Description
Unformatted Attachment Preview
Purchase answer to see full attachment
Explanation & Answer
View attached explanation and answer. Let me know if you have any questions.
Your Name
Security Operations Design
Security Operations Program Design
Your name goes here
Month day, Year
Page 1
Your Name
Security Operations Design
Executive Summary
This report provides a deep analysis of cyber threats available in the current world and which
affect the organizations, and suggests an effective security system that may combat all the
threats.
Problem Statement
Security threats are experienced by organizations all over the world and this occurs at an
increasing rate every year. This security operations design is created with the aim of creating a
proper and effective security operation that can prevent any possible losses. Having a solution to
the increasing security threats can put a stop to the fear of losses the company may experience in
the future. The company deals with sensitive and crucial data and information, and is therefore a
target of many different attacks.
This being mentions, some of the immediate negative impacts that should be prevented include
loss of data unpredicted cybersecurity edits, unexpected downtime, reactive measures related to
security and the company may lose its reputation. The problem may exist with the organization’s
safety but it extends much further to its impact to the society and the stakeholders.
Scope
This report applies to the company’s Information and Communication Technology department.
Therefore, it is bound to affect the entire organization’s operations since the organization
depends on flow of information and data both internally and externally. This report targets the
information and communication department and should be viewed by the technical and the
security team. This report will analyze and summarize the security issues in the organization, and
Page 2
Your Name
Security Operations Design
come up with better security system that can be used in defending against threats. The content of
this report will be used to create a picture of the security system required in the organization. The
report itself will apply as an insight to the stakeholders on the threats the company is facing and
the possible and cost-effective solutions that can be applied.
Generally, the organization’s data is entirely sensitive. However, customer login and personal
information is equally important as compared to human resource information and information in
the company’s website. While assessing the security of information, customer information and
data will be given higher priority since customer information makes up approximately sixty
percent of data in the company database. The information in the company will be categorized
into three priority groups, high, medium and low.
Data type
Risks
Priority
Customers’ personal
May lead to Denial of Service
High
information
and delayed response
Human resource data
Delayed company operations
High
and denial of Service.
Website Information
The company may experience
Medium
branding issues
Current Security Operations
The company is currently under a lot of security threats some of which are intentional while
others are accidental. The organization has experienced several security breaches most of which
were reported by others went undetected for long enough to cause a lot of damages. The attacks
are quite capable; they exploit the company’s vulnerabilities. The company’s current internet
Page 3
Your Name
Security Operations Design
related service is not entirely capable of solving the security based problems that exists within
the organization and in the industry in general. Additionally, the current times security threats are
getting better and better with the improvement in technology in general.
Internet Security
Internet footprint is growing very fasts since most organizations are making use of internet
businesses and taking advantage of the fact that their customers use the internet to explore
internet business. The world has experienced an expansion in internet based services in the past
few years, and with it has grown several vulnerabilities to intrusion and exploitation. The
attackers are currently using different technology. There are several security platforms and
systems that are used today, and that the organization uses. The company applies a real time
threat detection and mitigation. In a world where threats occur all the time and of different
degrees, the company has chooses a threat detection and mitigation strategy to root out all the
threats detected.
In addition to that the organizations have a functioning anti-virus which protects the company
from minor attacks which mostly lead to delay in loading and denial of access. The antivirus
detects infected messages, links and emails that may be sent to the customer through the
company’s communication system.
Current Threats Faced by the organization
The organization experiences several internet threats including spam and phishing emails, which
are the major threats, harvesting of email address and passwords from the company website,
stealing of customers’ personal information from the company website and database, and
infecting the company website with malware. The company is also affected by computer viruses
Page 4
Your Name
Security Operations Design
which are placed in the website as commercial elements which when clicked bring out an
infection of the...