Cyber Security Questions-Answers
Question 1: Prevent, Detect, and Respond to Cyber Attacks
How automated cyber security tools can support operations personnel
Alongside protecting organizations from potential thieves and hackers, automated cyber security tools are critical in protecting computers and IT systems from viruses and other external threats. Viruses are dangerous to computers, thus, security tools can assist in protecting the company computers from being attacked by these viruses. A virus, which can come from a variety of sources such as opening of an email, can track information in a computer, make it run slower, or even crash the entire system. When a computer that is used for business functions goes slow, it reduces the revenue generated. It therefore becomes important for such a system to be protected from viruses. While the spyware, worms, and Trojan horse programs may negatively affect the performance of a computer, simple software programs may be used to protect it against such threats. In essence, a secure web and Internet is an important factor in making users happy, enhancing visibility and improving businesses that rely on the Internet and websites (Gorman, 2012).
Furthermore, automated cyber security tools are critical as they ensure that information and data on the company’s IT systems are kept secure from hackers and thieves. A computer that is unguarded is vulnerable to hackers who are experts at penetrating into them. For instance, hackers may steal confidential information such as social security numbers, tax information, customer’s contact information, and any data that they may be interested in (Ngeow, 2008). If a company does not have secured systems, confidential employee and company information may be at risk and the management could be held liable in case of theft of such information.
Question 2: Anti-Virus Policies for Operational Systems
The use of anti-virus software applications to defend an enterprise-computing environment
Antivirus software applications are computer programs that detects, prevents, and takes appropriate actions in either disarming or removing malicious programs including worms and viruses. In essence, anti-virus software applications are aimed at protecting the computer and IT systems against viruses, malware, and other threats. Modern anti-virus software applications could protect an IT system from browser Helper Objects, worms, Trojan horses, key loggers, ransom ware, hackers, browser hijackers, spyware, and hardware (Szor, 2005).
Anti-virus software in most cases depends on signatures in the event of identifying malwares. Essentially, in the case where a malware is identified by an anti-virus application, the software therefore appraises it via a dynamic system analysis. As the malware is recognized, the software then extracts an appropriate signature and adds it to the signature database integrated in the antivirus software (Harley et al., 2007). When a particular file is scanned, the antivirus engine assesses the content with all the malware signatures present in the signature database. In case the file is similar to one of the signatures, the engine is able to identify the kind of malware and the procedure utilized in cleaning the infection.
Organization’s anti-virus policy
Yes. It would be wise for an organization to configure antivirus programs to guarantee infected files rather than being designed in a manner that deletes them automatically. This owes to a consideration that the results could be catastrophic in the event that a false positive is raised leading to deleting of genuine files. Further, a mishap that may be generated by a false positive may be damaging and frustrating (Tan, 2007).
For instance, if antivirus software is instructed to delete all files that are found to be infected, it may result into deletion of files infected by a true file infecting virus. Consequently, this could have a negative ramification on the functionality and features of operating systems or programs utilized by an individual or an organization. Similarly, anti-virus software may not actually clean a Trojan or a worm since it does not have the capabilities of cleaning the entire Trojan or IS worm. On the other hand, quarantine plays an effective middle ground because it moves the infected file to a safe storage where it is then controlled by the antivirus program to keep it from harming the system. This makes it easy to restore the file in case there was a mistake and the file is required (Tan, 2007).
Question 3: The Role of the Chief Information Security Officer
Role of the CISO in an organization
A Chief Information Security Officer (CISO) is one of an organization’s executives who is tasked with responsibilities of ensuring that the company’s IS and assets are secure and sufficiently protected. The major role of a CISO within an entity is to assist in forging a secure and strong connection among the organizational departments. For instance, when organization’s departments have no much to worry concerning security vulnerabilities that surround them, they may operate more freely with each other (Swartz, Elliott & Herbane, 2003). A CISO ensures that all organizational departments are able to work more smoothly, therefore adding value to the entity. He or she directs the company staff in identification, development, implementation, and maintenance of processes across organizational departments in reducing risks and vulnerabilities in IT systems.
Types of knowledge, skills, and abilities most important for a successful CISO to have
Among the skills and qualification of a successful CISO, it could be mentioned a degree in business and significant experience in matters relating to IS. For example, CISO may be required to have a background in law and be literate in IT-related matters. Other qualities include right experiences in this area, strong ethics. According to Brenner (2010), the key things to look for in CISO are reputation, character, certification, experience, and education.
Education and experience may not be easy to determine. In essence, there are not many CISO officers with high-level education such as doctorates, Masters, or PhD in information security. However, it is required that they have a background in hard sciences, law enforcement, and business. Though having a doctorate or Masters may not automatically imply that a particular CISO is competent enough, it nonetheless informs of one’s extended and complete academic program, and that the personnel has some abilities in writing and research (Swartz, Elliott & Herbane, 2003).
How CISO can contribute to making security a priority during the system development life cycle
A CISO will have to pay attention to the security needs of the company’s information system from the first stages of its development to the final position. For instance, during the initial phase, the CISO has to determine the need for each system. He is also tasked with defining the problem and how the problem could be solved through automation. The officer could also come up with a basic concept required, technology and feasibility assessments, as well as definition of requirements. During the development stage of SDLC, the CISO is expected to undertake a requirement analysis which should expand and draw on the work done in the initial stage. An in-depth assessment of an organization’s need for the IT system could help in analyzing the security issues for the system requirements (The Global State of Information Security, 2013).
Question 4: Importance of CISO participation in business continuity planning
Reasons why business continuity planning is important to an organization’s survival after a disaster
BCD is important for organization leaders as it helps them in planning and protection against potential disasters in their respective firms. BCP will assist companies to design effective measures on how to control the potential hazards and risks in their various operations and systems. With a carefully thought out BCP, an organization may be able to continue business operations even in the occurrence of a particular disaster (Swartz, Elliott & Herbane, 2003).
Reasons why cyber security should be addressed during the business continuity planning process
Cyber security issues should be addressed accordingly during BC planning process. This owes to the fact that cyberspace attacks and virus intrusions have been known to disrupt the operations of businesses, threaten the security of such operations, and also affect the general performance and sustenance of an entity (Gartener Incorporated, 2003).
How CISO and CISO staff members help to ensure that the BCP process appropriately addresses information systems security issues
The CISO and staff could ensure that the BCP processes appropriately address the IS security needs by incorporating the potential manmade and natural threats. After determining the potential threats, BCP can then be used to plan on how to manage them (Brenner, 2010).
Question 5: Reflection: Career Choices and Strategies
Mr. Erinle’s advice has really widened understanding concerning the necessity of staying updated in this industry. Further, this interview with Erinle gave me an insight concerning the broader perspective of cyber security. I have leant that cyber security does not only relate to the matters of securing computer, but also its management aspects. This knowledge could prepare me for governance and other positions in cyber security should they occur.
Another equally important lesson I learnt from Erinle interview is the significance of developing close relationship with customers. Customers are important people and they should be valued accordingly. In this respect, their values, concerns, and tastes should be effectively addressed. I hope that this knowledge will help me not only in developing relationships with my clients, but also in my regular work.
Question 6: Cybersecurity as an Evolving Industry
Evolution of Mr. Erinle’s business
Mr. Erinle’s business 3eTI was initiated with a focus on offering wireless sensor networks to the military department. The move was aimed at enhancing efficiency for military operations, though this could only be realized through deployment of more sensors. However, wiring more sensors was both problematic and costly. It is due to this reason that Mr. Erinle opted to develop wireless interfaces to a large number of sensors. The constant challenge to 3eTI owing to its unreliable security mandated the management to develop this system into a wireless access point that passed through the certification and standards set out by the Department of Defense.
In essence, this was a good business strategy since the technology initiated by Mr. Erinle was now more secure, while customer trust for the company services improved to a great length. Consequently, this created a positive image for the company. Further, this move also makes the company at par with the changing technology. It is good for businesses to be aligned with the current technological perspective.