Gigantic Corporation is an IT organization that is primarily based in Australia. The organization provides various kinds of IT solutions and services. They offer end-to-end services to their customers a business clients who are based in several other countries. The organizations helps in providing hardware and software based solutions to other companies. Gigantic Corporation also holds the responsibility for establishing strong business relations, maintain high form of services and thus monitor control over the various applications that are being developed within the information technological systems.
The company helps in driving the business needs of the organisation. As Gigantic Corporation holds a huge reputation in providing various kinds of solution to their clients therefore they help in maintaining these services. They are also responsible for solving any kind of unwanted situations that might occur within the systems. They also support their business clients with all kinds of needs, which might be needed at any point of time. The company also has a tilt towards the use of cloud computing platforms within the module of their business. This is meant for bring efficiency within the processes of work in the sector.
Outline of Roles and Responsibilities of the Lead Consultant of IT Risk Assessment
The primary role of the Lead Consultant is to understand the current situations of work within the sector of Gigantic Corporation. The consultant has to look into the details of the organisation, understand them and thus be able to plan some form of strategies that would be helpful for mitigating the concerns that might raise within the systems. They should conduct an assessment over the security prospects of the systems and thus be able to develop solutions by gaining vast insights (Peltier, 2016). Based on the current scenarios, it has been understood that Gigantic Corporation is facing some major form of issues in relation with the aspects of security. Therefore the organisation is focusing on the needs of development of a cloud based platform. These would be meant for measuring the security prospects of the organisation. Hence the Lead Consultant has been hired by Gigantic Corporation for helping in the implementation of an Intrusion Detection System (IDS) technology (Liao et al., 2013). This technological system would be meant for protecting the features of security and thus implement better forms of processes within the existing business systems.
The basic responsibilities of the Lead Consultant is:
- To work with the higher executives for understanding the challenges faced by the business, identify and assess the risks and thus enable better form of performance within the business. These are meant for removal of operational risks faced by the organization.
- Establish proper form of communication and thus perform better coordination levels with different stakeholders, technical experts. This also includes the ecosystem of the business of the client.
- Identify the potential risks and the issues, which might arise within the development of a project.
- Developing and implementing software solutions for the client business, which would fit within the culture of the organization. This would also help in improving the business performance of the concerned organization and thus provide immense benefits for the client.
Outline of New Technology
The new form of technical system, which might be implemented within the organization is Intrusion Detection System with the effect based on Cloud Security. The impact of IDS and the included tools meant for the analysis would be helpful for securing the network environment of the concerned organization. The impact of IDS technology would be purely meant for providing effective forms of solutions meant for the purposes of the organisation. It would also prove to be a useful factor for detecting several forms of unauthorized access within the computing systems. These IDS systems would completely track the various movements within the network and would also monitor the entire track records of the organisation (Patel et al., 2013). The IDS systems have a high form of sensor that detects the various kinds of intrusions within the computing systems. It would then send an alert message to the security team who would then be able to monitor the systems and thus provide solutions accordingly.
In the age of technology, it has been majorly observed that there could be a vast range of attacks on the computing systems. These attacks would be mostly meant for gaining a wide access over the internal assets and data of the organization. Hence a proper mechanism of detection of the attacks and securing the computing systems is highly necessary. The impact of IDS technologies would majorly be helpful for ensuring the security of the data of the organization and maintain a proper business procedure.
The report helps in assessing the different definitions of IDS and their vast level of properties based on the aspect of cloud computing. The reports supports the discussion on the cloud computing paradigms and the detection of intrusion by the IDS technology. It also provide recommendations based on the prevention of such kinds of attacks (Modi et al., 2013).
Overview of Technical Recommendations
Security Architecture of IDS Technology
The security architecture embedded within the IDS technology is mainly based on different forms of system structures. This would be a combination of the externally visible properties, various kinds of software components and would also define the various relationships between them. The properties that are externally visible is based on the inclusion of different kinds of properties that includes mechanisms based on handling of faults, performance characteristics and use of sharable resources (Jun & Chi, 2014).
(Fig 1: Software Security Architecture of IDS)
The different other kinds of model based on IDS would mainly emerge based on the usage of IDS within the networking cluster. The Cluster Head Module (CHM) could be regarded as another form of proposed model. The inbuilt architecture based on CHM would be running on the cluster head node (Hidoussi et al., 2015). The inbuilt architecture would be responsible for the initiation process of detection of the severe kinds of intrusions and thus provide an action based response that focuses on receiving of requests.
Strategic, Tactical and Contingency Planning
The technologies based on IDS would make use of the defense in-depth form of strategy. They would also play a major role based on the protection of useful form of information. The layered form of approach would be mainly based for protecting the informational systems within the organisation (Schumacher et al., 2013). Hence, this form of strategically designed approach would help for assisting the organization on preventing, detecting and thus responding to critical intrusions.
The planning based on critical tactics would be vastly relevant within the IDS technology. The impact of cloud security would help the improvement of operations and thus would provide an all-round security over the organisation (Mitchell & Chen, 2014). Cloud computing paradigms have vastly impacted the improvement of the infrastructure of IDS.
Contingency planning is one of the routine developed plan. These kinds of plans would promptly respond to the upcoming threats in such emergency situations. This kind of plan also includes the backup of data, preparing of critical kind of facilities and proper kinds of plan on migration (Dawson Jr, Crespo & Brewster, 2013). These kind of plans would also help to facilitate the continuation of business processes and thus recover from disasters.
Financial Aspects of the Project
The Lead Consultant would be responsible for designing a model based on alert prioritization model. This model would be responsible for assessing the risks. This model would make use of severe kinds of indicators based on the detection severe kinds of assets. The Loss Expectancy concerning the project would hold meaningful for the estimation of potential risks. This would also project the potential loss over the organization (Finnerty, 2013).
Risk Assessment based on Threats, Vulnerabilities and Consequences
Existing IT Control Framework
Policy and Procedures
There are various kinds of policies and procedures, which would be helpful for detecting the various kinds of countermeasures. These form of countermeasures could include the extensive use of firewalls and IDs. These measures help in the design of the security posture of Gigantic Corporation. They would also help in the mitigation of risks. They would also be able to maintain financial and competitive viability of the concerning organization (Safa et al., 2015). During the initial phases of the implementation of IDS based technology, there should be a proper kind of system. This system would help in providing a definition of policies and would guide in the process of evaluation and would also help in assisting on the use of tools and techniques based on detecting intrusions. Hence this would also help for the increase of chances of the design of a proper form of architecture of IDS technologies (Schumacher et al., 2013). The various kinds of policies and procedures would help in the integration of system information and protect the valuable assets of Gigantic Corporation.
Best Recommended Practices
There are some form of recommended practices that could be implemented within Gigantic Corporation based on their implementation of the IDS technology project. These are:
- Use of such kind of tools of IDS that are mainly focused on industry standards for properly analyzing the signatures and their behaviors based on the various attack stages (Hassan, 2013).
- Developing of several kind of processes based on sending of alerts to the managerial level of the organization.
- Integrating different procedures, which would help in incident based response for investigating and thus escalating different kinds of issues based on confirmed incidents.
- Scheduling of regular form of updates, which would be helpful for detecting signatures (Butun, Morgera & Sankar, 2014).
The present form of evidences, which are based on the impact of IDS technologies are focused on the use of ad hoc based approach. This kind of approach is recommended for the purpose of matching of characteristics based on specific form of targets environments (Shamshirband et al., 2013). IDS technology could be used majorly for detecting unauthorized access and thus send alerts to the top level of management.
Based on the current scenario, it could be discussed that IDS technological systems would be able to shut the links, which could pose serious forms of attacks. They could also slow down the pace at which the internet platform is being accessed. These kinds of technologies would try to make some kinds of attempts for identifying the potential attackers.
In the recent kinds of development of the systems based on IDS technologies, it could be defined that the software would be purely based on the proper form of combination of hardware and software based systems (Joshi & Pimprale, 2013). Many of the IDS focused software would mainly depend on same form of servers and devices. These IDS would consist of different advanced form of firewalls, proxies or other kinds of software that would perform continuous operation within the systems. The recent developments in the systems of IDS would enable them to detect any forms of potential attacks within the systems and thus would be able to provide different kinds of suggestions based on prevention of the systems. The IDS systems would also be able to detect any form of internal as well as internal attacks on the computing systems.
Identification and Discussion about the Major Threat Agents
List of Agents of Threats
The threat agents are defined as such forms of potential actors who pose different forms of threats within the security systems. They are a kind of entity within the system who perform different forms of activities that poses threats to the computing systems. Different forms of threats that are prone to the computing systems include malwares, ransomware, Trojan and many virus attacks. These vital threats occur within the internal structure of the organization and thus increase the vulnerability of the organization (Can & Sahingoz, 2015).
(Fig 2: Depiction of an Intrusion Detection System)
The most common types of issues that are mostly faced by the IDS technologies are:
- Managing of a high level of alerts on the computing systems.
- Understanding and thus investigating the alerts in an automatic manner.
- Gaining of proper form of knowledge and investigate the alerts.
- Ensuring that the deployment of the IDS technology would be successfully installed and they are able to function in an efficient manner.
The selection of inappropriate kind of IDS systems would lead to tremendous consequences that might affect the concerned organization. Some of the sever forms of consequences are:
- Damage to the Reputation of the Company – The improper implementation of IDS technology would be leading to the damage of the reputation of the organisation. The different forms of imposing threats would damage the internal processes within the system and thus get access to the assets of the company (Chung et al., 2013).
- Failure of Projects – The failure of managing of risks within the projects would lead to projects getting failed at the final stages of testing. This might lead to huge loss over the business processes.
- Delaying of Projects – There might be different forms of risks that could affect within the system. This might lead to the delay in the time of the delivery of the concerned projects (Abduvaliyev et al., 2013).
(Fig 3: Working Scenario of IDS Technologies in Organisation)
Mitigation of Risks and Impacts on System
The different kinds of impact of the risks based within the organisation are:
- Safety and Health – The inappropriate assessment of risks would lead to the severe forms of impact on the health aspects of the systems and business processes.
- Time – The impact of risks within the systems would lead to delaying of several processes. Without a proper form of evaluation, the end products would not be delivered to the customers.
- Financial – Inappropriate assessment of projects could lead to financial losses of revenue, expenses and incur other forms of costs within the organisation (Creech & Hu, 2014).
There are different kinds of strategies, which could be implemented within the business processes of the organisation. These would be with the help of the IDS technologies:
- Personal data kept within the organisational premises should be protected and secures against the detection of any form of intrusion. Hence the computing systems should be kept updated on a regular basis (Stanciu, 2013).
- The organization should focus on the implementation of IDS based technologies.
- The security systems within the organization should be updated on a regular basis. They should make use of a stream preprocessor based on the purpose of reassembling the received packets. A Unicode preprocessor should be used for countering different forms of techniques based on evasion. These would be primarily be based on Unicode encoding.
Protection Mechanisms for Employing Security
There are different kinds of mechanisms based on safe guards that could be implemented with the use of Strategic based systems. These would include the customizable forms of accessibility cards, biometric systems, perimeter fencing and antivirus software (Mitchell & Chen, 2015). These systems could be implemented within the security prospects of the organization based on safeguarding the environment of the cloud systems used by the organization.
The different mechanisms based on the implementation of the secured cloud platform are:
- Hash Functions – This mechanism is used in a one-way process. The primary property of hashing is to lock down a certain message and an authorized key would be sent to the other user who would be able to unlock the message.
- Digital Signature – This form of mechanism would help in the providing authentic form of data that would also help in maintaining the integrity of the information. The message would also be assigned a kind of digital signature before the transmission of information.
- Encryption – This kind of mechanism for the security would help in the conversion of plaintext data into a certain string of characters. It is also known as an encryption key. The secret message would be establishes and would be shared among the authorized parties (Ryan, 2013).
Key Principle of Information Security
The primary principle of the security of information is based on protecting the different forms of assets of the organization. In the recent time, there has been major form of incidents based on theft of data and assets of a particular organization. Hence the securing of the data of the organization is a very important aspects, which should be highly considered. The prime benefits of information security based on the platforms of cloud would be based on the network and computing services that would depend on data storage. Therefore, the main principle of the securing of information is measuring the adaptability, scalability and economical assurance based in the organization.
The above discussion helps in concluding about the importance of implementation of the project based on Intrusion Detection System within the organization. The organisation provides different kinds of solutions for the business and would thus require different kinds of mechanisms based on the security aspects. Hence the implementation of the IDS technologies would prove to be a major help for the security of the organisation and would thus be able to meet the objectives of the business.
Abduvaliyev, A., Pathan, A. S. K., Zhou, J., Roman, R., & Wong, W. C. (2013). On the vital areas of intrusion detection systems in wireless sensor networks. IEEE Communications Surveys & Tutorials, 15(3), 1223-1237.
Ashfaq, R. A. R., Wang, X. Z., Huang, J. Z., Abbas, H., & He, Y. L. (2017). Fuzziness based semi-supervised learning approach for intrusion detection system. Information Sciences, 378, 484-497.
Butun, I., Morgera, S. D., & Sankar, R. (2014). A survey of intrusion detection systems in wireless sensor networks. IEEE communications surveys & tutorials, 16(1), 266-282.
Can, O., & Sahingoz, O. K. (2015, May). A survey of intrusion detection systems in wireless sensor networks. In Modeling, Simulation, and Applied Optimization (ICMSAO), 2015 6th International Conference on (pp. 1-6). IEEE.
Chung, C. J., Khatkar, P., Xing, T., Lee, J., & Huang, D. (2013). NICE: Network intrusion detection and countermeasure selection in virtual network systems. IEEE transactions on dependable and secure computing, 10(4), 198-211.
Creech, G., & Hu, J. (2014). A semantic approach to host-based intrusion detection systems using contiguous and discontiguous system call patterns. IEEE Transactions on Computers, 63(4), 807-819.
Dawson Jr, M. E., Crespo, M., & Brewster, S. (2013). DoD cyber technology policies to secure automated information systems. International Journal of Business Continuity and Risk Management, 4(1), 1-22.
Finnerty, J. D. (2013). Project financing: Asset-based financial engineering. John Wiley & Sons.
Hassan, M. M. (2013). Current studies on intrusion detection system, genetic algorithm and fuzzy logic. arXiv preprint arXiv:1304.3535.
Joshi, S. A., & Pimprale, V. S. (2013). Network Intrusion Detection System (NIDS) based on data mining. International Journal of Engineering Science and Innovative Technology (IJESIT), 2(1), 95-98.
Jun, C., & Chi, C. (2014, January). Design of complex event-processing ids in internet of things. In Measuring Technology and Mechatronics Automation (ICMTMA), 2014 Sixth International Conference on (pp. 226-229). IEEE.
Liao, H. J., Lin, C. H. R., Lin, Y. C., & Tung, K. Y. (2013). Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications, 36(1), 16-24.
Mitchell, R., & Chen, I. R. (2014). A survey of intrusion detection techniques for cyber-physical systems. ACM Computing Surveys (CSUR), 46(4), 55.
Mitchell, R., & Chen, R. (2015). Behavior rule specification-based intrusion detection for safety critical medical cyber physical systems. IEEE Transactions on Dependable and Secure Computing, 12(1), 16-30.
Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., & Rajarajan, M. (2013). A survey of intrusion detection techniques in cloud. Journal of network and computer applications, 36(1), 42-57.
Patel, A., Taghavi, M., Bakhtiyari, K., & JúNior, J. C. (2013). An intrusion detection and prevention system in cloud computing: A systematic review. Journal of network and computer applications, 36(1), 25-41.
Peltier, T.R., 2016. Information Security Policies, Procedures, and Standards: guidelines for effective information security management. Auerbach Publications.
Ryan, M. D. (2013). Cloud computing security: The scientific challenge, and a survey of solutions. Journal of Systems and Software, 86(9), 2263-2268.
Safa, N. S., Sookhak, M., Von Solms, R., Furnell, S., Ghani, N. A., & Herawan, T. (2015). Information security conscious care behaviour formation in organizations. Computers & Security, 53, 65-78.
Schumacher, M., Fernandez-Buglioni, E., Hybertson, D., Buschmann, F., & Sommerlad, P. (2013). Security Patterns: Integrating security and systems engineering. John Wiley & Sons.
Schumacher, M., Fernandez-Buglioni, E., Hybertson, D., Buschmann, F., & Sommerlad, P. (2013). Security Patterns: Integrating security and systems engineering. John Wiley & Sons.
Shamshirband, S., Anuar, N. B., Kiah, M. L. M., & Patel, A. (2013). An appraisal and design of a multi-agent system based cooperative wireless intrusion detection computational intelligence technique. Engineering Applications of Artificial Intelligence, 26(9), 2105-2127.
Snapp, S. R., Brentano, J., Dias, G., Goan, T. L., Heberlein, L. T., Ho, C. L., & Levitt, K. N. (2017). DIDS (Distributed Intrusion Detection System)-Motivation, Architecture, and An Early Prototype.
Stanciu, N. (2013). Technologies, methodologies and challenges in network intrusion detection and prevention systems. Informatica Economica, 17(1).