Order custom papers, masters thesis and dissertation in 3 guided steps; human written!
Posted: October 24th, 2022
Safety Improvements Policy
The backbone of any information security program is the security policy of the organization. In this assignment, you will review what you have learned in this course and make recommendations on how the organization in the scenario below can improve its security policy and incorporate routine penetration testing into its information security system.
The X Corporation is a mid-level retailer that sells many different types of goods from household items to clothing to electronic devices. The X Corporation accepts major credit cards for payment in its stores and for online purchases. The X Corporation has had a rash of issues with viruses on its network, data leakage of customer identity data, and a host of application issues. These attacks have more than likely contributed to a recent 30% drop in sales. The X Corporation currently does not perform any regular penetration tests and it was recently discovered that the antivirus software was not updated. This organization needs to incorporate more routine monitoring and penetration testing to improve its security policy, prevent future attacks, improve sales, and restore customer trust.
Looking for reliable dissertation help or thesis writing? Our expert team of MPhil and PhD-qualified professionals provides top-notch online assistance for dissertations, research papers, and essays—free from errors, plagiarism, and hidden fees. We select each specialist based on their academic expertise, ensuring high-quality thesis writing and research paper support. Beyond writing, we offer personalized guidance, one-on-one doubt-clearing sessions, and free study resources. Whether you need instant dissertation help or long-term research paper support, our experts are ready to help you succeed.
Review the information on penetration testing and security from your readings throughout the course.
Research company security policies. Be sure to use scholarly resources.
Using scholarly resources as well as what you have learned in this course, write a 3-to 4-page report outlining your suggestions for X Corporation, including the following:
Recommendations for a stronger, functional security policy, including your suggestions for implementation.
Suggestions for routine monitoring and testing (including penetration tests required based on recent security issues), in order to prevent future attacks.
Safety Improvements Policy
The information security policy of an organization ensures that all users of their information technology infrastructure comply with rule and guidelines relating to the security of the stored information. The technological evolution has enhanced the sharing of information largely. Today, the exchange of information is approximately a trillion bytes in each millisecond. However, there is confinement of some data for purposes of sharing and intellectual property. To that extent, the information security policy enacts the protective measures for organizations and it limits distribution of the data not meant to be in the public domain. A progressive security information policy protects the data and incorporates measures to monitor the safeguards of the system.
All organizations need to protect their data and account for its distribution. The dissemination of data can be within or outside the boundaries of the entity. One of the measures to protect information sent out is by encrypting and authorizing third party distributions (Safa, Von Solms, & Furnell, 2016). Additionally, the company might enforce restriction on distribution by setting up a reference classification system to guide the sharing of information to different outside parties. Penetration testing can also be a mandatory obligation in the information security policy. For instance, X Corporation can set a policy that a penetration test is necessary after a three-month cycle.
In penetration testing, cyber experts attempt to discover vulnerable points in the computer system. The simulated attack analyses the system defenses for any areas of weakness that an attacker may find (Flowerday & Tuyikeze, 2016). At best, an individual without prior information or knowledge about the system performs the test. To that extent, they are able to reveal some of the blind spots left by the developers. The penetration-testing contractors use the name ethical hackers. Many penetration testers have certifications and advanced degree qualifications in the practice. The first phase of ethical hacking is reconnaissance of the system. The professionals gather as much information as they can about the system. The focus then shifts to accessing the system and maintaining the access.
After completing the tests, the ethical hackers share findings with the information security team of the organization. The result of the testing informs the security system upgrades and guides the formulation of better information security policies in the organization (Shi, Qin, Cheng, & Zhu, 2019). Effective policies coupled with taking the right steps to ensure compliance is essential in the prevention and mitigation of security breaches (Satria, Alanda, Erianda, & Prayama, 2018). The effectiveness of the policies is also dependent on regular updates in the response to changes and the new threats. The policy should be enforceable and practical to the users. Further, a strong information security policy has measures to accommodate urgencies arising from distinct segments of the organization.
The security policy is better when it is broad because it relates the many aspects of the organization. The policy guides the conduct of the management and the staff members on the digital security of the organization. Due to the numerous changes in the information security environment each day, the policy should be flexible and adaptable. The policy should also inform the monitoring and evaluation programs. For instance, the management should have the obligation of authorizing penetration tests after certain period cycles. The expertise of the penetration hackers is able to guide the organization on how they can protect their data and systems in a better way. The best form of defense in information security is awareness and anticipation.
References
Flowerday, S. V., & Tuyikeze, T. (2016). Information security policy development and implementation: The what, how and who. computers & security, 61, 169-183.
Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model in organizations. computers & security, 56, 70-82.
Satria, D., Alanda, A., Erianda, A., & Prayama, D. (2018). Network Security Assessment Using Internal Network Penetration Testing Methodology. JOIV: International Journal on Informatics Visualization, 2(4-2), 360-365.
Shi, P., Qin, F., Cheng, R., & Zhu, K. (2019, July). The Penetration Testing Framework for Large-Scale Network Based on Network Fingerprint. In 2019 International Conference on Communications, Information System and Computer Engineering (CISCE) (pp. 378-381). IEEE.
You Want Quality and That’s What We Deliver
We’ve put together our writing team with care, choosing talented writers who shine in their fields. Each one goes through a tough selection process, where we look for folks with deep expertise in specific subjects and a solid history of academic writing. They bring their own mix of know-how and flair to the table, making sure our content hits the mark—packed with info, easy to read, and perfect for college students like you.
We don’t do AI-written essays or copycat work—everything’s original. Competitive pricing is a big deal for us; we keep costs fair while delivering top-notch quality. Our writers are some of the best out there, and we charge rates that stack up well against other services. This means you get stellar content without draining your wallet. Our pricing is straightforward and honest, built to give you real value for your money. That’s why students turn to us for high-quality writing services that won’t break the bank.
Academic integrity is at the heart of what we do. Every paper starts from scratch, with original research and writing tailored just for you. We write 100% authentic—no plagiarism research essays. Our strict quality control process includes scanning every draft with top tools like SafeAssign and Turnitin, so you get a similarity score and proof of originality. We’re obsessive about proper citation and referencing too, crediting every source to keep things legit. It’s all about giving you peace of mind with content that meets the highest standards.
When you decide to place an order with Dissertation Writer, here is what happens: