University of the Cumberlands Types of Variables Discussion

User Generated

Znqqlcnjne

Writing

University of the Cumberlands

Description

  • Discuss the variables in your research questions, identify the dependent(s), the independent(s), and any other variables, such as moderating and/or mediating variables.

So this is a phd course and I have submitted the dissertation last sem.. I need to write the above question based on the same dissertation.

Unformatted Attachment Preview

Running head: INFORMATION GOVERNANCE AND NETWORK SECURITY Information Governance in Cyber Security (Network security in information governance) Student’s Name: Uma Saket Gorrepati Date: December 13, 2020 1 INFORMATION GOVERNANCE AND NETWORK SECURITY 2 Table of Contents Introduction ................................................................................................................................................. 3 Cyber Security Threats in Networks with the need for Information governance ................................ 6 Ransomware ............................................................................................................................................ 6 Phishing.................................................................................................................................................... 7 Crypto-jacking ........................................................................................................................................ 8 Network security in information governance ......................................................................................... 10 Network Security Controls and Information Governance .................................................................... 17 Physical Network Security ................................................................................................................... 17 Technical Network Security ................................................................................................................. 18 Administrative Network Security ........................................................................................................ 18 Types of network security and information governance ....................................................................... 19 Network Access Control ....................................................................................................................... 19 Antivirus and Antimalware Software ................................................................................................. 20 Firewall Protection................................................................................................................................ 20 Network security for consumers and businesses ................................................................................ 21 Behavioral analytics .............................................................................................................................. 21 Data loss prevention.............................................................................................................................. 22 A Synergistic Relationship ....................................................................................................................... 22 Summary.................................................................................................................................................... 24 INFORMATION GOVERNANCE AND NETWORK SECURITY 3 Chapter Two: Review of Literature Network security in information governance Introduction Information governance is the general information policies that are significant in balancing the risks related the value of data held in an organization. Information governance helps companies governed by both legal and operational compliances in reducing the expenses that are linked to legal knowledge discoveries (Abomhara, 2015). Cybersecurity denotes the process of safeguarding the organization’s computing devices from any damage. Cybersecurity consists of the various practices, approaches and technologies that are primarily designed to secure networks and systems from unauthorized access. It comprises of all the defensive technologies and methods utilized to offer data and network protection. Also, cybersecurity techniques are crucial in enhancing data, information and network protection against various threats such as malware attacks, phishing and ransomware (Brown et al., 2015). Network security and information governance are two elements that define the integrity, confidentiality, and accessibility of data in the current information age filled with a lot of cyber threats. Therefore, information governance will dictate that the data of the customers, just like those of the company, will be protected through network security. The segmentation approach will help in ensuring that each level of users accesses their network segment. Proper network management practices will be ideal for the success of information governance. Information governance practices should consider the need for policies to help in the network's operation and management. The need for proper procedures in information and communication technology is necessary to ensure that there are minimal data loss cases and compromise. Understanding the INFORMATION GOVERNANCE AND NETWORK SECURITY 4 need for network security as part of information governance is essential to successfully use and consume the ever-growing demand for information technology. This chapter seeks to exploit Network security and Information governance as a specific area of my research dissertation. The new age and era have seen an increased use of information technology in ecommerce and global connectivity, made possible by interconnections of networks. The use of networks and systems has heightened its usability at individual levels and organizations and in information transfers and storage. The increased use of information technology across the globe has attracted hackers and other online malicious groups who strive to exploit vulnerable systems. Their efforts have led to extreme actions such as bringing down the government and parastatal systems such as the national power system. Network security can be defined as the activities designed chiefly to bring about protection onto the network to enhance usability, safety, and reliability of the network infrastructure at hand. On the other hand, Information Governance (IG) can be defined as the orchestration of processes, technology, and people to make it possible for organizations to handle their data as enterprise assets. The need for information governance and network security has, after that, surfaced and became a household activity. The company's primary duty through its network administrators and security team is to ensure that the company data and those of its customers maintain its dictates of integrity, confidentiality, and availability. For instance, the customers will trust the company with their data, such as personal emails and telephone numbers, for the case of e-commerce. As such, the company should protect them from potential attackers (Borgman et al. 2016). Therefore, information governance will dictate that the data of the customers, just like those of the company, will be protected through network security. The customers have the right to decision rights and call the company into accountability in cases where its data is compromised. INFORMATION GOVERNANCE AND NETWORK SECURITY 5 Therefore, the company should deploy robust network security as part of information governance. The primary aspect is the prevention and control of threats that could penetrate or spread into and within the network (Borgman et al. 2016). The paper will hence address the issue of network security in information governance. Information governance echoes fiduciary duty and accountability in corporate governance. Essentially integrity, which incorporates compliance, audit and control, and risk management is the critical aspect of information governance. It extends as far as regulatory and legal elements of the context in which information is controlled and used. The meaning of these definitions is that accountability is the critical aspect of the organization. Various theories have been formed to help define information governance and role of organizations with regards to accountability. All the theories imply there exists steady progression, going as far as to apply more holistic approach that incorporates behavioral and organizational (social) elements, rather than the narrow focus on technical controls (Muddu, & Tryfonas, 2016). These theories include corporate governance, resilient business, and social-technical theories. This research mainly insists that organizations, through the security team and network administrators are responsible and accountable for maintenance of integrity, availability, and confidentiality of organization data and those of customers. While there is need for enhancing knowledge about the individual level of information security, there has been little focus on the governance level (Eugen, & Petruţ, 2018). Consequently, the corporate governance approach has been employed in research to relate network information security to corporate governance. There is need for putting more emphasis on the technical controls of the organization (Rasouli, Trienekens, Kusters, & Grefen, 2016). The corporate governance’s compulsory forces should drive network security. Protecting data of customers and that of the organization is responsibility INFORMATION GOVERNANCE AND NETWORK SECURITY 6 of the directors, who should be held accountable for the internal controls and risk management system of the organization. Arising out of the moral duties of organizations to avoid intentionally causing harm to customers and employees, a second argument is that organizations have ethical obligation to improve network information security. With regards to this perspective, this research argues that the most suitable path of organizations’ corporate governance is gaining control of network information and security process. In rapidly changing environments, the existing data conformance and control mechanisms and traditional view of information governance turn out be inadequate. Cyber Security Threats in Networks with the need for Information governance Ransomware: It is malicious software or malware that makes various attempts scrambling or encrypting data and participating in extortion attacks for the sole purpose of freeing the otherwise inaccessible data. Ransomware attacks are effected through the use of emails containing suspicious links. To ensure that organizations have systems against these attacks, there is a dire need for the organization to engage in frequent employee trainings with regards to opening emails on the organizational network and devices. Also, frequent antivirus updates will go a long way in preventing these attacks. Lastly, the IT technical team must ensure the network devices within the organization are always up to date with the current and emerging security patches. INFORMATION GOVERNANCE AND NETWORK SECURITY 7 Phishing: In today’s society, phishing scams are growing in prevalence. While this is happening, businesses are suffering. A phishing attack occurs when a fraudulent email or text message is sent with the purpose of collecting sensitive information (O'Leary, 2019). Since email is the primary method of communication for most businesses, it is also the most effective way for phishing attacks to occur. Worldwide there are more than 269 billion emails sent from more than 3.7 billion accounts (Binks, 2019). The ubiquitousness of email use among businesses is what makes it so successful with attackers. In 2007, it is estimated that phishing attacks cost businesses an estimated $3 billion in losses. This trend has worsened over the years as phishing attacks have become more sophisticated. In the United States, for example, it is estimated that businesses lost $2.76 million per attack (O'Leary, 2019). With phishing attacks growing in sophistication and prevalence, there is an undeniable financial cost to businesses. To help combat these attacks, it is imperative that you understand what a phishing attack looks like. Understanding this will help you develop strategies and best practices to protect yourself and your company from the financial cost of phishing attacks. These emails almost always prey on our fears and instinctual ability to panic. This is done by creating a sense of urgency. Targets of these attacks are threatened with the possibility of losing data or account details (Binks, 2019). Figure 1 illustrates how a phishing attack works. These fear tactics utilized by cybercriminals hope to create a sense of urgency within the busy business professional so they do not examine the email too closely. Unfortunately, they are very effective in doing just that. Approximately 23 percent of phishing emails are opened by unsuspecting victims of these scams and 12 percent of those targeted open a malicious link (Binks, 2019). In the midst of the Covid-19 pandemic, this situation has worsened. The world’s fear and uncertainty over the virus has created a prime environment for cybercriminals to thrive. In addition to the fear society is INFORMATION GOVERNANCE AND NETWORK SECURITY 8 experiencing, millions of people are working from home away from the network security of their offices. Figure 1. The phases of phishing (Bursztein, 2015) Crypto-jacking: this approach entails the use of personal devices to mine information from the blockchain technology. Hackers are utilizing this method through email links send to clients. This links works in a manner that loads crypto mining codes on the systems. Organizations must work closely with Cyber security experts to provide advice on protecting them from these attacks. For instance, there is need to install website filtering tools which must be updated regularly. INFORMATION GOVERNANCE AND NETWORK SECURITY Information governance is the general information policies that are significant in balancing the risks related the value of data held in an organization. It is an all-round practice that is employed in managing information by putting in place controls and practices that are essential in creating useful organizational assets of data. All the efforts of information governance are towards eradication of threats in an organization. The entire process of information governance consists of planning and organizing, monitoring and evaluation, acquisition and development and delivery as well as providing support. Figure 2 below shows the holistic process of information governance that must be implemented in any organization to safeguard its network, information and devices from external threats. Figure 2a A holistic view of the Information governance process 9 INFORMATION GOVERNANCE AND NETWORK SECURITY 10 Figure 2b Information governance process in the organization Network security in information governance Network security revolves around several devices, processes, and technologies. These components are conjoined through rules as well as configurations that are meant to cement the elements of the CIA triad of the company's data and computer networks through hardware and software technologies. While managing the network security sufficiently, it will be necessary to have information governance in place, regardless of the organization's size, infrastructure, or industry. Rasouli et al. (2016) noted that as the complexity of network architecture keeps growing as per the threat environment, it will be necessary to have policies that can manage as a INFORMATION GOVERNANCE AND NETWORK SECURITY 11 move to contain ever-changing dimensions, attackers. Understanding network security paradigms and dictates will help tackle vulnerabilities that exist across data, networking devices, applications, devices, and users. Therefore, due to this, there are several management tools for managing network security that can be used in addressing cyber threats within an organization. Little downtimes can be the source of prevalent disruptions and huge damage to the company's image, hence the need for these protection measures (Rasouli et al. 2016). The success of information governance in any organization depends on the level of network security. This is because the proper setup of network security will guarantee information security, which is also part of the information governance. Through information governance, the company gets to view the company data as its assets, hence influencing the need for an increase in information and data management. Succeeding in its deployment of information governance, it will be ideal for harmonizing the core components: the people, technology, and processes. Therefore, these three entities will allow the organization to enhance data management as its assets, which are critical for its existence and success. Poor information governance will expose data to possible cases of attack whereby the third party will misuse data, hence compromising the company's situation. The companies that have been hacked before commonly attribute the success of hackers to the company's laxity. For instance, the network's poor management led to the loss of data loss of up to 7 million customers of JP Morgan & Chase Bank through data breach (Silver-Greenberg et al., 2014). Such cases lead to the company being sued by customers because their data will be used by the third-party for malicious purposes, such as using them for acquiring loans through mobile banking. The hackers of JP Morgan bank are said to have exploited a fault within the company's website, and it had continued for more than a month before its finding, as stated in the INFORMATION GOVERNANCE AND NETWORK SECURITY 12 article by Silver-Greenberg et al. (2014). A proper configuration of network security will have alerted the company of such intrusion. This further means that there was laxity in information governance because if that were not the case, the network's fault would have been addressed long before the attack. The fact that it also lasted for a whole month is an indication that there were no policies in place that guides constant checking of the company's network and systems. Quantitative and Qualitative Analysis Machine learning is the study of computers that automatically improve through experience. It is known to be a subset of artificial intelligence. This is the concept of computer intelligence that has the capability to learn through a large amount of data entered by humans. It is a portion of artificial intelligence that is used throughout the world. These models have been embedded in many aspects of our daily life, such as social media, finance, and Healthcare. Researchers have created a variety of techniques to explain the benefits of machine learning to stakeholders. The development of machine learning in artificial intelligence has significantly improved treatment, medication, contact racing, predictions, and drug or vaccine development posing for the Coronavirus COVID-19 pandemic. Based on the manuscript titled "Development and Evaluation of an AI system for COVID-19 diagnosis," this study was conducted by multiple colleagues to use machine learning through an artificial intelligence system to improve CT chest scans and CXR chest x-rays and quickly diagnose the virus COVID-19. The researchers developed an AI system that could detect COVID-19, pneumonia, influenza, and other health issues with high diagnostic accuracy. This article is well written, but various AI systems are used for lung CT chest scans, and some information is being left out. It is not difficult for radiologists to determine or detect COVID-19 from healthy patients, it is based on the CT chest scan. Still, there are more difficult concerns INFORMATION GOVERNANCE AND NETWORK SECURITY 13 with detecting similar illnesses like pneumonia and influenza that is not very easy for radiologists to see. Even the most trained radiologist make mistakes in missing diagnoses. There were CXR chest x-rays and CT scans performed to see if chest x-rays work better in the machine learning diagnosis. Some studies need to be performed to understand the motion artifacts and diagnosis performance. More data need to be collected. Machine learning's main intent is based on computer systems to predict future trends by taking big data and analyzing it. Big data is all over our society, and human intelligence does not have the proper capability to evaluate the information. The complexity and size of the databases prove that humans are unable to extract useful information from them. Mathematics is used as the number one prerequisite needed to enable the machine learning program. The mathematical solutions created must be accurate for the machine to produce a data model that can produce reliable information. Programming and graphic design is also an essential asset needed in machine learning. Data is another important factor in machine learning because this information allows the machine to grow and succeed. Machine learning will release the data then the data turns into the algorithm. The efficient learning machine is designed to process in these steps: ● The data is collected. ● The data is processed. ● The data transform into an algorithm. ● The algorithm is trained. ● The algorithm is tested. ● The algorithm is applied. INFORMATION GOVERNANCE AND NETWORK SECURITY 14 ● The last algorithm is executed. Machine learning has allowed society to obtain high-quality information. This is what primarily allows the business to make decisions and design better strategies internally and externally. Information Governance Information governance is the overall information approaches that are huge in adjusting the dangers related the estimation of information held in an association. Information governance helps organizations represented by both legitimate and operational compliances in decreasing the costs that are connected to lawful information revelations (Abomhara, 2015). Cyber security means the way toward defending the association's registering gadgets from any harm. Cyber security comprises of the different practices, approaches and advancements that are essentially intended to make sure about organizations and frameworks from unapproved access. It involves all the guarded advances and techniques used to offer information and organization security. Additionally, cyber security methods are significant in upgrading information, information and organization security against different dangers, for example, malware assaults, phishing and ransomware (Brown et al., 2015). INFORMATION GOVERNANCE AND NETWORK SECURITY Figure 2a A holistic view of the Information governance process 15 INFORMATION GOVERNANCE AND NETWORK SECURITY 16 Figure 2b Information governance process in the organization Information governance is the overall information arrangements that are huge in adjusting the dangers related the estimation of information held in an association. It is an overall practice that is utilized in overseeing information by setting up controls and practices that are fundamental in making valuable hierarchical resources of information. All the endeavors of information governance are towards destruction of dangers in an association. The whole cycle of information governance comprises of arranging and sorting out, observing and assessment, securing and advancement and conveyance just as offering help. Figure 2 underneath shows the comprehensive cycle of information governance that must be executed in any association to defend its organization, information and gadgets from outer dangers. A legitimate arrangement of organization security will have alarmed the organization of such interruption. This further implies INFORMATION GOVERNANCE AND NETWORK SECURITY 17 that there was laxity in information governance since, supposing that that were not the situation, the organization's flaw would have been tended to well before the assault. The way that it additionally went on for an entire month means that there were no arrangements set up that guides steady checking of the organization and frameworks. Network Security Controls and Information Governance The items to factor in when dealing with network security are the three different network security controls, which are the administrative, physical, and technical. Physical Network Security: these types of controls are designed in a way that will prevent any possibility of unauthorized personnel who may tempt to gaining physical access onto the company's network components (Eugen & Petruţ, 2018). The features being protected include routers, servers, cabling cupboards, to mention a few. The standard entities for fostering controlled access are majorly locks and biometric authentication, which remains ideal for any company. As part of information governance, the data should remain confidential, reliable, and highly available. In achieving this, it will be ideal to ensure that the central data center is only accessible to the company administrators. Having such restrictions will help prevent cases where stray strangers in the company or malicious employees will enter the data center and manipulate the company information hence compromising the availability, reliability, and confidentiality of company data (Eugen & Petruţ, 2018). INFORMATION GOVERNANCE AND NETWORK SECURITY 18 Technical Network Security: this is a type of security controls whose sole purpose is to protect stored data on the company's network and those data that moves within the network or out of the network. As part of information governance, the company's network administrator should design policies and regulations that will be used for controlling how data move between workstations in the company. The protection can be said to be twofold, whereby there is a need to protect company data and systems against possible employees' malicious activities and unauthorized personnel (Eugen & Petruţ, 2018). Having strong information governance in place will entail a comprehensive plan on how the network is accessed, controlled, and used by both the system users and the network administrators. The provisions of network control and its subsequent operations fall within the information governance. Therefore, the technical part will involve how data will be transferred within the network and how to access shared data. Furthermore, there will be configurations of virtual private network whereby some employees will be allowed to access the company's data and information remotely (Eugen & Petruţ, 2018). As part of information governance, it will be ideal to ensure a robust authentication system to avoid cases where the sniffers and snoopers will "listen" to the data and information being shared. Administrative Network Security: this is network security controls that deal with the security processes and policies affecting user behavior, such as the employees' level of information and data access (Borgman et al. 2016). It also deals with how the company's network users are authenticated, and again, the company's IT team should implement any changes needed to the network infrastructure. Proper management within the network on the level of access is part of information governance in that the network users will be restricted from accessing those components within their levels (Kao, 2016). The levels of access are down to the company INFORMATION GOVERNANCE AND NETWORK SECURITY 19 hierarchy. The top management will not have to share the same data access level with the company employees at the bottom of the hierarchy. The move will foster ideal information governance in that it will be easier to detect and trace possible cases such as misuse of company data. For instance, if all the employees were having the same access to data, it will be hard to trace employee who injected a malicious program into the system. On the other hand, if such an occurrence is registered in a clustered network, it will be easier to trace it based on the level of information access (Syed & Dhillon, 2015). Consequently, the core company data should only be available for full management access because of its criticality. Types of network security and information governance The essence of information governance is to ensure that the company's data and information are within the CIA (confidentiality, integrity, accessibility). In this case, there will be a need for a proper understanding of the network security types to foster information governance. Network Access Control: The network components can be protected by controlling how the network users access them. This is essential because the hackers and potential attackers will always try to infiltrate the company network; hence the existence of comprehensive access control policies will be necessary for both the devices and users (Mikhed & Vogan, 2018). For instance, the company administrators will be allowed to access different folders within the network, but there are those specific confidential folders which they will not be accessing. The move will help ensure that if attackers gain the login credential of an administrator into the network, they will not be able to access some confidential information due to access control. Additionally, Kao (2016) stated that if there is a situation where the network access control is set INFORMATION GOVERNANCE AND NETWORK SECURITY 20 to accept a set of devices, it will be hard for the attackers to join the network using non-set devices. The network access control should also have a visualization mechanism in which the administrators will be used to monitor traffic movement in the network, making it easier to detect cases such as abnormal traffics, which is common during network attacks (Syed & Dhillon, 2015). Antivirus and Antimalware Software: these are the type of network security that will help prevent malicious software from tampering with the company resources. The policies that are part of the information governance will be needed to guide the crucial aspects such as the antivirus and antimalware that the company will be using to protect its data (Mikhed & Vogan, 2018). The policies guiding antivirus and antimalware software will also give a framework on how the network will be maintained in terms of activities such as network scans, tracking of files, and software activation. The information governance will help identify the section within the network, which will be labeled as hotspots and thus subject to constant scrutiny and observation. This approach aims to prevent potential elements such as viruses, worms, Trojans, and ransomware, which hackers could use to collect or destroy company data, hence jeopardizing its integrity, confidentiality, and availability (Mikhed & Vogan, 2018). The sphere of information governance will also cover the type of vendors and software being used in the network because there are those which do not meet the standards hence becoming the problem rather than a solution. Firewall Protection: these are components in the network placed between the company's trusted internal network and the untrusted external networks. It is within the administrators' mandate to configure rules and policies that will help block or permit traffic that enters the system. Controlling the components that find its way into the company network is necessary INFORMATION GOVERNANCE AND NETWORK SECURITY 21 because, in most cases, these are the hackers' entry points. Syed & Dhillon (2015) stated that the policies that are part of the information governance would entail the sites that are not blocked from access by the company because they can potentially harm the company. It is also used to monitor the elements that are downloaded into the company's network (Acemoglu et al., 2016). As part of maintaining a healthy network, it will be mandatory to reserve programs for administrators. Network security for consumers and businesses: the rise in the use of information technology in business, more so e-commerce, has attracted a pool of hackers who want to exploit online customers. For this matter, the company should prioritize network security to prevent both the customers and its business from possible compromising. The administrators should draft policies on how the company should regulate the network traffic to acid cases where the hacker will capitalize on the high traffic to gain access to the company's network (Mikhed & Vogan, 2018). The priority remains to be the protection of assets as well as data integrity from potential external exploits. The other approach for boosting information governance through network security is enhancing network performance whereby the faster the network, the easier the management (Saffady, 2017). It is hard to manage a slow network because the customers will cause unnecessary traffic while trying to refresh their webpages. In cases where there is high traffic in the network due to poor performance, it will be hard for the network administrator to quantify the traffic source, hence giving leeway to the hackers to access the network. Behavioral analytics: using this approach will help in identifying cases within the network that are not common. For instance, if there is a workstation with more logins than usual, it will attract the network administrator's attention because the first possibility is that there is an intrusion (Muddu & Tryfonas, 2016). If there is also a customer account, for online banking or e- INFORMATION GOVERNANCE AND NETWORK SECURITY 22 commerce, that is registering more business activities than usual, the network administrator should isolate it and investigate the potential issue of hacking. As part of network security, the company should use behavioral analytics software to identify a security breach's possible case. The application is ideal for spotting a problem quickly and isolating potential threats. According to Muddu & Tryfonas (2016), the use of these technologies and processes forms part of the information governance whose sole mission is to ensure that there are no data loss cases. Data loss prevention: This is a type of network security that will ensure that there is no compromising of the organization's data through cases such as employees sharing valuable and sensitive information of the company knowing or unknowingly outside the company network. For instance, the employee may download a file from the internet and open it, exposing the whole company network to viruses and other worms attack. Alternatively, the downloaded file may be having prompts which, when clicked, will lead to other links hence loss of company data in the long run. As part of data loss prevention, the system users will have to be trained on using the company network in terms of best practices and dos and don'ts. The system users should be trained on handling possible attacks such as alerting the admin in case of abnormal behaviors such as instant log out or password rejection (Acemoglub et al., 2016). On the other hand, the admin should design a mechanism of detecting when there is a change in login credentials within the specific workstation. The move will ensure that any case of attempted intrusion is detected and nullified before it causes menace within the network. A Synergistic Relationship Network security and information governance exist as a unit whereby a fault or laxity in one area will lead to a vulnerability in the other area. The success of information governance INFORMATION GOVERNANCE AND NETWORK SECURITY 23 depends on the dictates and structure of network security and vice versa. Increased use of information technology in our day to day company activities has increased the need for better network security to foster information governance (Acemoglub et al., 2016). Mobile device security, for instance, should be factored in because they have become the latest targets among hackers and other intruders. Given that the main aim of information governance is to ensure proper use and maintenance of data and devices, mobile devices should also be given consideration. Mobile devices such as phones, tablets, and laptops can contain sensitive company information, hence keeping them protected. The first step is to limit the use of these devices within the network, more so when accessing confidential company data because they are the hackers' prime targets (Saffady, 2017). The aim of imposing such dictates is to ensure that there is proper monitoring of network traffic and the prevention of possible leakages through such devices. Another proper management of mobile devices as a network security measure is to ensure that the flash disk and memory devices are not accessible through the workstation by deactivating all ports. The practice will prevent cases such as injecting viruses and other malicious programs into the network through such ports. Some bold hackers can take advantage of laxity in network administration who do not make such restrictions to access the physical network and use their portable devices such as HDD to transfer company data. According to Acemoglub et al. (2016), the need for network segmentation will also be a factor in enhancing information governance through network security. For this matter, the network will be divided and sorted to ease network traffic whereby certain classifications will be used in streamlining the segmentation. According to Saffady (2017), the segmentation approach will ensure that each level of users accesses their network segment. Consequently, the network will be set so that if a INFORMATION GOVERNANCE AND NETWORK SECURITY 24 particular section is attacked, it will be deactivated, and its traffics re-directed to the functioning network segment. Summary Network security and information governance usually go hand in hand, and as such, they are dependent on each other. As seen in the discussion above, a proper understanding of the network will be necessary to control and implement information governance. Poor network security practices will open the way for attacks such as DDoS (dedicated denial of service), which will cause unnecessary traffic in the servers hence causing unavailability of data. Proper network management practices will be ideal for appropriate the success of information governance. The information governance practices should also need policies that can help in the network's operation and management. Whereas other potential entry points of the hackers and other malicious personal, the primary route remains to be that of the network hence the need for emphasis on network security. The network administration should work closely with the information governance team to help them draft policies and laws, which will help streamline the operations that will boost network security. From the above, it can be concluded that cybersecurity denotes how information within the organization as well as data can largely be safeguarded from unauthorized access via utilization of the most reliable and appropriate strategies and polices. With these in mind, it is equivalent to an essential asset for any organization since. Without proper communications, operations within the company cannot be implemented as per the required standards. In this paper, various threats that impact the organization's operations were highlighted, and it is essential to recognize them as all the data can be breached and released in the wrong hands that INFORMATION GOVERNANCE AND NETWORK SECURITY can misuse it. In ensuring that the systems and processes' security is achieved, the information governance framework must be adopted. 25 INFORMATION GOVERNANCE AND NETWORK SECURITY 26 References Abomhara, M. (2015). Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. Journal of Cyber Security and Mobility, 4(1), 65-88. Acemoglu, D., Malekian, A., & Ozdaglar, A. (2016). Network security and contagion. Journal of Economic Theory, 166, 536-585. Binks, A. (2019). The art of phishing: past, present and future. Computer Fraud & Security, 2019(4), 9-11. doi: 10.1016/s1361-3723(19)30040-5 Borgman, H., Heier, H., Bahli, B., & Boekamp, T. (2016, January). Dotting the I and Crossing (out) the T in IT Governance: New Challenges for Information Governance. In 2016 49th Hawaii International Conference on System Sciences (HICSS) (pp. 4901-4909). IEEE. Brown, S., Gommers, J., & Serrano, O. (2015, October). From cyber security information sharing to threat management. In Proceedings of the 2nd ACM workshop on information sharing and collaborative security (pp. 43-49). Bursztein, E. (2015). The five phases of the phishing cycle [Image]. Retrieved from https://elie.net/blog/anti_fraud_and_abuse/how-phishing-works/ Eugen, P., & Petruţ, D. (2018). Exploring the new era of cybersecurity governance. Ovidius University Annals, Economic Sciences Series, 18(1), 358-363. Kao, D. Y. (2016). Performing Information Governance: Golden Triangle Components For APTs Countermeasures. International Journal of Development Research, 6(1), 6539-6546. Mikhed, V., & Vogan, M. (2018). How data breaches affect consumer credit. Journal of Banking & Finance, 88, 192-207. INFORMATION GOVERNANCE AND NETWORK SECURITY 27 Muddu, S., & Tryfonas, C. (2016). "Network security threat detection by user/user-entity behavioral analysis." U.S. Patent No. 9,516,053. Washington, DC: U.S. Patent and Trademark Office. O'Leary, D. (2019). What Phishing E-mails Reveal: An Exploratory Analysis of Phishing Attempts Using Text Analysis. Journal Of Information Systems, 33(3), 285-307. doi: 10.2308/isys52481 Rasouli, M., Trienekens, J. J., Kusters, R. J., & Grefen, P. W. (2016). Information governance requirements in dynamic business networking. Industrial Management & Data Systems, 116(7), 1356-1379. Silver-Greenberg, J., Goldstein, M., & Perlroth, N. (2014). JP Morgan Chase hack affects 76 million households. New York Times, 2. Syed, R., & Dhillon, G. (2015). Dynamics of data breaches in online social networks: Understanding threats to organizational information security reputation. William Saffady PhD, F. A. I. (2017). Enterprise content management as an information governance enabler. Information Management, 51(1), 40. Eugen, P., & Petruţ, D. (2018). Exploring the new era of cybersecurity governance. Ovidius University Annals, Economic Sciences Series, 18(1), 358-363. Muddu, S., & Tryfonas, C. (2016). Network security threat detection by user/user-entity behavioral analysis & U.S. Patent No. 9,516,053. Washington, DC: U.S. Patent and Trademark Office. Rasouli, M., Trienekens, J. J., Kusters, R. J., & Grefen, P. W. (2016). Information governance requirements in dynamic business networking. Industrial Management & Data Systems, INFORMATION GOVERNANCE AND NETWORK SECURITY 28 116(7), 1356-1379. Kao, D. Y. (2016). Performing Information Governance: Golden Triangle Components For APTs Countermeasures. International Journal of Development Research, 6(1), 6539-6546. Mikhed, V., & Vogan, M. (2018). How data breaches affect consumer credit. Journal of Banking & Finance, 88, 192-207. Muddu, S., & Tryfonas, C. (2016). "Network security threat detection by user/user-entity behavioral analysis." U.S. Patent No. 9,516,053. Washington, DC: U.S. Patent and Trademark Office. O'Leary, D. (2019). What Phishing E-mails Reveal: An Exploratory Analysis of Phishing Attempts Using Text Analysis. Journal Of Information Systems, 33(3), 285-307. doi: 10.2308/isys52481 Rasouli, M., Trienekens, J. J., Kusters, R. J., & Grefen, P. W. (2016). Information governance requirements in dynamic business networking. Industrial Management & Data Systems, 116(7), 1356-1379. Silver-Greenberg, J., Goldstein, M., & Perlroth, N. (2014). JP Morgan Chase hack affects 76 million households. New York Times, 2. Syed, R., & Dhillon, G. (2015). Dynamics of data breaches in online social networks: Understanding threats to organizational information security reputation. William Saffady PhD, F. A. I. (2017). Enterprise content management as an information governance enabler. Information Management, 51(1), 40.
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Hello, please find the attachment of the paper. Thank you.

1

Types Variables

(Student Name)
(School)
(Course)
(Professor)
(Date)

2
Types of Variables
The dissertation explores the idea of information governance and cybersecurity. The
research seeks to understand different kinds of cybersecurity issues like Ransomware, phishing,
and crypto-jacking.

These issues are a threat to computer networking and information. People

with ill intentions create a system or malware that will destroy a network system or a piece of
information about in computer system. This study has used many variables to explore the idea of
information governance and cybersecurity.
1.

Independent Variable

Independent variable refers to a variable stands alone study, which occurs regardless of
something else happening. Independent variables cause something else to happen (Fairchild &
Mackinnon, 2021). The independent variable in the thesis is machine learning...


Anonymous
Just what I needed…Fantastic!

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Similar Content

Related Tags