You have been hired as the new Chief Information Security Officer (CISO) for Pos

Question

You have been hired as the new Chief Information Security Officer (CISO) for PostCyberSolutions (PCS) LLC to overhaul the cyber security program. In addition to local PCS information systems, the CISO is responsible for ensuring the various program managers maintain security compliance for customer systems under PCS security cognizance. PCS holds several government contracts in various regulatory environments making CISO a challenging position.

One of your first actions to improve the security program is to create a working group between the Information Technology, Engineering, and Security departments to foster better communication, address information system security challenges, and to work off action items. During this week’s working group meeting, an informative debate breaks out regarding the three core principles of information security and which one is most important: confidentiality, integrity, or availability. The working group debate stemmed from discussions regarding security protections for PCS’s new contract to overhaul the early warning missile detection system for the Ministry of Defense in Istanbogus.

Rank each of the three security principles in the order of importance for this system. Explain your rationale for each ranking to include any factors, criteria, and assumptions you made in selecting the order of precedence. Include at least one research reference and associated in-text citation using APA standards. In your replies to your peers discuss their ranking/rationale.

Explanation / Answer

As per my openion i will rank all this as below,

Confidentiality: Preventing from unauthorized disclosure,

"Confidentiality refers to limiting information access and disclosure to authorized users -- 'the right people' -- and preventing access by or disclosure to unauthorized ones -- 'the wrong people.'"

Integrity: Preventing from unauthorized modification,

"Integrity refers to the trustworthiness of information resources.
It includes the concept of 'data integrity' -- namely, that data have not been changed inappropriately, whether by accident or deliberately malign activity. It also includes 'origin' or 'source integrity' -- that is, that the data actually came from the person or entity you think it did, rather than an imposter."

Availability: Preventing denial of service,

"Availability refers, unsurprisingly, to the availability of information resources. An information system that is not available when you need it is almost as bad as none at all. It may be much worse, depending on how reliant the organization has become on a functioning computer and communications infrastructure."
So as a result i will ranked above as per my understanding.

Related Questions

Navigate

• Browse (All)
• Browse Y
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.