01 May Just as quickly as new technology is develope
Week 4 Discussion
Just as quickly as new technology is developed, hackers find new ways to disrupt operations. As a result, security is an ongoing endeavor in all organizations. Strategic planning can help organizations be prepared to address new daily threats to information security. Moreover, many of today's organizations are adopting virtualization as a way to reduce their footprint in hardware costs and to improve their backup system capabilities at the client and server levels. At the same time, virtualization poses security risks that organizations need to consider as part of their strategic planning process.
Go to Basic Search: Strayer University Online Library to locate and integrate at least two quality, academic resources (in addition to your textbook) on the role of strategic planning in mitigating information security threats, including those associated with virtualization. You may also use government websites, such as Cybersecurity from the National Institute of Standards and Technology.
As you write this post, keep in mind your current organization's or a previous organization's strategic planning for information security, its infrastructure, and its training.
Please respond to the following in a post of at least 200 words:
- Justify the importance of strategic planning to an organization's information security.
- Identify and describe the topics to be included in strategic planning for information security.
- Specifically describe the security threats associated with virtualization.
- Explain how strategic planning can help to mitigate the security threats associated with virtualization.
- Provide full citations and references, formatted according to Strayer Writing Standards.
- For assistance and information, please refer to the Strayer Writing Standards link in the left-hand menu of your course. Check with your professor for any additional instructions.
In 60 to 75 words, please respond to at least one other post. Choose to respond to those who have few or no responses.
Note: You will find the information from this post and the feedback you receive on it useful as you work on your Virtualization assignment due this week.
4 days ago
Scott Coleman
RE: Week 4 Discussion
Top of Form
A. Justify the importance of strategic planning to an organization's information security.
Strategic Security Planning is critical to any organization. It typically starts with the CISO. The CISO should be strategically placed within the organization to ensure proper visibility of security issues and manage risk in a way that aligns with business objectives.
A strategic plan is a document used to communicate the organizations goals, tasks needing to be completed to achieve these goals and any other items identified in the assessment.
B. Identify and describe the topics to be included in strategic planning for information security.
The topics that should be included in a strategic security plan are below.
· Defining consistent and integrated methodologies for design, development and implementation;
· Detecting and resolving problems;
· Reducing time to delivery from solution concept through implementation;
· Provisioning flexible and adaptable architectures;
· Proactively making decisions to more efficiently deliver results;
· Eliminating redundancy to better support achievement of objectives;
· Planning and managing human resources, relying on external expertise when required to augment internal staff;
· Evolving into an organization where security is integrated as seamlessly as possible with applications, data, processes and workflows into a unified environment.
C. Specifically describe the security threats associated with virtualization.
To better answer this question, let me first define the 2 virtualization types.
· Type 1 virtual environments are considered “full virtualization” environments and have VMs running on a hypervisor that interacts with the hardware. Examples are VMware ESXi, Citrix/Xen Server and Microsoft Kyper-V.
· Type 2 virtual environments are also considered “full virtualization” but work with a host OS instead of a hypervisor. With this type of hypervisor, the guest host is installed on top of an underlying OS such as Windows 10, Linux, etc.
The threats associated with virtualization can be different depending on the type of hypervisor used. Some examples are: Shared clipboard, keystock logging, VM monitoring from the host, VM monitoring from another VM, and VM backdoors
D. Explain how strategic planning can help to mitigate the security threats associated with virtualization.
A good strategic security plan can have a tremendous impact on the organization’s security posture. It defines the areas needing to be secured and the tools/processes required to secure them. For example, is the organization using a Next Gen firewall to protect them from the internet or are they still using an old packet filtering firewall.
1. Brian Evans, July 8, 2015, The Importance of Building an Information Security Strategic Plan (securityintelligence.com), https://securityintelligence.com/the-importance-of-building-an-information-security-strategic-plan/
1. William Stallings. 2019. Effective Cybersecurity: A Guide to Using Best Practices and Standards.
1. Dave Shackleford. Virtualization Security : Protecting Virtualized Environments. Sybex; 2012. Accessed April 25, 2022. https://search.ebscohost.com/login.aspx?direct=true&db=nlebk&AN=500245&site=eds-live&scope=site
Bottom of Form
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteEdu. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
Do you need help with this question?
Get assignment help from WriteEdu.com Paper Writing Website and forget about your problems.
WriteEdu provides custom & cheap essay writing 100% original, plagiarism free essays, assignments & dissertations.
With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Chat with us today! We are always waiting to answer all your questions.