(Cyber security case study)
I want frameworks, legislation and regulatory requirements of 6 points below
That I can control and measure each of them
1- Demand software quality and security from suppliers. (example which frameworks can use for this recommndation (control and measure)
2- Perform stringent acceptance tests for third-party code.
3- Disable default accounts from applications.
4- Establish a secure operational environment for applications.
5- Implement effective bug-reporting and handling.
6- Perform risk assessments underpinned by strict Governance, risk and Compliance frameworks and legislations.
Thanks
1- Demand software quality and security from suppliers. (example which frameworks can use for this recommndation (control and measure)
- Always Change the default passwords for the default
users.
- And Do not reuse the same passwords.
- when ever an employee is in leave Always disable the user
accounts.
- Always track the logs in the server or systems and examine all
kind of security logs in servers.
- Always do the regular network scans in the server or
system.
- Always monitor the outbound network traffic in order to avoid the
Malware detection.
- Always patch the systems and updates which are available and Keep
the operating system and application software up to date.
- Always have plan for security precautions and implement the
security plan.
- In between the clients and vendors raise user awareness about the
security info.
- And have the management support to implement the security
plan
2- Perform stringent acceptance tests for third-party code.
- By Developing a team mission statement that will be used in an
company or in an organizational with there goals
- In order to make the team more successful we should try to Learn
to identify, understand, and manage customers.
- In order to have better understand business goals we should
Identify market forces that drive the business in present
days.
- we always make sure of business and there Understanding on doing
business and how business leaders develop strategy
- Make more informed purchase decisions to Apply analysis on
vendors
- Understand the hackers and attacker motivations and techniques in
all aspects
- Understand assets and process of business that are most valuable
to the business.
- Learn the strategic planning of kill chain and threat
intelligence in all levels.
3- Disable default accounts from applications so that We can know
about
the Leadership of developing the organisation.
- we should Creating and Developing the entire working team.
- we should give them better Coaching and Mentoring the team
- we always maintain the Customer Service Focus
- we should rectify the Conflict Resolution
- We should maintain the Effective Communication
- Leading through Change
- There must be a Relationship Building within the team.
- Motivation and Self-direction
- There must be a effective Teamwork
- There must be Leadership Development
4- Establish a secure operational environment for applications.
- Saving and securing all the data of a organisation or a big
company.
- In order to align security with the corporate culture we should
Understand the values and culture of your organization
- Understand the current Strengths and the Weaknesses, and
Opportunities, and Threats
- Identifying what needs to be done in the company or in an
organisation for better security.
- Identifying what should be done first to give security.
- Approaches to obtaining funding
- Promoting the work of the team
- Developing effective metrics and Dashboards in the business
- Learning to innovate with the business so that it will be useful
to business development
5- Implement effective bug-reporting and handling.
- we must know How policy protects people, organizations, and
information
- we must know the Relationship of mission statement to
policy
- we must know the Policy versus procedure.
- we must know the Policy needs assessment.
- we must know the Governing policy
- we must know the Issue-specific policy
- we must know the Positive and negative tone
- Policy review and assessment process
- we must know the Role of psychology in implementing policy
- we must know the Organizational culture
6- Perform risk assessments underpinned by strict Governance, risk
and Compliance frameworks and legislations.
- The security policy should always take the consideration for all the regulatory and enterprise compliance which are require and how to apply timely patches to maintain compliance in the business.
- There should be a good Security policy enforcement. So that the security policy can defines how the IT platform behaves and validate that it is being enforced across our network.
- Doing the minimal amount of security precautions and security steps with some regulations wont make our network safer. So the Organizations must monitor their network for changes to configurations and ensure the changes are approved and compliant with the policy maintained.
(Cyber security case study) I want frameworks, legislation and regulatory requirements of 6 points below That...
I have this case study to solve. i want to ask which
type of case study in this like problem, evaluation or decision? if
its decision then what are the criterias and all?
Stardust Petroleum Sendirian Berhad: how to inculcate the pro-active safety culture? Farzana Quoquab, Nomahaza Mahadi, Taram Satiraksa Wan Abdullah and Jihad Mohammad Coming together is a beginning; keeping together is progress; working together is success. - Henry Ford The beginning Stardust was established in 2013 as a...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...