Mid term

docx

School

Hudson Valley Community College *

*We aren’t endorsed by this school

Course

500

Subject

Information Systems

Date

Oct 30, 2023

Type

docx

Pages

Uploaded by ProfessorInternetPheasant21

Q1. Outline how your team would approach this consulting engagement. Describe where you would start and the steps you would take to gain an understanding of the organization’s business and security-related requirements. Answer: The healthcare industry is one of the most vulnerable industries when it comes to cyber security and data privacy. Health care data is very valuable for cybercriminals because of its sensitivity. As a consulting firm first, we need to understand the fact that this organization operates in the healthcare industry which is a frequent target of cybercriminals. Every organization that operates in health care industry needs to have a great set of security protocols, procedures, and tools to prevent data breach attempts and specifically a corporate culture that promotes the significance of cybersecurity and data privacy across the board. Our first step as a consulting firm will be to understand the organization and its existing cyber security protocols and procedures. This Organization wants to expand its business in Europe which means that its now it will become more vulnerable to cyber threats as after expansion it will become a potential target of a greater number of cyber criminals that are present both nationally and internationally. As a consulting firm following will be our first steps to gain understanding of the organization’s business and security-related requirements: 1. Meeting with the Board of Directors and Chief Information officer (CIO), Chief Security Officer (CSO) to understanding and analyzing the existing cyber security protocols and procedures: Initial meeting with the Board of Directors, CIO and CSO will provide a great understanding of company culture and where the organization stands in protecting data privacy against the cyber threats that are present. This meeting will provide us with clarification regarding the organization’s current security posture, pain points, and overarching business goals. The organization has faced an increased number of cyber- attacks in the past which tells us that the current cyber security structure in the organization is not up to the current standards. After meeting with the top management, it is also necessary to understand the organization’s business and security-related requirements from the lower management’s perspective. 2. Interviews and Site Visits: Conducting virtual meetings and meetups with the employees across various departments and especially with the Information technology department employees will provide a deeper understanding of organization and security concerns. After getting an understanding of the business and data security the next step is to perform a risk assessment.

3.Risk Assessment & performing security architecture review: As a consulting firm the next step is to perform a comprehensive risk assessment to identify potential threats and vulnerabilities to the organization's assets, data, and operations. Furthermore, evaluating the existing security architecture, including firewalls, intrusion detection systems, access controls, and encryption methods. This will help in determining the effectiveness of these security measures in mitigating risks. After doing the risk assessment to identify potential cyber threats the next step will be to make a security road map and recommendations. 4. Security Roadmap and Recommendations: Developing a detailed security roadmap that outlines short-term and long-term security improvement initiatives will help the organization to analyze its weak areas. Provide specific recommendations for enhancing security measures, including technology upgrades. Q2. What steps would you take to evaluate the company’s security program and practices? What can you determine insofar as the company’s current cyber security posture? The Organization is planning to expand in Europe which will expose the company to further cyber threats on an international level. The company’s current cyber security poster is not very strong since it has been experiencing a greater number of cyber attacks in the past few years. Furthermore, after meeting with the Chief Security Officer it was also clear that the current cyber security framework and mechanism is not strong enough to counter the current cyber threats and when the company expands it will further expose the company to potential cybercriminals. To evaluate the company’s security program and practices we will take the following steps: 1.Security Technology assessment: After meeting with the CSO we found out that the security team who is responsible for implementing and overseeing any potential cyber threat have limited visibility across the organization’s network. This poses a serious concern because if the security team has limited control over the organization’s network, then they can’t effectively detect and handle any potential cyber threat. 2.Security Awareness and Training Evaluation:

Furthermore, the company also lacks security awareness and cyber training that are necessary to educate employees when it comes to cyber threats and data privacy. Most cyber-attacks happen from infected emails and other malicious software that contain viruses to hack systems and steal confidential information. If employees are not periodically trained to identify any potential cyber threats, then it becomes impossible to safeguard the organization from cybercriminals. Currently when any cyber incident happens it is handled by a combination of IT operations and security staff and because of no proper cooperation and coordination difficulties arise in responding to such incidents. The Organization needs to devise a formal framework and chain of command to handle cyber incidents effectively. 3.Regulatory Compliance Check: The next step that we will take is to perform a regulatory compliance check. The organization is expanding to an international level so now it would need to comply with international industry practices. The organization has existing security policies and technical standards, but they are not aligned with the recommended industry practices. This also creates a security issue because the industry practices also act as a safeguard against cyber attacks and if the company’s security policies are not aligned then it puts the organization on a greater degree of risk for cyber-attack. 4.Review Security Incident Response Plan: Lastly, we will review the security incident response plan and we found that the organization has no formal cyber security strategic plan. This was very concerning and alarming for us because without a formal cyber security strategic plan the company cannot effectively fight against any potential cyber threat and the different departments in the company would not to able to coordinate and communicate effectively to respond against cyber-attacks. However, the CSO has planned several initiatives for the future that includes the deployment of multi-factor authentication and security awareness training for employees.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version