Please write a 150 word peer response for Answer 1 and another 150 word peer response for Answer 2

I’m trying to learn for my Software Development class and I’m stuck. Can you help?

Answer 1

Cyber Security is the combination of technologies, processes, and practices which helps to protect the devices, programs, networks and data from different attacks, damages and unauthorized access. Cyber security is mostly interchangeable with information technology security. In this digital era, everything can be stored digitally, so anyone can have access to the information that is stored in social medias, companies’ websites etc. The government, military, corporate, financial and medical institutions all collect large amount of data such as personal information, financial data and may more, and are processed and stored on various devices. These data are very sensitive as unauthorized access can lead to serious consequences, which has increased the importance of cyber security. Cyber security is the process that is dedicated specially to protect the information and the systems that process and store it from the malicious attacks and unauthorized access from the hackers (Lord, 2019).

Risk management is the concept that is designed to help a protect the person from any type of losses, that can be either life, health or auto. While in IT department, risk management is the concept to have as much as cyber security in an enterprise. It is the combination of strategies, technologies and user education that helps to secure an enterprise from the cybersecurity attacks that can have negative consequences such as theft of the data and information, comptonization of the system, and reputational damage of the company. Hence, the need of cybersecurity risk management increases as the risk of cyber-attacks increases with the increment of the volume of the data (Britt, 2017).

There are three pillars of enterprise cyber risk management, which are:

1. Governance: It includes the risk-decision experts and decision makers which uses a framework of risk management processes. It also includes the key stake holders in this process.

2. Risk Appetite: This is associated to organizational goals and objectives.

3. Policy and procedure: It includes risk management expectations, risk definitions, and guidance throughout the enterprise (Tobar, 2018).

When an enterprise plans the cyber risk management program, following seven topics should be considered:

1. Culture: A culture of cybersecurity and risk management should be established throughout the organizations by leaders, so that they can make sure the appropriate leadership involvement, accountability, and training is being set up.

2. Information sharing: Communication is key in enterprise, so if there is any cyber security risks then stakeholders should be aware of the risks and should be involved in decision making. So, information sharing tools such as dashboards should be used to make everyone aware and involved.

3. Priorities: Information such as trends over time, potential impact, time horizon for impact, etc. should be prioritized, so that this information can be used to compare the risks.

4. Resilience: Resilient is an essential part of cyber risk management as the enterprise must be able to continue even after disastrous cyber-attacks.

5. Speed: If an organization can identify risks early, it can response to the attacks with more planning and preparation with minimum impact.

6. Threat environment: Organizations should enhance the intelligence into adversary capabilities and also consider threats from third parties as well as from the inside.

7. Cyber hygiene: Cyber hygiene focused on securing infrastructure, preventing attacks, and reducing risks, therefore, an enterprise should implement basic cyber hygiene practices for cyber risk management (Tobar, 2018).

Cyber security risk management helps to prepare the company to prepare for its worst-case scenarios such as cybercrimes, leaking of the sensitive information and reputation damage. Therefore, companies should improve the defenses and security to reduce the threats and vulnerabilities. So companies should have risk management fundamentals for cyber risk management such as identifying risk early, getting top management on board to make proper decision, setting up effective communication on board, updating incident response of there are any worst-case scenarios, and promoting and training a cyber aware culture in the company can help minimize cyber-attacks and manage the risks from cyber-attacks (Cooper, 2017).

References:

Britt, P. (2017, March 31). Cybersecurity Risk Management: Finding and Fixing Your Security Vulnerabilities. Retrieved from eSecurity Planet: https://www.esecurityplanet.com/network-security/c…

Cooper, C. (2017, Novemeber 16). 5 Fundamentals in Cyber Risk Management. Retrieved from CSO: https://www.csoonline.com/article/3235511/5-fundam…

Lord, N. (2019, January 3). What is Cyber Security? Definition, Best Practices & More. Retrieved from DATAINSIDER: https://digitalguardian.com/blog/what-cyber-securi…

Tobar, D. (2018, February 9). 7 Considerations for Cyber Risk Management. Retrieved from Carniege Mellon University: https://insights.sei.cmu.edu/insider-threat/2018/0…

—————————————————————————————————————————————-

Answer 2

Cybersecurity is utilized to protect us from the online world from the assaults in an association. It maintains a strategic distance from any kind of wrongdoing going on in an association whether little scale industry or huge scale industry. by utilizing these capacities, digital wellbeing has turned into a piece of records security. Cybercrimes which are not some portion of dangers to the data will have a place with Cyber insurance and data dangers might be a piece of records security. Cybersecurity incorporates rules, shields, danger control methodology, security pointers, training the specialist or the clients, uncommon practices and advances which are utilized to safeguard the digital condition and business and client records. Cybersecurity will make a point to keep and watch security capacities of the association and client insights which can be the risk to the enterprise. By and large, assurance in an association should have accessibility whenever privately to monitor data and Integrity which bring to the table validation for the clients. (McAfee. (2009)).

Risk Management: It is the route toward perceiving, assessing and controlling perils to an affiliation’s capital and benefit. These perils, or threats, could emerge out of a wide combination of sources, including budgetary weakness, genuine liabilities, key organization errors, incidents, and calamitous occasions. IT security risks and data related perils, and the danger organization techniques to relieve them, have transformed into the best requirement for digitized associations.

A relationship between cybersecurity and risk management

In view of the article’s survey, Risk management is a basic factor of cybersecurity, on the grounds that the risk appraisal is directed to break down the risk sway and apply security components to ensure data and business organize against cybercrimes. As referenced, cybersecurity risk evaluation can be characterized as a consistent procedure for overseeing or limiting dubious occasions that group as real dangers to the cybersecurity. All things considered, it’s basic to direct a risk appraisal and apply security systems to determine cybersecurity assaults and guarantee data security. (Hieb, Jeffrey. (2007)).

References

1.Hulisi, et al. “Cyber Security Risk Management: Public Policy Implications of Correlated Risk, Imperfect Ability to Prove Loss, and Observability of Self-Protection.”

2.McAfee. (2009). Virtual Criminology Report 2009: Virtually here: The age of cyber warfare Santa Clara, CA: McAfee.

3.Ralston, P.A.S. and Graham, J.H. and Hieb, Jeffrey. (2007). Digital security hazard appraisal for SCADA and DCS systems. ISA exchanges.