Discuss the methods that can be taken by organizations

Assignment Help Computer Engineering

Reference no: EM133337806

Case: Information security or InfoSec is a broad topic that covers many areas such as physical security, endpoint security, data security, network security and cyber security. It consist of the tools and processes that organizations use to protect information. This includes policy settings that prevent unauthorized people from accessing business or personal information. Cyber security is one of the popular topics that is widely discussed due to the increasing number of people who have been victims of cyber-attacks worldwide. Cyber security is the practice of protecting systems, networks, and programs from digital attacks. Despite the use of cutting edge cyber security tools, measures and policies, the lack of human awareness on cyber threats becomes a weak point in InfoSec implementation. Therefore, protecting an organization from cyber threats begins with increasing the employees awareness and knowledge in keeping the assets and networks safe. This can be done by sharing, disseminating and educating the employees continually on information security policies, processes, standards and frameworks. Hence, programs based on the Framework of Security Education, Training and Awareness (SETA) are imperative to be implemented in organizations to enhance information security more effectively. SETA is a program designed to help organizations to mitigate the number of security breaches caused by human error by making people aware of information security policies and how to apply them in daily activities. The people awareness concerning cyber security can be increased by training and educating them on security basics and best practices to allows them to make better decisions and avoid risky cyber behaviours. Apart from educating on the security policies and rules, the training modules ought to also address common security breaches caused by human errors such as using a weak password, having outdated software or responding to malicious emails. Depending on conduciveness and effectiveness, the training can be delivered in either modes or in any combination deemed suitable; one-on-one, on-the-job-training, formal class, user support group, self-study (non-computerised), computer-based training or through online seminars.

With the rapid increase of Internet usage, the threats and attacks by cyber criminals are also increasing thus putting the security of the enterprise infrastructure and communication system at serious risk. Cyber criminals such as hackers can erase, block, manipulate and steal information, which can paralyze the whole organization and disrupt the business ecosystem. Thus, it is imperative to ensure the entire systems are protected from external and internal security breaches by implementing cyber security best practices. Most organizations invest in advanced technology solutions such as next generation firewall, antivirus and intrusion prevention systems to protect their assets and user privacy. Addressing both the technology factor and the human factor are crucial for the implementation of a robust and secure environment. In Malaysia, the national cybersecurity innovation-led services, programmes and initiatives to reduce vulnerability of digital systems are enforced and instituted by the government through CyberSecurity Malaysia, the national cyber security specialist agency under the purview of the Ministry of Communications and Multimedia Malaysia. CyberSecurity Malaysia roles is to foster awareness and disseminate information on cyber security and safety as well as to increase understanding and interest in the cyber security field by displaying and showcasing hands-on product and information. At the same time, CyberSecurity Malaysia also collaborate with relevant local and international parties for the implementation of cyber security technologies, to inculcate a culture of digital citizenship among the masses from all occupations and lifestyles.

Question: Based on the case, discuss the methods that can be taken by organizations in Malaysia to protect themselves from cyber threats.

Reference no: EM133337806

Questions Cloud

What is known as a hash function : The MD5 digest used in Elgg secret tokens to protect against CSRF attacks is what is known as a hash function.

How does it compare to face-to-face or videos for training : How does it compare to face-to-face or videos for training? How could it be improved Wrong decisions can lead to data loss or breaches

Describes logical circuit and associated logic table : Describes a logical circuit and an associated logic table (including graphs and tables) that could be used to create a futuristic door key system.

Implemented in organizations to enhance information : Implemented in organizations to enhance information security more effectively." Illustrate the framework of SETA as suggested by NIST SP 800-12

Discuss the methods that can be taken by organizations : Based on the case, discuss the methods that can be taken by organizations in Malaysia to protect themselves from cyber threats

Portfolio project management software : How can organizations justify investing in enterprise or portfolio project management software?

What is computer security and information security : What is computer security? Information security? They are similar, but how are they different? Why are both important for businesses to implement?

Describe the organization and structure : CBR 600 9044 University of Maryland Describe the organization and structure. The structure will include the different business units and their functions

Cyberwarfare of Ukraine war : What are the cyber risks to the US and NATO countries of the Ukraine war? What groups are involved in the cyberwarfare of the Ukraine war?

User Account

All Pages