Need Help With This Assignment?

Let Our Team of Professional Writers Write a PLAGIARISM-FREE Paper for You!

After Action Report

After Action Report

Cyber Security Investments and Posture

The occurrence of a cyberattack in any organization is likely to result in different unintended consequences. In some cases, when cyberattacks occur, they are likely to result in the different services that are provided or conducted in the company being unavailable. This leads to the occurrence of downtime in the system. Attacks such as dedicated denial-of-service and ransomware compromise the availability of the organization’s system. When such attacks occur, and there are no measures implemented in the organization to prepare for such instances, the different resources of the organization’s system become unavailable to not only the employees of the organization but also to the clients of the organization. In any organization, the intention of the business is to provide profits to the organization. The occurrence of the noted cyberattacks that compromise the system’s availability resulting in an increase in the downtime of the company’s activities, can affect the company’s profitability. When cyberattacks occur in the organization, they are likely to reduce the company’s credibility, which can affect the clients’ trust. Additionally, some attacks on the company can result in direct losses for the company, which also contributes to the reduction in the profitability of the company. To prevent these attacks from occurring in the organization, the cybersecurity investments of the company should be considered. This includes addressing whether the cybersecurity investments of the company are capable of addressing the issues that are noted to affect the profitability of the company as well as contribute to the increase of downtime in the company. The responsibility of addressing these issues in the company belongs to different leaders and individuals in the company. These individuals and leaders include the chief security officer (CSO), the network engineer, the corporate communication manager, and the chief financial officer (CFO).

After Action Reports by Roles

Chief Security Officer

The chief security officer is noted to be the team leader of the different individuals that are tasked with the responsibility of protecting the different components of the company to ensure the security of the components is maintained. The company’s chief security officer is presented with different roles in the protection process of the company’s system. One of the ways through which attackers with malicious intentions can compromise the security of the company’s systems involves the identification of the different areas in the systems that have vulnerabilities that can be compromised to gain unauthorized access to the system. Additionally, without specific security measures, the attackers can easily execute the different types of attacks in the system. These security measures that can be essential in the protection against the implementation of attacks in the company’s system include technical controls. Technical controls refer to the security measures in the company that are implemented into the hardware of the computer, the software installed in the system, as well as the firmware of the company. The different examples of technical controls in the systems include the authentication solutions that are used to ensure that the individuals that access the system are the authorized users, the intrusion detection systems (IDS), and the intrusion prevention systems (IPS) that are used to identify cases when attackers might be attempting to gain unauthorized access into the system, as well as the antivirus and antimalware software that identify and remove the possibly malicious software them before they can compromise the security of the organization’s system (Kanika, 2013). The chief security officer is responsible for ensuring that the system’s different technical security controls are implemented. Implementation of technical security controls in the organization’s network allows for not only the prevention of the occurrence of attacks in the system but also the identification of incidents where attackers might try to compromise the security of the system.

Network Engineer

In the company, another essential individual that ensures that attacks in the system do not occur and that the different resources of the system are available includes the network engineer. Similar to the chief security officer, the network engineer is tasked with different responsibilities. One of network engineers’ main roles includes managing the different network security controls. To ensure that attackers are not able to gain unauthorized access to the network or able to successfully execute attacks in the system that lead to the unavailability of the different resources of the network, the implementation of the security controls is noted. In some cases, when the security controls are not managed after their implementation, they are likely to become outdated or attackers are likely to find ways to bypass the controls. Therefore, to ensure that this does not occur, the network engineer is tasked with managing the security controls to ensure that they function as they should. This process of managing security controls also includes the process of updating the network security controls.

In some instances, vulnerabilities in the system might be identified. Identifying these new vulnerabilities requires the implementation of patches in the security system to address the vulnerabilities, which the network engineer conducts. The management process also includes monitoring the different network security controls to identify any instances when attempts to compromise the security of the network were conducted. The network engineer is also responsible for noting any aspects of the security controls that might require upgrades and proposing the necessary upgrades while taking into consideration the budget defined to improve the security of the organization’s network (Clemm, 2006).

Corporate Communication Manager

In any organization, it is essential to communicate effectively with the company’s different stakeholders. In aspects involving the cybersecurity measures of the company, the role of providing efficient communication to the stakeholders of the company belongs to the corporate communication manager. The corporate communication manager is responsible for ensuring that the different stakeholders of the company are informed of the proceeding of the company. An example is during the occurrence of an attack; the corporate communication manager acts as the in-between the company and the interested parties such as news outlets. The roles of the corporate communication manager also include ensuring that the developed corporate policy is effectively communicated to the different employees of the company. Corporate policy refers to the different guidelines that the company provides to ensure that the various objectives of the company are achieved. In relation to cybersecurity aspects of the company, the company policy can include the different guidelines that guide the way the employees of the company interact with the system to ensure that they do not accidentally contribute to the occurrence of attacks in the company’s system. The corporate communication manager is also tasked with ensuring that the technical aspects of the network security controls in the system are translated into a language that can be understood by the other stakeholders in the company (Cornelissen, 2008).

Chief Financial Officer

In the process of protecting the different aspects of the company from attackers who can compromise the availability of the system resources and result in the loss of profits for the company, the required human resources to implement the security measures are required. Similarly, the allocation of the funds and the budgeting of the allocated funds to the different security measures of the company is recommended. The chief financial officer conducts the processes of providing the necessary human resources, allocating the necessary funds, and creating a budget for the allocated funds. There are different ways of implementing security controls in the company. These can include utilizing the in-house IT team or contracting a third party. Based on the noted allocated funds of the company to the cybersecurity investment, the chief financial officer determines the appropriate mode of executing the security controls in the company. As noted, the chief financial officer has to consider different aspects of the company before making decisions related to the cybersecurity aspect of the company. For example, the CFO has to consider the recommendations made by the network engineer concerning the required security controls in the network. Additionally, the chief financial officer has to prioritize the different required security controls when allocating funds to the cybersecurity aspects of the company.

References

Clemm, A. (2006). Network management fundamentals. Cisco Press.

Cornelissen, J. P. (2008). Corporate communication. The International Encyclopedia of Communication.

Kanika, U. (2013). Security of network using Ids and firewall. International Journal of Scientific and Research Publications, 3(6), 1-4.

Moore, T., Dynes, S., & Chang, F. R. (2015). Identifying how firms manage cybersecurity investment. Available: Southern Methodist University. Available at: http://blog. smu. edu/research/files/2015/10/SMU-IBM.pdf (Accessed 2015-12-14), 32.

ORDER A PLAGIARISM-FREE PAPER HERE

We’ll write everything from scratch

Question 


After Action Report #1

Team DTL,

After Action Report

After Action Report

The following screen shots from the Instructor’s debrief reporty for ELITE Simulation Round 1 are provided for your use in creating AAR #1.

In general your decision selections resulted in  about a ‘steady state’ (defined as the starting point of 100). However, two items likely will require your attention in Round 2 – Profitability (headed in the wrong direction but just beginning a downward trend) and Downtime (jumped by 35 points to 135 – recall you want to see Downtime headed in the opposite direction – below 100 or more). These two categories traditionally do this in the first round as we are focused on cybersecurity. However, intent is to understand there is a need to balance investments to address the full suite of objectives that an organization / company is faced with when making decisions about cybersecurity investments and posture.

Beyond that, review if you’ve fully exhausted your budget for investments in things that will continue to bolster your security posture while addressing the Profitability and Downtime outcomes. Further, consider the Round 2 attacks and see if there are adjustments required to address those different types of threats / attacks.

Regards.

Notes:

  • The following screenshots from the Instructor’s debrief report for ELITE Simulation Round 1 are provided for your use in creating AAR #1. also use the ELITE positions from the attached PowerPoint for DTL power, Australia.
  • I also attached a sample AAR you can use to see the expected format.

Resources: