Cybersecurity is one a critical aspect of ensuring the safety and security of both employees and key information that is stored on the Sifers-Grayson campus. To identify vulnerabilities in the physical security and the security of the network, the organization authorized a team of individuals, or a Red Team, to analyze the weaknesses on the network by mimicking the actions of the bad guys (Peake, 2003). The Red Team that infiltrated the Sifers-Grayson campus identified some areas of improvement that the security team can resolve.Issue identified: The Red Team was able to hack the network through an unprotected network connectionResolution: Increase security factors such as installing Network Access Control devices to restrict access to the network based on an established security posture (What is, n.d.). Issue identified: Stolen passwords for 20% of employee logins using keylogging software installed on USB keysResolution: Develop security awareness training to advise employees that unidentified USBs should never be attached to any Sifers-Grayson computer or digital device. An additional action would be to turn off all USB ports on computers on campus.Issue identified: Staff was quite friendly and talkative as they allowed Red Team members to piggyback into the facilityResolution: Develop security awareness training that explains social engineering attacks and how to stop them. Additionally, place either guards or cameras to identify possible unauthorized entrances into the facility.Issue identified: Stolen login and installed malware onto workstation connected to PROMResolution: Implement a single sign-on (SSO) policy to authenticate users for all applications reducing the need for employees to write login passwords on paper (Rouse & Teravainen, n.d.). Sifers-Grayson would be able to increase access security by issuing personal identity verification (PIV) cards with credentials for the SSO to authenticate users.Issue Identified: Unsecure RF transmissions at the R&D Center.Resolution: Utilize encryption in radio transmissions at the R&D center. P25 encryption ensures security by programming each radio with a key that secures transmissions (Introduction, 2017).While there is no security that is 100% fool-proof, implementing the identified mitigation strategies can help strengthen the security for the campus, and limit loss due to cybersecurity incidents. Introduction to P25 Encryption. (2017). Retrieved December 14, 2017, from https://www.taitradioacademy.com/topic/introductio…Peake, C. (2003, July 16). Red teaming: The art of ethical hacking (Tech.). Retrieved December 14, 2017, from SANS Institute website: https://www.sans.org/reading-room/whitepapers/audi…Rouse, M., & Teravainen, T. (n.d.). What is single sign-on (SSO)? – Definition from WhatIs.com. Retrieved December 14, 2017, from http://searchsecurity.techtarget.com/definition/si…What is Network Access Control (NAC)? – Definition from Techopedia. (n.d.). Retrieved December 14, 2017, from https://www.techopedia.com/definition/25865/networ…Reply to Thread
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more