In addition to the 4-6 pages of the paper itself, you must include a title page and a reference page.
Your title page must include the title of your paper, the date, the name of the course, your name, and your instructor’s name.
Your reference page must be written in APA citation style, Arial or Time New Roman styles, 12-point font.
Page margins Top, Bottom, Left Side, and Right Side = 1 inch, with reasonable accommodation being made for special situations.
Your paper must be in your own words, representing original work. Paraphrases of others’ work must include attributions to the authors. Limit quotations to an average of no more than 3-5 lines, and use quotations sparingly. It is always better to write the information in your own words than to directly quote.
Papers will automatically be submitted to www.turnitin.com for review. PAPERS WITH AN ORIGINALITY REPORT FROM TURNITIN OVER 15% OR OVER 2% FROM A SINGLE SOURCE WILL RESULT IN A SIGNIFICANT POINT REDUCTION.
This research paper should be based on the attached outline below.
Organizations and enterprises are more open to attacks and a variety of risks throughout their operations. CISCO provided a comprehensive analysis into the state of cybersecurity across the US and European union and found out that in 2019 a total of 37% of all organizations were embroiled in some form of attack that was potentially critical in derailing their operational process and curtailing their objective success (Kingori, 2019). A major part that has contributed to this state of affair is the development of internet technologies, that has resulted in sophisticated processes, and mobile access to enterprise system and networks. Development of technology has also resulted in the development of malwares, viruses, and other forms of vice, that continually attack mobile, computer and network systems in place with the aims of financial or political motives (Blyth and Kovacich, 2001). Researchers indicate that as much as 3% of all global devices are compromised in many ways by external and non-authorized forces making them in some degree a security risk for organizational operations.
Cybersecurity results in a lot of reputational and financial damages for most organizations. Upto $400 billion dollars is lowest annually to cybersecurity attacks and the effects of this loss has seen a direct implication in rise of insurance premiums on cybersecurity totalling $1.35 billion (Evans, 2019). Malwares for the most part make up the largest forms of attacks, providing greater operational risks to enterprises. The predominant perception now it is not about “if” there will be an attack on an organizational system or network, but “when” the attack is probable to occur, as such organizations are forced to install mitigative measures to prevent the probability for system failure or compromise due to attacks. This includes investing in risk network and vulnerability assessment, among others in the hopes that they get to always uncover a plot prior to its manifestation. In short provide security assurance to organizational system and networks for constant operational continuity.
Information is refined data, more commonly associated with relevance and purpose, it is valuable since conversion of meaningless data into meaningful information requires a certain degree of knowledge that is specialized (Blyth and Kovacich, 2001). Information Assurance (IA) as such is the action takes to safeguard the said information and defend the information systems by provisioning availability, integrity, confidentiality, authentication and non-repudiation of said data (Blyth and Kovacich, 2001). It is a holistic process of provisioning restoration systems to said data and maintain its relevance to the company/ enterprise overall by detecting, protecting and offering reactionary capabilities to prevent attacks (Shou and Hernandez, 2015). With the ever increasingly use of technologies in business operations, not only does it present loopholes for exploitation but there is also a tendency to cause real danger to businesses and corporations at large. Society relies heavy on the access of information and to make information reachable to the authorized individuals. There would be the need to protect information from getting into the wrong hands, from been modified which traditional Information security cannot provide.
Core Principles of Information Assurance
IA is a comprehensive overview on how to protect meaningful data from exploitation or benefit of third party entities for financial or political gains. IA allows IT specialists with modes of information asset protection from destruction, degradation, manipulation and exploitation, and its application usually considers a variety of principles. Young (2015) outline that IA outlines and applies industry and organizational policies, standards methodologies, services and agency to the organizational objective and the mission of data protection to ensure the principles of integrity, privacy, availability, non-repudiation, utility, authenticity, and authorized access are achieved during the use of transfer of documents (Lainhart, 2002). Below is a list on the core principle aspects and how they define protection:
1. Confidentiality: refers to how only authorized users with clearance to sensitive information get to be the only users to view, store or alter in approved manners, and transmit the information (Blyth and Kovacich, 2001). Here a policy must exist to guide user access to the data and the permissions necessary. Confidentiality is preserved through access control and data encryption methods and training. Encryption limits users without access from getting to the information by relaying incoherent text (Boyce and Jennings, 2002). Only users with encryption keys can have access to the data. It allows companies to protect their customers’ privacy and data, working to maintain enterprise integrity and reputation.
2. Integrity: outlines that sensitive data should not be tampered with in any manner, whether malicious or accidentally through authorized user error. Here training is provided to employees on how to access and use information that is sensitive and control designs to define who, what and how can access and use data (Shou and Hernandez, 2015). Additionally, antivirus softwares are installed to guard against malicious malwares, and penetration tests and other security protocols are deployed to ensure data integrity evaluating data use, download, uploads, network systems and the integrity of all devices with access to the network.
3. Availability: This refers to how IT administrators provide system and network users access to given sensitive information within the enterprise infrastructure. The privileged information should not be readily available for easy access to any one as hackers can use this opportunity for their own gain, again it should not be too hard to access for employees to perform their tasks in time (Boyce and Jennings, 2002). The critical balance needs to be established by IT admins to ensure continuity in operations. To ensure availability, an enterprise may institute policies, and security tools and administrators such as firewalls, IDS, IPS to evaluate risks and access of information.
4. Authentication: is the means of control that is placed to ensure the users who access the information, are truly who theft claim to be prior to accessing the information that is confidential. Users Authorization can be divided into course (where user only have access to information and nothing more) and fine where users have the power to alter the said information (Shou and Jenning, 2015).
5. Non-repudiation: This is a means or the process of ensuring accountability by evaluating with proof that the intended receiver got the information and the it was accessed and sent by an authorized sender. It provides a means of ensuring persons with access cannot be denied their right to access the information having established their security clearances within the system (Blyth and Kovacich, 2001). There should be a method in place to ensure authentication credential and authorization into a system is achieved by the right person.
Importance of Information Assurance
Information Assurance is tasked with evaluating risk associated to an enterprise’s network and computer systems. External threats should be evaluated on the basis of their means to exact an attack, their motive (which can be political or financial) and the availability of an opportunity (a vulnerability within the system) to allow them to propagate their attack. IA allows for the following evaluations:
a. Risk Assessment: Any project’s success or failure is dependent on the ability for the people in charger to curate a good risk management program based on the already identified threats, and their overall objective in the project. Information Assurance institutes risk assessment in processes that allow proper monitoring of high target risk, identification of vulnerable sites, objects and assets, and provision of parameters and minimum security requirements needed to propagate an agile risk monitoring system (Shou and Herndandez, 2015).
b. Integrity or Trust: As already discussed, integrity is a principle that seeks to ensure sensitive data is not in anyway tampered with. A good disaster recovery strategy plays a very significant role in organization’s data integrity in cases of catastrophe or attack. Chang (2015) outlines that for the last few decades, more agency was placed by researchers on security and privacy of data, while few sought to address disaster recovery frameworks, particularly when concerning big data system. Disaster recovery method today usually utilize a single-basket approach to data storage which implies putting all your storage in one destination server (Chang, 2015). This is the first significant challenge faced by organizations as they try to back up their data to a more secure site and use passwords as well as encryption to ensure data is rarely tampered by third parties. Use of a single-basket entity, has a higher risk of data corruption (data can also be corrupted within any stage of cloud computing adoption), data loss and data manipulation through mishandling.
c. Network Monitoring: this is a tool used to detect exfiltration which is the incorrect transmission of information corporate or otherwise assets to or from unauthorized individual. Organizations can apply the use of tools that detect break-ins or attempted attacks on the network such as the intrusion detection systems which often combine network monitoring, with real time capture, feedback and analysis of information to detect attacks. Zhou et al (2018) outlines that to adequately identify the potential for these threats and vulnerabilities data collection and filtering is necessary. Not just any data collection mechanism on the network but a flow-based data collection mechanism. As an alternative to the currently used packet based data collection, flow-based data collection ensures less packet loss especially during overwhelming traffic incidences. flow-based data collection mechanism ensures a reduced packet analysis, as it provides an analysis on a group of packet based on the similarities in their features, filtering aspects that are dissimilar to the dominant packets being transmitted. Flow-based data collection can be executed in network’s core features. IT can also be performed at the network edge nodes, such as firewalls, IDS, IPS. It relies primarily in ingress and egress filtering.
d. Recovery Plan: IA ensures quality data is always recovered from the cloud and cloud computing is used to ensure data safety. The more data is stored and the more time it spends on a third party semi trusted vendor’s server, the more there is a likelihood for redundancy of the user data. As such, companies have an agency to ensure data integrity is achieved. Redundancy is not inherently a bad thing. Here the agency is emitted by increased pressure of cloud storage serve to reduced network transmission delayed, and a need for increased remote bandwidth pressure(John, 2019). Egress filtering, better network bandwidth, increased storage space and data duplication technology have become key issues considered by companies to ensure data integrity when using cloud based backup and recovery as compared to traditional on premise data storage (Jun and Lihong, 2017). Getting uninterrupted data availability, in the case of recovering data stored in remote storage facilities remains to be a growing concern for companies that rely on cloud backup and recovery. Temporary loss of access of data is a common occurrence that usually faces majority of these companies. This is especially more pronounced in cases where two data storage units are located in different nodes, each possessing the same number of storage units.
Threats to Information Assurance
a. Internal Threats: Employee error or lack of standard and agile policy to monitor and evaluate risks becomes a very big threat to IA. The successfulness of IA requires constant vigilance, as the field of information technology is dynamic and constantly evolving, releasing more complex technology that always play a part in risking organization network. At the same time, companies and how work is done have evolved to feature mobile devices that have allowed other policies such as bring your own device (BYOD) to manifest. Here employees use one device (their own personal laptop or smartphone) to access company data which has proven risky for organizations, as the devices can easily be hacked, or lost, or accessed by unauthorized third party (Rajendra, 2014). Companies now have to balance between employee privacy and company security protocol, as they monitor, employee action remotely (Mersch and Nealis, 2020). Employee sloppiness at work such as errors in the system may also present significant threats to enterprise information. Other aspects such as corporate negligence, theft and espionage are also to be considered internal, where intentional sabotage or compromise to a system is enacted by disgruntled or an already compromised employee.
b. External Threats: Risks that an enterprise and business faces depends heavily on the attacker and their motivation or the existence of an opportunity. Opportunity is the vulnerabilities in the system or network (Shou and Hernandez, 2015). By evaluating the vulnerabilities an enterprise becomes more capable of assessing risks and instituting mitigative measures. External threats to an Information Assurance as such surround the types of attack such as Malware, malvertising, DDoS attacks, Ransomwares, spamming and phishing among others. Boyce and Jennings (2002) outline that an attacker’s motivation is also to be considered as it plays a significant role in the type of attack they wage. There are two forms of motivation financial and political motivation, all of these have an ulterior motive. Based on the prevailing environment and trends companies can evaluate how an attack may manifest and what motivates the attackers to evaluate better IA.
Blyth, A., & Kovacich, G. (2001). Information assurance. Springer-Verland London.
Boyce, J., & Jennings, D. (2002). Information assurance. Butterworth-Heinemann.
Chang, V. (2015). Towards a Big Data system disaster recovery in a Private Cloud. Ad Hoc Networks, 35, 65-82. https://doi.org/10.1016/j.adhoc.2015.07.012
Evans, J. (2019). Apple provides superior cybersecurity protection. Retrieved 9 April 2022, from https://www.computerworld.com/article/3253248/apple-provides-superior- cybersecurity-protection.html
Hernandez, S., & Schou, C. (2015). Information Assurance Handbook: Effective Computer Security and Risk Management Strategies. McGraw-Hill.
John, S. (2019). Backup, High Availability, Disaster Recovery, and Migration. Microsoft Azure Infrastructure Services For Architects, 297-323. https://doi.org/10.1002/9781119596608.ch9
Jun, Y., & lihong, Y. (2017). The Cloud Technology Double Live Data Center Information System Research and Design Based on Disaster Recovery Platform. Procedia Engineering, 174, 1356-1370. https://doi.org/10.1016/j.proeng.2017.01.289
Kingori. (2019). Top 10 Cybersecurity Risks For 2019 | United States Cybersecurity Magazine. Retrieved 8 April 2022, from https://www.uscybersecurity.net/risks- 2019/
Lainhart IV. (2002, June 13). Information Assurance/Information Security. Pwc. Retrieved March 3, 2022, from https://csrc.nist.gov/csrc/media/events/csspab-june-2002-meeting/documents/lainhart-06-2002.pdf
Mersch, A., & Nealis, E. (2020). 6 Common Types of Malware. Blog.totalprosource.com. Retrieved 8 April 2022, from https://blog.totalprosource.com/5-common-malware-types.
Rajendra, R. (2014). Employee-Owned Devices, Social Media, and the NLRA. ABA Journal of Labor & Employment Law, 30(1), 47-71. Retrieved October April 9 2022, from http://www.jstor.org.sbcc.idm.oclc.org/stable/43489456
Young. (2015, February 2). Information Assurance and Security. Introduction to IA. University of Texas. Retrieved October 3, 2022, from https://www.cs.utexas.edu/~byoung/cs361c/slides1-intro.pdf
Zhou, D., Yan, Z., Fu, Y., & Yao, Z. (2018). A survey on network data collection. Journal Of Network And Computer Applications, 116, 9-23. https://doi.org/10.1016/j.jnca.2018.05.004