Question

Overview: For the final project in this course, you will assume the role of a training manager at a cybersecurity firm needing to create a training manual for new information security analyst hires. For Milestone One, complete the introduction and core tenets of cybersecurity sections of the manual. Prompt: You will submit the introduction and core tenets of cybersecurity sections of the training manual. The training manual will include a discussion of the purpose and value of cybersecurity, illuminate core tenets of cybersecurity, and illustrate best practices for addressing common threat scenarios.

Answer 1

Solution and Explanation:

INTRODUCTION

A) Introduction Cybersecurity should be a priority for all businesses so that they can protect their information systems and data assets. Organizations all over the world have been experiencing cyber-attacks. Types of cybercrime include identity theft, ransomware, denial of service attacks, botnets, phishing and social engineering (Khanse, 2014).

Cybersecurity threats exist from both external sources and from within a company. Cybersecurity issues will have impacted businesses financially to the tune of $6 trillion dollars per year worldwide, which is double the amount since 2013. Cybercrime is projected to be more profitable than the global illegal drug trade (Morgan, 2017). CyberLeet Technologies can safeguard businesses against these threats by strictly adhering to the core tenets of cybersecurity which are confidentiality, availability and integrity. CyberLeet will ensure these tenets by identifying vulnerabilities in client systems, implementing data security policies and utilizing threat detection monitoring.

B) Your Role at CyberLeet The role of an information security analyst at CyberLeet Technologies is to enforce the cybersecurity tenets of confidentiality, integrity and availability. This will be accomplished by performing risk assessments of its client’s software, hardware and networks. The analyst must plan and implement security measures to protect client systems, networks and data. Finally, the role includes helping the client engage in security awareness training for its employees (New England College, 2017). The CyberLeet information security analyst will perform job functions which uphold the basic tenets of cybersecurity. The analyst will perform vulnerability assessments of the client systems to ensure the cybersecurity principle of availability. He or she will monitor the client network and systems to safeguard the cybersecurity tenet of confidentiality. Also, the analyst will safeguard the cybersecurity tenet of integrity by protecting client data through the use of data encryption. Other tasks that will be performed include malware analysis, enhancement of security standards, and investigation and documentation of any security breaches. The ultimate goal of an information security analyst at CyberLeet Technologies is to uphold the cybersecurity tenets of confidentiality, integrity and availability by protecting its client systems’ assets, networks and data from cyberattacks.

C) Purpose of This Manual The purpose of this manual is to train new CyberLeet information security analyst recruits about their job duties. These duties include understanding that their client’s organization is subject to information security issues and the fundamental core cybersecurity tenets of confidentiality, integrity and availability must be applied to develop security measures (Henderson, 2017). These threat mitigation security measures include the development of cybersecurity policies including password policies, acceptable use policies, employee training policies, and basic user polices. It is imperative that information security analysts apply the principles and practices outlined in this manual and provide high-quality services to the client. Failure to do so could result in the client experiencing cyber-attacks ranging from malware, phishing, denial of service and ransomware (Khanse, 2014).

CORE TENENTS OF CYBER SECURITY

A) Confidentiality One of the core tenets of cybersecurity is confidentiality. Confidentiality is the preservation of private and proprietary information, such as customer data or health records. Only authorized users should be able access protected information, while unauthorized users should be blocked. Information security requires control on access to protected information (Henderson, 2017). An example of enforcing confidentiality includes the restriction of access to company assets and information via the use authentication and authorization techniques.

B) Integrity The core tenet of integrity is the guarding against improper modification of data or system information. Data integrity is maintained when information remains unchanged during storage, transmission and usage (Henderson, 2017). An example of maintaining system integrity is the prevention of malware which can corrupt computer files. An example of maintain data integrity is the proper encryption of data prior to transmission between systems, to prevent unauthorized access and manipulation.

C) Availability The core tenet of availability is the accessibility of users to systems and data. Availability is maintained when all components of the information system are working properly. Problems in the information system could make it impossible to access information, thereby making the information unavailable (Henderson, 2017).