Address Issues Discussion on 3 Topics of Forum

Assignment Item – 01 ~

“Address issues discussion on 3 topics of forum“

Table of Contents

Topic 1:        3

Forum Discussion Topic 1:        4

Topic 2:        6

Forum Discussion Topic 2:        8

Topic 3:        10

IT Security Threat and risk assessment        10

Forum Discussion Topic 3:        11

REFERENCES        14

Topic 1:

IT Security & Technology Landscape

How has the IT landscape changed?

Infrastructure, applications and business processes can be delivered as a service to anyone. The benefits of cloud computing such as greater business agility, economies of scale and increased flexibility has seen a steady transition of organizations moving to cloud based computing.

One of the key points that I believe cloud computing has changed the IT landscape is that cloud creates and drives innovation. Resources that were once only available to the enterprise are now available to SME and start-up businesses. (Shimamoto, 2015)

What are the new risks/threats?

• Confidentiality–As more private data is stored in the cloud there is a growing risk of unauthorized access to this data. This risk could be internal, the cloud provider or external, a hacker that can result in data breach.
• Integrity –Cloud providers can store data on shared infrastructure, and this shared computing between customers can be a threat against data quality and integrity.
• Availability –A risk of downtime and disruption of critical systems can directly impact the organization its staff and customers.

Sun, Y. Zhang, J. Xiong, Y. Zhi, G. (2014).

How severe are the risks?

• Confidentiality – A failure to secure access rights can result in a data breach of confidential and private data. This is very severe and can result in private data such as credit card information or confidential documents being used for malicious purposes. This can impact business reputation and result in individual and company financial loss.
• Integrity –Inadequately segregated shared systems could result in unauthorized deletion or modification of data. The unauthorized change of data can have a very high impact on critical systems and data.
• Availability – A business critical systems that is not available will have a very high impact on an organization financially. The longer a business critical system is not available, the higher the financial loss to an organization.

Beyond.com (2013).

What can we do to mitigate/reduce the risks?

• Confidentiality  

• Limit access to data to only those that are authorized to view the data by making sure there is a robust identity and access management in place.
• Ensure data is encrypted at rest and in transit.
• Make sure systems such as IaaS virtual machines have proper baseline server hardening.

• Integrity

• Determine if data needs to reside on dedicated infrastructure or if systems should remain on premise.
• Make sure there is robust identity and access management in place.
• Ensure data is available at multiple sites to reduce the risk of the introduction of faulty application or infrastructure.

• Availability

• Ensure adequate SLA’s are in place such as uptime guarantees.
• Make sure the cloud provider has multiple regions and availability zones to distribute data.
• Make sure adequate disaster recovery and business continuity processes are in place.

Forum Discussion Topic 1:

RE: Cyber Intrusion and data breach

COLLAPSE

According to my point of view, The Cyber world as of now is exceedingly prone to the intrusion and data breaching majorly because of the IT globalization. In addition, the prominence of internet is progressively adding to high data exchange. Internationalization of data has resulted into the introduction of cloud based system which pulls in intruders to penetrate into the cyber security and it breaches the protected data conditions. Despite the fact that dominant part of organization alongside government are imposing Cyber laws, still they are neglecting to secure the information and furthermore in keeping the impacts of the intrusions.

Bottom of Form

RE: Cyber Intrusion and data breach

COLLAPSE

 these Judiciary and Cyber security organizations monitor all the activities globally. Few Cyber laws sometimes varies based on region or country specific requirements. Due to high level of data transfer over internet and one system connected to every other system creating a complex structure resulting leaving loop holes for the hackers to hack the system. So to fight against this increasing data over network new technology has been introduced named Big Data. Now managing big data will be convenient therefore providing IT security will be better and high.

RE: Cyber Intrusion and data breach

COLLAPSE

With the interest of discussion, Even big data is vulnerable I believe, when companies like google make mistakes where a routing blunder took place hit the japan market was hit and the internet traffic was diverted to a black hole. When analysing such a scenario even big data seems vulnerable.

Also in today s prevailing world, bit coins the virtual money being used, invested and split all over the technology, for a minute if we give thought and just hypothetically say, there is a glitch in a system and a data loss occurs, who is taking ownership of responsibility of $ lost? Who can be blamed? Will bit coin go under clouds? Or evolve better? Or will another supreme virtual trading value be introduced? 

Cyber Intrusion took place in 1995 by Levin, who hacked into a banking system and transferred 10 Mil$ to his accounts and transferred it across the global for his accounts, months later he was captured and jailed, yet the loss can be of a lesson but the act displays the possibility of even hacking into a banking system.

RE: Cyber Intrusion and data breach

COLLAPSE

Hi,

Very well presented your detailed opinion, I am agreeing with your explanation, Even the data on cloud is vulnerable for the IT attacks. As the data is going on cloud its getting more vulnerable for threats.

...