CYB_250_Final_Project_Milestone
docx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
250
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
5
Uploaded by DrTree1894
Amelia Madsen
Course: CYB 250
Section: R1978
Instructor: Patrick Valentia
In today's interconnected world, cybersecurity threats are constantly evolving, posing
significant risks to organizations. As a security analyst it is crucial to develop a comprehensive
cyber defense strategy. This report will address three critical elements of cybersecurity to
safeguard our organization against potential threats.
I.
Personnel or Human Factor trend
Employee cybersecurity training and awareness programs play a crucial role in enhancing an
organization's security posture. By educating employees about potential threats, safe practices,
and the importance of security measures, organizations can reduce the likelihood of human errors
that may lead to security breaches. These training programs should cover topics such as
identifying phishing emails, recognizing social engineering tactics, understanding the risks
associated with sharing sensitive data, and the proper use of personal devices in a corporate
environment. Additionally, employees should be made aware of the importance of keeping their
smart headsets and Bluetooth-connected devices secure.
Employee cybersecurity training and awareness are credible solutions we can use in our
company. In our situation, technicians in the field use smart headsets that communicate with the
central server through their cell phones via Bluetooth. The potential threats include phishing
attacks, social engineering attempts, and unauthorized access to sensitive documents stored on
the server. By implementing comprehensive training programs, employees can become the first
line of defense against these threats. They can recognize phishing attempts and suspicious
behavior, reducing the risk of falling victim to attacks. Moreover, educated employees are more
likely to follow security protocols, ensuring that their Bluetooth-connected devices are properly
secured and not vulnerable to unauthorized access.
II.
Data Protection Strategy or Technology Trend:
Data encryption is a fundamental strategy for protecting sensitive information. It involves
converting data into an unreadable format that can only be decrypted with the appropriate
encryption key. In our scenario, data encryption should be applied to all documents stored on the
central server, especially those projected onto the optical screen of the smart headsets.
Encryption ensures that even if unauthorized access to the server occurs, the data remains
protected and unintelligible to attackers. This safeguards product schematics, invoices, emails,
text messages, and other documents from being exposed in the event of a breach.
Data encryption is a credible solution we can use in our company. The threat of unauthorized
access to sensitive documents on the server is a significant concern. If these documents were to
fall into the wrong hands, it could lead to intellectual property theft, financial losses, and
reputational damage. By implementing strong encryption protocols, we can ensure that even if an
attacker gains access to the server, the data remains secure and inaccessible without the
encryption keys. This strategy provides a critical layer of protection, mitigating the risks
associated with data breaches.
III.
System Protection Trend:
Endpoint/server protection technologies encompass a range of solutions designed to secure
devices (endpoints) and servers from various threats, including malware, ransomware, and
unauthorized access. In our company, these technologies would be applied to both the smart
headsets used by technicians in the field and the central server in the company's central office.
These protection technologies include antivirus software, intrusion detection systems, firewall
solutions, and regular software patching. They are essential to prevent malware from
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
compromising devices and servers, ensuring that the connection between the smart headsets and
the server remains secure.
Endpoint/server protection technologies are credible solutions we can use in our company.
The constant communication between the smart headsets and the central server through
Bluetooth connections poses a potential vulnerability. Malicious software or unauthorized access
could compromise the integrity of this communication. By implementing robust endpoint/server
protection technologies, we can actively monitor and defend against threats. Antivirus software
can detect and remove malware, intrusion detection systems can alert us to suspicious activities,
and firewalls can control traffic to and from the server. Regular software patching ensures that
known vulnerabilities are addressed promptly, reducing the attack surface.
In conclusion, employee cybersecurity training and awareness, data encryption, and
endpoint/server protection technologies if well implemented would collectively form a strong
cybersecurity defense for our manufacturing company's situation. These measures provide
protection against various threats, safeguarding the smart headsets, the central server, and the
sensitive data they handle. By implementing these strategies and technologies, we can enhance
our organization's security posture and mitigate the risks associated with the constant
communication between our smart headsets and the central server.
References
Center for Internet Security. (n.d.). Southern New Hampshire University. https://snhu-
media.snhu.edu/files/course_repository/undergraduate/cyb/cyb250/cis_controls_v7.pdf
Human error is to blame for most breaches
. Tech News. (2016, June 6).
https://technews.tmcnet.com/cybersecuritytrend/topics/cyber-security/articles/421821-human-error-
to-blame-most-breaches.htm
The human factor in IT security: How employees are making businesses vulnerable from within
. Daily
English Global blogkasperskycom. (n.d.). https://www.kaspersky.com/blog/the-human-factor-in-it-
security/
Lucas, J., & Moeller, B. (2004).
The Effective Incident Response Team
. Addison-Wesley. October 8, 2023,
https://learning.oreilly.com/library/view/effective-incident-response/0201761750/?
sso_link=yes&sso_link_from=SNHU
Shostack, A. (2014).
Threat modeling designing for security
. Wiley. October 8, 2023,
https://learning.oreilly.com/library/view/threat-modeling-designing/9781118810057/?
sso_link=yes&sso_link_from=SNHU
Thompson, E. C. (2018).
Cybersecurity incident response: How to contain, eradicate, and recover from
incidents
. Apress. October 8, 2023, https://learning.oreilly.com/library/view/cybersecurity-incident-
response/9781484238707/?sso_link=yes&sso_link_from=SNHU
Wu, C.-H. (JOHN)., & Irwin, J. D. (2017).
Introduction to computer networks and cybersecurity
.
ROUTLEDGE. October 8, 2023, https://learning.oreilly.com/library/view/introduction-to-
computer/9781466572133/?sso_link=yes&sso_link_from=SNHU