Developing a Business Contingency Plan for Secure Operations

Business Contingency Plan

The business operations are operated by built-in business related software tools. To identify the appropriate business software, the developers need to evaluate the software lifecycle models. The researcher has already defined the software models through a suitable software development matrix. After that, Business contingency plan is required to develop a secure environment for the essential business process. 
Business Contingency Plan:

Aim and Objectives:

 

The business contingency plan is especially designed to make an effective business plan under a secure environment. However, this BCP is developed based on the Federal business plan standards. The following objectives can be found in this business contingency plan.
•    To identify the potential business flaws on the business operation context. 
•    To avoid the possible business security issues.
•    To introduce BCP to mitigate the potential security problems effectively. 
Operating System Standards and Procedure:

Operating system is required to make an interface between the computerized system and users. In the case of the business area, all the functions related to the business and marketing operations are controlled by the process management section of the OS (Ozay et al., 2015). To manage all the tasks, the operating system uses the process and threads respectively and completes the task scheduling programs effectively.  To maintain each thread, it uses the process control block (PCB) and encloses all the business information. 
The process memory is categorized into several sections according to the computation. Dynamic memory allocation is available here to utilize the memory spaces with relevant information. The data section and text section mainly consist of allocated and compiled data sets prior to the business program execution (Haseeb et al., 2019). The heap and the stack section of the PCB deals with the local and static variables to manage the various fundamental operations that are related to the process management system. However, the PCB runs in different stages to compute the programs and get the results after a successful execution.  To execute the business related activities, processes are passed according to the task scheduling algorithms.
All the processes are stored in the PCB and then, they are send through stages where NEW is related to newly created process. When the instructions are applied to run that new process, then that process is found in the RUNNING state. If any new thread comes to the next, it needs to wait until the previous one completes its operations. In that case, the new processes wait to the READY mode to get access further. Once each process completes its tasks, the processed data are sent to the TERMINATED state and finish the final execution process. Thus, all the processes and threads follow the same cycle until the entire business program execution is completed successfully. 
Impact of an unexpected or catastrophic event on your business operations
Security professionals need to identify the vulnerabilities according to the security control mechanisms. There are three different factors present to measure the risks associated with the business operations. 
?
CIA Triad to detect the Intrusion and Mitigate the Critical Issues:

Operating System Standards and Procedure

It is the way to keep the data private and the organizational data access should be kept as secure. The authorization and the data authenticity is required to run any kind of business project. The confidentiality can be destroyed unintentionally by human error (Yang et al., 2021). Moreover, the man-in-middle attack is another severe issue that causes the inadequate security problems. 
The weak password may be hacked through malicious program injections. Therefore, the physical eavesdropping can be seen here in the physical equipment and storage devices.

Encryption technique:

The encryption process is the mechanism to prevent data access. The business data is protected with a password. In that case, the security key is issued here to encrypt the data and decrypt the data accordingly. The security key allows only the authentic users to access the data
The access control mechanism comprises the user access control. A strong user access control mechanism should be built from the business head's end. Here, the unauthorized sites have been blocked that may carry the virus-infected files. 
Integrity:

 

The data integrity consists of the quality of data that might be authentic and reliable. No information can be altered once this feature can take place. However, the data reliability can be compromised through inadequate business policies (Virat et al., 2019). Sometimes, the coding errors are responsible for causing these kinds of issues in cloud data. The network intrusion sometimes modifies the configuration files and creates such kinds of errors effectively. 

Digital signature:

Availability:

The availability feature deals with the reliable networks. It verifies whether the network system and business application software is running in real-time or not. DoS attack is a web-based attack that makes the content unavailable from the website (Rahim, 2017). Thus, the performance lacking issue may occur there.

Disaster Recovery Plan should be included here. The packet filtering software tool might be installed to monitor the messages (Ouyang & Cui, 2020). If the transferred packet is found as suspicious, then it will immediately stop the sending process. OS Critical Sections:

 

The OS always ready to handle multiple processes in the multitasking environment. The problem occurs once more than one thread come to the PCB and want to access the same resources. In that case, the OS needs to be evaluated with critical thinking and resolves the problem as soon as possible. The resources may be either the computerized system or it may be any storage unit. Moreover, the threads need to use the CPU for perform any calculations and process the data (Celik et al., 2019). So, the CPU and I/O unit can be the resources that can be accessible by multiple programs concurrently. The critical section creates barriers to execute multi-threads at the same time. So, the operating system comes across issues in allowing and disallowing the processes from entering that critical section. Then, OS creates a unique situation in such a way that all the processes are blocked by system (Lee & Kim, 2017). No process is allowed to pass through the PCB block. This problem has been created through risk control protocols to prevent race conditions among the incoming processes. As a result, the business operations got stuck quite often and system starts to load again and again without any reason. Develop standard operating procedures to mitigate Critical Issues To mitigate the critical section, the business IT manager needs to include the process deadlock prevention and avoidance steps. To avoid this kind of deadlock prevention, the following methods might be considered  Mutual Exclusion  Mutual exclusion is a way to prevent the deadlock like major OS issue. By using this mechanism, the users can overcome this issue effectively. If there is any critical section, then the second process needs to wait until the first one gets free and is terminated. It is the best way to avoid the race condition for process management system. Sometimes, the “Hold and Wait” technique is also involved here. Then, the second process can enter to the READY state in the case of emergency  However, the first process needs to wait for certain times and then, it starts again the rest of its tasks once the second process left the READY state (Mukherjee et al., 2017). Thus, multi-threading is useful to avoid the unnecessary deadlocks. 

Impact of an unexpected or catastrophic event on your business operations

Bound Waiting Process:

Bounded waiting is another deadlock prevention step that can be useful to prevent the time delay as well as maximize the business operations. Each process might have a limited waiting time and once it is over, the other processes will enter.  OS security Issues and Its Prevention Steps There are some common operating systems vulnerabilities may occur once the business operation is going on. Therefore, the business operations got stuck or become affected negatively by those potential issues. Most of those technical problems are related to the cyber-attack and malware related issues. Malware  Malware like malicious attack encompasses various typical system attack vectors. These malware programs are injected to the victim’s system secretly and hackers steal the confidential data from that computerized system (Alferidah & Jhanjhi, 2020). The purpose of this virus affected software is to destroy the sensitive information or to corrupt the data permanently. If it attacks any system, it creates multiple copies to make the users very confused. Thus, it destroys the original file by spreading the virus-infected files. 
?
Denial of Service Attacks

 

A denial of Service (DoS) attack is another major attack that sends fake requests into the system and stops incoming legitimate requests. In the case of severe DDos attacks, the system resources can be damaged permanently that hamper the computerized system underlying infrastructure. The advanced DoS attack under the distributed operating system are more harmful than normal DoS. It can be quite difficult to overcome within a small period. Most of the times, the intruders use this attack to steal the confidential data from the intruders. 
For example, DoS attack under this system may introduces “SYN flood” attack where the user will get the server error. In the case of the business operation, the attackers send multiple network requests to the business server and wait for only a single acknowledgement (Esposito et al., 2018). If a request is accepted by the business administration by mistake, the intruders can gain network packet accessibility and it exhausts the resources as well.  
Network Intrusion (Insider Attack)
An improper use of the network system is the root cause of the network intrusion. An individual access gain is there due to the network intrusion. The typical intruders take advantages of the victim’s mistakes. 
Careless Insiders: The authorized users sometimes ignore the security protocols and best practices. As a result, sensitive assets of the business operations can be leaked.The authorized users misuse the privileges and virus-infected policies (Miranda et al., 2020). 
Masquerades: The external individuals exploit the individual accounts. The users gain the access key of the victims by stealing the system credential data. 
Buffer overflow:

Encryption technique

The main purpose of the buffer is to store the data on a temporary basis. During the buffer overflow attack, the temporary data storage unit gets full of data and the program attempts to write data with memory locations. Threat actors exploit the buffer overflows through script injections. The aim of this attack is to hijack the dataset and crash it immediately (Tariq et al., 2020). Thus, the business operations can be destroyed due to buffer overflow like cyber-attack. 
Networking System and Used Topology for Organizational Communicating System 
The communication system of an organization is entirely dependent on the network system. In the proposed network system, the ad-hoc wireless network can be used to make the network design simple and reliable. The multiple network channels are connected through this wireless network and wireless devices can be added to it through access points. In this network, all the systems attached to it might be configured properly as all of them have their own power to operate themselves individually (Cui et al., 2018). Moreover, the connected network can be developed through wireless access points and it should be as powerful as possible. 
Here, the physical network topology will be used. This topology supports the peer-to-peer network that is found in the wireless Ad-hoc technology. Through this network, the people in the organization can share the business email to each other (Lin & Liao, 2017). However, they can check those official emails as well as they will be able to send the business related texts effectively. Suppose, the admin needs to share the attendance sheets to their employees, then he can send it via the emails and physical network topology can be useful to send the data through it. 
Challenges of NETWORK communications systems and Best Methods to Prevent (External Resources/Persons Involvement)
The challenges in the network communication process related to the network security system. 

The network intrusion process easily hacks the data from the reliable network. Here, the network unavailability issue makes the system security problem. The chain network is used here that can be destroyed if any SYN Flood attack is there. Under this attack, the network traffic can be hacked and the intruders hack the access credentials. 

 

Assignment

 
As a synthesis of the prior steps in the project, you will create a lessons learned presentation to share with your CISO.
Create a 15-20 slide PowerPoint with narrative footnotes that would be presented to the CISO and the nation's leader concerning attacks, evidence acquired, attribution, impact, business recovery, and remediation success. Areas that should be discussed are defined below.
Use this opportunity to describe not only what occurred during the attack and the results of evidence items but also how operations and communications can be done in a secure fashion. Also describe the need for information sharing and how it can be possible between nations and private business operations without source attribution. Is source attribution needed?
Use this opportunity for any lessons learned throughout the project that IT staff can take back to business units to incorporate into daily operations. Recall the threats you received. If you were the leader of the group, what would you want the CISO to know in case of an event? What could have been identified earlier as a critical system that may have been protected? Also, take a look back at your team's BCP and discover any setbacks that may happen once an event occurs. Describe any additions or changes that you would incorporate in the plan. Describe the following information in your video at a minimum and additional topics that could better the operational tempo of business units.
Recovery: How the incident was contained and eradicated
•    The work performed during recovery
•    Areas where the incident response team was effective
•    Areas that need improvement
o    Which security controls failed (including monitoring tools)?
o    How can we improve those controls?
o    How can we improve the security awareness programs?
o    What were the current operating system vulnerabilities that were leveraged to execute the attack?
o    How can managing patches and basic operating system security enhance security from known threats?