negative implications on the entire organization. The Denial of Service (DoS) and Distributed Denial of Service (DDoS) are the two major flooding attacks that can impact the organization(Shamala et al., 2017). 

Scope

The scope of the security initiative will be on the internal networks and systems associated with EvolveNet. 

Business benefits

There are specific properties of the information sets that need to be protected. The availability of information is one of the primary aspects that must be protected. Without the access and availability to the networks and services, the organization will not be able to continue with the required set of operations. However, the use of anti-denial tools will make sure that the service continuity is maintained leading to the monetary profits. The satisfaction levels of the employees and the customers will also increase. 

Functional business requirements

  • To configure the EvolveNet networks to be synced with the automated anti-denial systems
  • To implement a front-end to monitor the network activities and determine the logs and alerts issued

Key success indicators

  • Violation of denial attempts by the attackers
  • Zero cases of information security attacks
  • 100% protection of the information sets and assets (Martin, 2020)

Required resources

  • Network Specialist 

Indicative budget

The budget that will be associated with the security initiative will be $15,000. 

Two possible products and technical solutions

  • Akamai DDoS Mitigation 
  • Radware DDoS Protection 

Estimated delivery time frame

30 days

Security Initiative 4 – Employee Trainings

Introduction

There are security issues and attacks that may occur due to the lack of understanding and knowledge among the employees. The employees may not be aware of the best security practices to be followed. The issues due to employee negligence can cause violation of information security and privacy. There are insider threats that may also occur on the EvolveNet systems that can cause significant damage to the overall security. 

Scope

The employee trainings will be organized for the internal employees of EvolveNet. These trainings will cover the three aspects as Information Security, Organization Ethics, and Legal Compliance (Marquardt, 2016). 

Business benefits

The employees will perform in accordance with the organization requirements and expectations once they will be aware of the security practices, ethics & code of conduct, legal policies, and likewise. The employee performance will directly influence the productivity levels of the employees which in turn will make sure that the overall organization performance is enhanced. The stakeholders and the customers will be satisfied and the overall organization profits will also increase. 

Functional business requirements

  • To develop the training plan and schedule for the employees as per the requirements and availability 
  • To conduct the training sessions as per the plan 
  • To gather and analyse the feedback 
  • To record the performance before and after the training 

Key success indicators

  • Training hours of the employees – Mandatory 30 hours of training in 6 months 
  • Training assessments – Pass percentage as 9 or above on a scale of 10 
  • Ethical compliance rate of the employees
  • Legal compliance rate of the employees
  • Security compliance rate of the employees 

Required resources

  • Project Manager
  • Trainer (Internal or External)

Indicative budget

The budget that will be associated with the security initiative will be $7,000. It will include the cost of the tools and the trainer. 

Two possible products and technical solutions

  • Web conferencing tools 
  • Data analytics tools

Estimated delivery time frame

45 days 

Security Initiative 5 – Information Security Plan

Introduction

There are different security issues and threats that are determined for EvolveNet. The resolution of these issues will be possible when there will be a detailed set of guidelines available. The inadequate information security plan will result in the significant security risks, such as insider threats, malware attacks, denial of service attacks, and others. 

Scope

The scope of the security initiative will be restricted to the internal departments of EvolveNet. It will comprise of the internal systems and data sets along with the network channels. 

Business benefits

The information security plan will list out the detailed set of controls that shall be implemented in EvolveNet. One of these is the conduction of review and audits. The security gaps will be identified in these audits which will present the organization with the benefit of improving the overall security. It will provide the mechanism to streamline the organization assets and conduct the operations in a secure manner (Miltgen& Smith, 2015). 

Functional business requirements

  • To develop the information security plan as per the requirements and specifications
  • To list the administrative, technical, and physical security controls
  • To map the resources with the responsibilities to be carried out 

Key success indicators

  • Zero instances of information security attacks 
  • Training hours of the employees – Mandatory 30 hours of training in 6 months
  • Ethical compliance rate of the employees
  • Legal compliance rate of the employees
  •  Security compliance rate of the employees 

Required resources

  • Chief Information Security Officer (CISO)
  • Security Advisor 
  • Security Analyst 

Indicative budget

The budget that will be associated with the security initiative will be $10,000.

Two possible products and technical solutions

  • Documentation tools and platforms 
  • Web conferencing tools, such as Microsoft Skype 

Estimated delivery time frame

60 days 

Conclusion

There are several security issues and attacks that are determined for EvolveNet. The resolution of these issues can be done with the information security initiatives that are listed and described. The implementation of the security controls will enable the organization to remain protected from all forms of information security attacks. The detection, prevention, and control of the information security issues will become possible with the aid of the information security initiatives. It is also necessary that the regular updates are installed on these controls and mechanisms so that the overall security goals can be attained. 

References

Gordon, A. (2016). The Hybrid Cloud Security Professional. IEEE Cloud Computing, 3(1), 82–86. https://doi.org/10.1109/mcc.2016.21

Leming, R. (2015). Why is information the elephant asset? An answer to this question and a strategy for information asset management. Business Information Review, 32(4), 212–219. https://doi.org/10.1177/0266382115616301

Marquardt, N. (2016). An Experimental Approach to the Evaluation of Business Ethics Training. Data security assignment Journal of Business Ethics Education, 13, 41–66. https://doi.org/10.5840/jbee2016134

Martin, K. (2020). Cryptography?: the key to digital security, how it works, and why it matters. W. W. Norton & Company, Inc.

Miltgen, C. L., & Smith, H. J. (2015). Exploring information privacy regulation, risks, trust, and behavior. Information & Management, 52(6), 741–759. https://doi.org/10.1016/j.im.2015.06.006

O’hanley, R., & Tiller, J. S. (2015). Information security management handbook. Crc Press.

Shamala, P., Ahmad, R., Zolait, A., &Sedek, M. (2017). Integrating information quality dimensions into information security risk management (ISRM). Journal of Information Security and Applications, 36, 1–10. https://doi.org/10.1016/j.jisa.2017.07.004

NEXT SAMPLE

Related Samples

Question Bank

Looking for Your Assignment?

Search Assignment
Plagiarism free Assignment

FREE PARAPHRASING TOOL

PARAPHRASING TOOL
FREE PLAGIARISM CHECKER

FREE PLAGIARISM CHECKER

PLAGIARISM CHECKER
FREE PLAGIARISM CHECKER

FREE ESSAY TYPER TOOL

ESSAY TYPER
FREE WORD COUNT AND PAGE CALCULATOR

FREE WORD COUNT AND PAGE CALCULATOR

WORD PAGE COUNTER



AU ADDRESS
9/1 Pacific Highway, North Sydney, NSW, 2060
US ADDRESS
1 Vista Montana, San Jose, CA, 95134
ESCALATION EMAIL
support@totalassignment
help.com