Step 8: Policy Revisions Evaluation: Name of Student: Course: Institution: Date of Submission
Step 8: Policy Revisions Evaluation: Name of Student: Course: Institution: Date of Submission
Name of student:
Course:
Institution:
Date of submission:
2
resources from emerging cyber threats. The process aims at ensuring security in the organization
and guaranteeing data confidentiality, integrity and availability. Different security measures are
put in place, such as encryption, security policy, passwords, authentication, etc., to ensure
hackers are denied access to the organization's systems and networks. Despite these measures,
research by Aldawood and Skinner (2019) revealed that in most breaches in organizations,
95percent are caused by human errors. Therefore, it is necessary to strengthen the organization's
security policies and ensure that everyone is conversant with cybersecurity aspects and how to
identify untrusted communications from hackers. This section aims to evaluate the current
develop a high-level implementation plan for these policies and assess the different types of
threats that modern enterprises face. The paper will further evaluate the principles that are used
Enterprise cybersecurity is a complex solution that begins from the age-old organization
cybersecurity and includes all levels of current–day business computing (Aldawood & Skinner,
2019). The old cybersecurity techniques were highly conceived to protect data at the local front.
Cybersecurity strategies currently aim to safeguard data as it moves between wireless devices
and cloud servers. As a result, it entails different aspects that protect an organization's on-
the value of data in an organization. This is why many cases of ransomware attacks are shooting,
with many firms losing their finances. Therefore, there is a need to have solid measures put in
3
place to prevent these cyber-attack incidents. Proper encryption ensures security for data at rest
and in transit, strong authentication mechanisms, use of antivirus, working organization security
policies, etc.
According to Abu et al. (2018), when cyber breaches occur in an organization, the results
can be devastating and costly. The cost of recovering from a data breach is very expensive; in
most cases, the data may never be retrieved again. A case study of the recent cybercrimes by
Alexander et al. (2020) indicated that Ryuk of 2019 and 2020 required more than USD 300,000
for the hackers to release the data obtained for the company. This was recorded as the most
expensive cyber incident ever in the world. All these cases clearly indicate that firms should not
undervalue cybersecurity; they should adopt strict measures to fight the growing cyber security
cases.
basic tasks.
There should be well-defined boundaries inside an enterprise at the local and virtual
levels. These boundaries act as a protective shield for the enterprise's information assets, such as
sensitive information and data stored within the local hard disks and cloud servers. Moreover,
having well-defined boundaries further safeguards information as it passes from the local
According to Sunkpho et al. (2019), there should be a well-defined purpose and policies
governing the kind of software used in the organization. If some software programs are outdated
4
and no longer used in the firm's computing framework, they can be done away with. Ensure that
you install the latest security patches and updates and scan all the devices regularly for viruses.
In addition, there should be training sessions where employees are trained on the latest protocols
After defining the software environment used in the organization, hardening all the assets
used within the enterprise network is vital. Hardening the assets means that all the hardware
devices and software programs that connect the enterprise systems, either remotely or physically,
must be sealed off to avoid any interference, data leaks and unauthorized access (Sunkpho et al.,
2019). Each component within the system should be tested and inspected to identify whether
there are vulnerabilities and weaknesses that hackers can take advantage of.
Despite hardened and up-to-date components within the network, organization security
cybercriminals devising techniques to identify loopholes in the currently and latest released
programs and security patches daily. Therefore, there is a need to have vulnerability assessment
to identify these vulnerabilities and then come up with methods to fight cybercrimes.
It is vital to review the current administrative access rights of the enterprise staff
members to identify which individuals are mandated to have access privileges. Administrative
rights should not be given to the junior staff since this may cause data breaches in the
Cybersecurity threats are becoming more sophisticated with the increase and
improvement of technology and high dependence on digital devices (Aldawood & Skinner,
2019). Some of the common threats modern enterprises face are described below.
Social engineering attack is a term used to describe various malicious actions executed
through human interactions. According to Kaushalya et al. (2018), the attack is executed through
psychological manipulation where users are tricked into committing security mistakes and finally
expose sensitive enterprise information. First, the hacker investigates the intended person and
gathers enough background information to help them compromise the organization's security.
The most used technique for executing social engineering attacks is phishing. This
includes scam messages and websites, emails and messages aimed at creating fear or a sense of
urgency, and finally prod the user into revealing crucial information or clicking the link that
directs you to a malicious website. An example of a current social engineering attack is a case of
cyber-criminals who stole more than $2.3 million from a Texas school in 2020 (Syafrizal et al.,
2020).
b) Ransomware attacks
sensitive information. Once they have encrypted the information, they then require payment, a
'ransom fee', so that they can decrypt the information. It is, however, not guaranteed that the
hacker will decrypt the information even after receiving the ransom fee. According to Syafrizal
6
et al. (2021), an approximate ransom demand in the year 2020 short to $1.4billion. Ransomware
has been the third most popular malware used by hackers worldwide and is used in more than
22% of breaches. An example of a ransomware attack is the case of California University, where
hackers encrypted the institution's data and demanded more than $1.14 million to decrypt the
Denial of service attacks are targeted at shutting down the machine or networks of an
organization and denying access to the intended users. Hackers accomplish this by flooding the
servers with a lot of traffic or sending many requests to the servers that trigger crashes
(Aldawood & Skinner, 2019). As a result, it deprives legitimate users and employees of
accessing the resources allocated to them. Cyber attackers often target high-profile webservers
such as commerce industries, banks and government organizations. Once the systems are down,
Most companies have shifted to the cloud, intending to revolutionize their digital
transformations. This is due to cloud flexibility because they can easily access their information
anytime. However, with these various benefits realized by using the cloud for storage, data
security becomes crucial, with many cases of cloud breaches being reported. Cloud poses risks of
unauthorized access due to misuse of users' credentials and improper use of access rights.
Cybercriminals have also been using other tricks to exploit unpatched systems. They brute force
With these rising cyber-attack cases, there is a need for proper measures for every
organization to fight the attacks. Prevention is better than incurring high expenses to recover
losses from a cyber attack. Research conducted by Alexander et al. (2020) indicated that in most
cyber-attacks, 95% are achieved through taking advantage of employees and other stakeholders
in an enterprise. All this can be fought by implementing a solid cyber security policy in an
organization that guides and opens up employees to be aware of the different cyber attacks and
networks from threat activities. It aims to ensure that all the users authorized to interact with the
company information assets comply with these guidelines and rules; failure to adhere is
answerable to the organization. Alexander et al. (2020) describe a security policy as a "living
document" that is never complete or finished. It is continuously updated with time to reflect on
the changes in technology and employees. Typically, the first section of a security policy is
focused on the basic security expectations, employee roles, and responsibilities, while the second
section consists of areas such as usage of antivirus guidelines, interaction with cloud
applications, etc.
a) Purpose
A cybersecurity policy's first basic and essential component is to have a defined purpose.
Calderaro and Craig (2020) state that the primary purpose of implementing policy in an
8
its cybersecurity policy's clear and concrete goal. In that case, their security measures are at risk
due to ineffective and unfocused measures. In contrast, having a well-defined purpose for the
organization's security policy enables an organization to tailor its security measures and provide
to ensure that the business specifies the reach of the security policy. The policy should show
which users are targeted and who are not affected. For example, the organization may decide that
third-party vendors will not be included in its security policy. Ideally, the policy should consider
all the programs, systems, data, and other deployed technology in the organization. With such
creation. According to Sabillon et al. (2017), the IT industry is concerned with three main
principles, the CIA triad that guides information policy formulation for an organization. These
include; confidentiality, where the policy being created should ensure sensitive data and assets
are kept confidential and that only the authorized employees can access the protected
information. In addition, an information policy should be concerned with the integrity of the
organization's data. It should preserve sensitive data in a secure, complete, and intact form to
the right to limit data access. Everyone in the organization should be trusted and have data
security insights that help them make correct decisions on the kind of information that can be
shared or not. The policy should ensure an access control policy that correctly shows who has
authorized information sharing in the organization. Additionally, the section should indicate
every organization's authority over the IT systems. Furthermore, it should clarify how to handle
sensitive data, the access controls of the company, who is responsible for these controls, and the
e) Data classification
The data should be classified into various security levels, for example, assigning it into different
categories, such as confidential information, secret and top secret, public, etc. The policy can
also group the data depending on the security levels, for instance, level1- information accessible
by the public, level2- information considered to be private but no harm if it reaches the public,
and level 3- information that can have severe consequences to the organization if it goes to the
public, etc. (Sabillon et al., 2017). Every category of non-public data in the ICT systems needs
more protection since a slight breach can highly cost the organization.
This includes the measures and operations the organization should implement for
handling each category of classified information assets. Syafrizal et al. (2020) define three
essential data support and operations categories. The first one is data protection regulations,
whereby under this category, the business should ensure organizational standards are set for
10
protecting personally identifiable and sensitive data. The other category is the data backup
requirements, where the organizations should have enough secure backups. In addition, the
backups should be encrypted to prevent modification of the data contained within. The last
category under data support and operation is the movement of data, where strict security
measures should govern the movement of data. Data should be transferred over secure protocols
It is paramount to have better strategies put in place within the organization, to heighten
the security awareness among the employees and prevent data breaches. The policy must be
structured to encourage some employee behaviours and bolster their awareness. As a result, it
will help to thwart all the potential attacks and losses within the organization. The security
training for employees should cover briefing them on the social engineering techniques used by
hackers and ways to fight. Employees should also be aware of a clean-up desk policy and ensure
that sensitive data is kept out of reach (Syafrizal et al., 2020). Additionally, the employees
should be trained on the internet use policy and be aware of some illegitimate websites that
This is the final component of the information security policy, where it should clearly
outline the employees' rights, duties, and responsibilities concerning data protection. Employees
should be given responsibilities by delegating specific persons to conduct access reviews, carry
out employee training, oversee change management procedures and handle incidents. There
11
should also be the right people to provide a basic oversight for the organization's information
security. As a result, it helps the organization avoid management errors that pose security risks.
All the above components should be considered when developing a security policy for an
organization. As a result, it leads to a robust policy covering all aspects and ensuring that data
breaches are minimized. It will reduce the cases of data breaches in organizations and save them
References
Abu, M. S., Selamat, S. R., Ariffin, A., & Yusof, R. (2018). Cyber threat intelligence–issue and
371-379.
Aldawood, H., & Skinner, G. (2019, January). An academic review of current industrial and
Alexander, A., Graham, P., Jackson, E., Johnson, B., Williams, T., & Park, J. (2020, June). An
analysis of cybersecurity legislation and policy creation on the state level. In National
Quarterly, 41(6), 917-938.
Sabillon, R., Serra-Ruiz, J., Cavaller, V., & Cano, J. (2017, November). A comprehensive
Sunkpho, J., Ramjan, S., & Ottamakorn, C. (2018, March). Cybersecurity policy in ASEAN
Syafrizal, M., Selamat, S. R., & Zakaria, N. A. (2020). Analysis of cybersecurity standard and