Reference no: EM131738690

RESPOND TO THESE DISCUSSION POST BASED ON THE TOPIC "Welcome to Security Risk Analysis and Planning.

Discuss why you view information security risk management as a balancing act. In response to your peers, state what a balanced approach to information security risk management means to you, and your view on why we should or should not apply a balanced approach to risk management."

APA reminders - In your Discussions and Assignments -

* Use less than 10% direct quotes

* Quotes over 40 words not allowed in this classes (by exception only ahead of time)

* Every quote needs a specific page or paragraph number

* Ideas and concepts from articles on websites need to be re-written in your own thoughts, vocabulary, and ideas and not simply paraphrased.

1.KevS Intro

A balanced approach to risk management when it comes to information security is balancing business operations with the security of the companies data.

Many times information security concerns can restrict business operations while the lack of information security can cause a companies data to be vulnerable to external security breaches. The reason for applying a balanced approach to information security is to understand how the business operates and in what space they operate within and apply security principles to mitigate risks within that space.

For example, if a companies sole business is in e-commerce then the credit card data and personal information of the companies customers should be protected from unauthorized access.

2.BrnL

I think that information security risk is a balancing act because the risk of breaches and other incidents needs to be weighed against efficiency and access. You can lock down a system, network, or system so tightly that it blocks legitimate usage.

From my own experience, overbearing controls can become something that users then try to find ways around, in order to get their work done.

For example, I currently work for an organization where every system modification request regardless of dollar value undergoes at least 4 levels of review, with the last being the CEO herself. What do most units do?

Try to find a way to get their work done using spreadsheets and simple database tools such as Access. The result - we have literally hundreds of spreadsheets being used for major purposes. Scary because spreadsheets are inherently difficult to control. Economics teaches us that at some point, adding additional investments will reach a point of diminishing returns. (Friant, 2012) We are way past the point of diminishing returns for development risk at my company.

A good example of an unbalanced view toward risk is much of the federal banking regulatory response to the economic meltdown of 2009. The cost of regulation has created barriers to entering the market for new banks, actually forcing banks to become bigger. While other issues are in play, regulatory cost is a major factor. Since 2011, only 9 new banks have started in the US. In 2007 alone there were 175. (Ponczek, 2017)

Allow your discussion posts to be detailed and capable of sharing knowledge, ideas and points. You must discuss the topic using your own words first. Using your own words indicate you understand the topic of discussions.

Secondly, you must cite your sources in-text. This is necessary to justify your points.

Sources from several sources showed good research abilities. Lastly, you must provide references at the bottom of your post.

A discussion post without justification with sources does not show proper research abilities. A terse and not detailed discussions represent post that would not provide enough sharing of knowledge or proper understanding of the topic.

DO NOT just copy and paste a sentence from online with citation at the end as your own discussion. I have not asked for definitions, I asked for discussions and will not buy this. You must show understanding of the discussion topic by using your own words to describe the topic and then justify that with sources.

Format references into the APA style if necessary. Extremely important. Intext citations is very essential and highly needed as well.

Wse double spacing, 12-point Times New Roman font, and one-inch margins. Sources should be cited according to APA citation method (citation should be relevant and current). Page-length requirements.

Make sure you cite if you take a piece of someone's work, very important and your reference should relate to your writing (don't cite a reference because it relates to the course and not this very paper) at least 2 current and relevant academic references. No heavy paraphrasing of others work.