Need Help With This Assignment?

Let Our Team of Professional Writers Write a PLAGIARISM-FREE Paper for You!

SUBMIT YOUR ASSIGNMENT

IT management, Pages: 18

Information Security Plan

Information Security Plan

Abstract

An information security plan includes the various measures and policies that are implemented in an institution to protect the confidential and sensitive data of the institution. The institution focused on in this information security plan is the Creech Air Force base. Aspects of information security noted in the plan include the importance of ensuring the security of the information system of the base is maintained as well as the different threats that can occur in the information system. Security measures proposals are also included in the plan. Additionally, other aspects of information security included in this plan include penetration testing, cyber forensics and incident response, acceptable use policy and information security management standards, business continuity and disaster recovery (BCDR), and training and identity management.

Introduction

Various confidential and sensitive information can be found at Creech Air Force Base. The loss of confidentiality, integrity, or even availability of the information can be detrimental not only to the Air Force base but also to the national security of the country. To prevent the occurrence of instances where the information is either lost or accessed by unauthorized individuals, the implementation of an information security plan is essential at the Air Force base. The information security plan addresses the various policies that would determine the information security of the base as well as identifying the various threats, risks, and vulnerabilities that can be associated with the base. The definition of the information security plan at Creech Air Force base also includes the definition of the ways through which the security issues can be identified and proceeds to recommend the appropriate security measures that can address the noted security issues. The implementation of the recommended information security measures can protect the Air Force base from various security threats and ensure that sensitive and confidential information in transit or stored at the base is protected from unauthorized access or loss.

CIA Triad in Information Security 

When determining the efficiency of information security, one of the models that are used to direct the definition of information security at the organization is the CIA triad. The CIA triad involves addressing Confidentiality, Integrity, and Availability (CIA) of the information that can be found at an organization. At Creech air force base, information can be in three states, which include in transit, at rest, or in use. These three states include the data that is being transmitted in and out of the information system used at the base, the data that is being stored at the base, and the data that is being used to perform various activities at the base. The CIA triad aims at protecting data that can be found in different states.

According to Samonas and Coss (2014), data confidentiality includes preventing unauthorized access to information either in transit, at rest, or in use. Ways through which unauthorized access to the information found at Creech Air Force Base include man-in-the-middle attacks as well as hacking. The integrity of the data at the base involves ensuring that the data is not modified by unauthorized individuals. The unauthorized modification of data at the base can have detrimental effects, such as the delivery of unintended messages. The aspect of data availability includes ensuring that the required data can be accessed by authorized individuals at all times when the authorized individual requires access to the information (Samonas & Coss, 2014). Apart from the confidentiality, integrity, and availability of the information, Samonas and Coss (2014) note additional principles that are essential in information security. These principles include the authenticity of the information, non-repudiation, ethicality, and well as identity management. Therefore, using the CIA triad, information security can note the various requirements to ensure the principles included in the triad are maintained in an institution such as at Creech Air Force Base.

Information System Threat, Risk, and Vulnerability Assessment

The occurrence of threats at Creech air force can result in harmful consequences; hence, it is necessary to implement an information security plan at the base. Some of the major components of an information security plan involve conducting threat analysis as well as risk and vulnerability assessment. According to Watts (2020), a threat refers to an occurrence that can negatively impact the information system of an organization. Watts (2020) also notes that a vulnerability refers to a weakness in the information system of the organization that can be exploited by attackers and allow the occurrence of a threat in the organization’s information system. The occurrence of threats following the exploitation of a vulnerability of an organization’s information system can result in the information system being damaged or the loss of the data found in the information system. This loss or damage to the information system that is caused by the occurrence of a threat is considered to be a risk.

A threat in the information system can be classified into three states, which include intentional threats, natural threats, and unintentional threats (Watts, 2020). Intentional threats are threats that have malicious intentions and are executed to compromise the security of an institution’s security. Examples of intentional threats include espionage, sabotage, malware, and ransomware (Vacca, 2010). Unintentional threats refer to the threats that can occur in the institution without any malicious intent. An example of unintended threats can involve the erroneous revelation of confidential data to unauthorized individuals by the employees of an institution (Watts, 2020). Natural threats are naturally occurring events that can lead to damage or loss of information systems in an institution. Examples of natural threats include tornadoes, floods, and even hurricanes. Vacca (2010) notes various attacks that are likely to occur in an institution. These attacks include social engineering attacks, back doors, denial-of-service, botnets, and phishing attacks.

The occurrence of threats in an organization is contributed to by the presence of vulnerabilities that can be exploited by the threat agents. According to Ten, Liu, and Manimaran (2008), the increased advancement of intrusion tools such as traffic sniffing tools and password cracking tools has led to an increase in the vulnerabilities present in information systems. Conducting a vulnerability assessment at Creech Air Force Base is an essential component in ensuring that the base does not become a victim of a cyber attack. A vulnerability assessment at Creech Air Force Base addresses the various weaknesses that are found in the information system used at the base. Following the identification of the vulnerabilities, severity levels are defined for the identified threats. Examples of vulnerabilities that can occur in an information system include outdated security patches, misconfigured firewalls, and access control lists, as well as a lack of security measures such as passwords to secure components of the information system. When a former employee still has access to the institution’s information system, then vulnerability is also present (Watts, 2020).

The identification of vulnerabilities is useful when conducting the risk assessment of the institution’s information system. Following the identification of the threats that can occur in an institution and the identification of the vulnerabilities, the various risks that can occur are then identified. Conducting a risk assessment in an institution involves identifying the risks that can damage the normal operations of the institution’s information system and recommending measures to address the risks and reduce the noted impact of the risks. Examples of risks that can affect Creech Air Force Base include loss of data confidentiality, legal issues, and even financial losses (Watts, 2020). Risk analysis in an organization can be included with either quantitative risk analysis, where numerical values are assigned to the risk, or qualitative risk analysis, where only the severity levels of the risks are noted (Vacca, 2010).

Penetration Testing

Before conducting a risk assessment in the organization, an analysis of the vulnerabilities that can occur in the information system is required. The various vulnerabilities that can be exploited by attackers to compromise the security of the system can be identified through penetration testing. Penetration testing involves testing the various components of the information system to identify possible vulnerabilities that can be used to gain unauthorized access to the information system. Penetration testing can be used to identify logical vulnerabilities as well as physical vulnerabilities. The classification of the different types of penetration testing can include external testing, where the penetration tester performs the process from outside the organization’s network. Penetration testing can also be classified as internal testing, where the penetration testing process is conducted from inside the institution’s network. Apart from being classified by where the penetration tests occur, the process can also be classified by how they occur. This includes classifying the process into white-box testing, gray-box testing, and black-box testing. In white-box testing, the tester is provided with enough evidence about those aspects of the information system that they are supposed to test, while in gray-box testing, the tester is only provided with little information concerning the information system. In black-box testing, the tester is not provided with any information concerning the system they are supposed to test. The process of penetration testing involves three stages, which include the pre-attack phase, the attack phase, and the post-attack phase. In the pre-attack phase, the attacker gathers information concerning the target, while in the post-attack phase, the tester ensures that the system can operate normally (Vacca, 2010). Penetration testing ensures that the institution adheres to the defined security policies and that the system users are aware of the system’s security requirements.

Physical Security

Following the completion of the risk assessment, the information security implementation plan includes the definition and implementation of various security measures to address the identified threats and vulnerabilities. To ensure the security measures implemented in the organization can address the various identified threats and vulnerabilities, the defense in-depth principle of implementing layered security is recommended. The defense-in-depth principle involves the implementation of different security measures on different levels of the information system. One of the components of the defense of depth includes physical security (Vacca, 2010). The implementation of physical security at Creech Air Force Base includes the protection of the information system from physical actions that can compromise the security of the system or even result in the damage of the components of the information system. Physical security can be used to ensure that unauthorized individuals do not gain physical access to the information system while at the same time ensuring that the components of the information system are not stolen (Vacca, 2010). An example of a physical security measure recommended by Vacca (2010) includes physical access control. The physical access control measures are used to protect the security of the information system by addressing authentication, authorization, and identification of the individual requiring physical access to the information system. The implementation of physical security can be classified into administrative controls, technical controls, and physical controls (Vacca, 2010). Administrative controls refer to the measures that are implemented by human resources to improve the security of the institution. Examples of administrative controls include security policies and security awareness training. The technical controls refer to the security measures that are used to monitor and control individuals gaining access to facilities housing information system components. These technical controls include intrusion detection systems and even biometric readers. The physical controls refer to measures such as locks, doors, video surveillance, and alarm systems (Fennelly, 2016). The presence of security guards can also increase the physical security of the information system.

Authentication

To maintain confidentiality in the information system used at the Creech Air Force Base, it is essential to ensure that the individuals who gain access to the information system are authorized individuals. One of the ways of achieving this is by implementing authentication measures that confirm the identity of the system users. Vacca (2010) notes that while authentication confirms the identity of a user, it does not mean that the user is authorized to access all components of the system, and, hence, various permissions have to be granted to the authenticated user. The authentication of users is based on three factors. One of the factors includes something that the user is. This includes making use of part of the user’s body to confirm their identity. An example of this factor is using the fingerprints of the user to authenticate them. Another factor used for authentication includes something that the user knows. An example of this includes a password. By remembering a password, the system can confirm the identity of the user. The third authentication factor includes something that the user possesses. The use of a smart card to confirm the identity of the user is an example of an authentication factor that makes use of something that the user possesses.

Different types of authentication can include the use of passwords and PINs, digital certificates, biometrics, and smart cards (Lal, Prasad, & Farik, 2016). The use of passwords and personal identification numbers (PINs) employs the authentication factor of something that the user knows to confirm the identity of the user. One of the major advantages noted of using passwords and PINs is that strong passwords and PINs are difficult to compromise, and this ensures that the attackers do not compromise the security of the information system. While strong passwords and PINs are difficult to compromise, weaker passwords can easily be compromised, and this can present a vulnerability in the information system. Similarly, passwords can be obtained through various means, such as being stolen if they are written down, through social engineering, and even through the use of a sniffer to obtain the passwords (Lal, Prasad, & Farik, 2016). Brute force attacks, as well as dictionary attacks, can also compromise the security of the system by cracking weak passwords. Biometric authentication methods apply the authentication factor to something that the user is. This includes making use of the aspects of an individual, such as fingerprints, the voice of the user, and even the retina of the individual. Changes in an individual’s biometrics can present a shortcoming when using biometric authentication measures.

The use of the smart card authentication method employs the authentication factor of something that the user possesses. Each user is given a smart card which they can use to authenticate their identity. An issue with the use of the smart card authentication method is the possibility of another person’s smart card being stolen and used to gain unauthorized access to the facilities housing the information system components (Lal, Prasad, & Farik, 2016). Communications over the Internet can be secure by confirming the identity of the users through digital certificates. The digital certificates are issued by a Certification Authority and proceed to encrypt the various aspects of online communications (Lal, Prasad, & Farik, 2016). The various authentication methods present issues that can compromise the security of the information system. To prevent this from occurring, the use of multifactor authentication measures is recommended. The multifactor authentication method employs different authentication factors to confirm the identity of the user. This can include making use of something that the user knows, such as a password, and something that the user is, such as their fingerprints. Multifactor authentication measures increase the security of a system by ensuring that even if one factor is compromised, the attacker can not gain unauthorized access to the system since they lack the other authentication factor.

Intrusion Prevention and Detection Systems and Firewalls

In the efforts to ensure confidentiality, integrity, and availability of data are maintained in the information system used by the Creech Air Force Base, network security is one of the essential components that should be implemented in the information system. Network security of the information system is one of the components of the defense in-depth principle of layered security mechanisms (Vacca, 2010). Network security can further be classified into either host-based security or network-based security, with various security measures included in either of the two classifications of network security. One of the security measures that can be involved to provide host-based security includes intrusion detection and prevention systems. Intrusion into an information system involves unauthorized access into the organization’s information system, the theft of data from the information system, as well as the denial of service attacks (Hu, 2010). The benefit associated with the implementation of intrusion prevention and detection systems in an organization includes the identification of intrusions that can compromise the security of the information system, the generation of an alarm to notify the responsible individuals of the intrusion attempts, as well as the prevention of additional damages from the intrusion attempts (Hu, 2010). Intrusion detection and prevention systems can also be classified under network-based security measures. According to Hu (2010), network-based intrusion detection systems are responsible for monitoring the traffic that is moving in and out of the network and detecting any malicious attempts to compromise the security of the network.

The implementation of network security at Creech air force base can also be achieved through the implementation of firewalls and access control lists. The implementation of firewalls in a network is essential in filtering the data getting and the data getting out of the network. This prevents unauthorized access to the network since the firewall blocks data traffic suspected to originate from an unauthorized individual. The implementation of firewalls can either be through hardware or software. To protect the network from unauthorized access, various rules are defined into the firewall. These rules note whether the firewall will traffic from specific sources into and out of the network. Additionally, the rules note whether traffic from other sources should be blocked from getting into the network or from leaving the network. Apart from classifying firewalls into either software or hardware firewalls, they can also be classified by the actions they perform. Another example of a firewall is a packet-filtering firewall, which examines the packets being transmitted in or out of the network and determines whether to block or allow the packets to pass. Other examples of firewalls include stateful packet inspection firewalls as well as application/proxy firewalls. An essential aspect of application/proxy server firewalls is that they analyze the messages that are sent at the application layer, and this provides additional security to the information system (Steed, 2017). Daly, Liu, and Torng (2015) note that access control lists are implemented in various components of the network, including firewalls and routers. Access control lists are used to perform various activities in ensuring the security of the organization’s information system. These services include network address translation, packet filtering, traffic monitoring, and quality of service (Daly, Liu, & Torng, 2015).

The provision of network security can also be achieved through the execution of antimalware and antivirus software in the institution (Vacca, 2010). One of the threats that can compromise the security of an information system is the execution of malicious software (malware) in the system. Examples of malware include viruses, adware, ransomware, trojans, worms, and even spyware. Viruses are executed in the information system when files that contain the viruses are executed in the system, after which they begin to replicate. Worms, on the other hand, are considered to be self-replication since they do not require the execution of other files to being replicated. Spyware involves malicious software that records the various actions performed by a user in the system and sends the recordings to an attacker. Trojan horses refer to malicious applications that mask themselves as trusted software and trick a user into installing them, after which they proceed to perform malicious activities in the system (Vinod, Jaipur, Laxmi, & Gaur, 2009). Ransomware proceeds to encrypt the data in the information system and requires payments to be made to an attacker who proceeds to provide a decryption key, which allows the encrypted data to be decrypted. The implementation of antimalware and antivirus software in the information system can be essential in preventing the occurrence of malicious software that compromises the security of the network. The antimalware and antivirus software identify the malicious software that exists in the information system and proceeds to remove the malware. Additionally, the antimalware and antivirus software identifies the malicious software before they are executed in the system. Since new malicious software is continuously being developed, it is recommended that the Creech air force base should ensure that the antimalware and antivirus software is updated to be able to address the new malicious software that is developed. Other components of systems and network security that are included in the host-based security include patch management, backup and restore capabilities, as well as system event logging. Network-based security also includes sniffers and packet recording tools as well as anomaly detection systems (Vacca, 2010).

Encryption and VPNs

At Creech Air Force Base, various information is being transmitted in and out of the base daily. Apart from attacks occurring while the information is at the base, the security of the information can also be compromised while the information is being transmitted. Two security measures are recommended to secure the data in transit. These security methods include the encryption of the data before being transmitted as well as the implementation of virtual private networks (VPNs) at the air force base. Encryption involves the conversion of data into an unreadable format that requires a decryption key to enable the data to be converted into a readable format. Converting the data into an unreadable format before transmitting the information ensures that even if attackers gain access to the information during transmission, they would not be able to read the data. Various encryption algorithms can be used to encrypt the data before transmission. Examples of some of the common encryption algorithms include data encryption standard (DES), TripleDES, Advanced Encryption Standard (AES), and Blowfish (Nadeem and Javed, 2005). Apart from encryption, data in transit can also be protected from authorized access through the execution of virtual private networks (VPNs). A VPN refers to a private network that allows for the secure transmission of data through an untrusted public network such as the Internet. A virtual private network works by creating a tunnel from one client to another. The VPN tunnel can then be used to transmit information between the connected clients without unauthorized individuals being able to gain access to the data in transit. Virtual private networks also provide authentication in the network by requiring the clients to authenticate their identity through measures such as passwords and digital certificates before the creation of the VPN tunnel.

Cyber Forensics and Incident Response

At Creech Air Force Base, the occurrence of an incident requires the responsible team to address the incident by analyzing the incident and implementing measures to prevent the incident from causing further damage. To efficiently address the occurrence of an incident at the base, the implementation of an incident response plan and the presence of a computer security incident response team are essential (Vacca, 2010). Various incidents that can occur at Creech Force Base include unauthorized access to the resources of the information system, denial-of-service attacks, and even theft of data. During an incident response, cyber forensics is applied to aid in the different activities that are performed during the incident response. According to Vacca (2010), the incident response team should be aware of the various laws that address criminal activities. Examples of these laws include the Computer Fraud and Abuse Act as well as the Health Insurance Portability and Accountability Act (HIPAA). The process of responding to an incident involves planning for the incident response process, and this can involve understanding the security policies of the institution, notifying the relevant individuals concerning the incident, and ensuring that the damage caused by the incident is minimized (Vacca, 2010).

The process of incident response includes an incident life cycle, which begins with the preparation for the occurrence of the incident. The preparation process involves implementing measures that make it easy to respond to an incident. These measures can include updating the incident response plan while at the same time ensuring that the incident response teams constantly practice, which prepares them to address incidents when they occur. The next phase in the incident life cycle includes detection, collection, and analysis. This phase involves the identification of the incident at the institution, the collection of the necessary data, and the analysis of the collected data. The next stage of the incident life cycle includes containment, eradication, and recovery. In the containment state, further damage to the information system is prevented while in the eradication stage, the issue compromising the security of the information system is removed. In the recovery process, the normal operations of the information system are restored. The last phase of the incident recovery process includes post-incident activity. In this phase, the events involved in the incident response are documented and reported.

While addressing an incident, it is essential to control the investigation. When controlling the investigation of an incident, various aspects of cyber forensics are noted. Cyber forensics aspects are employed to determine the necessary data to collect and proceed to be useful during the collection of the data. Cyber forensics includes the observation of standards that make the collected digital evidence admissible in a court of law. This can include the observation of a chain of custody while maintaining the integrity of the collected evidence. The noted standards should be observed when processing and logging the identified evidence. Vacca (2010) notes various rules that should be applied when collecting digital evidence. These rules note that the collected evidence should be admissible; it should be authentic, which means that it should be relevant to the incident; it should be complete, reliable, as well as easily understood and believable by the relevant stakeholders.

Business Continuity and Disaster Recovery

When incidents occur, they can disrupt the normal operations of an institution. Incidents such as denial-of-service attacks and ransomware attacks can prevent authorized information system users from accessing the various resources that are located in the information system. The loss of availability in the information system is one of the aspects that business continuity and disaster recovery aim to address. A business continuity plan aims to ensure that the various businesses that are performed by an organization are maintained before an incident occurs, during the incident, and even after the occurrence of the incident (Snedaker, 2013). Disaster recovery protects the institution from the negative consequences associated with the occurrence of an event. This includes ensuring that the organization can resume normal operations following the occurrence of the incident.

The business continuity and disaster recovery plan includes various components that can be classified under three layers. These layers include the policy layer, the management layer, and the infrastructure layer. In the infrastructure layer, the business continuity plan is included, in addition to the various policies and strategies that are implemented to ensure that an institution is capable of continuing operations despite the occurrence of an incident. The management layer of the BCDR includes risk management as well as the testing process to ensure that the implemented measures are capable of ensuring the continuation of the institution’s operations. In the policy layer, the various components of the disaster recovery plan are included. These components include the recovery process of the information system as well as the data backup and the offsite storage facilities. Apart from the inclusion of data backups and offsite storage facilities, an alternative site can be included in the recovery plan (Rittinghouse, Ransome, & CISM, 2011). The alternative site is used to accommodate the members of an institution after the location of the institution is compromised or damaged. An example is if a hazard damages the various facilities that house the information system components at the Creech Air Force Base, then the activities that are performed at the base can be performed at the alternative site.

Acceptable Use Policy and Information Security Management Standards

In any institution, various activities are allowed in the information system. Similarly, the information system used at Creech Air Force Base requires the users to perform specific actions in the system as well as not perform other actions. The definition of the necessary actions and the restricted actions in information systems is recorded in the acceptable use policy. When users of an information system perform unauthorized actions in the information system, they are likely to cause the occurrence of insider threats, which can compromise the security of the information system (D’Arcy, Hovav, & Galletta, 2009). The definition of acceptable user policy in the organization is an essential component of the information system security measures. The acceptable use policy includes various aspects that promote the security of the information system. Some of the components of the information system include the expected code of conduct from the authorized system users. The code of conduct notes the activities that are allowed by the institution as well as the activities that are not acceptable. The acceptable use policy also notes the consequences of not observing the defined guidelines in the code of conduct. The lack of acceptable use policy at an institution can have dire impacts. These effects can range from a decrease in the productivity of the institution to possible legal issues (Stewart, 2000). The development of the acceptable use policy follows the various information security management standards that are defined by various bodies. One of the bodies that develop standards for use in information security is the National Institute of Standards and Technology (NIST). Another body involved in the definition of information security standards is the International Standards Organization (Vacca, 2010). Some of the issues that are included in the security standards include access control standards, accountability in the information system, audit trails, disposal of media, information ownership, and even the responsibility of the managers (Vacca, 2010).

Training and Identity Management

In an organization, various types of threats can occur. One of the examples of threats that can occur is unintentional insider threats. The unintentional insider threats are caused by the users in the information system who are not aware of the appropriate security measures to follow when using the system. To prevent the occurrence of threats in the system that are contributed to by the internal system users, conducting information system security awareness and training is recommended. The importance of conducting security awareness and training in the institution is that despite the implementation of various security measures to prevent external attacks, the employees of the institution can grant attackers access to the network. Attacks such as social engineering attacks depend on the ignorance of employees to be effective. The importance of conducting user training and security awareness in an institution can result in various benefits that increase the security of the system. Some of the benefits associated with conducting awareness and training include the increased use of strong passwords that are not likely to be compromised by attackers, an increase in adhering to the security policies defined in the organization, as well as following the security measures implemented in the organization (Eminağaoğlu, Uçar, & Eren, 2009). Conducting user training and awareness is also useful during online identity management. The importance of user training and awareness is seen when addressing issues associated with password fatigue as well as online frauds (Vacca, 2010).

Conclusion

The confidentiality and sensitivity of the information stored, transmitted, and used at Creech air force base requires the definition of an information security plan. The information security plan defines the various threats that can occur at the base leading to the loss of confidentiality, integrity, and availability. An analysis of the vulnerabilities that can be exploited by attackers to compromise the security of the base is noted. This analysis of vulnerabilities is conducted after conducting penetration testing. A risk assessment is also included in the information security plan. Various security measures are recommended in the information security plan to prevent the risks and threats identified from occurring at the base. Examples of some of the recommended measures include encryption, authentication, firewalls, intrusion detection and prevention systems, and virtual private networks. The occurrence of the noted threats can be addressed through the disaster recovery and business continuity included in the security plan. Aspects of information security, such as user training and awareness and acceptable use policy, are also included in the information security plan.

References

Daly, J., Liu, A. X., & Torng, E. (2015). A difference resolution approach to compressing access control lists. IEEE/ACM Transactions on Networking, 24(1), 610-623.

D’Arcy, J., Hovav, A., & Galletta, D. (2009). User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach. Information systems research, 20(1), 79-98.

Eminağaoğlu, M., Uçar, E., & Eren, Ş. (2009). The positive outcomes of information security awareness training in companies–A case study. information security technical report, 14(4), 223-229.

Fennelly, L. J. (Ed.). (2016). Effective physical security. Butterworth-Heinemann.

Hu, J. (2010). Host-based anomaly intrusion detection. In Handbook of information and communication security (pp. 235-255). Springer, Berlin, Heidelberg.

Lal, N. A., Prasad, S., & Farik, M. (2016). A review of authentication methods. International Journal of Scientific and Technology Research (IJSTR), 5(11), 246-249.

Nadeem, A., & Javed, M. Y. (2005, August). A performance comparison of data encryption algorithms. In 2005 International Conference on Information and Communication Technologies (pp. 84-89). IEEE.

Rittinghouse, J., Ransome, J. F., & CISM, C. (2011). Business continuity and disaster recovery for infosec managers. Elsevier

Samonas, S., & Coss, D. (2014). The CIA Strikes Back: Redefining Confidentiality, Integrity and Availability in Security. Journal of Information System Security, 10(3), 21-45.

Snedaker, S. (2013). Business continuity and disaster recovery planning for IT professionals. Newnes.

Steed, A. (2017, October 11). The Three Different Types of Firewalls. https://bts-consulting.biz/2017/10/11/the-three-different-types-of-firewalls/.

Stewart, F. (2000). Internet acceptable use policies: Navigating the management, legal, and technical issues. Inf. Secur. J. A Glob. Perspect., 9(3), 1-7.

Ten, C. W., Liu, C. C., & Manimaran, G. (2008). Vulnerability assessment of cybersecurity for SCADA systems. IEEE Transactions on Power Systems, 23(4), 1836-1846.

Watts, S. (2020, May 13). IT Security Vulnerability vs Threat vs Risk: What are the Differences? https://www.bmc.com/blogs/security-vulnerability-vs-threat-vs-risk-whats-difference/.

Vacca, J. R. (Ed.). (2010). Managing Information Security. Syngress.

Vinod, P., Jaipur, R., Laxmi, V., & Gaur, M. (2009, March). Survey on malware detection methods. In Proceedings of the 3rd Hackers’ Workshop on Computer and Internet security (IITKHACK’09) (pp. 74-79).

ORDER A PLAGIARISM-FREE PAPER HERE

We’ll write everything from scratch

Question 

Information Security Plan

Information Security Plan

The paper will be an information security implementation plan that addresses physical security, authentication, network security, encryption, software development, email, Internet, acceptable use, disaster recovery, business continuity security awareness, and viruses/worms.

The paper will follow a conventional report format (introduction, body, conclusion, references) and will be at least 5000 words.