IT Risk Assessment Essay For Gigantic Corporation.

Your deliverable for this ITC596 task is an IT Risk Assessment report, written for the intended audience of management providing a risk assessment of a project. The project can be in any of the following areas:

• Cybersecurity
• Internet of Things
• Cloud security
• Mobile health devices
• Bring Your Own Device
• Smart vehicles
• Or an area in your profession

1.You can work towards the scenario provided below; or
2.You also have the opportunity to choose your own scenario-based risk assessment that could potentially be drawn from your own professional experience or context. The second option requires a discussion with and approval by your Subject Coordinator. The report structure requirements and criteria should be the same regardless of your scenario.

You have been hired as the IT Risk Assessment lead consultant for Gigantic Corporation (your specialisation is based on the area you have chosen above). Your role is to be the interface between business stakeholders and technologists, translating potential technical difficulties into risk language to facilitate effective decision-making by stakeholders. You have been engaged to assess a project that falls into your specialised area. Once you complete a full assessment, you are required to provide the IT assessment report to the management in the department or section that is running the project for Gigantic.

Background of Gigantic Corporation

Gigantic Corporation is an IT based company, which is primarily based in Australia. The company helps in providing various forms of IT based solutions to other companies. They help in providing software and hardware solutions. The organisation is also responsible for establishing business relations, monitor control and thus maintain services and solutions related to information technology systems (Snapp et al., 2017).

As a major provider of IT based services, Gigantic Corporation plays a major role in driving the growth of business of the organisation. They are responsible for designing several kinds of IT based solutions, maintain the form of services that are provided for the business clients and thus support other organizations based on their network infrastructure. The organisation also makes use of cloud environment for bringing in efficiency within the processes of work within the organisation.

As the Lead Consultant of IT Risk Assessment within Gigantic Corporation, the main role of this position is to provide a complete assessment of the various kinds of risks within the organisation. The main role of the lead consultant would be to conduct an assessment based on the upcoming risks within the security of the organisation. Gigantic Corporation is facing some form of challenges based on security aspects of the organisation. Hence the organisation has hired the lead consultant of IT Risk Assessment to implement a project based on Intrusion Detection System. This technological system  

The main responsibilities of the Lead Consultant are:

• Working with senior executives in order to understand the challenges of business, identification of risk scenarios and thus the performance of the business with the operational risks within the organization.
• Communicate and perform high level of coordination with various stakeholders, technical experts that would also include the ecosystem of the client business.
• Identification of the risks and issues that could impact the project and thus maximize the success of the project (Peltier, 2016).
• Building and implementation of solutions for the client that would fit the culture of the business environment and would thus improve the business performance of the client.

The technological system that would be implemented within the IT systems of Gigantic Corporation is Intrusion Detection System (IDS) with the use of cloud security. The advanced technologies that includes IDS and various forms of analysis tools have become noticeable in the network environment. IDS technology would be helpful for implementation within Gigantic Corporation for enhancing the security within the IT systems and protecting the assets of the organization. The IDS would be purely based on cloud platform and would also be able to protect and secure the cloud platform of the organization (Patel et al., 2013).

In the recent times, it has been observed that there are various forms of upcoming attacks based on the IT systems, which are meant for gaining access on the data of the organization. The proper form of detection and thus responding to the attacks is a vital concern for the organizations. The use of IDS systems could be defined as effective solutions within the organisation for resisting the different kinds of attacks. These systems are able to provide additional methods of protection based within the cloud based systems of the organisation. IDS systems can help in identifying different forms of suspicious activities as they keep a track over the activities within the network architecture of the organisation. These forms of IDS systems would be able to send an alert message to the higher management of the organisation (Modi et al., 2013).

The assessment of the report is aimed at providing definitions and discussing about the properties about the vast form of attacks within the cloud computing environment of the organisation. The report also focuses on the introduction of the detection of intrusions within the systems and some models of prevention against those attacks.

Role of Lead Consultant

The architecture for the IDS systems is based on different system structures that would comprise of software components, the external based visible properties of the components and the different relationship among them. The external visible properties includes the different properties such as characteristics of performance, fault handling mechanisms and usage of shared resource (Alrajeh, Khan & Shams, 2013).

                                         

The other kind of IDS model mainly emerges based on the usage of IDS within the cluster of networks. The Cluster Head Module (CHM) is another proposed model. The architecture based on CHM mainly runs on each of the head node of the cluster. They are also responsible for the management of the nodes of cluster and member. The architecture also holds responsibility of for the initiation of detection of intrusion and action based response based on receiving a request from a node of cluster and member (Abduvaliyev et al., 2013).

The IDS technologies make use of defense in-depth form of strategy and thus plays a major role in comprehensive program based on information protection. This is a form of layered approach based on protecting the information systems of any organization. This kind of strategic approach involves multiple form of overlapping controls, which would assist the organization for the prevention, detection and responding to severe intrusions (Butun, Morgera & Sankar, 2014).

The tactical planning is extremely relevant based on the IDS within cloud security. With the impact of cloud security, IDS would be able to perform their operations and provide effective forms of functions. The impact of cloud computing has helped the infrastructure of IDS to provide better form of services.

The contingency plan is a routine based updated plan that would respond to the emerging intrusions within the network and cases of emergency. This plan also includes the performing of backup of data and information, preparation of critical facilities and appropriate forms of migration plans. These plans would help in facilitating of the continuation of operations in any situation of emergency and recovering from disasters (Zonouz et al., 2014).

The lead consultant based within the project should make use of an alert prioritization model that is based on the assessment of risks. This model makes use of indicators to detect the value of assets. The Loss Expectancy within the project is meant for estimating the potential risks and hence would project the potential losses, which might occur based on the materializing of risks.

The different kinds of security policies and procedures help in moving with the technical form of countermeasure that includes the use of IDSs and firewalls. They are primarily meant to leverage the security posture of Gigantic Corporation and mitigate risks while maintaining competitive and financial viability. During the implementation of the IDS technologies, there should be a proper process based on defining the policies and procedures with the help of evaluation and implementation of different kinds of tools based on detection of intrusions. A proper definition of the policies on implementation of IDS should be defined first. This would help in increasing the chances of finding the proper IDS architecture (Elhag et al., 2015). The different policies and procedures within the deployment of IDS would be helpful for protecting the integrity of information and assets within the concerned organization.

Introduction to Intrusion Detection System (IDS)

The best form of recommended practices based on the implementation of IDS techniques and protection against several kinds of intrusions within Gigantic Corporation are:

• Use of tools based on IDS based on the industry standards for analyzing signatures and behavior within the networks for various signs of attacks.
• Scheduling of regular updates based on the detection of signatures such that emerging threats might get detected.
• Development of processes for sending alerts to the management of the organisation based on the detection of suspicious activities.
• Integration of procedures based on incident response for investigation and escalating various kinds of confirmed incidents.

The current evidences of the impact of IDS technologies are that they make use of ad hoc approach for matching the characteristics of specific form of targeted environments. The use of IDS could be used for issuing of alerts or alarms. In the current environment, the IDS are able to take different kinds of automatic based actions based on shutting down of links of the internet or some specific servers. These technologies also make active attempts for the identification of attackers and hence can actively collect various kinds of evidences based on suspicious activities (Mitchell & Chen, 2013).

In the recent times, the IDS systems could be based on software or they could be the combination of software and hardware systems. Many of such kind of IDS based software mainly run on the same kind of severs and devices in which the proxies, firewalls and various other kinds of services would operate. Although various kinds of devices operate within the peripheries of the network, the recent form of IDSs could be able to detect and thus deal with the inside attacks as well as the external attacks on the system.

Threat agents could be defined as the potential actors who are primarily responsible for posing a threat to the computing systems. They are also known as a system entity, which performs an action of threat. The different kinds of threat agents within the IDS are ransomware attacks, malware, Trojans and Hackers. These kinds of threats pose a major form of threats within the internal systems of the organizations.

The most types of issues faced by IDSs are:

• Management of high volume of alerts.
• Ensuring of an effective form of deployment based on which the IDS would work efficiently.
• Understanding and Investigation of alerts automatically.
• Proper knowledge about responding to threats (Can & Sahingoz, 2015).

Consequences 

Based on the improper form of selection of IDSs, there would be some kind of consequences, which might affect the concerned organization. These are:

• Late Running of Projects– Different kinds of unforeseen risks might slow down the efficiency of the project and thus might affect the management of project plans. There might be also some form of delays that might take place during the activities of risk management. These might push out other kinds of activities based on the schedule of the project (Abduvaliyev et al., 2013).
• Reputational Damage – The improper implementation of IDSs could lead to the damage to the reputation of the organisation. Imposed threats could damage the internal processes of the systems and steal valuable assets of the organisation.
• Failure of Projects – The failure to manage risks within the projects could lead to the failure of vital projects. This might cause the failure of business processes (Chung et al., 2013).

                                                   

The impacts of risks within the systems of the organizations are:

• Health and Safety– Improper assessment of risks could lead to the impact on the safety of the organisational systems and processes.
• Financial – The improper assessment of risk might also lead to loss of revenue, expenses and costs within the organisation (Creech & Hu, 2014).
• Time –Different projects that would be ongoing might get to be delayed if the risks are not assessed properly.

Mitigation

The different kinds of strategies that could be implemented within the systems with the aid of Intrusion Detection Systems are:

• The concerned organization should implement a host-based IDS technologies.
• Personal data of the organization should be protected against any form of intrusion and the computing systems should be kept updated regularly (Hahn et al., 2013).
• Updating of the IDS rules for including the regular attacks. They should use a stream preprocessor for the purpose of reassembling of packets. They should use a Unicode preprocessor for countering the different evasion techniques that are primarily based on Unicode encoding (Stanciu, 2013).

The different kinds of safeguards that could be implemented within the strategic systems include customizable electronic accessibility cards, perimeter fencing, biometrics and antivirus software that could be implemented within the organisation for safeguarding the cloud environment (Mitchell & Chen, 2015).

Security Mechanisms

Different other kinds of security mechanism based on the implementation of cloud secured platforms are:

• Digital Signature– This kind of mechanism helps in providing the means for providing the authentic data and thus provide integrity with the aid of non-repudiation and authentication. In this form of system, the message would be assigned a digital signature prior to the transmission of information (Rewagad & Pawar, 2013).
• Hashing – This form of mechanism is used in a one-way manner. On application of the property of hashing to a particular message, it would be locked and no such key would be provided for the unlocking of the message.
• Encryption – This is a form of security mechanism in which the plaintext data would be paired with a certain string of characters that would be known as an encryption key. In this mechanism, the secret message would be established and shared among authorized parties (Ryan, 2013).

Key Principle of Information Security

 The main principle of information security is to secure the data and assets within various organizations. In the recent times, the use of high form of information security is very much essential. The major forms of benefits for information security based within cloud platform is network based access within computing and services based on data storage (Webb et al., 2014). Hence, the main principle of the security of information is to provide scalability, adaptability and economical assurance within the organizations.

Conclusion

Based on the above discussion, it could be concluded that the Intrusion Detection Systems could be deployed within the aspect of cloud security of Gigantic Corporations. The organisation is dedicated to provide vast form of IT services to their business clients and hence require high form of security within their systems. Hence the IDS technologies are deployed within the cloud environment for the purpose of detecting any form of malicious behavior within the network and the computing systems. The report discusses on the impact of applying the IDS technologies in the cloud environment and thus maintain high form of security of the resources of the organization.

Different Forms of IDS Systems

References 

Abduvaliyev, A., Pathan, A. S. K., Zhou, J., Roman, R., & Wong, W. C. (2013). On the vital areas of intrusion detection systems in wireless sensor networks. IEEE Communications Surveys & Tutorials, 15(3), 1223-1237.

Alrajeh, N. A., Khan, S., & Shams, B. (2013). Intrusion detection systems in wireless sensor networks: a review. International Journal of Distributed Sensor Networks, 9(5), 167575.

Butun, I., Morgera, S. D., & Sankar, R. (2014). A survey of intrusion detection systems in wireless sensor networks. IEEE communications surveys & tutorials, 16(1), 266-282.

Can, O., & Sahingoz, O. K. (2015, May). A survey of intrusion detection systems in wireless sensor networks. In Modeling, Simulation, and Applied Optimization (ICMSAO), 2015 6th International Conference on (pp. 1-6). IEEE.

Chung, C. J., Khatkar, P., Xing, T., Lee, J., & Huang, D. (2013). NICE: Network intrusion detection and countermeasure selection in virtual network systems. IEEE transactions on dependable and secure computing, 10(4), 198-211.

Creech, G., & Hu, J. (2014). A semantic approach to host-based intrusion detection systems using contiguous and discontiguous system call patterns. IEEE Transactions on Computers, 63(4), 807-819.

Elhag, S., Fernández, A., Bawakid, A., Alshomrani, S., & Herrera, F. (2015). On the combination of genetic fuzzy systems and pairwise learning for improving detection rates on intrusion detection systems. Expert Systems with Applications, 42(1), 193-202.

Hahn, A., Ashok, A., Sridhar, S., & Govindarasu, M. (2013). Cyber-physical security testbeds: Architecture, application, and evaluation for smart grid. IEEE Transactions on Smart Grid, 4(2), 847-855.

Liao, H. J., Lin, C. H. R., Lin, Y. C., & Tung, K. Y. (2013). Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications, 36(1), 16-24.

Mitchell, R., & Chen, R. (2013). Behavior-rule based intrusion detection systems for safety critical smart grid applications. IEEE Transactions on Smart Grid, 4(3), 1254-1263.

Mitchell, R., & Chen, R. (2015). Behavior rule specification-based intrusion detection for safety critical medical cyber physical systems. IEEE Transactions on Dependable and Secure Computing, 12(1), 16-30.

Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., & Rajarajan, M. (2013). A survey of intrusion detection techniques in cloud. Journal of network and computer applications, 36(1), 42-57.

Patel, A., Taghavi, M., Bakhtiyari, K., & JúNior, J. C. (2013). An intrusion detection and prevention system in cloud computing: A systematic review. Journal of network and computer applications, 36(1), 25-41.

Peltier, T.R., 2016. Information Security Policies, Procedures, and Standards: guidelines for effective information security management. Auerbach Publications.

Rewagad, P., & Pawar, Y. (2013, April). Use of digital signature with diffie hellman key exchange and AES encryption algorithm to enhance data security in cloud computing. In Communication Systems and Network Technologies (CSNT), 2013 International Conference on (pp. 437-439). IEEE.

Ryan, M. D. (2013). Cloud computing security: The scientific challenge, and a survey of solutions. Journal of Systems and Software, 86(9), 2263-2268.

Snapp, S. R., Brentano, J., Dias, G., Goan, T. L., Heberlein, L. T., Ho, C. L., & Levitt, K. N. (2017). DIDS (Distributed Intrusion Detection System)-Motivation, Architecture, and An Early Prototype.

Stanciu, N. (2013). Technologies, methodologies and challenges in network intrusion detection and prevention systems. Informatica Economica, 17(1).

Webb, J., Ahmad, A., Maynard, S. B., & Shanks, G. (2014). A situation awareness model for information security risk management. Computers & security, 44, 1-15.

Zonouz, S., Davis, C. M., Davis, K. R., Berthier, R., Bobba, R. B., & Sanders, W. H. (2014). SOCCA: A security-oriented cyber-physical contingency analysis in power infrastructures. IEEE Transactions on Smart Grid, 5(1), 3-13.