Discuss about the Cybersecurity Vulnerabilities in Medical Devices.
The paper mainly focuses on the organization “Advacomm” which is one of the telecom consultancy that helps in delivering high quality of telecommunication matter expertise with the help of consulting, training as well as clients services across the globe. The main aim of the paper is to explore the environment of information system as well as cyber security within Advacomm (Campbell 2015). In this paper, a detailed review of the literature is mainly done to illustrate the significance of cyber security as one of the critical infrastructures. The paper also elaborates cybercrime as well as information system related vulnerability, information security, strategies for managing cybersecurity within an organization and information system security governance as well as auditing. In addition to this, the paper also discusses about the organization governance for information system as well as cyber security.
It is identified that protection of critical infrastructure is considered as one of the significant areas of cybersecurity. The main goal of the organization is to properly design as well as develop the critical infrastructure cybersecurity related assessment methodologies that are associated with modelling as well as simulation environments. It is identified that critical infrastructures are considered as one of the safety critical distributed system that mainly comprises of number of components that are linked in a very much complex way
(Kshetri 2015). This generally leads to number of interactions that will not be foreseen by the system designers.
It is found that the presence of proper implicit interaction within a system generally helps in indicating lot of unforeseen flaws. It is found that such type of interactions can be considered as symptoms that are compromised of hardware and software for remaining undetected. Thus, it is identified that proper understanding about the implicit interactions are very much vital for ensuring that the system generally operate as intended and are generally considered to be resistant to cyber-attacks (Oyelere et al. 2015). The critical vulnerabilities are mainly known for slowing down the vulnerabilities and for updating the technology. However, due to this characteristic we can check the progression of the critical infrastructure attacks.
The organization “Advacomm” utilizes information system management to produce regular reports on the operations of the organization at each management level to provide the managers feedback about their performance and for monitoring the entire organization. The information management system of the company generally includes consulting, training as well as resourcing services to the clients of the organizations (Tehan 2017). This generally helps the organization to properly understand the contribution by each of the department of the organization. In most of the cases, combination of data including sales figures are combined with the present inventory to help the managers to take appropriate actions for meeting the needs and demands of the customers.
To plan and control the project, the organization involves in managing the risk, controls the entire project by tracking as well as managing progress and engages in effective project planning as well as control within the entire project (Delaney et al. 2015). In addition to this, it is found that appropriate staffing as well as costing are quite necessary to make the project successful.
Information system security is defined as the processes as well as methodologies that mainly involves with keeping information much more confidential by assuring its integrity. It generally helps in preventing access control that helps in preventing various types of unauthorized personnel to enter or access the entire system. It is generally required in order to protect the information within proper storage area. In addition to this, the detection as well as remediation of security breaches can be easily done.
Critical infrastructure is considered as one of the vital functioning of the healthcare, economic as well as various social sectors of the entire nation. Any type of disruption that is related with critical infrastructure generally helps in affecting the economy as well as proper functioning (O’Brien et al. 2016). It is identified that protection of critical infrastructure is one of the important need. It is found that as per the outcome, the protection mechanism is properly designed, planned as well as implemented.
Risk assessors as well as managers generally faces lot of difficult challenges that is related with the novel cyber systems. It is found that among the challenges, the constant change within the cyber system that is mainly caused due to number of technical advances as well as complex network structure (Choejey, Murray and Fung 2017). Number of probabilistic as well as risk-based decision-making methods as well as techniques are generally used within the cyber systems for concluding that the present approaches does not addresses all the components of the risk assessment related triplets.
Proper decision analysis-based approach that helps me quantifying vulnerability, threat as consequence helps in setting up criteria that is mainly designed for assessing the overall utility of various cybersecurity related management alternatives (Francis and Ginsberg 2016). It is found that the proposed technique helps in bridging the gap that generally exists between risk assessment as well as risk management and assists in allowing the analyst for ensuring proper structured as well as transparent procedure for selecting appropriate cybersecurity related management alternatives.
Advacomm can be stated as a telecommunication organisation which should be directly focusing on the aspect of the delivering a standard of data security measures. It can be stated here that in context of the data security the customer’s data play a very vital role. In most of the cases it is seen in the sector of telecommunication industry one of the most topmost priority should be the implementation of a security plan which would be enhancing the delivery of the data in different peripherals of the operation (Adhikari, Morris and Pan 2017). It there are any sort of data loss indulged into the operation of the organisation, it could be reinforcing a factor of importance which could directly affect the internal as well as external working of the organisation.
Advacomm in order to achieve the desired standard of information and data security following implementation were majorly included into their working.
Taking into consideration the aspect of the enterprise resilience the following points were included by the Advacomm which directly resulted in proper working of the organisation.
The organisations focus point was the interest of the stakeholders. If the interest of the stakeholders is taken into consideration it would be directly affecting the internal as well external working of the organisation
The main strategy consideration relating to the enterprise cyber security management which was adopted by the organisation are stated below:
Executive management: Key aspect relating to accountability and key decision which are required to drive the overall working of the organisation (Heinl 2014).
Management of IT Risk: The organisation developed a cyber-security and IT team who were given appropriate information to supress IT Risk management goals.
Cyber security and IT assurance: The organisation should provide evidence towards the management which is directed towards the SLT that their investment in the security of the organisation is providing a proper means of execution and desired standard of working as expected of it (Williams and Woodward 2015).
Securing of Network: The organisation has taken into consideration that they give access to their data to only the authorised person. This majorly increase the sector of the security of the data and which would be directly enhancing the security aspect of the organisation (Sadiku et al. 2017). It should be taken into consideration for any type of organisation that they should restrict the access to the data no matter where it is situated within internal bound or external bound of the organisation.
Securing of the system: The organisation took into consideration the aspect of delivering the securing of the system. The overall aspect which is taken into consideration is the delivering of the services which is related to the working of the organisation. The area which is majorly taken into consideration in the aspect of the securing of the data at rest or in transit.
Securing application: This are majorly including the aspect of the control access which is related to the network and other data, application and system. Taking into consideration application which identify the requesting party (Tanev, Tzolov and Apiafi 2015). The main aspect which is related to the concept is the securing aspect related to the development, design and the managed throughout the life cycle.
Step 1: There should be a precise allocation of security measures into the system which would be focused on the aspect of the securing of the data.
Step 2: Implementation of concrete standard of security standard should be implemented within the working of the organisation.
Step 3: Unauthorised access to the data should be restricted which would be directly enhancing the security of the data.
The main human factor and the perception which can be stated here is the application of the different factors of intervention which is related to the system. The human play a very vital role which directly alters the sector of the judgement of the system. There can be different factors which are related to the security which would be applicable in the prospective of the unethical practice if getting involved into the system.
The information security and governance can be relegated to a standard of the working of the organisation. In most of the situation it can be stated that auditing can be very much important which would be directly impacting the overall working of the organisation. Sometimes it can be seen that project risk factor is sometimes included into the working of the project on the other hand it can create some unavoidable circumstances into the working of the organisation (Campos et al. 2016). The risk factors should be being mitigated at the time of the identification of the risk and sometimes it can be stated that if the risk factors are not mitigated it can directly lead the project to direct failure.
In most of the times it can be stated that risk factors in any type of project can be stated to be one of the important factors which can directly lead to complete failure of success. Auditing should be done by an experienced person who has an over idea about the project and has the overall control over the different working of the project (Vattapparamban et al. 2016). The project manager has a very important role in this context and it can be stated that project managers and the team who is working under the project should have an overall idea about the different risk factors which can be imposed into the normal working of the project.
Most of the time the people should be aware of the risk factors and the mitigation aspects should be taken into consideration. The governance aspect play a very vital role in the sector of the enhancing of the security around the internal as well as external working of the organisation.
There are different types of tools which can be implemented into the working of the project which would be delivering the security of the project. In most of the cases it is seen that the project risk factors are very much important in the sector of the normal working of the organisation. The data of the organisation can be stated to be very much important for the normal working of the organisation. There can be different types of tools which can be implemented within the working of the organisation. Some of the tolls which can be widely used are the risk registers (Muller, Litoiu and Mylopoulos 2016). The risk register can be used to identify the different factor of the risk before they superimpose different types of aspect into the internal as well as external working of the organisation. The main factor which should be taken into consideration is that the risk factor does not include into the working of the project and alter the normal working. Risk assessment can be considered as another important tool which can be used in the context of the identification of the risk factors.
The main aspect which is taken into consideration in the aspect is that identification of the risk should be done in a proper manner for the organisation. It can be stated here that organisation should include the risk assessment factors into the normal working of the organisation so that it does not impose different type of risk factors into the internal as well as external working of the organisation (Hurwitz 2017). In most of the cases it should be taken into consideration that the mitigation of the risk factors should be implemented so that it does not create problem related to the security of the organisation. The protection of the enterprise data can be very much beneficial in a way which would be safeguarding the data of the organisation as well as increase the sector of the internal working of the organisation. The data in an organisation can be very much essential which should be protected and safeguarding aspects should be involved into the working of the organisation. Critical data of the organisation should be safeguarded and should be seen that it does not impose third party access to the data.
It is found that the enhanced information security related threats include cyber security problems within the organization helps the organization in integrating with the corporate governance (Tanev, Tzolov and Apiafi 2015). This is generally required in order to govern the company like one of the sovereign state by instating its policies and laws for avoiding cybersecurity related issues which are mainly related with the organization “Advacomm”. It generally assists in changing the ownership structure of the organization, reflects the significance of social responsibility as well as assists in managing the enhancing number of scams to avoid cybersecurity related challenges as well as issues within the organizations (Hurwitz 2017). The organization governance helps in allowing more controls to the information system of the organization so that issues related with cybersecurity can be easily resolved.
Conclusion
It can be concluded from the entire report that the environment related to information system as well as cybersecurity within the telecommunication organization is properly explored. The paper reviews number of key focus areas to elaborate the significance of cybersecurity within the organization. It is found that the paper successfully elaborates IT project management procedures as well as information security to reflect its importance within the organization. The paper discusses the cybercrime as well as information system related vulnerability within the project as well as elaborates information as well as enterprise resilience in the organization. The paper elaborates various information security related governance as well auditing for understanding the human factors in cyber security as a proper dynamic system. In addition to this, the paper also elaborates the utilization of risk management tools for managing as well as protecting the enterprise as well as infrastructure within the project against the cybersecurity issues.
References
Adhikari, U., Morris, T. and Pan, S., 2017. WAMS cyber-physical test bed for power system, cybersecurity study, and data mining. IEEE Transactions on Smart Grid, 8(6), pp.2744-2753.
Campbell, R.J., 2015. Cybersecurity Issues for the bulk power system.
Campos, J., Sharma, P., Jantunen, E., Baglee, D. and Fumagalli, L., 2016. The challenges of cybersecurity frameworks to protect data required for the development of advanced maintenance. Procedia CIRP, 47, pp.222-227.
Choejey, P., Murray, D. and Fung, C.C., 2017. Perceptions of Cybersecurity in Government Organizations: Case Study of Bhutan. World Academy of Science, Engineering and Technology, International Journal of Computer, Electrical, Automation, Control and Information Engineering, 11(1), pp.152-155.
Das, A., Voorhees, D., Choi, C. and Landwehr, C.E., 2017, March. Cybersecurity for Future Presidents: An Interdisciplinary Non-majors Course. In Proceedings of the 2017 ACM SIGCSE Technical Symposium on Computer Science Education (pp. 141-146). ACM.
Delaney, D.G., Welch, V. and Starzynski Coddens, A., 2015. Center for Applied Cybersecurity Research: 2015 Annual Report and Strategic Plan (2015-2020).
Francis, K.A. and Ginsberg, W., 2016. The Federal Cybersecurity Workforce: Background and Congressional Oversight Issues for the Departments of Defense and Homeland Security.
Heinl, C.H., 2014. Regional Cybersecurity: Moving Toward a Resilient ASEAN Cybersecurity Regime. asia policy, 18(1), pp.131-159.
Hurwitz, J., 2017. State, Local, and Regional Issues in Cybersecurity: Symposium Introduction. Neb. L. Rev., 96, p.247.
Kshetri, N., 2015. Cybercrime and Cybersecurity Issues in the BRICS Economies. Journal of Global Information Technology Management, 18(4), pp.245-249.
Müller, H.A., Litoiu, M. and Mylopoulos, J., 2016. Engineering Cybersecurity into Cyber Physical Systems.
O’Brien, D., Budish, R., Faris, R., Gasser, U. and Lin, T., 2016. Privacy and Cybersecurity Research Briefing.
Oyelere, S.S., Sajoh, D.I., Malgwi, Y.M. and Oyelere, L.S., 2015, November. Cybersecurity issues on web-based systems in Nigeria: M-learning case study. In Cyberspace (CYBER-Abuja), 2015 International Conference on (pp. 259-264). IEEE.
Sadiku, M.N., Alam, S., Musa, S.M. and Akujuobi, C.M., 2017. A_ampersandsignnbsp; Primer On Cyber Security. IJASRE, 3.
Tanev, G., Tzolov, P. and Apiafi, R., 2015. A value blueprint approach to cybersecurity in networked medical devices. Technology Innovation Management Review, 5(6), p.17.
Tehan, R., 2017. Cybersecurity: Critical infrastructure authoritative reports and resources. Congressional Research Service Report, April, 21, pp.107-56.
Vattapparamban, E., Güvenç, ?., Yurekli, A.?., Akkaya, K. and Ulua?aç, S., 2016, September. Drones for smart cities: Issues in cybersecurity, privacy, and public safety. In Wireless Communications and Mobile computing Conference (IWCMC), 2016 International (pp. 216-221). IEEE.
Williams, P.A. and Woodward, A.J., 2015. Cybersecurity vulnerabilities in medical devices: a complex environment and multifaceted problem. Medical devices (Auckland, NZ), 8, p.305.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download