Assume you are all working as the security team in the IT department of a compan
ID: 3586861 • Letter: A
Question
Assume you are all working as the security team in the IT department of a company. The upper-level management is considering the use of an effective cybersecurity approach to analyze and profile their systems. Possibly with the help of online research, post something about a strategy, tool, or issue related to this that can aid the company in making a decision. Write 3 detailed paragraphs. Do not use old Chegg answers or copy/paste word from word on websites. Do not upload answer by paper sheet.
Explanation / Answer
Types of Threats
A security threat or incident can be defined as any potential action that could put information or resources as risk.
Incidents might be caused by malicious attempts to steal information or by simple inattention to a security policy or procedure. Either way, you have the power to stop most security threats.
Although the number of security threats is endless, the most common categories are:
§Loss: Misplacing a resource or device
§Theft: Stealing information – electronically or physically – or resources
§Cybercrime: Damaging electronic devices, files, or our organization’s network
–
Take a moment to review some examples of these types of threats.
I copied some confidential business files onto an unencrypted USB drive. A few days later, I realized I misplaced the drive . . . And a whirlwind of trouble developed.
I did the right thing and reported the lost drive, but now our organization is in the middle of an investigation because of my inattentiveness to security.
STOLEN LAPTOP
I left my laptop on my desk over the weekend. When I returned to work on Monday, it was gone. I figured it would be safe inside our facility, so I didn't worry about locking it up.
It appears as though the thief followed someone into our building, as there were no signs of forced entry. My organization is investigating the incident. But in the meantime my laptop and all the confidential business information stored on it are gone, and I'm in big trouble.
HACKED NETWORK
I was waiting for my flight to board, so I decided to use an unsecured public hotspot to check my work e-mail and finish up some customer transactions.
I was only connected to the network for 10 minutes, but that's all the time a hacker needed to steal customer account numbers on my computer and cause a security breach.
USB Drives can be a handy tool for transferring data, but they are also a significant source of risk if you’re not sure of where they come from or where they’ve been. Infected USB drives can be used to install malware, spy on unsuspecting user and steal sensitive information. Luckily, a few security best practices, combined with common sense, can easily prevent such attacks.
Take a moment to explore these practices and put your intuition to the test.
DON'T USE UNKNOWN USB DRIVES
While returning from lunch, you spot a USB drive that was dropped in the parking lot. It looks similar to a USB drive you know is used by one of your coworkers. If they lost important data it could create a serious security breach or slow down the project!
Which is the best action to take?
•Collect the USB, but check it on your computer first before distracting your busy coworker.
•Take the USB drive to IT so that they can identify it and inspect it for malware.
•Return the USB drive to your coworker right away.
It's late, and you just remembered that you need to back up some work files to a USB drive before tomorrow morning. You won't have time to acquire a secure USB drive from IT, but you do have a few extra personal USB drives around the house.