Describe about The Corrupting Influence of Secrecy on National Policy Decisions?
Strategic Information Security is a strategic plan to provide the organization’s management, the information required to make decisions regarding security keeping in mind the business objectives of an organization. Information security protects business operations by minimizing vulnerabilities and protecting infrastructure, applications and data from damage (Whitman, 2010).
Information security focuses on protection strategies, technology and service provider selection, and deployment best practices. The threat environment is changing, and security professionals must continuously improve protection against increasingly sophisticated and damaging attacks. There is also increasing pressure to satisfy complex regulatory compliance requirements. Information security leverages tools and techniques to protect business operations develop assessment and remediation strategies, select appropriate technology and service providers, and ensure effective deployment of security controls.
Consider These Factors to Determine Your Readiness
Before approving the deployment of infrastructure, application, and data protection technologies and services, CIOs should:
Ensure that the need for new security capabilities has been prioritized through a risk assessment that evaluates the threat environment, known vulnerabilities, recent security incidents and compliance issues.
Define the enterprise’s process, technology and service requirements for security assessment; network, application and data protection; vulnerability remediation; and security monitoring.
Use technology and process requirements to select appropriate infrastructure, application, or data protection technologies or services that are specific to the enterprise’s needs.
IT leaders should consider these factors in the selection, development, deployment and ongoing improvement of information security technology and service initiatives:
Security risk environment — Assess the current threat environment, making sure to include internal and external threats.
Existing security controls and architecture — Review their status and effectiveness within the context of the risk environment for your enterprise and industry.
Business processes and initiatives — Identify planned and current business programs that will modify existing security risks or create new forms of security risk.
IT processes and initiatives — Identify planned and current IT management strategies and tactics that will change existing security risks or create new types of security risk.
Regulatory drivers for security — Catalog the internal and external policies, standards and regulations that govern security operations in your SenAd and industry.
Technical professionals should take the following steps to ensure a successful implementation of information security:
Manage threats and attacks using a combination of effective technologies, such as anti-malware and security information and event management (SIEM), and practices.
Build control architectures that can work across IT environments that intersect with the Nexus of Forces of cloud, mobile, big data and social.
Focus on being pragmatic and manage the risks of mobility, social, big data and cloud by saying “How?” instead of “No.”
Ensure high-value assets are protected using zoning and perimeter architecture, but support unmanaged or mobile devices on end-user networks as appropriate.
Use data masking, tokenization and/or encryption — as well as discovery and monitoring solutions, such as data loss prevention (DLP) and database audit and protection (DAP) solutions — where confidentiality is required (Whitman, 2010).
Information security technology and services are effective only if they are able to rapidly adapt to changing threat environments. As a result, many activities within information security are highly tactical and rapidly move through multiple phases during their design, deployment and management. A clear project management methodology has to be implemented in the planning process. For the planning, SenAd implements a planning process involving its stakeholders including the inside stakeholders and the outside stakeholders, its management team including the board of directors, the employees and keeping in mind the SenAd environment that attributes to the physical structure environment, technological environment, political and legal and the competitive environment. Information security management works like any other management process where the difference here is that the emphasis is more on the focus on the security issues.
Successful security projects maintain a strong focus on supporting business objectives and use the phases below to structure security programs:
Strategize and Plan: Use risk assessment to identify and prioritize security projects and programs. Integrate business objectives and initiatives with the risk mitigation prioritization process to define short-term and midterm plans for information security management.
Architect Solution: The design of security tools and services must align with enterprise objectives for flexibility, efficacy and cost containment. Identify performance parameters for information security projects, and integrate these into solution designs.
Select Solution: Security solutions can affect nearly all employees and processes. Minimize disruption to operations and maximize security performance by aligning security solutions with architectural standards and infrastructure deployment and management models.
Operate and Evolve: Use continuous performance monitoring of security technology and services to find and close gaps. Compare updated risk assessments with current performance measures to identify areas for improvement, replacement or development of new security solutions.
SIEM technology provides a set of common core capabilities that are needed for all cases. Other SIEM capabilities are more critical for the threat management use case or the compliance use case. Many SenAds will apply SIEM technology broadly across their IT infrastructures and will implement most SIEM capabilities, but they typically start with a narrow deployment that implements a subset of functions to resolve a specific compliance gap or security issue.
SenAds should evaluate the following set of SIEM capabilities:
Scalable architecture and deployment flexibility:
These are derived from vendor design decisions in the areas of product architecture, data collection techniques, agent designs and coding practices. Scalability can be achieved by:
A hierarchy of SIEM servers — tiers of systems that aggregate, correlate and store data
Segmented server functions — specialized servers for collection correlation, storage, reporting and display
A combination of hierarchy and segmentation to support horizontal scaling
During the planning phase, many SenAds underestimate the volume of event data that will be collected, as well as the scope of analysis reporting that will be required. An architecture that supports scalability and deployment flexibility will enable an SenAd to adapt its deployment in the face of unexpected event volume and analysis.
Real-time event data collection: SIEM products collect event data in near real time in a way that enables immediate analysis. Data collection methods include:
Receipt of a syslog data stream from the monitored event source
Agents installed directly on the monitored event source or at an aggregation point, such as a syslog server
Invocation of the monitored system’s command line interface
APIs provided by the monitored event source
External collectors provided by the SIEM tool
Note: The technology should also support batch data collection for cases where real-time collection is not practical or is not needed.
Log management and compliance reporting:
Functions supporting the cost-effective storage and analysis of a large information store include collection, indexing and storage of all log and event data from every source, as well as the capability to search and report on that data. Reporting capabilities should include predefined reports, as well as the ability to define ad hoc reports or use third-party reporting tools.
Analytics:
Security event analytics is composed of dashboard views, reports and ad hoc query functions to support the investigation of user activity and resource access in order to identify a threat, a breach or the misuse of access rights.
Incident management support:
Specialized incident management and workflow support should be embedded in the SIEM product primarily to support the IT security SenAd. Products should provide integration with enterprise workflow systems, and should support ad hoc queries for incident investigation.
User activity and data access monitoring:
This capability establishes user and data context, and enables data access and activity monitoring. Functions include integration with identity and access management (IAM) infrastructure to obtain user context and the inclusion of user context in correlation, analytics and reporting. Data access monitoring includes monitoring of database management systems (DBMSs), and integration with file integrity monitoring (FIM) and data loss prevention (DLP) functions. DBMS monitoring can take three forms — parsing of DBMS audit logs, integration with third-party database activity monitoring (DAM) functions or embedded DAM functions. FIM can be provided by the SIEM product directly or through integration with third-party products.
Application monitoring:
The ability to parse activity streams from packaged applications enables application-layer monitoring for those components, and the ability to define and parse activity streams for custom applications enables application-layer monitoring for in-house-developed applications. Integration with packaged applications, an interface that allows customers to define log formats of unsupported event sources, and the inclusion of application and user context are important capabilities that enable the monitoring of application activities for application-layer attack detection, fraud detection and compliance reporting.
Deployment and support simplicity:
Deployment and support simplicity is achieved through a combination of embedded SIEM use-case knowledge, and a general design that minimizes deployment and support tasks. Embedded knowledge is delivered with predefined dashboard views, reports for specific monitoring tasks and regulatory requirements, a library of correlation rules for common monitoring scenarios, and event filters for common sources. There should also be an easy way to modify the predefined functions to meet the particular needs of an SenAd.
References:
Michael E. Whitman and Herbert J. Mattord. Management of Information Security, 3rd ed. INFORMATION SECURITY STRATEGIC PLAN, University of Connecticut, Jason Pufahl, (April 2010).
William Leonard (2011), The corrupting influence of secrecy on national policy decisions, in Susan Maret (ed.)Government Secrecy (Research in Social Problems and Public Policy, Volume 19), Emerald Group Publishing Limited, pp.421-434
Kimberly A. Galt, Karen A. Paschal, Amy Abbott, Andjela Drincic, Mark V. Siracuse, James D. Bramble, Ann M. Rule (2008), Privacy, security and the national health information network: A mixed methods case study of state-level stakeholder awareness, in Grant T. Savage, Eric W. Ford (ed.)Patient Safety and Health Care Management (Advances in Health Care Management, Volume 7), Emerald Group Publishing Limited, pp.165-189
Nicholas Wilkinson (2011), National security, secrecy and the media – a British view, in Susan Maret (ed.)Government Secrecy (Research in Social Problems and Public Policy, Volume 19), Emerald Group Publishing Limited, pp.131-151
Byeong Jo Kim (2009), Civil–military relations of Korea in the 21st Century, in Giuseppe Caforio (ed.)Advances in Military Sociology: Essays in Honor of Charles C. Moskos (Contributions to Conflict Management, Peace Economics and Development, Volume 12), Emerald Group Publishing Limited, pp.507-525
Andy Phippen, Simon Ashby (2013), Digital Behaviors and People Risk: Challenges for Risk Management, in Miguel R. Olivas-Luján, Tanya Bondarouk (ed.) Social Media in Strategic Management (Advanced Series in Management, Volume 11), Emerald Group Publishing Limited, pp.1-26
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download