Unit 2 Assignment 2

Unit 2 Assignment 2
Global Limited has the reputation as one of the world’s leading providers of infrastructure information systems, software, and services around the world. Global’s clients range from world-wide enterprises to startup companies across all industry sectors, including financial services, manufacturing, transportation, and public services.

Information is an organization’s most valuable asset, yet traditional security practices have either not provided adequate protection of information or have been so restrictive that they have prevented organizations from making the maximum use of information to innovate, collaborate, and achieve competitive advantage. This is primarily due to the reactive approach to security that many organizations have been forced to take in the past. Rather than viewing information security as a business enabler, they have tended to view it as a business inhibitor—a defensive strategy, designed to prevent bad things from happening.

Analysis of the strengths and weaknesses of the steps taken by the organization

The problem is that good efforts in one area can be quickly nullified by failures in another. For example, a bank may protect its online banking portal from fraud only to have a privileged user copy confidential customer data to an unsecured laptop, which they then leave in a restaurant. These days, however, forward-thinking organizations like Global recognize the benefits of moving away from reactive “silo security” to take a more proactive and holistic approach to information security and compliance, based on the established discipline of risk management.

Global called upon the expertise of CIS-its own Security Division. CIS’s information risk management (IRM) strategy brings together, within a global framework, all the components that an organization needs to plan and implement an end-to-end approach for protecting a business’s most critical information assets.

Assessment of access control/IT domains given in the business problem for data confidentiality, integrity, and availability

Global, through CIS, prioritizes its business initiatives and protects the most valuable information at the point where it is most vulnerable. Once the information has been located and the risk assessment performed, Global implements controls, including policies, technologies, and tools to mitigate that risk. Repeatability and reuse of security controls is central to CIS·s strategy.

Evaluation of how layered security proved to be a positive solution in the given problem, including the impacts of layered security

CIS CompScan provides Global with a centralized view of the log information from thousands of security devices, including data generated by CIS DLP Suite, security tokens, and intrusion detection systems (lDSs). Identifying correlations between logs from all these sources can help in the early identification of potential security threats via Global Cadence. CompScan also helps the company to identify important cost efficiencies ensuring that Global will lead the market in infrastructure information systems provision.