Final Project_Tracy Lindsey.docx - Running Head Final...

This preview shows page 1 - 4 out of 12 pages.

Running Head: Final Project- Briefing 1 Final Project- Briefing Tracy Lindsey 15 July 2018 CCJS 390 Cyber Crime and Security
Final Project- Briefing 2 Final Project- Briefing The continuous rate of evolution that information technology and information systems increases the importance of remaining alert and taking all necessary steps to safeguard all digital information. The increasing amount of cyber security data breaches has caused a heightened responsibility of the CSO to implement cyber security countermeasures. It is the responsibility of all personnel within the organization to ensure the proper handling and safeguarding of information systems. The purpose of this presentation is to provide the new CSO with an informative brief over cyber security and concepts of information systems. Additionally, this presentation will provide information on best practices assisting with the safeguarding of company data and networks. What is cyber security? Cybersecurity is the implementation of countermeasures to protect systems, networks, and programs from digital attacks. Cyber security applies to multiple interconnected communication devices on a network physically, in addition to concepts of cyber defense. The five concepts of cyber security is authentication, confidentiality, information integrity, availability, and non-repudiation. Authentication is in place to ensure that personnel have proper credentials within the database of authorized users or the authentication server. Each individual’s credentials must only be used by the designated user in order for them to gain access to the network. Some examples of network authentication are passwords, biometrics, electronic tokens, and two factor authentication. Confidentiality is the privacy of information. Confidentiality is used to ensure personally identifiable information (PII) is kept safeguarded at all times. Policies should be implemented specifying that only authorized users with the need to
Final Project- Briefing 3 know should be allowed access to the sensitive information. Some methods of confidentiality is symmetric and asymmetric encryption. Symmetric encryption consists of same key for encryption/decryption: RC4, DES, Blowfish, Twofish. Asymmetric encryption consists of different keys for encryption/description: PGP, PKI, GnuPG. (Soatome, 2015). Information integrity covers the accuracy and consistency of the network data. This ensures that countermeasures are taken in order to mitigate the chances of data changes. Methods of information integrity consists of the hash algorithm and digital signature. Availability ensures that the data is available for the intended user. This entails the proper handling and maintenance of hardware, software including computer system updates. The importance of data recovery plans will make it a necessity for systems to be down for small periods of time, little to no data loss, or any service interruptions after an event. Methods of availability are denial of service attacks and guard against DOS and sabotage. Denial of service attacks are via internet, errant

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture