ISY3006 - Information Security Assignment - Australian Institute of Higher Education, Australia  

Unit Learning Outcomes -

• Research, develop, and document a basic security policy, and analyse, record, and resolve all security incidents.
• Identify and assess the threats to, and vulnerabilities of networks.

ARE YOU LOOKING FOR RELIABLE ISY3006 - INFORMATION SECURITY ASSIGNMENT HELP SERVICES? EXPERTSMINDS.COM IS RIGHT CHOICE AS YOUR STUDY PARTNER!

Assessment - Research and analyze hot topics related to information security. Research, formulate, develop and document a basic security policy for a specific organization in Australia ECXEPT for BANKING/MORTGAGE organisation. Moreover, you are required to analyze, record resolve security incidents and identify and assess the threats to, and vulnerabilities of the organisation's networks.

Questions -

(a) Research, formulate, develop and document a strategic security policy for your chosen organisation based on the nature of the organisation and the stakeholders in the organisation.

(b) Based on the security policy you have researched, formulated, developed and documented in the item (a.) above, identify and assess the potential threats and vulnerabilities of the company's network and discuss how such threats and vulnerabilities can be mitigated based on your research.

Answer - INFORMATION SECURITY

Executive summary

The report illustrates the needs of security in Woolworths's company in order to secure its sensitive data from theft. The report also summaries the importance of developing security policy within the organization and it also discusses the role of company's stakeholders in developing a security policy. The organization has planned security strategy in order to protect its organization from threats. The different threats and vulnerabilities of the company's network and techniques in order to reduce the threats has been explained. The different forms of information security has been mentioned in this report.

Introduction

Information security can also referred as InfoSec. It is a method of securing information by reducing information risk. This method includes protecting the information by reducing the anticipation of unauthorized access, disruption, corruption, use, destruction, etc. and also reduces the impact of those incidents. The main focus of information security is to protect the data and personal information by maintaining and creating security policy without affecting productivity of the organization. Information security use risk management process in order to prevent the data and information's by identifying the threats, vulnerabilities and their impacts. In the words of Su et al. (2016), it also decide how to reduce the impact of those threats and risk in an Organization in creating and designing appropriate security measures and controls. Information security has been adopted by many Organization in recent years. Information security threats have different forms and the most common forms are software attack, theft of property, theft of equipment, theft of information, theft of Identity, theft of data, etc. This report discusses the threats and vulnerabilities taken place in Woolworths's supermarket and it also discusses the techniques and security planning has been applied in order to reduce the threats. This report also discuss the role of Woolworths's stakeholders in making security policy. This reports discuss the threats and vulnerabilities and different measures to secure the sensitive data.

SAVE YOUR HIGHER GRADE WITH ACQUIRING ISY3006 - INFORMATION SECURITY ASSIGNMENT HELP & QUALITY HOMEWORK WRITING SERVICES OF EXPERTSMINDS.COM

Findings

The Woolworths Limited is an Australian company which has been chosen in this report. In the words of Kong et al. (2019), it operates more than 995 stores across Australia and more than 1, 15,000 team members in stores in order to provide its consumers high quality Services, value and range.

The stakeholders of Woolworths

The stakeholders of Woolworths are shareholders, employee, suppliers, customers and government, In addition to this, there are other stakeholders- media, franchisee, organized business, NGO's, union and community group. In the words of Maigida et al. (2019), in order to maintain a good relationship with its stakeholders the company has applied an active stakeholder's engagement process.

The nature of Woolworths

Woolworths is owned by Woolworths and also a food retailer in Australia which includes grocery products, toiletries, clothes, Bakery products, home furnishing, footwear and miscellaneous items. Woolworths's supermarket is an Australian supermarket which has owned by Woolworths group. It has been found in 1924. Woolworths supermarket also sale groceries such as food, vegetable, meat, fruit, etc. and it also sale DVDs, household products, stationery items, health and beauty products, magazines, baby products, etc. it operates more than 1000 stores across Australia which includes 976 supermarket and 19 Metro convenience stores which also carries the same logo of Woolworths. It also provides home delivery services and also known as "Home Shop". In 1982 Woolworths undertake to Tasmanian grocery brand such as purity and Roelf Vos which then converted into Woolworths in 2000. In the words of Wang et al. (2015), it offers its consumers the lowest price products. The main objective of the supermarket that they offer everything to their consumers, so that the consumer don't have to shop from somewhere else.

DO YOU WANT TO EXCEL IN ISY3006 - INFORMATION SECURITY ASSIGNMENT? HIRE TRUSTED TUTORS FROM EXPERTSMINDS AND ACHIEVE SUCCESS!

Security policy of Woolworths and role of its stakeholder in developing the policy

Security policy is a document which describes the strategy of Woolworths in order to protect and safeguard its information technology and assets. This policy also provide the information which is required in effective and efficient planning to prepare solution in order to secure the information and sensitive data from threats and theft. The organization has planned security strategy in order to protect its organization from threats. information security and strategy requires efficient and effective cooperation from leaders within the organization along with the commitments from Administration and top management information security is a function which leads to acquire effectively within the organization it is very important for a company to make a security strategy in order to protect its assets which can also determine the future and current security requirements in order to developing a security strategy. In the words of Talal et al. (2019), it is very important for the leader and top management to understand the key element of the organization in order to understand the threats and vulnerabilities along with its impact Security strategy needs in the decisions of how much effort money and time is required in order to develop the organization security policies awareness about the concept of privacy confidentiality and integrity is very important elements of security strategy the company needs to understand the information technology process such as human resources quality, internal control performance, operation service, portfolio, capacity, education and training, investment, etc. In the words of Farjamnia et al. (2019), a comprehensive security policy includes the different steps on how the external party determine for the security the documents which includes information's about procedures, organization policies and agreements needs to be determined as well. During the strategic planning process all the constraints needs to be determine. The user community of the organization maybe consists of an individual or group of individual very important in the development process in order to ensure that the multidisciplinary nature of the remain alone in the security policy involvement of user community in the development process will determine the success of the current policy and also determine the need to be the employees of the organization need to refuse it's coworker to use the card swiping entry system. The role of ICT specialist is very important in the development process of security policy. In the words of Wen et al. (2015), the specialist include technical computer specialist, system administrator, Internet Security professional and system designer. Security specialist stakeholders who plays a very vital role in developing the security policy by focusing on protecting the organizations information and on the development of security policy the security specialist provide their advice and ideas to the organization and they should be familiar with the security matter. Human resources environment is very important for the organization in order to develop the process which ensure that adequate communication channels throughout the organization are formed in order to communicate the security policy. The involvement of senior management is very important and it is a key success towards the development of the security policy. The public relation is a stakeholder which create awareness within the public for the organization who has adopted security policy which is extremely very important for the organization in order to increase sale and awareness.

EXPERTSMINDS.COM ACCEPTS INSTANT AND SHORT DEADLINES ORDER FOR ISY3006 - INFORMATION SECURITY ASSIGNMENT - ORDER TODAY FOR EXCELLENCE!

Identification of threats and vulnerabilities of the company's network and techniques which reduce the threats

Threats and vulnerabilities

• Ransom ware rising

Ransom ware is spelling to all mobile devices it is a form of attack in which hackers hack a part of system of the organization and charge a ransom to release it. Large retailer all the target of the hackers they hack their sensitive data and ask them for ransom free to release those data back. The company has paid ransom but after paying many times the data is not retrievable and it lost the sensitive information.

• Mobile madness

These days smartphone are reducing the use of PC mobile Malware is increasing and spreading through the wireless network in stores. In the words of Liu et al. (2018), it has been used by high demand consumer and employee usage in offices which creates vulnerabilities. The usage of smartphone makes it difficult to secure and manage the company's network for employees and guest.

• Infusion of IOT

The consumers of this organization has experiences the internet of things in order to make things easier and convenient for the Shoppers. In the words of Yakubu et al. (2019), the organization wants to connect all the devices on a network in store such as sensor, smartphone, cameras, etc. These devices increases the consumer which connects different consumer to the same network and also increases the entry of their personal data which needs to be secured which create a vulnerability.

• Third party

Every business organization use third party tools in order to complete its work and it refer as a tool within the organization which can be a threat to the information security. In the words of Abdulkadhim et al. (2018), the third party can easily give personal data of the organization to any other organization or to the hackers.

• Techniques

The sensitive information is transmitted through the system which can easily be hacked by the hackers and it needs to be encrypted to make it confidential many consumers who likes to do online transaction from their credit cards one their information transmitted as plain text to the internet which should be encrypted in order to prevent sensitive data from threats. Even when encryption having used by the organization threats can take place search threats are attempt to break the password and loss of private key the best method in order to control this attack is to apply strong cryptography. The U.S. government has adopted the advanced encryption standard which can use 256 bit keys. The organization should securely distribute the private keys and should be stored with security. The company should encrypt the information as long as the information is useful to the organization. The company should made periodic cyber security audit. The organization needs to maintain a regular backup process of all important data in case of ransom ware attack. In the words of Prajapat et al. (2016), firewalls and intrusion prevention system should be applied by the organization in order to mitigate the threats and also restrict the attackers to access on network.

NEVER LOSE YOUR CHANCE TO EXCEL IN ISY3006 - INFORMATION SECURITY ASSIGNMENT - HIRE BEST QUALITY TUTOR FOR ASSIGNMENT HELP!

Conclusion

Information security is very important part in an organization. The information and personal data of the organization and its consumer needs to be secure. The main focus of information security is to protect the data and personal information by maintaining and creating security policy without affecting productivity of the organization. Information security protects the sensitive data and also allows the organization to make strategy and develop an operation in order to save it systems. it has been concluded in the above report that Woolworths is an Australian company who sale groceries such as food, vegetable, meat, fruit, etc. and it also sale DVDs, household products, stationery items, health and beauty products, magazines, baby products, etc. and has faces different threats and vulnerabilities. In the words of Patil et al. (2016), it has been concluded that organization need to develop it security policy which help the organization in determining the threats and vulnerabilities and also provide effective planning and solution to secure sensitive data. It has been found in the above report that the organization Woolworths needs to develop a security policy in order to protect its assets which also helps in determining the future requirements of security. The report also includes the different roles of the stakeholder of the organization in developing security policy. It has been found that the smartphone reduces the use of PC and mobile malware is increasing through the wireless network. The company use third party tools in order to get work done which can act as threat for the organization. It has been evaluated in the above report that the company should encrypt data in order to make it confidential and it should make periodic cyber security audit. It has been concluded that the company should train its employee and should provide a proper education about the threats and risk that can take place in future within the organization in order to prevent data from theft.

ORDER NEW ISY3006 - INFORMATION SECURITY ASSIGNMENT & GET 100% ORIGINAL SOLUTION AND QUALITY WRITTEN CONTENTS IN WELL FORMATS AND PROPER REFERENCING.

Access our Top Quality Australian Institute of Higher Education, Australia Assignment Help Service for Various Courses and Units, Such As -

• ISY1000 Professional and Ethical Practice Assignment Help
• ISY1001 Discrete Mathematics Assignment Help
• ISY1002 Database Management for Business Assignment Help
• ISY1003 Foundations of Programming Assignment Help
• ISY2001 Systems Analysis & Design Assignment Help
• ISY2002 Information Systems Networking Essentials Assignment Help
• ISY2003 Information Security Assignment Help
• ISY2004 Information Systems Project Management Assignment Help
• ISY2005 Enterprise Systems Assignment Help
• ISY3001 E-business Fundamentals and Systems Assignment Help
• ISY3005 Knowledge Management Assignment Help