Discuss about the IT Security Management for Precedent Communication Pty Ltd.
ITSM or IT security management is used to ensure confidentiality, integrity and availability of IT and information services. It is intended to design security controls, security testing, controlling security incidents and security review.
Precedent Communications Pty Ltd has been engaged in managing the official site for a popular blood service at Australia, named Australian Red Cross Blood Service (Precedent.com, 2018). A security company has been hired for security analysis regarding cybersecurity risk, following a government enquiry.
In the following report, a security risk analysis is made including various threats and vulnerabilities related to the case of Australian Red Cross. Next, an analysis of business requirement is made outlining about primary business perquisites for Telstra.
IT enterprise security risk analysis for Australian Red Cross is needed to be performed for helping Precedent Communications Pty Ltd to modify, identify and analyze overall security posture (Donateblood.com.au, 2018). It is also useful for organizational, operational and security management apart from various other personnel collaborating and viewing the entire company from the perspective of attackers. Here, the process is needed to gain the commitment to organizational management to allocate various resources and then impose the proper security solutions. For assessing risks accurately, Precedent Communications Pty Ltd should recognize data that are most costly to Australian Red Cross, storage mechanisms of this data and variously related vulnerabilities.
The information system of Australian Red Cross’s website can be penetrated by various deliberate attacks. Very often these kinds of penetrations take place because of hackers particularly looking for data to get stolen. Employee fraud, theft and impersonation are deliberate means for accessing data (Oaic.gov.au, 2018). As per the “Privacy Rights Clearing House”, most of the external attacks are because of malware infection. The websites of Red Cross comprises of thousands of records with sensitive data like medical centre, financial administration area, human resource department, bursar or alumni office has been the target by attackers than smaller systems having fewer records. Red Cross’s system owners have been regularly monitoring access logs along with upgrading access authorizations as their staffs come and go. It has been putting other protections in place for restricting access to those systems for staffs with business needs (Cherdantseva et al. 2016).
Malicious codes get transmitted to computers via browser web pages that have never undergone through various security updates. Thus, visiting the unsecured and compromised website of Australian Red Cross results in various threats. This includes malicious software to be downloaded to Red Cross’ network and computers. It must be reminded that Precedent Communications Pty Ltd must know where the data of Australian Red Cross has been under their networks (De Gramatica et al. 2015). Further, there has been so much interconnected system for Red Cross that there have been various numbers of connected devices presents carrying secured health information. And, here lies the real problem of Red Cross regarding threats of a data breach from their website.
There have been various vulnerabilities faced by Red Cross’ website. The first one is exploitability. Here the exploitability takes place when the attacks require web browsers only and the least are the various advanced tools and programming. The next one is detectability. It must be determined, how must simple the threats have been regarding detection. Here the highest is the information displayed in URL, Form and Error message and the minimum is the source code. The next one is the damage or impact. Here, it is needed to be determined the amount of damage that has taken place as the vulnerability of security gets attacked or exposed (Labunets et al. 2017). For Red Cross, the highest has been the entire system crash and the minimum has been nothing at all.
Telstra has urged Australian Red Cross through many business requirements. First of all, it has helped in rethinking HR for various Digital Workplaces. Mobility and new technologies have been changing the way in which businesses can operate and the role gets transformed as per the role of HR (Telstra.com.au, 2018). Moreover, Telstra has been helped in workplace transformation to drive change and engagement. It has been getting various supports from management which is important to create employee buy-in and engagement within workplace transformation. Seamless transitions taking place between Red Cross IT environments have been important (Ermakov et al. 2014). Further, employee engagement has been driving outcomes for Red Cross’s bottom line. They are needed to discover the way in which future-focused agencies using employee engagement along with workplace mobility for improving the bottom line. Further, the HR of Telstra has always been engaged in managing cybersecurity. While people are most important to Red Cross, they can turn out to be the most important threat and the highest point of vulnerability as it comes to the matter of information security (Sallam 2015).
Further, Telstra provides social collaboration platforms which can provide potential for Res Cross to radically modify conventional communications by developing their capability to find and promote their content and knowledge. The HR professionals of Telstra are important regarding transformation in the workplace. Shortage or various skilled labour along with speed to change business, expectations of various multi-generational workforce along with urbanization possess wide-teaching implications for those HR professionals (Reniers, Van Lerberghe and Van Gulijk 2015). Telstra also provides the way to leverage SoCoMo for enabling future workforce. Red Cross can thus gain more engaged workforce and satisfied customers through leveraging “Social, Collaborative, Mobile” or SoCoMo technologies. Despite this, a major change in workplace culture is also needed. Next, Telstra has been engaged in capitalizing big data. As Red Cross has been the proper employee, their challenge is to keep them; They can currently implement big data for talent management. However, the barriers for HR leaders of Telstra are to access and make use of that information.
Telstra’s human resource is involved in a quest for cultural change under digital workplace. This can drive a widespread transformation of workplace culture at Red Cross. In the current world, where diverse workforces have been mobile and office-based, HR of the company needs proper investment, technical and data transformation enabling Red to cross to drive them forward (Henshel et al. 2015). Further, AI infused chatbots can humanize HRs through understating, putting into context and making inferences and then proposing successful outcomes.
In this way data of Telstra has been enterprises in automating and electronically make information change with their trading partners Red Cross. It has been supporting every essential standard, protocols and format are helpful. They have been translating and mapping business documents to and from significant computers languages. It has been validating document source, destination, and facilitating secure. Telstra has also been involved in data transmission, designing, testing, web interface and configuration. It has included comprehensive online help system that has been context sensitive. It has helped enterprises to efficiently manage and monitor their business data. Further, Telstra has been delivering real-time visibility of information with customizable reporting. Moreover, the real-time visibility of data with customizable reporting has been adequate. Here, data can be accessed, audited and tracked easily and information can be audited, tracked and accessed. Moreover, search facility of Telstra helps in quickly locating business information that is helpful for Red Cross.
Conclusion:
The report helps in an analysis that comprehensive enterprise security risk analysis is also helpful in determining a value of different kinds of information created and then stored around Australian Red Cross. Instead of valuing different types of data in companies, it has been quite impossible to allocate and prioritize resources of technology that is needed most. Telstra has been being used for Red Cross to trade electronically. The manual and fax communication processes are required in order to be eliminated and Telstra provides simple to use, outbox and inbox web system. Moreover, the company delivers the abilities to automate and design business processes and dynamically monitors and controls business information under workflow process. Lastly, as per as flexibility is concerned, the study shows that Telstra smartly alters workflow processes made with easy to drag and drop design method. This is highly beneficial for Red Cross.
References:
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H. and Stoddart, K., 2016. A review of cyber security risk assessment methods for SCADA systems. Computers & security, 56, pp.1-27.
De Gramatica, M., Labunets, K., Massacci, F., Paci, F. and Tedeschi, A., 2015, March. The role of catalogues of threats and security controls in security risk assessment: an empirical study with ATM professionals. In International Working Conference on Requirements Engineering: Foundation for Software Quality (pp. 98-114). Springer, Cham.
Donateblood.com.au. (2018). Home | Australian Red Cross Blood Service. [online] Available at: https://www.donateblood.com.au/ [Accessed 12 Apr. 2018].
Ermakov, S.A., Zavorykin, A.S., Kolenbet, N.S., Ostapenko, A.G. and Kalashnikov, A.O., 2014. Optimization of expert methods used to analyze information security risk in modern wireless networks. Life Science Journal, 11(10), p.511.
Henshel, D., Cains, M.G., Hoffman, B. and Kelley, T., 2015. Trust as a human factor in holistic cyber security risk assessment. Procedia Manufacturing, 3, pp.1117-1124.
Labunets, K., Massacci, F., Paci, F., Marczak, S. and de Oliveira, F.M., 2017. Model comprehension for security risk assessment: an empirical comparison of tabular vs. graphical representations. Empirical Software Engineering, 22(6), pp.3017-3056.
Oaic.gov.au. (2018). DonateBlood.com.au data breach (Precedent Communications Pty Ltd)| Office of the Australian Information Commissioner – OAIC. [online] Available at: https://www.oaic.gov.au/privacy-law/commissioner-initiated-investigation-reports/donateblood-com-au-data-breach-precedent-communications-pty-ltd [Accessed 12 Apr. 2018].
Oaic.gov.au. (2018). DonateBlood.com.au data breach (Australian Red Cross Blood Service)| Office of the Australian Information Commissioner – OAIC. [online] Available at: https://www.oaic.gov.au/privacy-law/commissioner-initiated-investigation-reports/donateblood-com-au-data-breach-australian-red-cross-blood-service [Accessed 12 Apr. 2018].
Precedent.com. (2018). Home | Precedent. [online] Available at: https://www.precedent.com/ [Accessed 12 Apr. 2018].
Reniers, G., Van Lerberghe, P. and Van Gulijk, C., 2015. Security risk assessment and protection in the chemical and process industry. Process safety progress, 34(1), pp.72-83.
Sallam, H., 2015. Cyber security risk assessment using multi fuzzy inference system. IJEIT, 4(8), pp.13-19.
Telstra.com.au. (2018). Telstra – mobile phones, prepaid phones, broadband, internet, home phones, business phones. [online] Available at: https://www.telstra.com.au/ [Accessed 12 Apr. 2018].
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download