Build a Log Book Essay

Build a Log Book Essay

Build a Log Book Essay

Building a Log Book

Gaps and vulnerabilities

From the hypothesis analysis of the information system, some gaps and vulnerabilities were identified. These gaps and vulnerabilities include too much complacence among the IT staff. The staffs are overused to doing things according to a specific way that does not articulate for proactive and security robustness. Also, the employees are not proactive in response to the alarm system. The employees assume that there is no need to follow up, and the IT staff do not respond as required when the system alarm is raised. The business lacks an automatic monitoring system for the backup cloud system.

The company lacks a proper communication system in which the existing gaps and vulnerabilities should be communicated to the managing or responsible departments. This is the main reason why the network bandwidth problem was not detected in time. In the fourth hypothesis, the company needs a new cloud backup system since the existing one was faulty and the system was sending a mixed-signal, either a real or a false one. Due to the intrusion into the system, there is a high risk on the priority list. This can contribute to an authorized activity in the digital network system that goes undetected.  

Personal leadership philosophy that reflects what you think are characteristics of a good leader

Cybersecurity risks and the recommended mitigation strategy

Entry	Gap and Vulnerability	Step for Resolution	Priority list
1	too much complacence for IT staffs	Implement IT user policy and the procedure for reporting such incidence (Fischer, 2014)	Priority
2	Lack of clear division of responsibility	Outline the duties and responsibilities of employees when hiring them. Daily allocation of responsibilities and tasks	Fifth priority
3	Lack of automatic monitoring system for the backup system	Implement an automated monitoring system  such as Amazon cloud watch and Microsoft cloud monitoring	Third priority
4	Faulty cloud back up system	Invest in a robust cloud back system such as Idrive cloud storage, pCloud, zoolz Cloud Backup	Fourth priority
5	Network intrusion	Invest in anti-malware/virus programs and firewalls.	Second priority

The Recommended Series of Steps

When responding to cybersecurity threats and vulnerabilities, it is important to be guided by the following steps. The steps that will follow in the resolution.

Annotated Bibliography Transition of care Essay

Entry step	Procedure	Activity	Solution
Step 1	Identifying and documenting the asset vulnerabilities (Coronado & Wong, 2014).	This step focuses on understanding what makes the business attractive to the cybercriminals and the source of laxity for the IT staff. The company should evaluate whether it has a formal written business policy regarding media usage, device usage.	Ensure the employees and staff are acquitted with the relevant policies and procedures by providing them with cybersecurity awareness and training (Newhouse et al., 2017).
Step 2	Identify both the external and internal threats.	To research and understand how cybercrimes are perpetuated, including the techniques, tactics, and procedures used to target a given organization.	Monitoring the intrusion through implementing an intrusion monitoring system and tracking unusual network activity will help suspect an unusual breach. Put up a firewall as gatekeepers to detect anomaly traffic flow.
Step 3	Assessing the vulnerabilities	Assess the software and programs that the organization uses to scan the network (Srinivas et al., 2019). Assess whether they are up-to-date. Use an external auditor.	Use of security software such as anti-malware and anti-spyware to detect malicious code, spam, virus, and software (Srinivas et al., 2019).
Step 4	What are the potential likelihoods and business impacts	Identify how this impacts the business in terms of loss of data, reputation to the customers and stakeholders, and the financial and operational consequences.	Implement control access, including controlling the physical address to the company and network, restricting access to authorized users only, limit access to data to application controls only, limit the type of information that can be sent via email (Srinivas et al., 2019).
Step 5	Prioritizing the risk responses.	Prioritization will involve addressing the immediate flaws in the security system. Also, ensure that the implement solution does not impact other aspects of the cybersecurity network.	The prioritized risks should be addressed first by taking basic yet effective measures such as using strong passwords, creating a password policy, and regularly updating programs and software in time (Sabillon et al., 2017).

References

Coronado, A. J., & Wong, T. L. (2014). Healthcare cybersecurity risk management: Keys to an effective plan. Biomedical Instrumentation & Technology, 48(s1), 26-30.

Fischer, E. A. (2014). Cybersecurity issues and challenges: In brief.

Newhouse, W., Keith, S., Scribner, B., & Witte, G. (2017). National initiative for cybersecurity education (NICE) cybersecurity workforce framework. NIST Special Publication, 800(2017), 181.

Sabillon, R., Serra-Ruiz, J., Cavaller, V., & Cano, J. (2017, November). A comprehensive cybersecurity audit model to improve cybersecurity assurance: The cybersecurity audit model (CSAM). In 2017 International Conference on Information Systems and Computer Science (INCISCOS) (pp. 253-259). IEEE.

Srinivas, J., Das, A. K., & Kumar, N. (2019). Government regulations in cyber security: Framework, standards and recommendations. Future Generation Computer Systems, 92, 178-188.

Build a Log Book Essay