Business Proposal For Cyber Security And Digital Forensics Essay.

You are required to develop a business proposal in the fields of Cyber Security or Digital Forensics; the business proposal must demonstrate novelty, cost effectiveness and knowledge generation. You must clearly articulate the impact of the proposal, how it would satisfy customer demand based upon your market research findings and fit within your organizational context.

The objective of this coursework is to demonstrate your ability to synthesize and critically analyze ethical, regulatory, legal and technological phenomena in development of an operational business proposal in the field of Cyber Security or Digital Forensics. Technical and non-technical risks and related contingency plans should be addressed through consideration of risk management and secure systems architecture. The development of the business proposal will be informed by an appropriate research methodology with justification for the choice of methodology. One of the methodologies selected should be critical.

In addition, you will create a research plan, usually in the form of a chart that clearly identifies development stages of your business proposal. You should give clear indication of the required time envisaged to complete each stage and short argumentation why this time is suitable for the specific tasks.

Objectives and Scope

The internet is a novelty that has transformed the world, and although it has been useful, it has brought many problems, as a person or groups of individuals are committing cybercrimes daily. Cybercrimes carried out range from personal to financial to national security issues among others. They attack businesses, individuals and states by monitoring emails, tapping calls or hacking websites to obtain confidential information (Longstaff, 2015 p.56). As such, more efforts are focused on securing information from the people looking to utilize them for reasons that contradicts the intentions of the owner. Starting a business of cybersecurity is thus a productive business to consider because businesses, individuals and the state need to protect their data. Nevertheless, when starting such kind of business, technical skills are needed to stop the constant attack on clients or secure data.

At XYZ we aim to provide our clients services of cyber security that will allow them to remain at the top in whatever businesses they are undertaking (Willems, 2011 p.18). Nevertheless, since we provide services and also make revenue, we aim to raise our income sources by providing extra services such as training and consultancy service. We aim to generate revenue as is allowed under the laws of UK. The following are some of the services we aim to provide our different clients:

• Networking
• System hardening
• Technical support
• Cryptography
• Programming
• Advisory and consultancy services
• Training

The vision is to make sure that we are the leading top five cyber security organizations within three years of ignition of our business. Besides, we aim for people to acknowledge as for our creativeness in the world of cyber security.

To achieve the vision, we aim to establish the most excellent business structure. XYZ aims to meet and surpass customer’s expectations.

Market Trends

In 2015, the healthcare area was hit by main breaches that compromised about 80 million records. It did not begin in 2015, since 2009, around one-third of people in UK have been affected by breaches in many healthcare organizations. As such, many healthcare firms have invested in cyber security to safeguard their customer’s data (Alguliyev, Imamverdiyev and Sukhostat, 2018 p.219). Besides, criminals around the world are using the internet to aim the UK in different ways.

There exist crimes that are in the world, in specific those that aim the integrity of online services and computer networks. attacks are using cyberspace as a channel to commit crimes such as fraud. Fraud and identity theft online now minimizes offline equivalents. The internet has offered opportunities for people looking to exploit the weak and children. Cyberspace permits attackers to aim the UK from other area of authority around the world, making it difficult to strengthen the law.

Research Methodology and Plan

Target Market

Every person in UK with connected machines is vulnerable to cyberattacks (Horowitz and Lucero, 2017 p.66). Nevertheless, to have the appropriate information on who the company is concentrating on, XYZ aims on carrying out a market survey that will permit them to understand their actual target market. The market research will permit the firm to determine what the target market expect from them. As such, XYZ is in the industry of cyber security to offer their services to the following businesses and people:

• Financial institutions
• Tech firms
• Small enterprises
• Military
• Healthcare organizations
• Government agencies
• Celebrities
• Educational firms
• Political companies

Our Competitive Advantage

The reason for beginning XYZ company is to make sure that we provide our customers cyber security services that will hinder attackers from attacking them (Tsoumas and Gritzalis, 2012 p.801). The company aims to be among the leading three in the UK industry of cyber security and among top five chosen firms by the target market. The company has established various competitive strategies that will enable them to compete against their rivals. XYZ understand the market of cyber security and their goods are preventive in nature. As such, many organizations will choose our security designs that will allow the continuity of their business.

Besides, XYZ have a large number of competent personnel who understand the market of cyber security and who have the ability to start our business from scratch and make it the leader in UK (Barnard-Wills and Ashenden, 2012 p.115). The company is continuously making sure that their staff remain zealous to meet and surpass client’s expectations, both domestic and corporate. In addition, the employees are better paid than other similar establishments in London. Besides, the company is adapted with trends and makes sure all workers undergo training and attend seminars frequently to improve their skills, thus enhancing productivity of the firm.

Marketing and Sales Strategy

Marketing is essential in generating revenue for the growth of the business and also assist in creating awareness for not new and existing clients of the business. As such, XYZ is conducting a comprehensive marketing strategy that will allow them know their target market, what they need from them, and what the company should expect from their target customers (Shellberg, 2013 p.72). Besides, the marketing research is important as it allows the company to know the effective strategies they should put in place and the amount of money needed to conduct marketing that will permit them to compete against their rivals.

In addition, XYZ has adopted services of a reliable marketing consulting company in London who have handled organizations similar to theirs. The reason for using a marketing consulting company emerged from the need of obtaining all the necessary assistance that will permit them achieve their objectives and goals (Couzigou, 2018 p.43). The company also aims on strengthening their sales and marketing team to make sure that marketing strategies made for the company are in accordance with their goals, values and philosophies. As such, the marketing team is allowed to modify or remove inefficient strategies that may damage the company.

The Need for Cyber Security Services

The marketing strategies that will be adopted by XYZ include:

• Formally present XYZ by sending elementary letter to financial institutions, tech companies, healthcare firms, government agencies among others in the market of cyber security
• Through a fancy party to open the cyber security company. It will assist in creating awareness about the company
• Place adverts in national and local tech magazines, television stations, newspapers and radio channels about XYZ firm
• Engage in sales and direct marketing by negotiating with customers
• Place advertising boards in planned locations all around London
• Use XYZ social media channels and other tech channel to actively market the company

Sources of Income

 XYZ will create revenue by proving the following services:

• Networking
• System hardening
• Technical support
• Cryptography
• Programming
• Advisory and consultancy services
• Training

Sales Forecast

The digital structure on which people depend on was developed to be interoperable and efficient. When internet was in its infancy, security was of less concern (Lehto, 2013 p.11). Nevertheless, as the internet grows, the matters become more of a consideration. People want assurance that the networks that promote their economic prosperity, national security and their personal lives are resilient and safe. Unfortunately, many attackers are using cyberspace to compromise, steal and damage sensitive data. The people’s reliance scale suggests that their major infrastructure, homes, prosperity and workplaces can all be affected. As such, the 2010 National Security Strategy of UK government recognized cyberattacks as one of their top priorities for action.

XYZ have conducted a vital analysis of the cybercrime market to identify their sales forecast (Gehm, 2011 p.30). In carrying out their sales forecast, they used assumptions and information from similar establishments in London and other parts of UK. Based on the information and data collected, the XYZ sales projections were as follows:

• First financial year: 550,000 pounds
• Second financial year: 1,000,000 pounds
• Third financial year: 2,100,000 pounds

XYZ has adopted services of a reliable publicity consulting company in London with the expertise and appropriate knowledge to assist them in drafting strategies that will positively communicate their brand and permit them to stand out and compete effectively against their rivals (Peters, 2016 p.3). Some of the advertising and publicity strategies that XYZ would employ to support their company are:

• Attend appropriate software and tech seminars to interact and increase awareness of their brand
• Establish trial cyber security products version for consumers and allow them purchase the original after they are contented with the services from their goods
• Utilize social media channels such as LinkedIn, Twitter, Facebook and Google Plus to actively promote their brand
• Build an interactive website
• Take part in and sponsor appropriate society programs in London
• Distribute fliers and handbills in planned locations in London

Identifying the appropriate price for XYZ services and products will rely on factors such as the services and products categories our customers need, what our rivals are providing, how powerful our goods are, how special our products are and what our running expenses and overhead would be (Marks, 2009 p.19). Since there is high competition in the market, XYZ aims to provide discounted price on some products for the first month of functionality to raise awareness for our goods and attract more clients to buy from us. Although we will be providing a discounted price, our assessments have demonstrated that even though we will have a low gross margin, we will not run at a loss.

Customers will pay through the following payment options:

• Payment through check
• Payment through POS machine
• Payment through credit card
• Cash payment
• Payment through online payment portal
• Payment through bank draft

The payments options were selected to address the diverse client’s need. These platforms will operate consistently without any sort of hurdles.

Production

The company offices will be operational for five days a week Monday to Friday reporting time being 7am and closure at 5.30pm. The team members will spear head operation of the company at the start without partners or associates.

Services Provided by XYZ

Location

For the start we hope to get an office space at Adelaide House along King William Street, London. XYZ will only be registered after getting a physical office. However, as the company grows, we hope to shift to a much bigger office space with a conference room, technical offices, customer service unit, administrative offices, and marketing and planning offices.

Legal Item

The company will seek legal advice to make sure that all the laws pertaining businesses in UK are met. Such laws include work permits, bonding and licensing requirements, workplace, health, and environmental regulations, Building code requirements, trademarks, patents, copyrights, insurance coverage, tax regulations, and special regulations.

Personnel

Our team is made up of a chief executive officer (CEO) Peter Marx who is a fourth-year student with excellent knowledge in cybersecurity. The marketing and sales will be handled by Dinah Kelvin with great customer relationship skills. She has excellent marketing skills and natural aura with public speaking. Financial manager post will be handled by Erickson Erick who as good mathematical and statistical knowledge. However, as the company grows, we hope to add more employees and engage more partners and associates.

XYZ aims to establish a standard cyber security company in London. We have established processes and plans that will make sure that we are in the right direction from the start as we purpose to go the extra mile of selecting the most excellent workers to work with us. XYZ team of management involves skillful and experienced people who has been attuned to the company’s corporate objectives and goals. Since we will be running a unique cyber security company particularly regarding to the various services that would be providing, XYZ will employ many employees to address the different objectives and roles that will come up. The following is the business structure the company aims at building for the cyber security company.

• CEO (chief executive officer)
• Accountant
• Chief Information Security Officer
• Customer Service Executive
• Cleaner
• Drivers
• Administrative Manager
• Human Resources Manager
• Security Administrator
• Sales and Marketing Team
• Security Guard

 CEO (Chief Executive Officer)

• Make the appropriate strategies and policies that will act as the direction of the company
• Gathers the appropriate management staff and assigns particular responsibilities to them
• Negotiates and meets with clients of high level on behalf of the company

Administrative Manager

• Make sure that the administrative activities are conducted smoothly
• Make sure that other management personnel are attuned with policies of the company
• Controls daily affair of the company

Accountant

• Prepares financial statements, information and reports of the company
• Perform financial forecast and internal audit
• Prepares tax files and make sure that it is sent to the appropriate authorities

Human Resources Manager

• Employs experienced and competent personnel
• Makes policies of human resource and makes sure they are followed
• Makes sure workers go through training

Chief Information Security Officer

• Establishes the vision of the company and make strategy to make sure that the company’s technologies and information are safeguarded
• Assigns security resources effectively

Security Administrator

• Creates system security against unauthenticated modifications or access from external threats
• Sets up the appropriate security tools such as firewalls, anti-virus software and patch management systems
• Carries out networking and vulnerability scanning evaluations

Customer Service Executive

• Responds properly to orders and inquiries of customers
• Remains informed and aware of policies of the company and industry trends to give clients correct information
• Updates the database of the customer

Sales and Marketing Team

• Conduct market analysis that would identify new target markets for the company
• Negotiates and meets with customers on behalf of the company
• Conducts sales and direct marketing with the goal of creating revenue and achieving corporate sales objectives of the company

Cleaner

• Makes sure the offices are always clean
• Makes sure that cleaning stock are supplied

Security Guard

• Guides the offices against any trespassers
• Observes the surveillance camera to hinder any distrustful person or activity

Drivers

• Carries out official assignments on behalf of the company
• Makes sure the traffic regulations and rules are followed and a logbook stored on behalf of the company
• Conducts vehicle preventive maintenance.

None of the team members have any liabilities or assets apart outside the company from the CEO, Peter Marx. Peter Marx has an IT firm that deals with supply of ICT equipment which earns him approximately 1500 pound annually.

The major areas where XYZ aims to use their star-up funds on are:

• Total registration fee for XYZ in London, UK- 800 pounds
• Acquiring the required licenses, customer and accounting software, permits and other legal expenses- 2300 pounds
• Insurance policy (employee’s compensation, general liability and property insurance)-2050 pounds
• Renting a building for use for about four years and conducting renovations-100,000 pounds
• Hiring costs of a business consultant -2050 pounds
• Cost of operation for the first 4 months (utility bills payment and employee’s salaries)-155,000 pounds
• Other start-up expenditures (bug tracking, software subscription, virus detection software, anti-virus and cable broadband)-20,000 pounds
• Expenses on marketing promotion-5500 pounds
• Administrative costs (phone, printers, business cards, stamps, stationery, computers, furniture and office supplies)-35000 pounds
• Cost of buying a second hand van- 25,000 pounds
• Cost of starting a website-1500 pounds
• Expenses for throwing a fancy party-5500 pounds
• Miscellaneous – 8,500 pounds

From the above estimation, XYZ need approximately 363,200 pounds if it aims to develop and run a successful and standard business in London.

Competitive and Marketing Strategies

XYZ is run and owned by Peter Marx. Since XYZ is not looking for an external investor to join the business, it will thus generate funds from other areas (Hechavarria, Matthews and Reynolds, 2014 p.17077). The following are the various sources where XYZ aims to generate their start-up funds from:

• Create funds from stocks sales and savings
• Look for funds from online crowdfunding sites
• Request for loan from investment banks

XYZ priority is to make sure that the business is running consistently as long as they need it to be in the industry and as such, we have focused on factors that will allow us expand and sustain our business of cyber security in London (Popovic-Citic, 2009 p.46). The factors the company aims to focus on are making sure they develop the appropriate business structure, get involved in efficient advertising and publicity strategies and make sure that they maintain a high number of customers. Besides, XYZ understand how essential their clients are and they will make sure that all workers embrace the best client culture.

All systems are vulnerable to risk and threats (Mateen and Abbas, 2016 p.31). The risk management program goal is risk identification, recognition of the probability of risk occurrence and their effect on the business and placing security measures that control risks to a level agreeable to the company. Besides, to mitigation and assessment, a strong program of risk management involves constant assessment and evaluation of cyber security controls and risks throughout the life process of smart grid element software (Patel, 2012 p.29). The following are some of the best controls and practices that XYZ should consider implementing.

• Offer visible and active sponsorship
• Allocate security risk management responsibility to a senior director
• Define the system
• Classify and identify vital cyber assets
• Analyze and identify the ESPs (electronic security perimeters)
• Conduct a vulnerability analysis (Akhgar and Staniforth, 2011 p.93)
• Analyze risks to assets and system information
• Assess and monitor the efficiency of controls

Stablishing measurable objectives and setting goals is one essential aspect in any business plan. It is not enough to just know the objectives and goals you want to achieve with the business. As a manager it is necessary to determine and be responsible with the schedule that entails the business milestones.  

Global Relevance of Cyber Security Business

The current world is greatly connected from government infrastructure to personal banking. Safeguarding those connections is compulsory. Cyber risk is among the global agenda priority as high prominence violation increase fears that hack attacks and other failures of security could put at risk the global economy. The WEF (world Economic Forum) published the global risks in 2015 stating that 90% of organizations across the globe acknowledge they are inadequately prepared to safeguard themselves against cyberattacks. Businesses and governments across the globe are looking for better strategies of cyber defense. As such, cyber security is an urgent matter.

Sales Forecast and Publicity

The intelligence agency of UK, GCHQ (Government Communications Headquarters, which offers services and advises to safeguard data networks and national voice, approximates 81 % of business in UK have faced some kind of breach. Therefore, our cyber security business will assist organizations and governments to develop an information risk management system that determines the security risks it experiences and the policy for addressing them. We will help them adopt a standard measure of security and manage how the systems are used and configured. Besides, we will assist in disabling unrequired functions and perform regular update of the security patches. In addition, we will install antivirus software and frequently check for malware.

Cyber security is the top relevant issues across the globe. Criminals always target computer networks and as these networks expand danger of breaches of cyber security in future will increase. We help organizations to take sensible precautions that can reduce losses brought by attackers. With the appropriate expert external assistance and level of preparation, it is possible to manage damages and return to form after cyber breach and its effects.

Although there is a rising need to safeguard all businesses interest in cyber space, there are no laws or regulations that have been established particularly for cyber security. Following incentives and regulations of cybersecurity in 2016, the government is looking to enhance cyber risk management in the broader economy of UK through:

• The introduction of GDPR (General Data Protection Regulation)
• Connecting cyber security and data protection

The key legislation needed for compliance is the DPA (Data Protection Act) 1998. Proper organizational and technical measures are taken against unlawful or unauthorized processing of individual information and against accidental destruction or loss of personal information.

Reference List

Agwu, E. (2013). Cyber Criminals on the Internet Super Highways. International Journal of Online Marketing, 3(2), pp.56-74.

Akhgar, B. and Staniforth, A. (2011). Tackling cyber crime and cyber terrorism through a methodological approach. Freedom from Fear, 2014(9), pp.90-99.

Alguliyev, R., Imamverdiyev, Y. and Sukhostat, L. (2018). Cyber-physical systems and their security issues. Computers in Industry, 100, pp.212-223.

Barnard-Wills, D. and Ashenden, D. (2012). Securing Virtual Space. Space and Culture, 15(2), pp.110-123.

Couzigou, I. (2018). Securing cyber space: the obligation of States to prevent harmful international cyber operations. International Review of Law, Computers & Technology, 32(1), pp.37-57.

Gehm, B. (2011). Cyber space. New Scientist, 211(2825), p.30.

Hechavarria, D., Matthews, C. and Reynolds, P. (2014). An Investigation of Start-up Outcomes Over Time: Does Start-up Capital Structure Matter?. Academy of Management Proceedings, 2014(1), p.17077.

Horowitz, B. and Lucero, D. (2017). SYSTEM-AWARE CYBER SECURITY: A SYSTEMS ENGINEERING APPROACH FOR ENHANCING CYBER SECURITY. INSIGHT, 20(3), pp.66-68.

Lehto, M. (2013). The Cyberspace Threats and Cyber Security Objectives in the Cyber Security Strategies. International Journal of Cyber Warfare and Terrorism, 3(3), pp.1-18.

Liu, Z. (2017). A Cyber Crime Investigation Model Based on Case Characteristics. International Journal of Digital Crime and Forensics, 9(4), pp.40-47.

Longstaff, J. (2015). Cyber Security in the Energy Industry. Engineering & Technology Reference.

Marks, P. (2009). Fighting wars in cyber space. New Scientist, 201(2699), pp.18-19.

Mateen, A. and Abbas, Q. (2016). Tsunami of Cyber Crime: Analysis of Cyber Crime New Trends, Causes and Remedies in Future Prospectus. International Journal of Computer Applications, 152(8), pp.29-32.

Patel, K. (2012). End User Policy in Combating Cyber Terrorism and Cyber Crime. Global Journal For Research Analysis, 3(1), pp.28-30.

Peters, T. (2016). Outer space and cyber space: meeting ET in the cloud. International Journal of Astrobiology, pp.1-5.

Popovic-Citic, B. (2009). Cyber space bullying. Temida, 12(3), pp.43-62.

Shellberg, L. (2013). A Cyber Chase in Cyber Space: How International Law Must Address the Threat of Cyber Attacks or Suffer the Consequences. SSRN Electronic Journal.

Tsoumas, B. and Gritzalis, D. (2012). Inside Cyber Warfare: Mapping the Cyber Underworld. Computers & Security, 31(6), p.801.

Tyrer, A. (2015). Can the UK cyber-security industry lead the world?. Computer Fraud & Security, 2015(2), pp.5-7.

Willems, E. (2011). Cyber-terrorism in the process industry. Computer Fraud & Security, 2011(3), pp.16-19