COM713 Cyber Security Application Assignment Sample 2023
Introduction
This report mainly consists of some important and efficient cyber security application which the increase in number of cyber crimes which the company is facing. As the company is having several political, foreign, domestic, online and also few offline challenges, thus due to an increase in number of enemies and other cyber issues the company is under great threat. Thus, for decreasing the number of issues which the company is facing we are going to discuss some steps of transforming the system and would also improve the policies of system security with the help of cyber security application. In the following report we are going to discuss some efficient data storage and privacy systems which must be implemented, along with some security communication system which helps in having secure communication such that the office staff could easily get in contact with their clients and discuss their various issues, along with all this the document also includes some new technologies which helps the organization in having further development under various situations such as improving the server quality of the office as well as for all the mobile networks. Apart from all these it also includes some improvements steps for various policies such as cost, some special skills and some also human resources facilities could be developed for having less chances of threat for the organization. Thus following are some cyber security applications under which we need to improve some qualities for proper functioning.
Discussion
There are various kinds of technical decisions and improvements which the company needs to implement for decreasing amount of risk within the organization, thus we are going to discuss some points based on improving the quality of cyber security application such that the company could be out of danger. Some of the most common areas of improvement under the organization are mentioned below:
Data storage, integrity, privacy and compliance
The amount of data or information stored within a system requires some kind of protection which is mainly known as software security. Again the security provided for the application is further divided into parts such as, the security provided for the application mainly helps in safeguarding the confidentiality, availability and integrity of the application, secondly the security which helps in managing the vulnerabilities that are located within the application. Thus, the process of threat modelling system mainly guides us on how and when to apply security control such that we can increase our security system (Chandra, 2016). Moreover it is quite important to manage vulnerabilities tools, such as source code analysis and software composition analysis are two special tools which helps in keeping the application safe from threats. Along with all these privacy is also one of the most important aspects which is needed to be considered for managing a system application, thus the company also needs to reach all its compliance such work executed must fulfil various government laws. Based upon various data storage the risks are categorised according to their priority such as:
| Threats | Priority |
| Spywares | High |
| Adware | Medium |
| Spam | Low |
| Key logger | High |
| Rogue Security software | High |
After analysing various kinds of risks which are emerging mainly in some of major parts of data storage system are such as Spywares, Key logger and Rogue security software are some most common threats which may harm the data stored within the system.
Access control and authorisation is the process which is denoted as one of the most essential factor which helps in maintaining the security of the application by protecting the data. As the company is facing various kinds of threats thus access control must be implemented within the system such that both its front-end, back-end and various kinds of resources must be protected in order to keep the system out of danger (Ledru et al., 2015).
Defence depth is a basic principle which is mainly followed under cyber security applications thus, for overcoming some issues under data storage we need to implement this process. This is a process under which various kinds of defensive devices are introduced within the system such that the important data and information would remain safe.
The main scope of the report is to mitigate various kinds of threats which the company is facing under several circumstances. The main aim of the company is to safe guard the data which is stored within the system with the help of various cyber security applications, and thus after implementing the system we also need to maintain such that any unauthorised person could not enter the application for accessing the data.
We all know that cyber security is one of the most secure and upgrading security application which is preferred by most of the companies across the world for protecting the data stored within their system storage (Lee et al., 2016). There are various new technologies which we can easily use under the application of cyber security, thus by looking into various challenges which the company is facing we would mention some technical steps for implementing those technologies within the system such as:
- Implementing the system of Artificial Intelligence into cyber security, with the process of two-factor authentication by identifying user’s identity.
- Implementing the process of Behavioural Analytics for keeping the information safe form data mining, this takes place mainly with social media platforms.
Storage Encryption is mainly utilised for encryption/decryption of some important data as well as some archived data. Most of the companies which store their important data and information are kept under storage encryption as this feature allows the users to keep the data safe. Thus for proper communication and storage of data we need to implement two types of encryption Symmetric key encryption, and Public key encryption these two most highly used encryption methods for communication and storage of data (Heath, 2018).
Thus for implementing all these new technologies and various threat and vulnerability modelling systems within the process we need to maintain few policies of monitoring all various kinds of process which are implemented for all kinds of challenges which the company needs to overcome.
| Policies | Monitoring plan |
| Handle various risks | By handling risks we would have less chances of losing the data which is stored. |
| Need to implement strong authentication | By having a strong authorisation for the system, no outsider could easily enter to the system for stealing data. |
| Implement strong Defensive policies | Such that the number of layer which it would built would not allow any other user to enter the storage unit. |
| Technical implementation | Using such new technologies of cyber security would keep the data safe from threat. |
In case of handling various financial factors the company needs to have make proper plans and understand various systems after which they would invest on any new technology of the cyber security, apart from all employees must have proper human resource roles which would help the company in overcoming various issues.
By using such technologies it would be sure that the information stored by the company is secured such that no spywares could affect them under serious circumstances. Thus this would prove to be a great benefit for the organization.
Secure communication for both organizational staff and clients
Secure communication is another important aspect which in needed to be taken care of under organization security in case of those staff working in the company as well as the clients connected with the company. Thus under such cases the company needs to look into various factors of threat modelling, because in case of communication in between staff and client, network optimization is a most essential process for decreasing the effect of threat over a system. Along with this vulnerability assessment is also needed to be implemented within the system application as this process help in identifying various weaknesses of communication security of the overall company (Abu-Salma et al., 2017). Risk proposition under secure communication system are mentioned below:
| Threats | Priority |
| Trojan horse | High |
| Adware and spyware | Medium |
| Computer worm | Medium |
| DOS and DDOS attack | High |
| Phishing | High |
| Rootkit | Medium |
By looking into various situations of problems which the company is facing there are high chances of emerging risk within some of system application, some of the most highly expected risk are Trojan horse, DOS and DDOS attack and finally the Phishing are some most common attacks which could be easily mitigated by implementing the cyber security within the system application.
In case of having a secure communication in between the staff and clients, access control and authentication is one of the most important factor as during such communication some of most important and essential detailed information are transferred from one person to another, thus in such cases authorisation is most important factor as this allows the users to verify his identity before entering into a certain application, as this process allows us know which particular areas we are allowed to access. Moreover after authentication we are allowed to move ahead to the next step which is access control, this process allows us to know under which areas we have been granted permission for while communicating with the customers or the staff.
In case of defensive system and design principle, there are various kinds of defensive mechanism and devices implemented for safeguarding and communication system within the company as these devices allow us keep the network secure which is used for communication. Thus under cyber security defence in depth is one of the most essential factor which helps having a secure connection in between employees and customers (Zhang et al., 2015). As well as defence is breadth is a process of introducing new security control system under various divisions of OSI reference.
The scope of this system is to decrease the amount of risk and improve the system of secure communication in between the various individuals who are connected with company, along with all these they also need to maintain the system which they are trying to implement along with having prefect knowledge of various kinds of functionalities. And we need to look into systems sustainability such that, some challenges could be mitigated.
According to various researches it could be identified that with the growing number of technologies and various types of innovative systems we can keep our communication network safe from various threats. Thus by having new policies of data encryption and keeping the network infrastructure safe we can keep the communication network safe. Moreover the company must always try to keep the access safe and secure form the threat of various malwares.
Encryption for communication among each other, as the company is facing various challenges thus, due such they need to have proper encryption as this helps the user to enter the system with proper identity, in case of such conversations in between staff and customers there are various kinds of information which is transferred from one place to another thus encryption is one of the most important factor of security as well as also for saving the data which is transferred from the client for their requirement.
| Policies | Response plan |
| Managing Risks | This process would keep communication network safe from various vulnerabilities and the safe from various malwares. |
| Building up strong authentication | This would help the network safe such that no outsiders or any unwanted person far from communication network. |
| Using a strong layer of defensive system | Such a layer would have various layer of protection such that most of the communication would be under a secure network. |
| Use of some new technologies | Would help in keeping the application and system update for communicating with others. |
| Review | Finally the whole process needs to be verified. |
Finally as the companies is head is in-charge of various kinds of functioning, thus is such case he must take care all factors which is mainly related to the implementation of the new cyber security application. Moreover all the employees present in the company needs to have proper communication, organizational, and budgeting skills such that communication could be secure within the company.
Along with all these they also need to take care of all those aspects, whether they are working as expected due to which we have planned to improve our communication network. As by using such new technologies of cyber security, the company would definitely be able to decrease all its communication threats.
System hardening, including servers, offices, and mobile devices
| Threat and vulnerability | Priority |
| Virus | High |
| Trojans | High |
| Key loggers | Medium |
| Distributed denial and service attacks | Low |
- virus: When a system is accessed or rebooted by an infected file or an infected device, the system becomes infected with a virus.This can cause a special problem in running the system and can destroy other important files.
- trojans:Trojan is a problem that can affect mobiles and devices other than laptops or desktops.Bonds attached to a Trojan system look like rational programs.This is a fake version of the application loaded with malware.
- Key loggers:Key loggers do not threaten the system like any other malicious program.Key loggers can pose a serious threat to users.It is used to block another user confidential information and passwords entered by the keyboard.
- Distributed denial and service attacks:A simple distributed denial and service attacksinvite the invitee to create a distributed denial and service attacks master using a weak computer system.
The company can have benefit from these technologies such as social media, mobile devices, cloud computing, and 3D printing.Before using these technologies, need to have a good knowledge of their risks and threats.Business risks occur when the business manages a technology as new a process for customers.Provides risk-taking by demonstrating effective management of information technology responsibly through management, overall vision, regulatory administration and data storage opportunities increase.
The company’s password management should include complex passwords, password expiration, password management expiration, and the latest length of passwords.The company needs to create a checklist of password management policies and influence everyone to manage it.Parts of the checklist that are hard to manage are default passwords and keywords that need to be influenced by a strong password.Security logs and passwords should be specially enabled on the server.
The Company must use a minimum access principle that controls applications, files, associated system features and data access control.An important factor in designing a growing checklist is that the concept of minimal convenience is contradictory to servers.In the digital age, there is no proper protection for composer solutions.Beloved security systems need to be changed and redesigned every moment (Favaró, 2015).
Understanding the long-term and short-term effects of sustainable business activities requires a holistic approach.Lifecycle is a useful tool for a textile to consider its overall impact from an activity, service or source.An important factor in designing a growing checklist is that the concept of minimal convenience is contradictory to servers. In the digital age, there is no proper protection for composer solutions.The impact of the life cycle increases the scope in various ways to move the company forward and it is sustainable for good maintenance.
In most of the applications of technology, the training was conducted for technology and business purposes.The ease of use of contacts shifts almost full emphasis on conceptual activity in the implementation of the open-mindedness of web tools.In the past, the only furniture was removed about the understanding and restructuring of social institutions.The Company must use a minimum access principle that controls applications, files, associated system features and data access control thru the technologies.
Encryption is required to protect the data stored on the device later.The security of the data stored on the device and the occurrence of theft will not be a hindrance to expanders and communications (Yu et al., 2017).Provides risk-taking by demonstrating effective management of information technology responsibly through management, overall vision, regulatory administration and data storage opportunities increase.Many companies are required to encrypt sensitive information, with hefty fines for damages resulting from regulatory disobedience.
Figure 3:Encryption for communications and storage
| Step | Activities |
| Index placement and program design. | The program design needs to be revised and reviewed and a logical framework needs to be created if necessary. |
| data collection and analysis | Data availability needs to be determined and donor sources need to be reviewed. |
| M&E capacity | Human needs to be identified and funded for M&E activities.Necessary measures should be taken to increase the capacity of the staff. |
| Reporting and feedback | Create a reporting system and specify formats. |
The company requires a role and solid specific songwriting within the organization.HR plays a special role in the organization to review staff costs and management.The organization has the responsibility to manage the cost of the human resources organization.Feel the day to determine the cost of HR company capital and staff and to determine the cost in the right.
Personal and operational security
Personal security is also one of the most important factors under an organization, because most of the operations which the company takes need to be highly secured (Van Mieghem, 2015). Operational security is mainly based upon analysing various information which are carried out by the company. Threats which are mainly hostile and affect some group activities, there are various kinds of threats which may disturb various kinds of operations undertaken by the company. Some of the threats which have high risk factors are:
| Threats | Priority |
| Insider Threats | High |
| Virus and worms | High |
| Botnets | High |
| Ransomware | Medium |
After analysing all essentials factors of threats under various kinds of operation under an organization, it could be clarified that some of most highly affected threats that may have high chances of risk are Insider threats, Virus and worms and lastly the botnets are most highly emerging risk.
There are various kinds of operations and joint ventures which are mainly carried out by several team members present, thus the company needs to improve its authorization and access control of various applications which the employees must use while undertaking various operations. Thus it is necessary to have access control along with authorization.
Defensive in depth system is also needed to be applied within the system as the number of security layers provided by cyber security application would help the company in undertaking various essentials tasks with a joint effort without having any failure.
The main scope is to decrease the amount of risk for the company under various operational functions such as undertaking some serious task without facing any difficulty as due to lack of cyber security the company is facing various challenges. Along with implementing the application of security we would also maintain the app with proper sustainability and frequent maintenance.
Under operational security there are various kinds of technologies which could be implemented for improving the performance of the company. The process mainly helps in monitoring the system and keeps a record of various kinds of defects in operations for personal as well as for official use. Operation technology is utilised for identifying the risk for various task.
In case if a team of 5 members are serving within a company and in case of fulfilling a task they need to access various files and application, due to such reason they need to built up a strong encryption algorithm such that any outsider could not access such files.
| Policies | Response Plan |
| Having high protection against vulnerability | By implementing such plan we would have less chances of operational security. |
| High authorisation security | This process would decrease the amount of unwanted traffic and malware within the system |
| Implementing new technologies | This would help the company in mitigating some major challenges which may affect under some operations. |
The companies head also needs to be aware of various kinds of factors related to cost and functioning of the system which they need to implement under cyber security application, along with other factors the employees also need to have some kind of proper communication and team work skills which would help them in giving proper efforts for the work they need to overcome.
After introducing such new technologies the company also needs to take care of all such factors under which they faced various challenges thus, it was identified that most of the challenges were mitigated by using such process without any difficulty. There are further push backs under such cyber security applications.
Conclusion
Finally the report concludes with various new technical implementation of cyber security application due which the company could overcome some major challenges due to which the company had a huge threat. The report mainly includes some safe measure by using which the company would overcome some problems under the security of various kinds of important data, secure communication network between the staff and clients, system hardening and finally all those important operations which are undertaken by the company.
Reference
Abu-Salma, R., Sasse, M.A., Bonneau, J., Danilova, A., Naiakshina, A. and Smith, M., 2017, May. Obstacles to the adoption of secure communication tools. In 2017 IEEE Symposium on Security and Privacy (SP) (pp. 137-153). IEEE.
Chandra, J.V., Challa, N. and Pasupuleti, S.K., 2016, March. A practical approach to E-mail spam filters to protect data from advanced persistent threat. In 2016 International Conference on Circuit, Power and Computing Technologies (ICCPCT) (pp. 1-5). IEEE.
Favaró, F.M. and Saleh, J.H., 2015. Observability in depth: novel safety strategy to complement defense-in-depth for dynamic real-time allocation of defensive resources. Nutritional Care of the Patient with Gastrointestinal Disease, p.109.
Heath, S., 2018. Methods and/or systems for an online and/or mobile privacy and/or security encryption technologies used in cloud computing with the combination of data mining and/or encryption of user’s personal data and/or location data for marketing of internet posted promotions, social messaging or offers using multiple devices, browsers, operating systems, networks, fiber optic communications, multichannel platforms. U.S. Patent 10,129,211.
Ledru, Y., Idani, A., Milhau, J., Qamar, N., Laleau, R., Richier, J.L. and Labiadh, M.A., 2015. Validation of IS security policies featuring authorisation constraints. International Journal of Information System Modeling and Design (IJISMD), 6(1), pp.24-46.
Lee, J., Bagheri, B. and Jin, C., 2016. Introduction to cyber manufacturing. Manufacturing Letters, 8, pp.11-15.
Van Mieghem, V. and Pouwelse, J., 2015. Anonymous online purchases with exhaustive operational security. arXiv preprint arXiv:1505.07370.
Yu, Q., Dofe, J., Zhang, Y. and Frey, J., 2017. Hardware hardening approaches using camouflaging, encryption, and obfuscation. In Hardware IP Security and Trust (pp. 135-163). Springer, Cham.
Zhang, H., Wei, S., Ge, L., Shen, D., Yu, W., Blasch, E.P., Pham, K.D. and Chen, G., 2015, May. Towards an integrated defense system for cyber security situation awareness experiment. In Sensors and Systems for Space Applications VIII (Vol. 9469, p. 946908). International Society for Optics and Photonics.
Know more about UniqueSubmission’s other writing services:
