Think about the security environment in which organizations must op...
Question
Think about the security environment in which organizations must operate. It is also intended to have you begin to think about some of the wide-ranging activities that prevent or mitigate security damage.
Suppose that you are in charge of Information Security at Henry Winser Insurance (H.W.I.), an insurance services company. Here are characteristics of H.W.I.
Operates 24/7 internationally
• Provides consumers and businesses insurance needs (Note: not reinsurance)
• Provides insurance services electronically, including advice, claims, payments and sales.
• Provides Web-based and Mobile APP access to information which includes customers’ accounts, claim history, policy information
• Provides extensive specialized, proprietary insurance advice. The advice is of various types (e.g., geographic considerations) and is supplied electronically by partners to H.W.I.
• H.W.I uses Machine Learning (ML) for chat bots, market analysis, modeling risk and appropriate policy analytics. (For example, monitoring drivers, individual health data or high value asset reporting systems.)
• Offers the ability for customers to engage with an insurance consultant from, around the world
• Hybrid Cloud deployment model for operations
• Many of H.W.I. internal applications recently have been reimagined from monolithic architecture to microservices architecture
Part (i)
List what you consider the four most important, prioritized service/system security threats to H.W.I. (no more), together with a summary of organizational and technical responses, in the form below. Justify why you consider these the most important threats for H.W.I. in particular. Include at least two threat types not mentioned in the online module for week 1. If you wish, you may make additional assumptions about the manner in which H.W.I. does business; but be sure to describe them in that case at the start of your assignment.
a) Title
b) Description of security threat
c) Justification for inclusion with emphasis on risk and potential damage
d) Organizational response
e) Technical response
Avoid generic responses. For example, if you believe that an issue concerning viruses should be in your top list of threats to H.W.I., inform us to why you have made this choice in the context of the scenario. Take into account, the kinds of threat actors who may be enablers of security failures and explain, if relevant, their under lying interest in H.W.I.’s business.
Part (ii)
- Compare the severity of the four threats you selected with each other
- List two additional threats that you considered during your analysis in Part (i) but determined that they were less important than those that you selected.
Suppose that you are in charge of Information Security at Henry Winser Insurance (H.W.I.), an insurance services company. Here are characteristics of H.W.I.
Operates 24/7 internationally
• Provides consumers and businesses insurance needs (Note: not reinsurance)
• Provides insurance services electronically, including advice, claims, payments and sales.
• Provides Web-based and Mobile APP access to information which includes customers’ accounts, claim history, policy information
• Provides extensive specialized, proprietary insurance advice. The advice is of various types (e.g., geographic considerations) and is supplied electronically by partners to H.W.I.
• H.W.I uses Machine Learning (ML) for chat bots, market analysis, modeling risk and appropriate policy analytics. (For example, monitoring drivers, individual health data or high value asset reporting systems.)
• Offers the ability for customers to engage with an insurance consultant from, around the world
• Hybrid Cloud deployment model for operations
• Many of H.W.I. internal applications recently have been reimagined from monolithic architecture to microservices architecture
Part (i)
List what you consider the four most important, prioritized service/system security threats to H.W.I. (no more), together with a summary of organizational and technical responses, in the form below. Justify why you consider these the most important threats for H.W.I. in particular. Include at least two threat types not mentioned in the online module for week 1. If you wish, you may make additional assumptions about the manner in which H.W.I. does business; but be sure to describe them in that case at the start of your assignment.
a) Title
b) Description of security threat
c) Justification for inclusion with emphasis on risk and potential damage
d) Organizational response
e) Technical response
Avoid generic responses. For example, if you believe that an issue concerning viruses should be in your top list of threats to H.W.I., inform us to why you have made this choice in the context of the scenario. Take into account, the kinds of threat actors who may be enablers of security failures and explain, if relevant, their under lying interest in H.W.I.’s business.
Part (ii)
- Compare the severity of the four threats you selected with each other
- List two additional threats that you considered during your analysis in Part (i) but determined that they were less important than those that you selected.
Solution Preview
These solutions may offer step-by-step problem-solving explanations or good writing examples that include modern styles of formatting and construction of bibliographies out of text citations and references.
Students may use these solutions for personal skill-building and practice.
Unethical use is strictly forbidden.
a) Title: Crypto Virus
b) Description of security threat:
Crypto Virus is a type of malicious software which purpose is to infect the targeted computer and then to search for files on that computer, network or even in the cloud in order to encrypt them. Afterwards, the creator of the crypto virus contacts the victim in order to ask for a ransom in exchange for a decryption code. Usually, a crypto virus is activated after the victim clicks on a link in an email to a malicious site or opens a malicious attachment which is designed in a way to look like a genuine attachment in a form of a document, bank statement, invoice etc. After being activated, the crypto virus searches for files on a different location on a computer and/or in the whole network in order to encrypt as many files as possible. The purpose is to create a huge damage for the victim and to make the victim willing to pay a ransom for a decryption code.
c) Justification for inclusion:
One of the reasons I have decided to include crypto virus as a major security threat for H.W.I. is the fact that the companies are the primary targeted audience for this type of viruses. Since H.W.I. is a company which collects a large volume of customers’ data and other business valuable data, a security threat like this represents a major issue for this company. The attackers are using employees and their working stations as an entry point for the crypto virus and they are exploiting man-made errors and vulnerabilities inside the company's security system. The fact that the company H.W.I. has many employees, who are dispersed worldwide across multiple time zones, creates a serious threat that some of them wouldn't be cautious enough while dealing with emails and suspicious attachments and links. One way to understand the significance of this security threat
b) Description of security threat:
Crypto Virus is a type of malicious software which purpose is to infect the targeted computer and then to search for files on that computer, network or even in the cloud in order to encrypt them. Afterwards, the creator of the crypto virus contacts the victim in order to ask for a ransom in exchange for a decryption code. Usually, a crypto virus is activated after the victim clicks on a link in an email to a malicious site or opens a malicious attachment which is designed in a way to look like a genuine attachment in a form of a document, bank statement, invoice etc. After being activated, the crypto virus searches for files on a different location on a computer and/or in the whole network in order to encrypt as many files as possible. The purpose is to create a huge damage for the victim and to make the victim willing to pay a ransom for a decryption code.
c) Justification for inclusion:
One of the reasons I have decided to include crypto virus as a major security threat for H.W.I. is the fact that the companies are the primary targeted audience for this type of viruses. Since H.W.I. is a company which collects a large volume of customers’ data and other business valuable data, a security threat like this represents a major issue for this company. The attackers are using employees and their working stations as an entry point for the crypto virus and they are exploiting man-made errors and vulnerabilities inside the company's security system. The fact that the company H.W.I. has many employees, who are dispersed worldwide across multiple time zones, creates a serious threat that some of them wouldn't be cautious enough while dealing with emails and suspicious attachments and links. One way to understand the significance of this security threat
This is only a preview of the solution.
Please use the purchase button to see the entire solution.
Please use the purchase button to see the entire solution.
By purchasing this solution you'll be able to access the following files:
Solution.docx
Purchase Solution
$95.00
View Available
Administration Tutors 641 tutors matched
Ionut
(ionut)
Master of Computer Science
Hi! MSc Applied Informatics & Computer Science Engineer. Practical experience in many CS & IT branches.Research work & homework
5/5 (6,804+ sessions)
1 hour avg response
$15-$50 hourly rate
Pranay
(math1983)
Doctor of Philosophy (PhD)
Ph.D. in mathematics and working as an Assistant Professor in University. I can provide help in mathematics, statistics and allied areas.
4.6/5 (6,682+ sessions)
1 hour avg response
$40-$50 hourly rate
Leo
(Leo)
Doctor of Philosophy (PhD)
Hi!
I have been a professor in New York and taught in a math department and in an applied math department.
4.9/5 (6,428+ sessions)
2 hours avg response