Altium Limited is one of the ASX 200 List Company that is specializing in the service of information security and outsourcing of IT service. However the company is currently having issues with some of the sections that are leading to cyber security issues. However the company is currently having a plan to consider the cyber resilience approach for providing a secure information framework. However the approach is something different from the traditional cyber security approach. Cyber Resilience has been acting as one of the most important aspect in the terminology of the functioning of digital networking. This leads to the fact that the data management that is performed with the help of the digital platform to recover very quickly and this is the sole reason that the global acceptance of the Cyber Resilience has been increasing. This leads to the fact that the data that are harmed during the cyber-attack, the entire processing is reserved and this helps sin understanding the processing and algorithm of the better prosecution of the data management after the cyber-attack has been performed by the cyber criminals or imposters. The main target of the technology of b is to protect the data after the cyber attacking has been performed. This leads to the fact that the data that are affected gets protected and this also ensures the fact that the data that are retrieved are used efficiently by the organization that implements the processing of the data management of the organization. This is the sole reason that the policy of data management can be made with the help of the Cyber Resilience. Cyber security act as the major prosecuting technique that will affect the processing of the data management and cyber security acts as the global platform for protecting the data and prevent the attacking of the cyber criminals. Cyber Resilience is the immediate step that is performed for recovering the data that was affected in the processing of the data management. This report provides the policy that are required for completion of the data management and this includes the fact that will helps in probating the data that is stored in the framework of the data base (Dunn Cavelty et al, 2015).
Providing backup: the processing the data management include the fact that the data management will include the fact that the data management of the entire framework will ensure that the data that are stored might get affected and the platform of the cyber security will incur the fact that the data management of the processing will be commenced with the help of the cyber criminals (Sandberg, Amin and Johansson, 2015). This prevention technique is considered to be the min application in the cyber security, where as in case of the implementation of the Cyber Resilience, the main purpose of the data management, ensures that the Cyber Resilience comes into place after the projection of the terminology that will be incurred in the processing of the retrieving of the data that are lost in the processing of the cybercrime. In this case the terminology that is used in the processing of the data restoration is performed with the help of the processing of Cyber Resilience.
Major concept of cyber security is to prevent the cyber criminals from attacking the data that are stored in the data framework and this includes the fact that prevention measures are the most important factor of the cyber security and the main concern for implementing the cyber security is to protect the data from unauthenticated access to the data base management, whereas in case of the processing of the cyber security terminology providing barrier acts as the main functioning of the cyber security and in case of the Cyber Resilience, the main concern to retrieve the data and the methodologies like backing up of the data that are stored in the database acts as one of the major concern of the data management (Harrop and Matteson 2015).
The Directive on Security of Network and Information Systems (NIS Directive) acts as the aim top for the commencing of the Cyber Resilience and this tool helps in gaining back the data that is stored in the processing of the data management of the business aspect and this leads to the fact that it is initially considered that proper management of data will be performed whereas in case of the data management of the cyber security the main tool that is used by the organization is the data that are present in the data base is protected with the help of the installation of the firewall and tats is the sole reason that the major tool that is used in the course of the data protection in the field of the cyber security is mainly focused on the terminology of the protection of the data with the help of the antivirus software and this is the sole reason that the data management is performed with higher efficiency.
• The risks that are present in the processing of the data that are resent in the framework have to be performed helps in proper definition of the data protection and understanding the risk sources, leading to the fact that the Altium Limited will stay in the management of the data (Katzir and Elovici 2018)
• Cyber Resilience is to provide backup of the data that are lost and in case the efficiency of retrieving the data is high enough, the accuracy in the completion of the data management is performed that helps in better commutation of the project
• The major importance of the data management of the prosecuting of that the data prosecution can be data can be performed with the help of the Cyber Resilience is to provide backup of the data for Altium Limited that are lost and in case the efficiency of retrieving the data is high enough, the accuracy in the completion of the data management is performed that helps in better commutation of the project.
In order to understand the framework for implementing the cyber security resilience for Altium Limited, it is important to notice that the approach for the security is different from the traditional security approach. It is not just enough to think about the own security as it was in the case of the traditional security based approach. While it is important to asses own cyber security ecosystem to understand the need of the security plan, the approach is still not sufficient for extended enterprise. In order to make it suitable for the extended organization, it is important to map the relationship that the organization has across the ecosystem. An effective cyber security resilience framework helps to do that effectively.
The process of cyber security resilience need to be simple enough so that it is easy to implement, but still provides an effective result for the organization. In order to make an effective cyber security resilience plan it is important to follow step by step approach. The framework is discussed in details in the following section.
In order to develop the proper cyber security resilience plan the first step that need to be ensured is the position of the organization within the cyber ecosystem which simply means how the organization is situated in the ecosystem Organization have to think of the most important set of information and based on that it security for protecting that part of the information needs to be prioritized. One this is identified it is easier to formulate the security plan that is most effective for the organization point of view. This will in turn help to conduct a risk assessment for the presence of the organization which implies where the organization is present in the ecosystem. Both of this information is important for the effective formulation of the cyber security plan that is different from the traditional approach and provides an effective means for implementing the cyber security resilience (Amin 201t5)
Although it is not possible for make a direct assessment or track the investment directly as in the case of investment made for hardware and software or the IT assets. However an effective alternative is to define attributes for the cyber security resilience (Dunn et al. 2015). The attributes are resilient leadership (visionary commitment led by executives of the organization and implementation of non-routine management style), resilient culture (support for one in all approach, preparation to learn from failure and disruption), and resilient networks (establishment of trust based relationship with third parties) and readiness for the resilient
The need for the holistic and resilient approach for the information security has always been neglected in in the traditional security based approach and the major focus for Altium Limited has always been on the up gradation of the hardware and software assets as it is assumed that purchase of new and improved software is all it take to improve the security. However the approach has to be changed and instead of focusing on the cyber security team alone the focus has to be on all the employees and there should be equal opportunity for development for all the team as the contribution of every team is important for robust security framework (Dong et al. 2015).
In order to develop the plan for the cyber security resilient plan, it is required for Altium Limited to consolidate the log system. It is also required to establish baseline information for the resilient network by correlating and cross referencing the logs that is present across the system
The resilient culture is important before Altium Limited plans to develop and implement the resilient plan for the cyber security. In order to do that the security models that are aimed toward having command and control on the security system needs to be augmented. Here the entire responsibility for managing the security of the system is provided to the information security department. The other department of Altium Limited is not engaged that much. It provides an effective approach for the security assessment and control of the system. This is because the department is much more experienced for the task thus it is more effective and time saving for the organization to manage the security control
In order to make the resilient plan effective, one of the most important yet neglected approach is to prepare the employees for the change. The change will see modification in terms of roles and responsibility after the plan is implemented. If the employees are not well versed with the changes and techniques the organization will not be able to drive the change successfully as intended. So the employees if needed have to be trained with proper techniques to make them accounted with the change within the organization and help them follow the best practises which ensures effective result for the organization.
In order to implement the cyber security resilience plan, Altium Limited needs to consider the following points:
• In the aspects of cyber resiliency techniques the technique of adaptive responsive need to be used for optimizing the ability of responding in an appropriate and timely manner.
• The analytic monitor need be used in this case for detecting and monitoring the conditions and actions in an actionable and timely manner (Rawat and Bajracharya 2015).
• The next technique which is the coordinated protection technique is need to be implemented because it can help to implement a defence strategy. Implanting the defence strategy can create multiple obstacles in the way of adversaries.
• The deception technique of cyber resilience needed to be implemented to confuse, mislead and hide the critical assets from the adversary.
• The diversity technique can help to reduce the common mode failures.
• The dynamic positioning technique can improve the efficiency of the recovery due to the non-adversarial incidents (Roege et al. 2017).
• The next dynamic representation technique can be used for enhancing the dependency understanding between non-cyber and cyber-resources.
• The technique of non-persistence need to be implemented for retaining and generating the resources which are needed for limited amount of time (Qi et al. 2016). By implementing this exposure to modification and corruption can be reduced.
• The privilege restriction technique needed to be implemented for privileges restriction purpose on the basis of user attributes. Also, it restricts system elements and the factors of environment.
• The technique of realignment must be implemented for the connection reduction purpose between the noncritical services and mission-critical services (Hiller and Russell 2015).
• The redundancy technique in the cyber resiliency needed to be implemented for multiple protection of instances of the resources which are critical in nature.
• The next technique which is the segmentation technique must be used in the cyber resiliency for defining and separating elements of the system on the basis of trustworthy and criticality.
• The Substantiated Integrity technique can be used for deterring the critical elements of the system whether it is corrupted or not.
• The unpredictability technique can be used for bringing some changes into the systems unexpectedly and randomly. This will create uncertainty about the protection mechanism of the system among the adversary which will make the task more difficult of determining the required actions (Kim, Kolesnikov and Thottan 2016).
Conclusion:
The report concludes that the resilient plan for the cyber security is different from the traditional approach. The difference is not only on the approach the different is also the way the plan is implemented and managed. It requires extensive change within the organization as well for making it compatible with the change. However the change is more beneficial for the organization in long terms even though there is initial issues in terms of implementation. The resilient plan for cyber security is thus meant for the organization who want to leverage change that ensures stability and sustainability in the cyber ecosystem.
References:
Amin, M., 2015. Smart Grid. PUBLIC UTILITIES FORTNIGHTLY.
Anon, Follow this company. ASX. Available at: https://www.asx.com.au/asx/share-price-research/company/ALU [Accessed September 11, 2018].
Christou, G., 2016. Cybersecurity in the European Union: Resilience and Adaptability in Governance Policy. Springer.
DiMase, D., Collier, Z.A., Heffner, K. and Linkov, I., 2015. Systems engineering framework for cyber physical security and resilience. Environment Systems and Decisions, 35(2), pp.291-300.
Dong, X., Lin, H., Tan, R., Iyer, R.K. and Kalbarczyk, Z., 2015, April. Software-defined networking for smart grid resilience: Opportunities and challenges. In Proceedings of the 1st ACM Workshop on Cyber-Physical System Security (pp. 61-68). ACM.
Dunn Cavelty, M., Kaufmann, M. and Søby Kristensen, K., 2015. Resilience and (in) security: Practices, subjects, temporalities. Security Dialogue, 46(1), pp.3-14.
Harrop, W. and Matteson, A., 2015. Cyber resilience: A review of critical national infrastructure and cyber-security protection measures applied in the UK and USA. In Current and Emerging Trends in Cyber Operations (pp. 149-166). Palgrave Macmillan, London.
Hiller, J.S. and Russell, R.S., 2015. Modalities for Cyber Security and Privacy Resilience: The NIST Approach. In ISCRAM.
Jin, D., Li, Z., Hannon, C., Chen, C., Wang, J., Shahidehpour, M. and Lee, C.W., 2017. Toward a cyber resilient and secure microgrid using software-defined networking. IEEE Transactions on Smart Grid, 8(5), pp.2494-2504.
Katzir, Z. and Elovici, Y., 2018. Quantifying the resilience of machine learning classifiers used for cyber security. Expert Systems with Applications, 92, pp.419-429.
Kim, Y., Kolesnikov, V. and Thottan, M., 2016. Resilient End-to-End Message Protection for Cyber-Physical System Communications. IEEE Transactions on Smart Grid.
Knowles, W., Prince, D., Hutchison, D., Disso, J.F.P. and Jones, K., 2015. A survey of cyber security management in industrial control systems. International journal of critical infrastructure protection, 9, pp.52-80.
Qi, J., Hahn, A., Lu, X., Wang, J. and Liu, C.C., 2016. Cybersecurity for distributed energy resources and smart inverters. IET Cyber-Physical Systems: Theory & Applications, 1(1), pp.28-39.
Rawat, D.B. and Bajracharya, C., 2015, April. Cyber security for smart grid systems: Status, challenges and perspectives. In SoutheastCon 2015 (pp. 1-6). IEEE.
Roege, P.E., Collier, Z.A., Chevardin, V., Chouinard, P., Florin, M.V., Lambert, J.H., Nielsen, K., Nogal, M. and Todorovic, B., 2017. Bridging the gap from cyber security to resilience. In Resilience and Risk (pp. 383-414). Springer, Dordrecht.
Sandberg, H., Amin, S. and Johansson, K.H., 2015. Cyberphysical security in networked control systems: An introduction to the issue. IEEE Control Systems, 35(1), pp.20-23.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download