Pretend you are the Chief Information Security Officer (CISO) of a large company

Question

Pretend you are the Chief Information Security Officer (CISO) of a large company in the financial services sector (a bank or investment firm). Using the material learned in this course, from the textbook or articles, write a minimum 2 page paper answering the following questions:

1) List and describe 3 cybersecurity challenges your company might face over the next 5-10 years. How might your company combat these challenges? Support your answers with references from the text or course articles.

2) Have cybersecurity challenges changed over the past ten years? In what ways have they changed?

Explanation / Answer

The following are some of the cybersecurity challenges that we often faced in organization.They are:

1.Information security:

Threats can come from competitors, hackers or even foreign espionage efforts to obtain personal or corporate information contained on the systems that might be of potential value to others. Cybersecurity is therefore a paramount issue for company security personnel.

2.Physical Theft and Loss:With all of the sophisticated safeguards companies put into place to mitigate cyber threats, the theft of physical devices that store, process, or transmit information remains a very real risk for businesses.

3.Denial of Service Attacks:Denial-of-service attack(DOS), a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic.

Over the last 10 years, there has been immense growth in the number of computing and network services, enabling transactions to be undertaken by the smallest businesses across a global marketplace. At the same time, there has been a growing community of individuals who have sought to exploit the vulnerabilities of network devices, computer systems and applications.

IT systems have proved over the last 10 years to be less than perfect, requiring compensating controls to address problems when they arise. Vendors continually release tactical patches and upgrades to fix problems, but hackers with knowledge, skills and capability have developed and released exploits and easy-to-use tools to enable even the least technical users to become adversaries.

There are a number of surprising observations from the report and a few that were expected is that little surprise has been the continued lack of importance a large number of companies, and individuals, have placed on implementing basic security practices like applying updates to software and implementing policies around passwords. The reasons for this may be that people are believing that the risks are relatively small of cybercrime happening to them. It may also be that they simply don’t want to put in the effort or pay for the computer support or advice.

Related Questions

Navigate

• Browse (All)
• Browse P
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.