Reference no: EM132078286

The below whole topic should be in 300 words or little more with references

Read Four (4) academically reviewed articles on Cyber Security and Risk Management and complete the following activities:

(Wikipedia articles will not be accepted. Professor may check originality of all posts. Avoid copy-and-paste.

1. Summarize all four (4) articles in 300 words or more. Please use your own words. No copy-and-paste

2. Base on your article review and the assigned reading, discuss the relationship between cyber security and risk management.

3. As an IT manager, discuss how you will use the concepts discussed in the four articles in the management of IT risks within your company.

Please respond to the below topics with 150 words each

Topic1:

According to the first article a cyber physical system is something that is used in power systems, communications, and transportation and these are exposed to threats of cybersecurity. These attacks can lead to various risks such as disruption of production and performance and unavailability of critical services. Managing cybersecurity is very important to protect CPS.

Second article explains fundamental role of research in cyber security is to concentrate the efforts on those contexts and conditions which determine the way in which key players reach a common understanding of the way to conceive and eventually answer to certain challenges in cyber security.

Third article explains that there are many risk management/assessment standards, e.g. IS0 27005:2011 and NIST SP 800-30rev1, designed for governments or businesses. However, cyber risk assessment focused on military strategy has been rarely studied.

The Vulnerability Detection (VD) tools in Network Risk Evaluation (the previous studies) were used for the quantitative data collection and the focus group in the Military Risk Evaluation (MRE) (the proposed method) was used to collect qualitative data, which enhance the general risk assessment standard to achieve the objective of the research

References:

1. Halima Ibrahim, K., Shareeful, I., & Mohammad Abdur, R. (2018). An Integrated Cyber Security Risk Management Approach for a Cyber-Physical System. Applied Sciences, Vol 8, Iss 6, P 898 (2018), (6), 898. doi:10.3390/app8060898

2. Riza, I. (2017). RISK MANAGEMENT FROM THE INFORMATION SECURITY PERSPECTIVE. Junior Scientific Researcher, Vol 3, Iss 2, Pp 1-8 (2017), (2), 1.

3. Hemanidhi, A., &Chimmanee, S. (2017). MILITARY-BASED CYBER RISK ASSESSMENT FRAMEWORK FOR SUPPORTING CYBER WARFARE IN THAILAND. Journal Of Information & Communication Technology, 16(2), 192.

Topic 2:

The risk management has been necessary for all the organizations and also for the individuals these days. If they have an asset, they have to protect it. The simple and best example may be insurance. We will be insuring our life, automobiles etc and the plans we go for are especially designed for us so that we can be protected from any loss.

The risk management is beyond the external devices like doors are protecting homes, offices, vaults protect our money and jewels and similarly police protect the city and we can give the list like above. For the threats, the IT department in any of the organization has to work out with various combinations of strategies, technologies and other advanced methods so that their data stays protected always against any of the cyber security attacks.

The attacks are primarily due to compromising the important data; steal the data for their usage or looking for any valuable information. This will damage the organization's reputation if they loss important data which might also contain customer's private information. We have to identify the vulnerabilities and the areas where the attacks may start so that we can plan accordingly and stay protected. The administrators should come up with a plan and identify the areas which are to be protected and have to plan according to that (cisco.com, 2017).

Before enabling or working on the cyber security threats, the administrators have to analyze the assets which are to be protected and based on the priority of the assets everything has to be planned. We cannot say that if everything is protected in an organization, then all the other organization can follow the same steps for them.

Each and every organization has their own asset priority and based on that it will be varying from one organization to other. Different organizations have different methods of infrastructures and assets which are to be protected and they have to implement their own technology and methods to protect themselves.

The cyber security will be better if a layered approach is followed and apart from this they have to deploy various advanced protection for their assets like customer as well as the corporate data. We have to consider the below precautions towards the cyber security measures. We can install the network access controls and also limit the devices with the internet access and authorized persons only should use the internet for official purpose. We can limit the administrator credentials and it can be given to the persons who can control effectively.

We can install firewalls to protect us. We should ensure that our system has the latest OS as the support for the older OS are no longer provided. Installing a good antivirus with maximum protection is a mandatory one. We have to limit the administrative rights and the administrator should be an effective person. We have to ensure a two factor authentication for accessing certain confidential files and other systems. If needed, we can make sure for most of the important information like above (Tom, 2017).

References

Tom, B. (2017). Top 5 Reasons Risk Management Needed Cybersecurity.